[ 35.684691][ T26] audit: type=1800 audit(1553299778.173:28): pid=7453 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 36.547826][ T26] audit: type=1800 audit(1553299779.063:29): pid=7453 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 36.567489][ T26] audit: type=1800 audit(1553299779.063:30): pid=7453 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 [....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.130' (ECDSA) to the list of known hosts. 2019/03/23 00:09:49 fuzzer started 2019/03/23 00:09:52 dialing manager at 10.128.0.26:36517 2019/03/23 00:09:52 syscalls: 1 2019/03/23 00:09:52 code coverage: enabled 2019/03/23 00:09:52 comparison tracing: enabled 2019/03/23 00:09:52 extra coverage: extra coverage is not supported by the kernel 2019/03/23 00:09:52 setuid sandbox: enabled 2019/03/23 00:09:52 namespace sandbox: enabled 2019/03/23 00:09:52 Android sandbox: /sys/fs/selinux/policy does not exist 2019/03/23 00:09:52 fault injection: enabled 2019/03/23 00:09:52 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/03/23 00:09:52 net packet injection: enabled 2019/03/23 00:09:52 net device setup: enabled 00:12:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB="bf16000000000000b707000001000000507000000000e0ff2000000000f3ff009500000000000000"], 0x0}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r1, 0x0, 0x12, 0x0, &(0x7f0000000d80)="5010e88e394ecec9d0ca217ed8cb6ea088ac", 0x0, 0xaba7}, 0x28) syzkaller login: [ 230.858081][ T7642] IPVS: ftp: loaded support on port[0] = 21 00:12:53 executing program 1: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000340), 0xc) dup2(r1, r0) getsockname$inet(r0, 0x0, &(0x7f00000001c0)) [ 230.980260][ T7642] chnl_net:caif_netlink_parms(): no params data found [ 231.064969][ T7642] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.077408][ T7642] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.085751][ T7642] device bridge_slave_0 entered promiscuous mode [ 231.100000][ T7645] IPVS: ftp: loaded support on port[0] = 21 [ 231.107425][ T7642] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.114559][ T7642] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.127057][ T7642] device bridge_slave_1 entered promiscuous mode [ 231.174689][ T7642] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 231.186798][ T7642] bond0: Enslaving bond_slave_1 as an active interface with an up link 00:12:53 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000340), 0xc) dup2(r0, r1) [ 231.221872][ T7642] team0: Port device team_slave_0 added [ 231.231520][ T7642] team0: Port device team_slave_1 added [ 231.308229][ T7642] device hsr_slave_0 entered promiscuous mode [ 231.345951][ T7642] device hsr_slave_1 entered promiscuous mode [ 231.399837][ T7647] IPVS: ftp: loaded support on port[0] = 21 [ 231.421320][ T7645] chnl_net:caif_netlink_parms(): no params data found [ 231.444696][ T7642] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.451908][ T7642] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.459747][ T7642] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.466844][ T7642] bridge0: port 1(bridge_slave_0) entered forwarding state 00:12:54 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000340), 0xc) r2 = eventfd2(0x0, 0x0) dup2(r2, r1) [ 231.576879][ T7645] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.583975][ T7645] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.606527][ T7645] device bridge_slave_0 entered promiscuous mode [ 231.626575][ T7645] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.633638][ T7645] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.656479][ T7645] device bridge_slave_1 entered promiscuous mode [ 231.668293][ T7647] chnl_net:caif_netlink_parms(): no params data found [ 231.717021][ T7645] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 231.744988][ T7652] IPVS: ftp: loaded support on port[0] = 21 [ 231.751239][ T7645] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 231.787564][ T7642] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.812085][ T7645] team0: Port device team_slave_0 added [ 231.818393][ T7647] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.826537][ T7647] bridge0: port 1(bridge_slave_0) entered disabled state 00:12:54 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000340), 0xc) r2 = dup2(r1, r1) getsockname$packet(r2, &(0x7f000000e4c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f000000e500)=0x14) [ 231.834442][ T7647] device bridge_slave_0 entered promiscuous mode [ 231.858145][ T7642] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.865995][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 231.891341][ T3480] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.922817][ T3480] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.938618][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 231.961450][ T7645] team0: Port device team_slave_1 added [ 231.972243][ T7647] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.979877][ T7647] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.990588][ T7647] device bridge_slave_1 entered promiscuous mode [ 232.017780][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 232.028980][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.036094][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.045560][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 232.057114][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.064176][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state 00:12:54 executing program 5: recvmsg(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0}, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480)='/dev/loop-control\x00', 0x82, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x800, 0x0) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000280)="210c22353668384777ba9b62df5385ace5b8baf3c608576ce30ca7cb6dd70fd282fbc4898d494a368d318fd1cbbfbe0551e0ec82ab14e6d8c940040550190b22f7921ffc6de2e482cfbb987a5e85a8c8b491b3d08c71ae81b87965c1d9d68779ce0f021925ea523823126afd877ac3916ec68a81a1b0ddd1196461031a20c8c98a219dad74ce7e10b12b3eb57ad8e5d6a5eb94bb318e1158330e06f1d4fe5ec7b20491d4a268d46d8329363b407388ae8b479d6f5cd3ae33019cb7fa93ead0611b39079b9ef6cfc0f88ed8ec5ce334520c3cf840b1e9e15f0eda9287be188e0a8b709c06774c106a5cb5af80b33a7c9fcf67b32860ee13d85b843baa1030513d") ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000200)=0x7fffffff) setsockopt$inet_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x0, 0x2d, 0x0, 0x362) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x0) r1 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff) getsockopt$IP6T_SO_GET_REVISION_TARGET(r1, 0x29, 0x45, &(0x7f0000000100)={'ipvs\x00'}, &(0x7f0000000380)=0x1e) creat(&(0x7f0000000000)='./bus\x00', 0x20000000002) r2 = socket$inet6(0xa, 0x400000000001, 0x0) r3 = dup(r2) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, r2) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f00000002c0)={0x26b7, {{0xa, 0x4e24, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x16}}, 0x1f000000}}}, 0x88) r4 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0) ftruncate(r4, 0x2007fff) sendfile(r3, r4, 0x0, 0x8000fffffffe) [ 232.148112][ T7645] device hsr_slave_0 entered promiscuous mode [ 232.186327][ T7645] device hsr_slave_1 entered promiscuous mode [ 232.241810][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 232.258961][ T7647] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 232.269089][ T7647] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 232.286895][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 232.286914][ T7656] IPVS: ftp: loaded support on port[0] = 21 [ 232.295551][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 232.309873][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 232.318417][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 232.328054][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.336355][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 232.344568][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 232.372174][ T7647] team0: Port device team_slave_0 added [ 232.380419][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 232.383373][ T7658] IPVS: ftp: loaded support on port[0] = 21 [ 232.398435][ T7642] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 232.411869][ T7642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 232.426104][ T7647] team0: Port device team_slave_1 added [ 232.433563][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 232.441864][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 232.484288][ T7652] chnl_net:caif_netlink_parms(): no params data found [ 232.548308][ T7647] device hsr_slave_0 entered promiscuous mode [ 232.586118][ T7647] device hsr_slave_1 entered promiscuous mode [ 232.659512][ T7642] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.684420][ T7652] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.692252][ T7652] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.700517][ T7652] device bridge_slave_0 entered promiscuous mode [ 232.708306][ T7652] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.715351][ T7652] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.723118][ T7652] device bridge_slave_1 entered promiscuous mode [ 232.781157][ T7652] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 232.831238][ T7652] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 232.852402][ T7652] team0: Port device team_slave_0 added [ 232.860344][ T7652] team0: Port device team_slave_1 added [ 232.876524][ T7645] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.892177][ T7658] chnl_net:caif_netlink_parms(): no params data found [ 232.947452][ T7652] device hsr_slave_0 entered promiscuous mode [ 232.965952][ T7652] device hsr_slave_1 entered promiscuous mode [ 233.060250][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 233.068728][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 233.076964][ T7656] chnl_net:caif_netlink_parms(): no params data found 00:12:55 executing program 0: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x9, 0x0) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)) ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, 0x0) [ 233.114779][ T7645] 8021q: adding VLAN 0 to HW filter on device team0 [ 233.134504][ T7647] 8021q: adding VLAN 0 to HW filter on device bond0 [ 233.172507][ T7656] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.181207][ T7656] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.189600][ T7656] device bridge_slave_0 entered promiscuous mode [ 233.198834][ T7656] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.206026][ T7656] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.214193][ T7656] device bridge_slave_1 entered promiscuous mode 00:12:55 executing program 0: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x9, 0x0) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)) ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, 0x0) [ 233.245872][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 233.253505][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 233.261974][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 233.276804][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready 00:12:55 executing program 0: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x9, 0x0) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)) ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, 0x0) [ 233.293533][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.300713][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.311550][ T7647] 8021q: adding VLAN 0 to HW filter on device team0 [ 233.333145][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 00:12:55 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x4000000400448de, &(0x7f0000000200)) [ 233.342117][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 233.352248][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 233.380235][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.387378][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state 00:12:55 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x100082) r1 = memfd_create(&(0x7f0000000c80)='[trusted$\x00', 0x100000000) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x12142, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0xc0505350, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f00000011c0)=ANY=[], 0x0) ioctl$DRM_IOCTL_MARK_BUFS(0xffffffffffffffff, 0x40186417, &(0x7f00000001c0)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) [ 233.405427][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 233.413970][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 233.425098][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 233.433767][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.440909][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.450764][ T7656] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 233.474551][ T7656] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 233.489789][ T7658] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.497387][ T7658] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.498141][ T7658] device bridge_slave_0 entered promiscuous mode [ 233.527369][ C1] hrtimer: interrupt took 24481 ns 00:12:56 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x100082) r1 = memfd_create(&(0x7f0000000c80)='[trusted$\x00', 0x100000000) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0xc0505350, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, 0xffffffffffffffff, 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0) ioctl$DRM_IOCTL_MARK_BUFS(0xffffffffffffffff, 0x40186417, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6, 0x1, "b92481f2b6049517f74de08916cf213343b15d035fc2fe51426f3c9125e1da89cad2929cd06aca1bd4b0a988279268e61234ff8a41cd19abd481eb55130d64ca", "a3510a8deb27705deb2fac58f4f379ddd8e50e8d868ee0425ecfc1c6f4a716df3e4be867d973bcc3e056a1a04eafdeacbd0e434a62db69a6bd53316c42f16b21", "f0642b0793a51cd04ad5c00d6cf24b506d17a8df96c5968a4226e09f847e4b08", [0x100]}) [ 233.550289][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 233.559601][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 233.576175][ T7653] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.583278][ T7653] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.591490][ T7653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 233.611459][ T7658] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.621536][ T7658] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.631202][ T7658] device bridge_slave_1 entered promiscuous mode [ 233.651705][ T7658] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 233.666824][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 233.675345][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 233.698396][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 233.714191][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 233.723155][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 233.738693][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 233.751202][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 233.760460][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 233.768533][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 233.786190][ T7658] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 233.804942][ T7656] team0: Port device team_slave_0 added [ 233.818244][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 233.827482][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 233.835856][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 233.844501][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 233.853467][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 00:12:56 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x100082) r1 = memfd_create(&(0x7f0000000c80)='[trusted$\x00', 0x100000000) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0xc0505350, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, 0xffffffffffffffff, 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0) ioctl$DRM_IOCTL_MARK_BUFS(0xffffffffffffffff, 0x40186417, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6, 0x1, "b92481f2b6049517f74de08916cf213343b15d035fc2fe51426f3c9125e1da89cad2929cd06aca1bd4b0a988279268e61234ff8a41cd19abd481eb55130d64ca", "a3510a8deb27705deb2fac58f4f379ddd8e50e8d868ee0425ecfc1c6f4a716df3e4be867d973bcc3e056a1a04eafdeacbd0e434a62db69a6bd53316c42f16b21", "f0642b0793a51cd04ad5c00d6cf24b506d17a8df96c5968a4226e09f847e4b08", [0x100]}) [ 233.862148][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 233.870823][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 233.879278][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 233.890166][ T7647] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 233.908218][ T7656] team0: Port device team_slave_1 added [ 233.920602][ T7658] team0: Port device team_slave_0 added [ 233.927881][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 233.938003][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 233.958754][ T7645] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 233.979897][ T7645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 233.996514][ T7658] team0: Port device team_slave_1 added [ 234.052372][ T7656] device hsr_slave_0 entered promiscuous mode [ 234.102225][ T7656] device hsr_slave_1 entered promiscuous mode [ 234.150683][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 234.161609][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 234.175079][ T7652] 8021q: adding VLAN 0 to HW filter on device bond0 [ 234.194218][ T7647] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.213786][ T7645] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.227712][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 234.243404][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 234.263540][ T7652] 8021q: adding VLAN 0 to HW filter on device team0 [ 234.288001][ T7658] device hsr_slave_0 entered promiscuous mode [ 234.336006][ T7658] device hsr_slave_1 entered promiscuous mode [ 234.440981][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 234.463325][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 234.473099][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 234.480235][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state 00:12:57 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000cd0fc8)={0x0, 0x0, &(0x7f0000ca6000)={&(0x7f0000e05000)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in, @in6=@mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x1000000000000000], [], @dev}}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}}}]}, 0xa0}}, 0x0) 00:12:57 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000cd0fc8)={0x0, 0x0, &(0x7f0000ca6000)={&(0x7f0000e05000)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in, @in6=@mcast2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[], [], @dev}}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}}}]}, 0xa0}, 0x1, 0x80ffffff}, 0x0) [ 234.493402][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 234.502161][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 234.519720][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 234.526847][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 234.541524][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 234.552129][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 234.567521][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 234.580957][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 234.591262][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 234.599893][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 234.623478][ T7652] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 234.634567][ T7652] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 234.648529][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 234.666361][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 234.686403][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 234.694762][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 234.716686][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 234.725045][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 234.733980][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 234.758947][ T7652] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.778566][ T7656] 8021q: adding VLAN 0 to HW filter on device bond0 [ 234.810809][ T7658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 234.841621][ T7658] 8021q: adding VLAN 0 to HW filter on device team0 [ 234.852643][ T7656] 8021q: adding VLAN 0 to HW filter on device team0 00:12:57 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448cb, &(0x7f0000000040)) [ 234.860604][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 234.871171][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 234.881830][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 234.900274][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 234.926927][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 234.935562][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 234.946094][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 234.953163][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 234.961064][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 234.969760][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 234.978131][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 234.985300][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 234.993888][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 235.003139][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 235.011736][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.018813][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 235.026489][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 235.035135][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 235.043593][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.050765][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 235.058970][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 235.077660][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 235.085514][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 235.093888][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 235.102748][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 235.111937][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 235.120802][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 235.130183][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 235.158132][ T7656] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 235.169292][ T7656] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 235.181949][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 235.190999][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 235.200007][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 235.209011][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 235.217721][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 235.226485][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 235.234705][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 235.243643][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 235.252147][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 235.260493][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 235.269152][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 235.277595][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 235.285918][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 235.294779][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 235.302640][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 235.322129][ T7658] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 235.333007][ T7656] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 235.371344][ T7658] 8021q: adding VLAN 0 to HW filter on device batadv0 00:12:57 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x4000000400448e0, &(0x7f0000000200)) [ 235.481588][ T7733] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 00:12:58 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:12:58 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) fsetxattr$security_evm(0xffffffffffffffff, 0x0, &(0x7f0000000080)=@md5={0x1, "35fa9ac6840415f101b121d76797e79f"}, 0x11, 0x0) ioctl$sock_bt_hci(r0, 0x4000000400448e0, &(0x7f0000000200)) 00:12:58 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000cd0fc8)={0x0, 0x0, &(0x7f0000ca6000)={&(0x7f0000e05000)=ANY=[@ANYBLOB="020d00001500000000000000000000000100180000000000080012000000030000000000000000000600000000000000000000000000000000000000000000000000000000000000ff02000000000000000000000000000105000500000000000a0000000000000000000000000000000000ffffac141400000000000000000005000600004000000a00000000000000fe8000000000000000000000000000ff0000000000000000"], 0xa8}}, 0x0) 00:12:58 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f0000000000)={0x0}) clock_settime(0x0, &(0x7f0000000040)={r1}) 00:12:58 executing program 3: syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_getres(0xfffffffffffbfffc, 0x0) 00:12:58 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x4000000400448df, &(0x7f0000000000)) 00:12:58 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) rmdir(0x0) socket$inet6(0xa, 0x0, 0x0) ioctl(0xffffffffffffffff, 0x0, 0x0) rmdir(0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x100800, 0x0, 0xff, 0x1, 0x1, 0x0, 0x10000}, 0x20) 00:12:58 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) recvmsg$kcm(r0, &(0x7f0000015840)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:12:58 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:12:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:58 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:12:58 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:12:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000140)=""/11, 0xdd) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000180)={0x0, 0x7530}, 0x10) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) syz_execute_func(&(0x7f0000000080)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") clone(0x3102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @mcast1}, 0x1c) dup3(r0, r1, 0x0) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) 00:12:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:58 executing program 4: syz_execute_func(&(0x7f0000000000)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e006642073e0f1110c442019dccc4e11d62e46f") clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet6(0xa, 0x2, 0x400000020) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0) 00:12:58 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) recvmsg$kcm(r0, &(0x7f0000015840)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:12:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:58 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:12:58 executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) recvmsg$kcm(r0, &(0x7f0000015840)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:12:58 executing program 4: clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x1042, 0x0) execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f00000002c0)='./file1\x00', 0x0, 0x0) delete_module(0x0, 0x0) ioctl$LOOP_GET_STATUS64(0xffffffffffffffff, 0x4c05, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_CMD_SET_NETID(0xffffffffffffffff, 0x0, 0x0) mknod$loop(&(0x7f0000000040)='./file1\x00', 0xc1d1, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000140), 0x0, 0x0, 0x8) open$dir(&(0x7f0000000240)='./file0\x00', 0x841, 0x0) 00:12:58 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) recvmsg$kcm(r0, &(0x7f0000015840)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:12:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:58 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:12:58 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x2) recvmmsg(r0, &(0x7f0000007c80)=[{{&(0x7f0000000040)=@xdp, 0x80, 0x0}}], 0x1, 0x0, 0x0) sendmmsg(r0, &(0x7f0000000000)=[{{&(0x7f00000004c0)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, 0x0}}], 0x1, 0x0) 00:12:58 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x0, 0x8b}, 0x0) 00:12:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:58 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) recvmsg$kcm(r0, &(0x7f0000015840)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:12:58 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:12:58 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:12:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:58 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) dup3(r1, r0, 0x0) 00:12:59 executing program 4: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000600)=""/11, 0x232) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)) r2 = dup2(r1, r0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r3, &(0x7f0000000080), 0x1c) r4 = dup2(r3, r3) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x20) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r2, 0x660c) 00:12:59 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:12:59 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:59 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:12:59 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:12:59 executing program 3: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) close(r0) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x6, 0x0, &(0x7f0000001640)) 00:12:59 executing program 3: syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") clone(0x800083102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x0, 0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x1ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0xd4b9afd) link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00') setxattr$trusted_overlay_origin(&(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0, 0x0) 00:12:59 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:12:59 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:59 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:12:59 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:12:59 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:12:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000140)=""/88, 0x380) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)) clone(0x3102001ff4, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="3666440f50f564ff0941c3c4e2c9975842c4c2a37d794e005cc4c1b62ac13e0f1110c442019dccd3196f27") socket$inet6(0xa, 0x0, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, 0x0) 00:12:59 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:12:59 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:12:59 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:12:59 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:00 executing program 3: 00:13:00 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:00 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:00 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$sock_timeval(r0, 0x1, 0x0, &(0x7f0000000040), 0x35b) getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) recvfrom$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 00:13:00 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:00 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:00 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:00 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:00 executing program 3: 00:13:00 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:00 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:00 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:00 executing program 3: 00:13:00 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:00 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:00 executing program 4: 00:13:00 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:00 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:00 executing program 3: 00:13:00 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:00 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:00 executing program 3: 00:13:01 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:01 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:01 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000240)=""/117, 0x454) 00:13:01 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:01 executing program 4: 00:13:01 executing program 3: 00:13:01 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:01 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:01 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:01 executing program 4: 00:13:01 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000240)=""/117, 0x454) 00:13:01 executing program 3: 00:13:01 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:01 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:01 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:01 executing program 4: 00:13:01 executing program 3: 00:13:01 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000240)=""/117, 0x454) 00:13:01 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:01 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x0, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:01 executing program 3: 00:13:01 executing program 4: 00:13:01 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:01 executing program 3: 00:13:01 executing program 4: 00:13:01 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:01 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x0, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:01 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:01 executing program 4: 00:13:01 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:01 executing program 3: 00:13:01 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:01 executing program 3: 00:13:01 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x0, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:01 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:01 executing program 4: 00:13:02 executing program 3: 00:13:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:02 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:02 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:02 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:02 executing program 4: 00:13:02 executing program 3: 00:13:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:02 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:02 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:02 executing program 4: 00:13:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:02 executing program 3: 00:13:02 executing program 4: 00:13:02 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3735858", 0x39}], 0x1}, 0x0) 00:13:02 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:02 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:02 executing program 3: 00:13:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:02 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, 0x0, 0x0) 00:13:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:02 executing program 3: 00:13:02 executing program 4: 00:13:02 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:02 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, 0x0, 0x0) 00:13:02 executing program 3: 00:13:02 executing program 4: 00:13:02 executing program 5: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) 00:13:02 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:02 executing program 3: 00:13:02 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, 0x0, 0x0) 00:13:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, 0x0, 0x0) 00:13:02 executing program 4: 00:13:02 executing program 3: 00:13:02 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:03 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, 0x0}, 0x0) 00:13:03 executing program 5: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:03 executing program 4: 00:13:03 executing program 3: 00:13:03 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, 0x0, 0x0) 00:13:03 executing program 4: 00:13:03 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, 0x0}, 0x0) 00:13:03 executing program 3: 00:13:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:03 executing program 5: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:03 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, 0x0, 0x0) 00:13:03 executing program 4: 00:13:03 executing program 3: 00:13:03 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, 0x0}, 0x0) 00:13:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c12") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:03 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) 00:13:03 executing program 4: 00:13:03 executing program 3: 00:13:03 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)}, 0x0) 00:13:03 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c12") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:03 executing program 4: 00:13:03 executing program 3: 00:13:03 executing program 4: 00:13:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c12") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:03 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) 00:13:03 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)}, 0x0) 00:13:03 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:03 executing program 4: 00:13:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:03 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) 00:13:03 executing program 3: 00:13:03 executing program 4: 00:13:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:03 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)}, 0x0) 00:13:04 executing program 4: 00:13:04 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:04 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)}, 0x0) 00:13:04 executing program 3: 00:13:04 executing program 4: 00:13:04 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{0x0}], 0x1}, 0x0) 00:13:04 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:04 executing program 3: 00:13:04 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)}, 0x0) 00:13:04 executing program 4: 00:13:04 executing program 3: 00:13:04 executing program 5: socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:04 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b0") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:04 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{0x0}], 0x1}, 0x0) 00:13:04 executing program 4: 00:13:04 executing program 3: 00:13:04 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)}, 0x0) 00:13:04 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b0") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:04 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{0x0}], 0x1}, 0x0) 00:13:04 executing program 4: r0 = syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x9, 0x0) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)) 00:13:04 executing program 5: socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:04 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000400)='/dev/audio\x00', 0x1040000000802, 0x0) write$FUSE_NOTIFY_DELETE(r1, &(0x7f00000000c0)=ANY=[@ANYRES64], 0xfffffdcc) ioctl$int_in(r1, 0x80000000005001, 0x0) 00:13:04 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b0") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:04 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0) 00:13:04 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000240)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast1}}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000080)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x1, @initdev={0xfe, 0x88, [], 0x1}, 0x800}, {0xa, 0x4e24, 0x0, @mcast1}}}, 0x48) 00:13:04 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)}], 0x1}, 0x0) 00:13:04 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:04 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0) 00:13:04 executing program 5: socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:04 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x9, 0x0) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)) 00:13:04 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)}], 0x1}, 0x0) 00:13:04 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:04 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0) 00:13:05 executing program 3: r0 = syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x9, 0x0) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000040)=0x3) 00:13:05 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f0000000280)='/dev/video#\x00', 0x9, 0x0) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)) 00:13:05 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:05 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)}], 0x1}, 0x0) 00:13:05 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:05 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)}], 0x1}, 0x0) 00:13:05 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)}], 0x1}, 0x0) 00:13:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:05 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:05 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e05926166", 0x1d}], 0x1}, 0x0) 00:13:05 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:05 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:05 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:05 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e05926166", 0x1d}], 0x1}, 0x0) 00:13:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:05 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)}], 0x1}, 0x0) 00:13:05 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:05 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e05926166", 0x1d}], 0x1}, 0x0) 00:13:05 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:05 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:05 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff0700000000000000", 0x17}], 0x1}, 0x0) 00:13:06 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff0700000000000000", 0x17}], 0x1}, 0x0) 00:13:06 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e8837", 0x2b}], 0x1}, 0x0) 00:13:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:06 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff0700000000000000", 0x17}], 0x1}, 0x0) 00:13:06 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x0, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e8837", 0x2b}], 0x1}, 0x0) 00:13:06 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:06 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000", 0x23}], 0x1}, 0x0) 00:13:06 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x0, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e8837", 0x2b}], 0x1}, 0x0) 00:13:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000", 0x23}], 0x1}, 0x0) 00:13:06 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x0, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b8", 0x32}], 0x1}, 0x0) 00:13:06 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:06 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000", 0x23}], 0x1}, 0x0) 00:13:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b8", 0x32}], 0x1}, 0x0) 00:13:06 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:06 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051", 0x29}], 0x1}, 0x0) 00:13:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:06 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b8", 0x32}], 0x1}, 0x0) 00:13:07 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 245.381552][ T8589] cgroup: fork rejected by pids controller in /syz5 00:13:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051", 0x29}], 0x1}, 0x0) 00:13:07 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3", 0x36}], 0x1}, 0x0) 00:13:07 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:07 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051", 0x29}], 0x1}, 0x0) 00:13:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3", 0x36}], 0x1}, 0x0) 00:13:07 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd6", 0x2c}], 0x1}, 0x0) 00:13:07 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:07 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb3", 0x36}], 0x1}, 0x0) 00:13:07 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd6", 0x2c}], 0x1}, 0x0) 00:13:07 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd6", 0x2c}], 0x1}, 0x0) 00:13:07 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb37358", 0x38}], 0x1}, 0x0) 00:13:07 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:07 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x0, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:07 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b", 0x2d}], 0x1}, 0x0) 00:13:07 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb37358", 0x38}], 0x1}, 0x0) 00:13:07 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b", 0x2d}], 0x1}, 0x0) 00:13:08 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x0, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003a00)=[{&(0x7f0000004d80)="39000000140081ae00002c000500018701546fabcae5e54f7e0592616652e285af71583c7d06a6580e883795c0c54c1960b89c40ebb37358", 0x38}], 0x1}, 0x0) 00:13:08 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0x0, &(0x7f0000000040)) 00:13:08 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002000815fe45ae1871850ff07000000000000000000230000000e9c00000000000000000051894dd65b", 0x2d}], 0x1}, 0x0) 00:13:08 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x0, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:08 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x0, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x0, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0x0, &(0x7f0000000040)) 00:13:08 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x0, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x0, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0x0, &(0x7f0000000040)) 00:13:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x0, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:08 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x0, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, 0x0) 00:13:08 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, 0x0) 00:13:08 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:08 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, 0x0) 00:13:09 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2, 0x4}) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 2 (fault-call:4 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:09 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 247.734624][ T9503] FAULT_INJECTION: forcing a failure. [ 247.734624][ T9503] name failslab, interval 1, probability 0, space 0, times 1 [ 247.813634][ T9503] CPU: 0 PID: 9503 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #33 [ 247.821569][ T9503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.831632][ T9503] Call Trace: [ 247.835065][ T9503] dump_stack+0x172/0x1f0 [ 247.839490][ T9503] should_fail.cold+0xa/0x15 [ 247.844106][ T9503] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 247.849982][ T9503] ? ___might_sleep+0x163/0x280 [ 247.850030][ T9503] __should_failslab+0x121/0x190 [ 247.859820][ T9503] should_failslab+0x9/0x14 [ 247.859853][ T9503] __kmalloc+0x2dc/0x740 [ 247.859911][ T9503] ? drm_ioctl+0x45c/0xa50 [ 247.872997][ T9503] drm_ioctl+0x45c/0xa50 [ 247.877334][ T9503] ? drm_mode_create_dumb+0x310/0x310 [ 247.882734][ T9503] ? drm_version+0x3d0/0x3d0 [ 247.887494][ T9503] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 247.893364][ T9503] ? smack_log+0x415/0x540 [ 247.897810][ T9503] ? drm_version+0x3d0/0x3d0 [ 247.902471][ T9503] do_vfs_ioctl+0xd6e/0x1390 [ 247.907080][ T9503] ? ioctl_preallocate+0x210/0x210 [ 247.912204][ T9503] ? smack_file_ioctl+0x196/0x310 [ 247.917239][ T9503] ? smack_inode_rename+0x2d0/0x2d0 [ 247.922514][ T9503] ? fput_many+0x12c/0x1a0 [ 247.926949][ T9503] ? tomoyo_file_ioctl+0x23/0x30 [ 247.932127][ T9503] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 247.932192][ T9503] ? security_file_ioctl+0x93/0xc0 [ 247.943497][ T9503] ksys_ioctl+0xab/0xd0 [ 247.947657][ T9503] __x64_sys_ioctl+0x73/0xb0 [ 247.947736][ T9503] do_syscall_64+0x103/0x610 [ 247.947769][ T9503] entry_SYSCALL_64_after_hwframe+0x49/0xbe 00:13:09 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 247.962886][ T9503] RIP: 0033:0x458209 [ 247.966790][ T9503] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 247.986475][ T9503] RSP: 002b:00007efd1a17cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 247.986488][ T9503] RAX: ffffffffffffffda RBX: 00007efd1a17cc90 RCX: 0000000000458209 [ 247.986495][ T9503] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000004 00:13:09 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 247.986502][ T9503] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 247.986510][ T9503] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efd1a17d6d4 [ 247.986517][ T9503] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000005 00:13:09 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 2 (fault-call:4 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:09 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) 00:13:09 executing program 1: r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:09 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 248.279814][ T9586] FAULT_INJECTION: forcing a failure. [ 248.279814][ T9586] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 248.293087][ T9586] CPU: 1 PID: 9586 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #33 [ 248.301067][ T9586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.311130][ T9586] Call Trace: [ 248.314441][ T9586] dump_stack+0x172/0x1f0 [ 248.318790][ T9586] should_fail.cold+0xa/0x15 [ 248.323422][ T9586] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 248.329306][ T9586] ? __lock_acquire+0x548/0x3fb0 [ 248.334318][ T9586] ? is_bpf_text_address+0xac/0x170 [ 248.339576][ T9586] should_fail_alloc_page+0x50/0x60 [ 248.339591][ T9586] __alloc_pages_nodemask+0x1a1/0x7e0 [ 248.339610][ T9586] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 248.350150][ T9586] ? find_held_lock+0x35/0x130 [ 248.350178][ T9586] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 248.366453][ T9586] cache_grow_begin+0x9c/0x860 [ 248.371235][ T9586] ? drm_ioctl+0x45c/0xa50 [ 248.375667][ T9586] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 248.381926][ T9586] __kmalloc+0x67f/0x740 [ 248.386200][ T9586] ? drm_ioctl+0x45c/0xa50 [ 248.390638][ T9586] drm_ioctl+0x45c/0xa50 [ 248.394902][ T9586] ? drm_mode_create_dumb+0x310/0x310 [ 248.400293][ T9586] ? drm_version+0x3d0/0x3d0 [ 248.404884][ T9586] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 248.410696][ T9586] ? smack_log+0x415/0x540 [ 248.415144][ T9586] ? drm_version+0x3d0/0x3d0 [ 248.419743][ T9586] do_vfs_ioctl+0xd6e/0x1390 [ 248.424340][ T9586] ? ioctl_preallocate+0x210/0x210 00:13:10 executing program 1: r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:10 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 248.429454][ T9586] ? smack_file_ioctl+0x196/0x310 [ 248.434484][ T9586] ? smack_inode_rename+0x2d0/0x2d0 [ 248.439872][ T9586] ? fput_many+0x12c/0x1a0 [ 248.444297][ T9586] ? tomoyo_file_ioctl+0x23/0x30 [ 248.444313][ T9586] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 248.444334][ T9586] ? security_file_ioctl+0x93/0xc0 [ 248.455485][ T9586] ksys_ioctl+0xab/0xd0 [ 248.455510][ T9586] __x64_sys_ioctl+0x73/0xb0 [ 248.469369][ T9586] do_syscall_64+0x103/0x610 [ 248.473975][ T9586] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 248.473988][ T9586] RIP: 0033:0x458209 [ 248.474000][ T9586] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 248.474013][ T9586] RSP: 002b:00007efd1a17cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 248.503357][ T9586] RAX: ffffffffffffffda RBX: 00007efd1a17cc90 RCX: 0000000000458209 00:13:10 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:10 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) 00:13:10 executing program 2 (fault-call:4 fault-nth:2): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:10 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:10 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:10 executing program 1: r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 248.503367][ T9586] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000004 [ 248.503375][ T9586] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 248.503382][ T9586] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efd1a17d6d4 [ 248.503389][ T9586] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000005 00:13:10 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x0, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:10 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:10 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) [ 248.669164][ T9709] FAULT_INJECTION: forcing a failure. [ 248.669164][ T9709] name failslab, interval 1, probability 0, space 0, times 0 00:13:10 executing program 1: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) [ 248.758114][ T9709] CPU: 1 PID: 9709 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #33 [ 248.766057][ T9709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.766063][ T9709] Call Trace: [ 248.766087][ T9709] dump_stack+0x172/0x1f0 [ 248.766108][ T9709] should_fail.cold+0xa/0x15 [ 248.766125][ T9709] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 248.766143][ T9709] ? ___might_sleep+0x163/0x280 [ 248.766161][ T9709] __should_failslab+0x121/0x190 [ 248.766179][ T9709] should_failslab+0x9/0x14 [ 248.766195][ T9709] kmem_cache_alloc_trace+0x2d1/0x760 [ 248.766211][ T9709] ? drm_dev_exit+0x22/0x60 [ 248.766226][ T9709] ? find_held_lock+0x35/0x130 [ 248.766342][ T9709] __vgem_gem_create+0x49/0x100 [ 248.814032][ T9709] vgem_gem_dumb_create+0xd7/0x260 [ 248.824725][ T9709] drm_mode_create_dumb+0x288/0x310 [ 248.824743][ T9709] drm_mode_create_dumb_ioctl+0x26/0x30 [ 248.824763][ T9709] drm_ioctl_kernel+0x23e/0x2e0 [ 248.834686][ T9709] ? drm_mode_create_dumb+0x310/0x310 [ 248.834702][ T9709] ? drm_setversion+0x8c0/0x8c0 [ 248.834719][ T9709] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 248.834788][ T9709] ? _copy_from_user+0xdd/0x150 [ 248.845447][ T9709] drm_ioctl+0x545/0xa50 [ 248.845461][ T9709] ? drm_mode_create_dumb+0x310/0x310 [ 248.845479][ T9709] ? drm_version+0x3d0/0x3d0 [ 248.845498][ T9709] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 248.855696][ T9709] ? smack_log+0x415/0x540 [ 248.855728][ T9709] ? drm_version+0x3d0/0x3d0 [ 248.855745][ T9709] do_vfs_ioctl+0xd6e/0x1390 [ 248.855764][ T9709] ? ioctl_preallocate+0x210/0x210 [ 248.866824][ T9709] ? smack_file_ioctl+0x196/0x310 [ 248.866837][ T9709] ? smack_inode_rename+0x2d0/0x2d0 [ 248.866857][ T9709] ? fput_many+0x12c/0x1a0 [ 248.875910][ T9709] ? tomoyo_file_ioctl+0x23/0x30 [ 248.875933][ T9709] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 248.875950][ T9709] ? security_file_ioctl+0x93/0xc0 [ 248.875969][ T9709] ksys_ioctl+0xab/0xd0 [ 248.891781][ T9709] __x64_sys_ioctl+0x73/0xb0 [ 248.900755][ T9709] do_syscall_64+0x103/0x610 00:13:10 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) 00:13:10 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:10 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x0, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:10 executing program 2 (fault-call:4 fault-nth:3): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) [ 248.900775][ T9709] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 248.900791][ T9709] RIP: 0033:0x458209 [ 248.910478][ T9709] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 248.910485][ T9709] RSP: 002b:00007efd1a17cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 248.910499][ T9709] RAX: ffffffffffffffda RBX: 00007efd1a17cc90 RCX: 0000000000458209 [ 248.910507][ T9709] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000004 00:13:10 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) 00:13:10 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x0, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 248.910514][ T9709] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 248.910527][ T9709] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efd1a17d6d4 [ 248.920702][ T9709] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000005 00:13:10 executing program 1: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:10 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) 00:13:10 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) [ 249.077670][ T9832] FAULT_INJECTION: forcing a failure. [ 249.077670][ T9832] name failslab, interval 1, probability 0, space 0, times 0 [ 249.187987][ T9832] CPU: 1 PID: 9832 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #33 [ 249.195935][ T9832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.206000][ T9832] Call Trace: [ 249.209307][ T9832] dump_stack+0x172/0x1f0 [ 249.213657][ T9832] should_fail.cold+0xa/0x15 [ 249.218269][ T9832] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 249.224095][ T9832] ? ___might_sleep+0x163/0x280 [ 249.228969][ T9832] __should_failslab+0x121/0x190 [ 249.234008][ T9832] ? shmem_destroy_callback+0xc0/0xc0 [ 249.239399][ T9832] should_failslab+0x9/0x14 [ 249.244007][ T9832] kmem_cache_alloc+0x2b2/0x6f0 [ 249.248876][ T9832] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 249.254538][ T9832] ? shmem_destroy_callback+0xc0/0xc0 [ 249.259940][ T9832] shmem_alloc_inode+0x1c/0x50 [ 249.264772][ T9832] alloc_inode+0x66/0x190 [ 249.269124][ T9832] new_inode_pseudo+0x19/0xf0 [ 249.273824][ T9832] new_inode+0x1f/0x40 [ 249.277927][ T9832] shmem_get_inode+0x84/0x780 [ 249.282635][ T9832] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 249.288989][ T9832] __shmem_file_setup.part.0+0x7e/0x2b0 [ 249.294563][ T9832] shmem_file_setup+0x66/0x90 [ 249.299258][ T9832] drm_gem_object_init+0x3b/0xb0 [ 249.304212][ T9832] __vgem_gem_create+0x6f/0x100 [ 249.309076][ T9832] vgem_gem_dumb_create+0xd7/0x260 [ 249.314210][ T9832] drm_mode_create_dumb+0x288/0x310 [ 249.319431][ T9832] drm_mode_create_dumb_ioctl+0x26/0x30 [ 249.324995][ T9832] drm_ioctl_kernel+0x23e/0x2e0 [ 249.329862][ T9832] ? drm_mode_create_dumb+0x310/0x310 [ 249.335252][ T9832] ? drm_setversion+0x8c0/0x8c0 [ 249.340117][ T9832] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 249.346374][ T9832] ? _copy_from_user+0xdd/0x150 [ 249.351241][ T9832] drm_ioctl+0x545/0xa50 [ 249.355496][ T9832] ? drm_mode_create_dumb+0x310/0x310 [ 249.360878][ T9832] ? drm_version+0x3d0/0x3d0 [ 249.365474][ T9832] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 249.365486][ T9832] ? smack_log+0x415/0x540 [ 249.365518][ T9832] ? drm_version+0x3d0/0x3d0 [ 249.375797][ T9832] do_vfs_ioctl+0xd6e/0x1390 [ 249.375816][ T9832] ? ioctl_preallocate+0x210/0x210 [ 249.375829][ T9832] ? smack_file_ioctl+0x196/0x310 [ 249.375840][ T9832] ? smack_inode_rename+0x2d0/0x2d0 [ 249.375859][ T9832] ? fput_many+0x12c/0x1a0 [ 249.404732][ T9832] ? tomoyo_file_ioctl+0x23/0x30 [ 249.409682][ T9832] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 249.415940][ T9832] ? security_file_ioctl+0x93/0xc0 [ 249.421063][ T9832] ksys_ioctl+0xab/0xd0 [ 249.425225][ T9832] __x64_sys_ioctl+0x73/0xb0 [ 249.425248][ T9832] do_syscall_64+0x103/0x610 [ 249.434397][ T9832] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 249.434413][ T9832] RIP: 0033:0x458209 [ 249.444179][ T9832] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 249.463787][ T9832] RSP: 002b:00007efd1a17cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 249.472209][ T9832] RAX: ffffffffffffffda RBX: 00007efd1a17cc90 RCX: 0000000000458209 [ 249.480192][ T9832] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000004 00:13:10 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) 00:13:11 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) 00:13:11 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) 00:13:11 executing program 1: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:11 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:11 executing program 3: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) [ 249.488161][ T9832] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 249.488168][ T9832] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efd1a17d6d4 [ 249.488175][ T9832] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000005 00:13:11 executing program 2 (fault-call:4 fault-nth:4): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:11 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:11 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) 00:13:11 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) 00:13:11 executing program 3 (fault-call:2 fault-nth:0): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:11 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 249.661979][ T9992] FAULT_INJECTION: forcing a failure. [ 249.661979][ T9992] name failslab, interval 1, probability 0, space 0, times 0 [ 249.705917][ T9992] CPU: 0 PID: 9992 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #33 [ 249.713846][ T9992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.723919][ T9992] Call Trace: [ 249.727225][ T9992] dump_stack+0x172/0x1f0 [ 249.731573][ T9992] should_fail.cold+0xa/0x15 [ 249.736179][ T9992] ? find_held_lock+0x35/0x130 [ 249.740963][ T9992] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 249.746786][ T9992] ? ___might_sleep+0x163/0x280 00:13:11 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:11 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000240)=""/117, 0x454) [ 249.751652][ T9992] __should_failslab+0x121/0x190 [ 249.756597][ T9992] should_failslab+0x9/0x14 [ 249.761113][ T9992] kmem_cache_alloc+0x2b2/0x6f0 [ 249.766028][ T9992] ? __put_user_ns+0x70/0x70 [ 249.770626][ T9992] ? shmem_alloc_inode+0x1c/0x50 [ 249.775630][ T9992] ? rcu_read_lock_sched_held+0x110/0x130 [ 249.781443][ T9992] security_inode_alloc+0x39/0x160 [ 249.786567][ T9992] inode_init_always+0x56e/0xb50 [ 249.791517][ T9992] alloc_inode+0x83/0x190 [ 249.795863][ T9992] new_inode_pseudo+0x19/0xf0 [ 249.800550][ T9992] new_inode+0x1f/0x40 00:13:11 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) [ 249.804633][ T9992] shmem_get_inode+0x84/0x780 [ 249.806185][T10088] FAULT_INJECTION: forcing a failure. [ 249.806185][T10088] name failslab, interval 1, probability 0, space 0, times 0 [ 249.809313][ T9992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 249.809341][ T9992] __shmem_file_setup.part.0+0x7e/0x2b0 [ 249.834184][ T9992] shmem_file_setup+0x66/0x90 [ 249.838889][ T9992] drm_gem_object_init+0x3b/0xb0 [ 249.843845][ T9992] __vgem_gem_create+0x6f/0x100 [ 249.848716][ T9992] vgem_gem_dumb_create+0xd7/0x260 00:13:11 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 249.853846][ T9992] drm_mode_create_dumb+0x288/0x310 [ 249.859068][ T9992] drm_mode_create_dumb_ioctl+0x26/0x30 [ 249.864636][ T9992] drm_ioctl_kernel+0x23e/0x2e0 [ 249.869510][ T9992] ? drm_mode_create_dumb+0x310/0x310 [ 249.874899][ T9992] ? drm_setversion+0x8c0/0x8c0 [ 249.879758][ T9992] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 249.886017][ T9992] ? _copy_from_user+0xdd/0x150 [ 249.890894][ T9992] drm_ioctl+0x545/0xa50 [ 249.895146][ T9992] ? drm_mode_create_dumb+0x310/0x310 [ 249.900532][ T9992] ? drm_version+0x3d0/0x3d0 00:13:11 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) [ 249.905132][ T9992] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 249.910948][ T9992] ? smack_log+0x415/0x540 [ 249.915388][ T9992] ? drm_version+0x3d0/0x3d0 [ 249.919987][ T9992] do_vfs_ioctl+0xd6e/0x1390 [ 249.924600][ T9992] ? ioctl_preallocate+0x210/0x210 [ 249.929720][ T9992] ? smack_file_ioctl+0x196/0x310 [ 249.934850][ T9992] ? smack_inode_rename+0x2d0/0x2d0 [ 249.940073][ T9992] ? fput_many+0x12c/0x1a0 [ 249.944500][ T9992] ? tomoyo_file_ioctl+0x23/0x30 [ 249.949446][ T9992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 249.955698][ T9992] ? security_file_ioctl+0x93/0xc0 [ 249.960828][ T9992] ksys_ioctl+0xab/0xd0 [ 249.965033][ T9992] __x64_sys_ioctl+0x73/0xb0 [ 249.969637][ T9992] do_syscall_64+0x103/0x610 [ 249.974244][ T9992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 249.980141][ T9992] RIP: 0033:0x458209 [ 249.984044][ T9992] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00:13:11 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) [ 250.003653][ T9992] RSP: 002b:00007efd1a17cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.012078][ T9992] RAX: ffffffffffffffda RBX: 00007efd1a17cc90 RCX: 0000000000458209 [ 250.020064][ T9992] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000004 [ 250.028049][ T9992] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 250.036034][ T9992] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efd1a17d6d4 [ 250.044024][ T9992] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000005 [ 250.053114][T10088] CPU: 1 PID: 10088 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 250.061183][T10088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.061188][T10088] Call Trace: [ 250.061210][T10088] dump_stack+0x172/0x1f0 [ 250.061227][T10088] should_fail.cold+0xa/0x15 [ 250.061243][T10088] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 250.061265][T10088] ? ___might_sleep+0x163/0x280 [ 250.074582][T10088] __should_failslab+0x121/0x190 [ 250.083456][T10088] should_failslab+0x9/0x14 [ 250.094196][T10088] __kmalloc+0x2dc/0x740 [ 250.103589][T10088] ? drm_ioctl+0x45c/0xa50 [ 250.112199][T10088] drm_ioctl+0x45c/0xa50 [ 250.116441][T10088] ? drm_mode_create_dumb+0x310/0x310 [ 250.116460][T10088] ? drm_version+0x3d0/0x3d0 [ 250.116471][T10088] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 250.116492][T10088] ? smack_log+0x415/0x540 [ 250.136348][T10088] ? drm_version+0x3d0/0x3d0 [ 250.136370][T10088] do_vfs_ioctl+0xd6e/0x1390 [ 250.146553][T10088] ? ioctl_preallocate+0x210/0x210 [ 250.146566][T10088] ? smack_file_ioctl+0x196/0x310 [ 250.146582][T10088] ? smack_inode_rename+0x2d0/0x2d0 [ 250.155731][T10088] ? fput_many+0x12c/0x1a0 [ 250.155749][T10088] ? tomoyo_file_ioctl+0x23/0x30 [ 250.155763][T10088] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 250.155783][T10088] ? security_file_ioctl+0x93/0xc0 [ 250.191718][T10088] ksys_ioctl+0xab/0xd0 [ 250.195896][T10088] __x64_sys_ioctl+0x73/0xb0 [ 250.200507][T10088] do_syscall_64+0x103/0x610 [ 250.205109][T10088] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.211011][T10088] RIP: 0033:0x458209 [ 250.215023][T10088] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 250.234647][T10088] RSP: 002b:00007f43d0f8dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.243221][T10088] RAX: ffffffffffffffda RBX: 00007f43d0f8dc90 RCX: 0000000000458209 00:13:11 executing program 2 (fault-call:4 fault-nth:5): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:11 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000240)=""/117, 0x454) 00:13:11 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) 00:13:11 executing program 4 (fault-call:2 fault-nth:0): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:11 executing program 3 (fault-call:2 fault-nth:1): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:11 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) [ 250.243230][T10088] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 250.243237][T10088] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 250.243243][T10088] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0f8e6d4 [ 250.243251][T10088] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 250.318528][T10211] FAULT_INJECTION: forcing a failure. [ 250.318528][T10211] name failslab, interval 1, probability 0, space 0, times 0 [ 250.352018][T10214] FAULT_INJECTION: forcing a failure. [ 250.352018][T10214] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 250.364496][T10211] CPU: 1 PID: 10211 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #33 [ 250.373304][T10211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.383356][T10211] Call Trace: [ 250.386650][T10211] dump_stack+0x172/0x1f0 [ 250.390980][T10211] should_fail.cold+0xa/0x15 [ 250.395565][T10211] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 250.401373][T10211] ? ___might_sleep+0x163/0x280 [ 250.406220][T10211] __should_failslab+0x121/0x190 [ 250.411156][T10211] should_failslab+0x9/0x14 [ 250.415654][T10211] __kmalloc+0x2dc/0x740 [ 250.419980][T10211] ? drm_ioctl+0x45c/0xa50 [ 250.424392][T10211] drm_ioctl+0x45c/0xa50 [ 250.428628][T10211] ? drm_mode_create_dumb+0x310/0x310 [ 250.433995][T10211] ? drm_version+0x3d0/0x3d0 [ 250.438577][T10211] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 250.444374][T10211] ? smack_log+0x415/0x540 [ 250.448799][T10211] ? drm_version+0x3d0/0x3d0 [ 250.453395][T10211] do_vfs_ioctl+0xd6e/0x1390 [ 250.457981][T10211] ? ioctl_preallocate+0x210/0x210 [ 250.463087][T10211] ? smack_file_ioctl+0x196/0x310 [ 250.468120][T10211] ? smack_inode_rename+0x2d0/0x2d0 [ 250.473318][T10211] ? fput_many+0x12c/0x1a0 [ 250.477739][T10211] ? tomoyo_file_ioctl+0x23/0x30 [ 250.482668][T10211] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 250.488901][T10211] ? security_file_ioctl+0x93/0xc0 [ 250.494011][T10211] ksys_ioctl+0xab/0xd0 [ 250.498163][T10211] __x64_sys_ioctl+0x73/0xb0 [ 250.502843][T10211] do_syscall_64+0x103/0x610 [ 250.507432][T10211] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.513318][T10211] RIP: 0033:0x458209 [ 250.517205][T10211] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 250.536811][T10211] RSP: 002b:00007fbdd364bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.545215][T10211] RAX: ffffffffffffffda RBX: 00007fbdd364bc90 RCX: 0000000000458209 [ 250.553178][T10211] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 250.561315][T10211] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 00:13:12 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) [ 250.569292][T10211] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbdd364c6d4 [ 250.577264][T10211] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 250.585261][T10214] CPU: 0 PID: 10214 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 250.593279][T10214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.603340][T10214] Call Trace: [ 250.606652][T10214] dump_stack+0x172/0x1f0 [ 250.611006][T10214] should_fail.cold+0xa/0x15 00:13:12 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000240)=""/117, 0x454) [ 250.615611][T10214] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 250.621428][T10214] ? __lock_acquire+0x548/0x3fb0 [ 250.626379][T10214] ? is_bpf_text_address+0xac/0x170 [ 250.641746][T10214] should_fail_alloc_page+0x50/0x60 [ 250.641762][T10214] __alloc_pages_nodemask+0x1a1/0x7e0 [ 250.641779][T10214] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 250.641799][T10214] ? find_held_lock+0x35/0x130 [ 250.641821][T10214] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 250.641837][T10214] cache_grow_begin+0x9c/0x860 [ 250.641857][T10214] ? drm_ioctl+0x45c/0xa50 [ 250.678215][T10214] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 250.684474][T10214] __kmalloc+0x67f/0x740 [ 250.688724][T10214] ? drm_ioctl+0x45c/0xa50 [ 250.688741][T10214] drm_ioctl+0x45c/0xa50 [ 250.688756][T10214] ? drm_mode_create_dumb+0x310/0x310 [ 250.688777][T10214] ? drm_version+0x3d0/0x3d0 [ 250.688797][T10214] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 250.688809][T10214] ? smack_log+0x415/0x540 [ 250.688837][T10214] ? drm_version+0x3d0/0x3d0 [ 250.702848][T10214] do_vfs_ioctl+0xd6e/0x1390 [ 250.712911][T10326] FAULT_INJECTION: forcing a failure. [ 250.712911][T10326] name failslab, interval 1, probability 0, space 0, times 0 [ 250.713217][T10214] ? ioctl_preallocate+0x210/0x210 [ 250.739343][T10214] ? smack_file_ioctl+0x196/0x310 [ 250.739357][T10214] ? smack_inode_rename+0x2d0/0x2d0 [ 250.739376][T10214] ? fput_many+0x12c/0x1a0 [ 250.739395][T10214] ? tomoyo_file_ioctl+0x23/0x30 [ 250.739410][T10214] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 250.739425][T10214] ? security_file_ioctl+0x93/0xc0 [ 250.739441][T10214] ksys_ioctl+0xab/0xd0 [ 250.739459][T10214] __x64_sys_ioctl+0x73/0xb0 [ 250.784124][T10214] do_syscall_64+0x103/0x610 [ 250.788733][T10214] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.794629][T10214] RIP: 0033:0x458209 [ 250.798539][T10214] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00:13:12 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, 0x0, 0x0) [ 250.819367][T10214] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.827784][T10214] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 250.835756][T10214] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 250.844547][T10214] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 250.852526][T10214] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 250.860512][T10214] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 250.868508][T10326] CPU: 1 PID: 10326 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #33 [ 250.876496][T10326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.886560][T10326] Call Trace: [ 250.889861][T10326] dump_stack+0x172/0x1f0 [ 250.894204][T10326] should_fail.cold+0xa/0x15 [ 250.898824][T10326] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 250.904648][T10326] ? ___might_sleep+0x163/0x280 [ 250.909514][T10326] __should_failslab+0x121/0x190 [ 250.914472][T10326] should_failslab+0x9/0x14 [ 250.918986][T10326] kmem_cache_alloc+0x2b2/0x6f0 [ 250.923848][T10326] ? current_time+0x6b/0x140 [ 250.928539][T10326] ? ktime_get_coarse_real_ts64+0xf0/0x2b0 [ 250.934357][T10326] ? lockdep_hardirqs_on+0x418/0x5d0 [ 250.939646][T10326] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 250.945894][T10326] ? timespec64_trunc+0xf0/0x180 [ 250.950838][T10326] __d_alloc+0x2e/0x8c0 [ 250.954998][T10326] d_alloc_pseudo+0x1e/0x30 [ 250.959514][T10326] alloc_file_pseudo+0xe2/0x280 [ 250.964377][T10326] ? alloc_file+0x4d0/0x4d0 [ 250.968886][T10326] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 250.975142][T10326] __shmem_file_setup.part.0+0x108/0x2b0 [ 250.980807][T10326] shmem_file_setup+0x66/0x90 [ 250.985500][T10326] drm_gem_object_init+0x3b/0xb0 [ 250.989518][T10436] FAULT_INJECTION: forcing a failure. [ 250.989518][T10436] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 250.990456][T10326] __vgem_gem_create+0x6f/0x100 [ 251.008469][T10326] vgem_gem_dumb_create+0xd7/0x260 [ 251.013581][T10326] drm_mode_create_dumb+0x288/0x310 [ 251.018784][T10326] drm_mode_create_dumb_ioctl+0x26/0x30 [ 251.024322][T10326] drm_ioctl_kernel+0x23e/0x2e0 [ 251.029164][T10326] ? drm_mode_create_dumb+0x310/0x310 [ 251.034530][T10326] ? drm_setversion+0x8c0/0x8c0 [ 251.039380][T10326] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 251.045621][T10326] ? _copy_from_user+0xdd/0x150 [ 251.050465][T10326] drm_ioctl+0x545/0xa50 [ 251.054700][T10326] ? drm_mode_create_dumb+0x310/0x310 [ 251.060065][T10326] ? drm_version+0x3d0/0x3d0 [ 251.064648][T10326] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 251.070452][T10326] ? smack_log+0x415/0x540 [ 251.074878][T10326] ? drm_version+0x3d0/0x3d0 [ 251.079466][T10326] do_vfs_ioctl+0xd6e/0x1390 [ 251.084050][T10326] ? ioctl_preallocate+0x210/0x210 [ 251.089151][T10326] ? smack_file_ioctl+0x196/0x310 [ 251.094167][T10326] ? smack_inode_rename+0x2d0/0x2d0 [ 251.099363][T10326] ? fput_many+0x12c/0x1a0 [ 251.103780][T10326] ? tomoyo_file_ioctl+0x23/0x30 [ 251.108707][T10326] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 251.114938][T10326] ? security_file_ioctl+0x93/0xc0 [ 251.120130][T10326] ksys_ioctl+0xab/0xd0 [ 251.124297][T10326] __x64_sys_ioctl+0x73/0xb0 [ 251.128878][T10326] do_syscall_64+0x103/0x610 [ 251.133464][T10326] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 251.139358][T10326] RIP: 0033:0x458209 [ 251.143255][T10326] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 251.162851][T10326] RSP: 002b:00007efd1a17cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 251.171342][T10326] RAX: ffffffffffffffda RBX: 00007efd1a17cc90 RCX: 0000000000458209 [ 251.179302][T10326] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000004 [ 251.187265][T10326] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 251.195225][T10326] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efd1a17d6d4 [ 251.203201][T10326] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000005 [ 251.211186][T10436] CPU: 0 PID: 10436 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #33 00:13:12 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, 0x0, 0x0) 00:13:12 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:12 executing program 4 (fault-call:2 fault-nth:1): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 251.219243][T10436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.219248][T10436] Call Trace: [ 251.219269][T10436] dump_stack+0x172/0x1f0 [ 251.219287][T10436] should_fail.cold+0xa/0x15 [ 251.219307][T10436] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 251.247332][T10436] ? __lock_acquire+0x548/0x3fb0 [ 251.252285][T10436] ? is_bpf_text_address+0xac/0x170 [ 251.257504][T10436] should_fail_alloc_page+0x50/0x60 [ 251.262721][T10436] __alloc_pages_nodemask+0x1a1/0x7e0 [ 251.268121][T10436] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 251.273849][T10436] ? find_held_lock+0x35/0x130 [ 251.273873][T10436] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 251.284411][T10436] cache_grow_begin+0x9c/0x860 [ 251.284432][T10436] ? drm_ioctl+0x45c/0xa50 [ 251.293574][T10436] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 251.299832][T10436] __kmalloc+0x67f/0x740 [ 251.304090][T10436] ? drm_ioctl+0x45c/0xa50 [ 251.308525][T10436] drm_ioctl+0x45c/0xa50 [ 251.312788][T10436] ? drm_mode_create_dumb+0x310/0x310 [ 251.318176][T10436] ? drm_version+0x3d0/0x3d0 [ 251.322779][T10436] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 251.328589][T10436] ? smack_log+0x415/0x540 [ 251.333021][T10436] ? drm_version+0x3d0/0x3d0 [ 251.337624][T10436] do_vfs_ioctl+0xd6e/0x1390 [ 251.342235][T10436] ? ioctl_preallocate+0x210/0x210 [ 251.347438][T10436] ? smack_file_ioctl+0x196/0x310 [ 251.352465][T10436] ? smack_inode_rename+0x2d0/0x2d0 [ 251.357674][T10436] ? fput_many+0x12c/0x1a0 [ 251.362095][T10436] ? tomoyo_file_ioctl+0x23/0x30 [ 251.367045][T10436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 251.373283][T10436] ? security_file_ioctl+0x93/0xc0 [ 251.378403][T10436] ksys_ioctl+0xab/0xd0 [ 251.382564][T10436] __x64_sys_ioctl+0x73/0xb0 [ 251.387158][T10436] do_syscall_64+0x103/0x610 [ 251.391773][T10436] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 251.397669][T10436] RIP: 0033:0x458209 [ 251.401572][T10436] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00:13:13 executing program 2 (fault-call:4 fault-nth:6): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:13 executing program 1 (fault-call:1 fault-nth:0): r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:13 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:13 executing program 3 (fault-call:2 fault-nth:2): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 251.421207][T10436] RSP: 002b:00007fbdd364bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 251.429631][T10436] RAX: ffffffffffffffda RBX: 00007fbdd364bc90 RCX: 0000000000458209 [ 251.437630][T10436] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 251.445608][T10436] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 251.453586][T10436] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbdd364c6d4 [ 251.461569][T10436] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 00:13:13 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, 0x0, 0x0) [ 251.491122][T10449] FAULT_INJECTION: forcing a failure. [ 251.491122][T10449] name failslab, interval 1, probability 0, space 0, times 0 [ 251.492738][T10452] FAULT_INJECTION: forcing a failure. [ 251.492738][T10452] name failslab, interval 1, probability 0, space 0, times 0 [ 251.517194][T10448] FAULT_INJECTION: forcing a failure. [ 251.517194][T10448] name failslab, interval 1, probability 0, space 0, times 0 [ 251.538047][T10448] CPU: 0 PID: 10448 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #33 [ 251.546054][T10448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.546060][T10448] Call Trace: [ 251.546086][T10448] dump_stack+0x172/0x1f0 [ 251.546106][T10448] should_fail.cold+0xa/0x15 [ 251.546124][T10448] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 251.546144][T10448] ? ___might_sleep+0x163/0x280 [ 251.546161][T10448] __should_failslab+0x121/0x190 [ 251.546179][T10448] should_failslab+0x9/0x14 [ 251.546193][T10448] kmem_cache_alloc+0x2b2/0x6f0 [ 251.546210][T10448] __alloc_file+0x27/0x300 [ 251.546224][T10448] alloc_empty_file+0x72/0x170 [ 251.546238][T10448] alloc_file+0x5e/0x4d0 [ 251.546254][T10448] alloc_file_pseudo+0x189/0x280 [ 251.546267][T10448] ? alloc_file+0x4d0/0x4d0 [ 251.546281][T10448] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 251.546303][T10448] __shmem_file_setup.part.0+0x108/0x2b0 [ 251.546320][T10448] shmem_file_setup+0x66/0x90 [ 251.546335][T10448] drm_gem_object_init+0x3b/0xb0 [ 251.546352][T10448] __vgem_gem_create+0x6f/0x100 [ 251.546369][T10448] vgem_gem_dumb_create+0xd7/0x260 [ 251.546389][T10448] drm_mode_create_dumb+0x288/0x310 [ 251.546406][T10448] drm_mode_create_dumb_ioctl+0x26/0x30 [ 251.546421][T10448] drm_ioctl_kernel+0x23e/0x2e0 [ 251.546434][T10448] ? drm_mode_create_dumb+0x310/0x310 [ 251.546447][T10448] ? drm_setversion+0x8c0/0x8c0 [ 251.546461][T10448] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 251.546474][T10448] ? _copy_from_user+0xdd/0x150 [ 251.546488][T10448] drm_ioctl+0x545/0xa50 00:13:13 executing program 4 (fault-call:2 fault-nth:2): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 251.546501][T10448] ? drm_mode_create_dumb+0x310/0x310 [ 251.546519][T10448] ? drm_version+0x3d0/0x3d0 [ 251.546532][T10448] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 251.546544][T10448] ? smack_log+0x415/0x540 [ 251.546577][T10448] ? drm_version+0x3d0/0x3d0 [ 251.546595][T10448] do_vfs_ioctl+0xd6e/0x1390 [ 251.546613][T10448] ? ioctl_preallocate+0x210/0x210 [ 251.546625][T10448] ? smack_file_ioctl+0x196/0x310 [ 251.546636][T10448] ? smack_inode_rename+0x2d0/0x2d0 [ 251.546656][T10448] ? fput_many+0x12c/0x1a0 [ 251.546672][T10448] ? tomoyo_file_ioctl+0x23/0x30 [ 251.546684][T10448] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 251.546699][T10448] ? security_file_ioctl+0x93/0xc0 [ 251.546727][T10448] ksys_ioctl+0xab/0xd0 [ 251.546747][T10448] __x64_sys_ioctl+0x73/0xb0 [ 251.546765][T10448] do_syscall_64+0x103/0x610 [ 251.546784][T10448] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 251.546795][T10448] RIP: 0033:0x458209 [ 251.546816][T10448] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 251.701479][T10448] RSP: 002b:00007efd1a17cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 251.701494][T10448] RAX: ffffffffffffffda RBX: 00007efd1a17cc90 RCX: 0000000000458209 [ 251.701503][T10448] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000004 [ 251.701512][T10448] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 251.701521][T10448] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efd1a17d6d4 [ 251.701530][T10448] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000005 [ 251.735375][T10452] CPU: 0 PID: 10452 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 251.810109][T10452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.810114][T10452] Call Trace: [ 251.810138][T10452] dump_stack+0x172/0x1f0 [ 251.810159][T10452] should_fail.cold+0xa/0x15 [ 251.810177][T10452] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 251.810196][T10452] ? ___might_sleep+0x163/0x280 [ 251.810213][T10452] __should_failslab+0x121/0x190 [ 251.810230][T10452] should_failslab+0x9/0x14 [ 251.810245][T10452] kmem_cache_alloc_trace+0x2d1/0x760 [ 251.810259][T10452] ? drm_dev_exit+0x22/0x60 [ 251.810282][T10452] ? find_held_lock+0x35/0x130 [ 251.915469][T10452] __vgem_gem_create+0x49/0x100 [ 251.920335][T10452] vgem_gem_dumb_create+0xd7/0x260 [ 251.925447][T10452] drm_mode_create_dumb+0x288/0x310 [ 251.930657][T10452] drm_mode_create_dumb_ioctl+0x26/0x30 [ 251.936225][T10452] drm_ioctl_kernel+0x23e/0x2e0 00:13:13 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) [ 251.941093][T10452] ? drm_mode_create_dumb+0x310/0x310 [ 251.946478][T10452] ? drm_setversion+0x8c0/0x8c0 [ 251.951336][T10452] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 251.957578][T10452] ? _copy_from_user+0xdd/0x150 [ 251.962439][T10452] drm_ioctl+0x545/0xa50 [ 251.966688][T10452] ? drm_mode_create_dumb+0x310/0x310 [ 251.972067][T10452] ? drm_version+0x3d0/0x3d0 [ 251.976748][T10452] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 251.982563][T10452] ? smack_log+0x415/0x540 [ 251.987007][T10452] ? drm_version+0x3d0/0x3d0 00:13:13 executing program 2 (fault-call:4 fault-nth:7): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) [ 251.992906][T10452] do_vfs_ioctl+0xd6e/0x1390 [ 251.997492][T10452] ? ioctl_preallocate+0x210/0x210 [ 251.997504][T10452] ? smack_file_ioctl+0x196/0x310 [ 251.997516][T10452] ? smack_inode_rename+0x2d0/0x2d0 [ 251.997535][T10452] ? fput_many+0x12c/0x1a0 [ 251.997553][T10452] ? tomoyo_file_ioctl+0x23/0x30 [ 251.997567][T10452] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 251.997585][T10452] ? security_file_ioctl+0x93/0xc0 [ 252.033546][T10452] ksys_ioctl+0xab/0xd0 [ 252.033567][T10452] __x64_sys_ioctl+0x73/0xb0 [ 252.033588][T10452] do_syscall_64+0x103/0x610 [ 252.046883][T10452] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.052780][T10452] RIP: 0033:0x458209 [ 252.056686][T10452] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.076286][T10452] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 252.076301][T10452] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 252.076310][T10452] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 252.076319][T10452] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 252.076328][T10452] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 252.076335][T10452] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 252.132550][T10464] FAULT_INJECTION: forcing a failure. [ 252.132550][T10464] name failslab, interval 1, probability 0, space 0, times 0 [ 252.143593][T10449] CPU: 1 PID: 10449 Comm: syz-executor.1 Not tainted 5.1.0-rc1+ #33 [ 252.153145][T10449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.163207][T10449] Call Trace: [ 252.166697][T10449] dump_stack+0x172/0x1f0 [ 252.171041][T10449] should_fail.cold+0xa/0x15 [ 252.175645][T10449] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 252.181471][T10449] ? ___might_sleep+0x163/0x280 [ 252.186338][T10449] __should_failslab+0x121/0x190 [ 252.191285][T10449] should_failslab+0x9/0x14 [ 252.195803][T10449] __kmalloc+0x2dc/0x740 [ 252.200054][T10449] ? drm_ioctl+0x45c/0xa50 [ 252.204483][T10449] drm_ioctl+0x45c/0xa50 [ 252.208729][T10449] ? drm_mode_create_dumb+0x310/0x310 [ 252.214110][T10449] ? drm_version+0x3d0/0x3d0 [ 252.218706][T10449] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 252.224508][T10449] ? smack_log+0x415/0x540 [ 252.228942][T10449] ? drm_version+0x3d0/0x3d0 [ 252.233545][T10449] do_vfs_ioctl+0xd6e/0x1390 [ 252.238151][T10449] ? ioctl_preallocate+0x210/0x210 [ 252.243266][T10449] ? smack_file_ioctl+0x196/0x310 [ 252.248298][T10449] ? smack_inode_rename+0x2d0/0x2d0 [ 252.253512][T10449] ? fput_many+0x12c/0x1a0 [ 252.257940][T10449] ? tomoyo_file_ioctl+0x23/0x30 [ 252.262897][T10449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 252.269153][T10449] ? security_file_ioctl+0x93/0xc0 [ 252.274278][T10449] ksys_ioctl+0xab/0xd0 [ 252.278466][T10449] __x64_sys_ioctl+0x73/0xb0 [ 252.283058][T10449] do_syscall_64+0x103/0x610 [ 252.287649][T10449] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.293570][T10449] RIP: 0033:0x458209 [ 252.297467][T10449] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.317078][T10449] RSP: 002b:00007fbe71899c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 252.325499][T10449] RAX: ffffffffffffffda RBX: 00007fbe71899c90 RCX: 0000000000458209 [ 252.333476][T10449] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 00:13:13 executing program 5 (fault-call:4 fault-nth:0): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:13 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) [ 252.341450][T10449] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 252.349431][T10449] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe7189a6d4 [ 252.357419][T10449] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 252.365419][T10464] CPU: 0 PID: 10464 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #33 [ 252.373408][T10464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.383468][T10464] Call Trace: [ 252.386761][T10464] dump_stack+0x172/0x1f0 [ 252.386783][T10464] should_fail.cold+0xa/0x15 [ 252.386800][T10464] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 252.386823][T10464] ? ___might_sleep+0x163/0x280 [ 252.386840][T10464] __should_failslab+0x121/0x190 [ 252.386855][T10464] ? shmem_destroy_callback+0xc0/0xc0 [ 252.386870][T10464] should_failslab+0x9/0x14 [ 252.386885][T10464] kmem_cache_alloc+0x2b2/0x6f0 [ 252.386901][T10464] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 252.386918][T10464] ? shmem_destroy_callback+0xc0/0xc0 [ 252.401602][T10464] shmem_alloc_inode+0x1c/0x50 [ 252.401618][T10464] alloc_inode+0x66/0x190 [ 252.401632][T10464] new_inode_pseudo+0x19/0xf0 [ 252.401656][T10464] new_inode+0x1f/0x40 [ 252.424999][T10473] FAULT_INJECTION: forcing a failure. [ 252.424999][T10473] name failslab, interval 1, probability 0, space 0, times 0 [ 252.426093][T10464] shmem_get_inode+0x84/0x780 [ 252.426110][T10464] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 252.426131][T10464] __shmem_file_setup.part.0+0x7e/0x2b0 [ 252.426151][T10464] shmem_file_setup+0x66/0x90 [ 252.426168][T10464] drm_gem_object_init+0x3b/0xb0 [ 252.426186][T10464] __vgem_gem_create+0x6f/0x100 [ 252.426202][T10464] vgem_gem_dumb_create+0xd7/0x260 [ 252.426218][T10464] drm_mode_create_dumb+0x288/0x310 [ 252.426239][T10464] drm_mode_create_dumb_ioctl+0x26/0x30 [ 252.514255][T10464] drm_ioctl_kernel+0x23e/0x2e0 [ 252.519108][T10464] ? drm_mode_create_dumb+0x310/0x310 [ 252.524475][T10464] ? drm_setversion+0x8c0/0x8c0 [ 252.529325][T10464] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 252.535560][T10464] ? _copy_from_user+0xdd/0x150 [ 252.540414][T10464] drm_ioctl+0x545/0xa50 [ 252.544655][T10464] ? drm_mode_create_dumb+0x310/0x310 [ 252.550031][T10464] ? drm_version+0x3d0/0x3d0 [ 252.554617][T10464] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 252.560425][T10464] ? smack_log+0x415/0x540 [ 252.564857][T10464] ? drm_version+0x3d0/0x3d0 [ 252.569445][T10464] do_vfs_ioctl+0xd6e/0x1390 [ 252.574037][T10464] ? ioctl_preallocate+0x210/0x210 [ 252.579142][T10464] ? smack_file_ioctl+0x196/0x310 [ 252.584164][T10464] ? smack_inode_rename+0x2d0/0x2d0 [ 252.589365][T10464] ? fput_many+0x12c/0x1a0 [ 252.593783][T10464] ? tomoyo_file_ioctl+0x23/0x30 [ 252.598722][T10464] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 252.604956][T10464] ? security_file_ioctl+0x93/0xc0 [ 252.610067][T10464] ksys_ioctl+0xab/0xd0 [ 252.614219][T10464] __x64_sys_ioctl+0x73/0xb0 [ 252.618813][T10464] do_syscall_64+0x103/0x610 [ 252.623402][T10464] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.629289][T10464] RIP: 0033:0x458209 [ 252.639100][T10464] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.661801][T10464] RSP: 002b:00007fbdd364bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 252.670210][T10464] RAX: ffffffffffffffda RBX: 00007fbdd364bc90 RCX: 0000000000458209 [ 252.678175][T10464] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 252.686140][T10464] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 252.694103][T10464] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbdd364c6d4 [ 252.702070][T10464] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 252.710057][T10473] CPU: 1 PID: 10473 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #33 [ 252.718042][T10473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.728105][T10473] Call Trace: [ 252.731410][T10473] dump_stack+0x172/0x1f0 [ 252.735785][T10473] should_fail.cold+0xa/0x15 [ 252.740401][T10473] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 252.746217][T10473] ? find_held_lock+0x35/0x130 [ 252.751000][T10473] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 252.756657][T10473] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 252.762915][T10473] ? should_fail+0x1de/0x852 [ 252.767525][T10473] __should_failslab+0x121/0x190 [ 252.772484][T10473] should_failslab+0x9/0x14 [ 252.775992][T10481] FAULT_INJECTION: forcing a failure. [ 252.775992][T10481] name failslab, interval 1, probability 0, space 0, times 0 [ 252.777001][T10473] kmem_cache_alloc+0x47/0x6f0 [ 252.777026][T10473] radix_tree_node_alloc.constprop.0+0x1eb/0x340 [ 252.801016][T10473] idr_get_free+0x425/0x8d0 [ 252.805546][T10473] idr_alloc_u32+0x19e/0x330 [ 252.810164][T10473] ? __fprop_inc_percpu_max+0x230/0x230 [ 252.815813][T10473] ? drm_gem_handle_create+0x47/0x70 [ 252.822588][T10473] idr_alloc+0xe5/0x150 [ 252.826762][T10473] ? idr_alloc_u32+0x330/0x330 [ 252.831547][T10473] drm_gem_handle_create_tail+0x12a/0x3b0 [ 252.837288][T10473] drm_gem_handle_create+0x55/0x70 [ 252.842404][T10473] vgem_gem_dumb_create+0x10a/0x260 [ 252.847626][T10473] drm_mode_create_dumb+0x288/0x310 [ 252.852834][T10473] drm_mode_create_dumb_ioctl+0x26/0x30 [ 252.858389][T10473] drm_ioctl_kernel+0x23e/0x2e0 [ 252.863254][T10473] ? drm_mode_create_dumb+0x310/0x310 [ 252.868649][T10473] ? drm_setversion+0x8c0/0x8c0 [ 252.873518][T10473] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 252.879766][T10473] ? _copy_from_user+0xdd/0x150 [ 252.884643][T10473] drm_ioctl+0x545/0xa50 [ 252.888895][T10473] ? drm_mode_create_dumb+0x310/0x310 [ 252.894292][T10473] ? drm_version+0x3d0/0x3d0 [ 252.898887][T10473] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 252.904697][T10473] ? smack_log+0x415/0x540 [ 252.909141][T10473] ? drm_version+0x3d0/0x3d0 [ 252.913742][T10473] do_vfs_ioctl+0xd6e/0x1390 [ 252.918345][T10473] ? ioctl_preallocate+0x210/0x210 [ 252.923471][T10473] ? smack_file_ioctl+0x196/0x310 [ 252.928508][T10473] ? smack_inode_rename+0x2d0/0x2d0 [ 252.933722][T10473] ? fput_many+0x12c/0x1a0 [ 252.938151][T10473] ? tomoyo_file_ioctl+0x23/0x30 [ 252.943102][T10473] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 252.949353][T10473] ? security_file_ioctl+0x93/0xc0 [ 252.954487][T10473] ksys_ioctl+0xab/0xd0 [ 252.958660][T10473] __x64_sys_ioctl+0x73/0xb0 [ 252.963255][T10473] do_syscall_64+0x103/0x610 [ 252.967887][T10473] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.973777][T10473] RIP: 0033:0x458209 [ 252.977680][T10473] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.997294][T10473] RSP: 002b:00007efd1a15bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.005733][T10473] RAX: ffffffffffffffda RBX: 00007efd1a15bc90 RCX: 0000000000458209 [ 253.013786][T10473] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 253.021754][T10473] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 253.029715][T10473] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efd1a15c6d4 [ 253.037680][T10473] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 00:13:14 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x8) 00:13:14 executing program 3 (fault-call:2 fault-nth:3): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:14 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x20000694) 00:13:14 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:14 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x10040, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, &(0x7f0000000100)=0x84) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000140)={r3, @in6={{0xa, 0x4e21, 0x1d8f, @loopback, 0x919}}}, 0x84) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) [ 253.045670][T10481] CPU: 0 PID: 10481 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 253.053653][T10481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.053665][T10481] Call Trace: [ 253.067038][T10481] dump_stack+0x172/0x1f0 [ 253.071378][T10481] should_fail.cold+0xa/0x15 [ 253.075989][T10481] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 253.081887][T10481] ? ___might_sleep+0x163/0x280 [ 253.081908][T10481] __should_failslab+0x121/0x190 [ 253.081923][T10481] ? shmem_destroy_callback+0xc0/0xc0 [ 253.081942][T10481] should_failslab+0x9/0x14 [ 253.101555][T10481] kmem_cache_alloc+0x2b2/0x6f0 [ 253.106431][T10481] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 253.106448][T10481] ? shmem_destroy_callback+0xc0/0xc0 [ 253.106461][T10481] shmem_alloc_inode+0x1c/0x50 [ 253.106475][T10481] alloc_inode+0x66/0x190 [ 253.106489][T10481] new_inode_pseudo+0x19/0xf0 [ 253.106501][T10481] new_inode+0x1f/0x40 [ 253.106515][T10481] shmem_get_inode+0x84/0x780 [ 253.106530][T10481] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 00:13:14 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00000002, &(0x7f0000000040)) [ 253.106550][T10481] __shmem_file_setup.part.0+0x7e/0x2b0 [ 253.106567][T10481] shmem_file_setup+0x66/0x90 [ 253.106586][T10481] drm_gem_object_init+0x3b/0xb0 [ 253.122335][T10481] __vgem_gem_create+0x6f/0x100 [ 253.122350][T10481] vgem_gem_dumb_create+0xd7/0x260 [ 253.122370][T10481] drm_mode_create_dumb+0x288/0x310 [ 253.156489][T10481] drm_mode_create_dumb_ioctl+0x26/0x30 [ 253.156506][T10481] drm_ioctl_kernel+0x23e/0x2e0 [ 253.156519][T10481] ? drm_mode_create_dumb+0x310/0x310 [ 253.156532][T10481] ? drm_setversion+0x8c0/0x8c0 00:13:14 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) [ 253.156550][T10481] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 253.156565][T10481] ? _copy_from_user+0xdd/0x150 [ 253.156582][T10481] drm_ioctl+0x545/0xa50 [ 253.166353][T10481] ? drm_mode_create_dumb+0x310/0x310 [ 253.166375][T10481] ? drm_version+0x3d0/0x3d0 [ 253.166388][T10481] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 253.166399][T10481] ? smack_log+0x415/0x540 [ 253.166430][T10481] ? drm_version+0x3d0/0x3d0 [ 253.166448][T10481] do_vfs_ioctl+0xd6e/0x1390 [ 253.166465][T10481] ? ioctl_preallocate+0x210/0x210 [ 253.166481][T10481] ? smack_file_ioctl+0x196/0x310 [ 253.237338][T10481] ? smack_inode_rename+0x2d0/0x2d0 [ 253.237359][T10481] ? fput_many+0x12c/0x1a0 [ 253.237376][T10481] ? tomoyo_file_ioctl+0x23/0x30 [ 253.237392][T10481] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 253.237407][T10481] ? security_file_ioctl+0x93/0xc0 [ 253.237424][T10481] ksys_ioctl+0xab/0xd0 [ 253.237442][T10481] __x64_sys_ioctl+0x73/0xb0 [ 253.247137][T10481] do_syscall_64+0x103/0x610 [ 253.247156][T10481] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.247167][T10481] RIP: 0033:0x458209 [ 253.247180][T10481] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.247188][T10481] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.247201][T10481] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 253.247209][T10481] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 00:13:14 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:14 executing program 2 (fault-call:4 fault-nth:8): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:14 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)) [ 253.247216][T10481] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 253.247223][T10481] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 253.247230][T10481] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 253.376330][T10694] FAULT_INJECTION: forcing a failure. [ 253.376330][T10694] name failslab, interval 1, probability 0, space 0, times 0 [ 253.389190][T10694] CPU: 0 PID: 10694 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #33 [ 253.397192][T10694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.407275][T10694] Call Trace: [ 253.410602][T10694] dump_stack+0x172/0x1f0 [ 253.414955][T10694] should_fail.cold+0xa/0x15 [ 253.419576][T10694] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 253.425398][T10694] ? find_held_lock+0x35/0x130 [ 253.430183][T10694] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 253.435834][T10694] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 253.442092][T10694] ? should_fail+0x1de/0x852 [ 253.446696][T10694] __should_failslab+0x121/0x190 [ 253.446714][T10694] should_failslab+0x9/0x14 [ 253.446734][T10694] kmem_cache_alloc+0x47/0x6f0 [ 253.446759][T10694] radix_tree_node_alloc.constprop.0+0x1eb/0x340 [ 253.446776][T10694] idr_get_free+0x425/0x8d0 [ 253.446803][T10694] idr_alloc_u32+0x19e/0x330 [ 253.446820][T10694] ? __fprop_inc_percpu_max+0x230/0x230 [ 253.446835][T10694] ? drm_gem_handle_create+0x47/0x70 [ 253.446856][T10694] idr_alloc+0xe5/0x150 [ 253.446871][T10694] ? idr_alloc_u32+0x330/0x330 [ 253.446893][T10694] drm_gem_handle_create_tail+0x12a/0x3b0 [ 253.476533][T10694] drm_gem_handle_create+0x55/0x70 [ 253.476553][T10694] vgem_gem_dumb_create+0x10a/0x260 [ 253.476579][T10694] drm_mode_create_dumb+0x288/0x310 [ 253.476598][T10694] drm_mode_create_dumb_ioctl+0x26/0x30 [ 253.476613][T10694] drm_ioctl_kernel+0x23e/0x2e0 [ 253.476627][T10694] ? drm_mode_create_dumb+0x310/0x310 [ 253.476641][T10694] ? drm_setversion+0x8c0/0x8c0 [ 253.476660][T10694] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 253.487464][T10694] ? _copy_from_user+0xdd/0x150 [ 253.487483][T10694] drm_ioctl+0x545/0xa50 [ 253.487498][T10694] ? drm_mode_create_dumb+0x310/0x310 [ 253.487516][T10694] ? drm_version+0x3d0/0x3d0 [ 253.487529][T10694] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 253.487540][T10694] ? smack_log+0x415/0x540 [ 253.487575][T10694] ? drm_version+0x3d0/0x3d0 [ 253.487594][T10694] do_vfs_ioctl+0xd6e/0x1390 [ 253.502375][T10694] ? ioctl_preallocate+0x210/0x210 [ 253.502389][T10694] ? smack_file_ioctl+0x196/0x310 [ 253.502400][T10694] ? smack_inode_rename+0x2d0/0x2d0 [ 253.502419][T10694] ? fput_many+0x12c/0x1a0 [ 253.602817][T10694] ? tomoyo_file_ioctl+0x23/0x30 [ 253.607770][T10694] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 253.614030][T10694] ? security_file_ioctl+0x93/0xc0 [ 253.619162][T10694] ksys_ioctl+0xab/0xd0 [ 253.623325][T10694] __x64_sys_ioctl+0x73/0xb0 [ 253.623344][T10694] do_syscall_64+0x103/0x610 [ 253.623364][T10694] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.632505][T10694] RIP: 0033:0x458209 00:13:15 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) setxattr(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000100)=@random={'security.', 'flushoncommit'}, &(0x7f0000000180)='+-@em1Mwlan1}security$vboxnet0(security$++(\x00', 0x1d, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f00000013c0)='btrfs\x00', &(0x7f0000001400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000038c0)={[{@flushoncommit='flushoncommit'}, {@subvolid={'subvolid'}}, {@device={'device', 0x3d, './file0'}}, {@discard='discard'}], [{@fsname={'fsname', 0x3d, 'vmnet1/{nodev*&%'}}]}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=0x0) r4 = getpid() r5 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x0, 0x2) kcmp$KCMP_EPOLL_TFD(r3, r4, 0x7, r1, &(0x7f0000000080)={r5, r2, 0x895}) read(r2, &(0x7f0000000240)=""/117, 0x454) 00:13:15 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) 00:13:15 executing program 3 (fault-call:2 fault-nth:4): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 253.632521][T10694] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.632528][T10694] RSP: 002b:00007efd1a17cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.671995][T10694] RAX: ffffffffffffffda RBX: 00007efd1a17cc90 RCX: 0000000000458209 [ 253.679979][T10694] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000004 [ 253.687951][T10694] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 00:13:15 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005421, &(0x7f0000000040)) [ 253.687960][T10694] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efd1a17d6d4 [ 253.687968][T10694] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000005 00:13:15 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00000002, &(0x7f0000000040)) [ 253.746626][T10811] FAULT_INJECTION: forcing a failure. [ 253.746626][T10811] name failslab, interval 1, probability 0, space 0, times 0 00:13:15 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) [ 253.803843][T10811] CPU: 0 PID: 10811 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 253.811866][T10811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.821922][T10811] Call Trace: [ 253.821949][T10811] dump_stack+0x172/0x1f0 [ 253.821970][T10811] should_fail.cold+0xa/0x15 [ 253.821990][T10811] ? find_held_lock+0x35/0x130 [ 253.838916][T10811] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 253.844739][T10811] ? ___might_sleep+0x163/0x280 00:13:15 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, 0x0) [ 253.844760][T10811] __should_failslab+0x121/0x190 [ 253.844782][T10811] should_failslab+0x9/0x14 [ 253.859151][T10811] kmem_cache_alloc+0x2b2/0x6f0 [ 253.864010][T10811] ? __put_user_ns+0x70/0x70 [ 253.864025][T10811] ? shmem_alloc_inode+0x1c/0x50 [ 253.864043][T10811] ? rcu_read_lock_sched_held+0x110/0x130 [ 253.864062][T10811] security_inode_alloc+0x39/0x160 [ 253.864080][T10811] inode_init_always+0x56e/0xb50 [ 253.889321][T10811] alloc_inode+0x83/0x190 [ 253.893672][T10811] new_inode_pseudo+0x19/0xf0 [ 253.898374][T10811] new_inode+0x1f/0x40 [ 253.902460][T10811] shmem_get_inode+0x84/0x780 [ 253.907154][T10811] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 253.913415][T10811] __shmem_file_setup.part.0+0x7e/0x2b0 [ 253.918986][T10811] shmem_file_setup+0x66/0x90 [ 253.923688][T10811] drm_gem_object_init+0x3b/0xb0 [ 253.928690][T10811] __vgem_gem_create+0x6f/0x100 [ 253.933569][T10811] vgem_gem_dumb_create+0xd7/0x260 [ 253.938786][T10811] drm_mode_create_dumb+0x288/0x310 [ 253.944001][T10811] drm_mode_create_dumb_ioctl+0x26/0x30 [ 253.949565][T10811] drm_ioctl_kernel+0x23e/0x2e0 [ 253.954440][T10811] ? drm_mode_create_dumb+0x310/0x310 [ 253.959914][T10811] ? drm_setversion+0x8c0/0x8c0 [ 253.964789][T10811] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 253.971052][T10811] ? _copy_from_user+0xdd/0x150 [ 253.975929][T10811] drm_ioctl+0x545/0xa50 [ 253.980205][T10811] ? drm_mode_create_dumb+0x310/0x310 [ 253.985877][T10811] ? drm_version+0x3d0/0x3d0 [ 253.990489][T10811] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 253.996322][T10811] ? smack_log+0x415/0x540 00:13:15 executing program 2 (fault-call:4 fault-nth:9): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) [ 254.000866][T10811] ? drm_version+0x3d0/0x3d0 [ 254.005475][T10811] do_vfs_ioctl+0xd6e/0x1390 [ 254.010112][T10811] ? ioctl_preallocate+0x210/0x210 [ 254.015235][T10811] ? smack_file_ioctl+0x196/0x310 [ 254.020283][T10811] ? smack_inode_rename+0x2d0/0x2d0 [ 254.025509][T10811] ? fput_many+0x12c/0x1a0 [ 254.029950][T10811] ? tomoyo_file_ioctl+0x23/0x30 [ 254.029969][T10811] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 254.029984][T10811] ? security_file_ioctl+0x93/0xc0 [ 254.030005][T10811] ksys_ioctl+0xab/0xd0 [ 254.041164][T10811] __x64_sys_ioctl+0x73/0xb0 00:13:15 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005421, &(0x7f0000000040)) [ 254.041181][T10811] do_syscall_64+0x103/0x610 [ 254.041199][T10811] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.041209][T10811] RIP: 0033:0x458209 [ 254.041223][T10811] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 254.041229][T10811] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 00:13:15 executing program 0 (fault-call:2 fault-nth:0): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:15 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005450, &(0x7f0000000040)) [ 254.041241][T10811] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 254.041249][T10811] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 254.041255][T10811] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 254.041262][T10811] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 254.041277][T10811] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 00:13:15 executing program 3 (fault-call:2 fault-nth:5): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 254.174423][T10911] FAULT_INJECTION: forcing a failure. [ 254.174423][T10911] name failslab, interval 1, probability 0, space 0, times 0 [ 254.232771][T10936] FAULT_INJECTION: forcing a failure. [ 254.232771][T10936] name failslab, interval 1, probability 0, space 0, times 0 [ 254.250435][T10911] CPU: 1 PID: 10911 Comm: syz-executor.0 Not tainted 5.1.0-rc1+ #33 [ 254.258452][T10911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.268518][T10911] Call Trace: [ 254.271822][T10911] dump_stack+0x172/0x1f0 [ 254.276168][T10911] should_fail.cold+0xa/0x15 [ 254.280769][T10911] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 254.286585][T10911] ? ___might_sleep+0x163/0x280 [ 254.291445][T10911] __should_failslab+0x121/0x190 [ 254.296389][T10911] should_failslab+0x9/0x14 [ 254.300893][T10911] __kmalloc+0x2dc/0x740 [ 254.305142][T10911] ? drm_ioctl+0x45c/0xa50 [ 254.309569][T10911] drm_ioctl+0x45c/0xa50 [ 254.313813][T10911] ? drm_mode_create_dumb+0x310/0x310 [ 254.319194][T10911] ? drm_version+0x3d0/0x3d0 [ 254.323786][T10911] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 254.329589][T10911] ? smack_log+0x415/0x540 [ 254.334021][T10911] ? drm_version+0x3d0/0x3d0 [ 254.338617][T10911] do_vfs_ioctl+0xd6e/0x1390 [ 254.343213][T10911] ? ioctl_preallocate+0x210/0x210 [ 254.348319][T10911] ? smack_file_ioctl+0x196/0x310 [ 254.353426][T10911] ? smack_inode_rename+0x2d0/0x2d0 [ 254.358637][T10911] ? fput_many+0x12c/0x1a0 [ 254.363080][T10911] ? tomoyo_file_ioctl+0x23/0x30 [ 254.368210][T10911] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 254.374453][T10911] ? security_file_ioctl+0x93/0xc0 [ 254.379580][T10911] ksys_ioctl+0xab/0xd0 [ 254.383736][T10911] __x64_sys_ioctl+0x73/0xb0 [ 254.388329][T10911] do_syscall_64+0x103/0x610 [ 254.392923][T10911] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.398814][T10911] RIP: 0033:0x458209 [ 254.402704][T10911] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 254.422323][T10911] RSP: 002b:00007f75e5eebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 254.422336][T10911] RAX: ffffffffffffffda RBX: 00007f75e5eebc90 RCX: 0000000000458209 [ 254.422343][T10911] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 254.422351][T10911] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 254.422357][T10911] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f75e5eec6d4 [ 254.422365][T10911] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 254.431853][T10936] CPU: 1 PID: 10936 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 254.454898][T10936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.454904][T10936] Call Trace: [ 254.454930][T10936] dump_stack+0x172/0x1f0 [ 254.454953][T10936] should_fail.cold+0xa/0x15 [ 254.471014][T10936] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 254.471035][T10936] ? ___might_sleep+0x163/0x280 [ 254.471052][T10936] __should_failslab+0x121/0x190 [ 254.471076][T10936] should_failslab+0x9/0x14 [ 254.489180][T10936] kmem_cache_alloc+0x2b2/0x6f0 [ 254.489192][T10936] ? current_time+0x6b/0x140 [ 254.489206][T10936] ? ktime_get_coarse_real_ts64+0xf0/0x2b0 [ 254.489222][T10936] ? lockdep_hardirqs_on+0x418/0x5d0 [ 254.489235][T10936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 254.489252][T10936] ? timespec64_trunc+0xf0/0x180 [ 254.496842][T10936] __d_alloc+0x2e/0x8c0 [ 254.496861][T10936] d_alloc_pseudo+0x1e/0x30 [ 254.496874][T10936] alloc_file_pseudo+0xe2/0x280 [ 254.496887][T10936] ? alloc_file+0x4d0/0x4d0 [ 254.496906][T10936] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 254.507277][T10936] __shmem_file_setup.part.0+0x108/0x2b0 [ 254.507298][T10936] shmem_file_setup+0x66/0x90 [ 254.507314][T10936] drm_gem_object_init+0x3b/0xb0 [ 254.507330][T10936] __vgem_gem_create+0x6f/0x100 [ 254.507347][T10936] vgem_gem_dumb_create+0xd7/0x260 [ 254.517112][T10936] drm_mode_create_dumb+0x288/0x310 [ 254.517133][T10936] drm_mode_create_dumb_ioctl+0x26/0x30 [ 254.517152][T10936] drm_ioctl_kernel+0x23e/0x2e0 [ 254.517169][T10936] ? drm_mode_create_dumb+0x310/0x310 [ 254.526483][T10936] ? drm_setversion+0x8c0/0x8c0 [ 254.526501][T10936] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 254.526516][T10936] ? _copy_from_user+0xdd/0x150 [ 254.526533][T10936] drm_ioctl+0x545/0xa50 [ 254.536881][T10936] ? drm_mode_create_dumb+0x310/0x310 [ 254.536900][T10936] ? drm_version+0x3d0/0x3d0 [ 254.536917][T10936] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 254.548489][T10936] ? smack_log+0x415/0x540 [ 254.548520][T10936] ? drm_version+0x3d0/0x3d0 [ 254.548536][T10936] do_vfs_ioctl+0xd6e/0x1390 [ 254.548553][T10936] ? ioctl_preallocate+0x210/0x210 [ 254.548568][T10936] ? smack_file_ioctl+0x196/0x310 [ 254.557630][T10936] ? smack_inode_rename+0x2d0/0x2d0 [ 254.557650][T10936] ? fput_many+0x12c/0x1a0 [ 254.557669][T10936] ? tomoyo_file_ioctl+0x23/0x30 [ 254.557685][T10936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 254.557698][T10936] ? security_file_ioctl+0x93/0xc0 [ 254.557715][T10936] ksys_ioctl+0xab/0xd0 [ 254.567032][T10936] __x64_sys_ioctl+0x73/0xb0 [ 254.567050][T10936] do_syscall_64+0x103/0x610 [ 254.567068][T10936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.567079][T10936] RIP: 0033:0x458209 [ 254.567096][T10936] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 254.577783][T10936] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 254.577797][T10936] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 254.577805][T10936] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 254.577813][T10936] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 00:13:16 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x10000, 0x101480) ioctl$VIDIOC_QUERYBUF(r2, 0xc0585609, &(0x7f0000000080)={0x6, 0x6, 0x4, 0x0, {0x77359400}, {0x7, 0xb, 0xffffffffffffffdf, 0xfffffffffffffb48, 0xffff, 0x5381, "d5d56221"}, 0x3f, 0x0, @planes=&(0x7f0000000040)={0x3, 0x3, @userptr=0xffffffffffff7fff, 0x80000001}, 0x4}) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:16 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:16 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005451, &(0x7f0000000040)) 00:13:16 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005450, &(0x7f0000000040)) 00:13:16 executing program 3 (fault-call:2 fault-nth:6): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:16 executing program 0 (fault-call:2 fault-nth:1): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 254.577821][T10936] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 254.577827][T10936] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 00:13:16 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005452, &(0x7f0000000040)) 00:13:16 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005451, &(0x7f0000000040)) [ 254.857243][T10952] FAULT_INJECTION: forcing a failure. [ 254.857243][T10952] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 254.870487][T10952] CPU: 0 PID: 10952 Comm: syz-executor.0 Not tainted 5.1.0-rc1+ #33 [ 254.878478][T10952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.888539][T10952] Call Trace: [ 254.891850][T10952] dump_stack+0x172/0x1f0 [ 254.896201][T10952] should_fail.cold+0xa/0x15 [ 254.900816][T10952] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 254.906642][T10952] ? __lock_acquire+0x548/0x3fb0 [ 254.911591][T10952] ? is_bpf_text_address+0xac/0x170 [ 254.916796][T10952] should_fail_alloc_page+0x50/0x60 [ 254.921978][T10952] __alloc_pages_nodemask+0x1a1/0x7e0 [ 254.927348][T10952] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 254.933065][T10952] ? find_held_lock+0x35/0x130 [ 254.937835][T10952] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 254.943652][T10952] cache_grow_begin+0x9c/0x860 [ 254.948425][T10952] ? drm_ioctl+0x45c/0xa50 [ 254.952838][T10952] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 254.959061][T10952] __kmalloc+0x67f/0x740 [ 254.963288][T10952] ? drm_ioctl+0x45c/0xa50 [ 254.967699][T10952] drm_ioctl+0x45c/0xa50 [ 254.971952][T10952] ? drm_mode_create_dumb+0x310/0x310 [ 254.977316][T10952] ? drm_version+0x3d0/0x3d0 [ 254.981894][T10952] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 254.987700][T10952] ? smack_log+0x415/0x540 [ 254.992146][T10952] ? drm_version+0x3d0/0x3d0 [ 254.996727][T10952] do_vfs_ioctl+0xd6e/0x1390 [ 255.001302][T10952] ? ioctl_preallocate+0x210/0x210 [ 255.006401][T10952] ? smack_file_ioctl+0x196/0x310 [ 255.011421][T10952] ? smack_inode_rename+0x2d0/0x2d0 [ 255.016695][T10952] ? fput_many+0x12c/0x1a0 [ 255.021117][T10952] ? tomoyo_file_ioctl+0x23/0x30 [ 255.026052][T10952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.032306][T10952] ? security_file_ioctl+0x93/0xc0 [ 255.037409][T10952] ksys_ioctl+0xab/0xd0 [ 255.041554][T10952] __x64_sys_ioctl+0x73/0xb0 [ 255.046141][T10952] do_syscall_64+0x103/0x610 [ 255.050739][T10952] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.056621][T10952] RIP: 0033:0x458209 [ 255.060507][T10952] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 255.080215][T10952] RSP: 002b:00007f75e5eebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 255.088621][T10952] RAX: ffffffffffffffda RBX: 00007f75e5eebc90 RCX: 0000000000458209 [ 255.096586][T10952] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 255.104629][T10952] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 255.112633][T10952] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f75e5eec6d4 [ 255.120598][T10952] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 00:13:16 executing program 0 (fault-call:2 fault-nth:2): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) [ 255.177580][T10962] FAULT_INJECTION: forcing a failure. [ 255.177580][T10962] name failslab, interval 1, probability 0, space 0, times 0 00:13:16 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005460, &(0x7f0000000040)) 00:13:16 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005452, &(0x7f0000000040)) [ 255.254858][T10962] CPU: 0 PID: 10962 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 255.262888][T10962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.272948][T10962] Call Trace: [ 255.276258][T10962] dump_stack+0x172/0x1f0 [ 255.280617][T10962] should_fail.cold+0xa/0x15 [ 255.285227][T10962] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 255.291057][T10962] ? ___might_sleep+0x163/0x280 [ 255.295920][T10962] __should_failslab+0x121/0x190 [ 255.295941][T10962] should_failslab+0x9/0x14 [ 255.295956][T10962] kmem_cache_alloc+0x2b2/0x6f0 [ 255.295975][T10962] __alloc_file+0x27/0x300 [ 255.295991][T10962] alloc_empty_file+0x72/0x170 [ 255.319405][T10962] alloc_file+0x5e/0x4d0 [ 255.319430][T10962] alloc_file_pseudo+0x189/0x280 [ 255.319443][T10962] ? alloc_file+0x4d0/0x4d0 [ 255.319461][T10962] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 255.319484][T10962] __shmem_file_setup.part.0+0x108/0x2b0 [ 255.319503][T10962] shmem_file_setup+0x66/0x90 [ 255.349659][T10962] drm_gem_object_init+0x3b/0xb0 00:13:17 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff40049409, &(0x7f0000000040)) [ 255.354611][T10962] __vgem_gem_create+0x6f/0x100 [ 255.359474][T10962] vgem_gem_dumb_create+0xd7/0x260 [ 255.364605][T10962] drm_mode_create_dumb+0x288/0x310 [ 255.369822][T10962] drm_mode_create_dumb_ioctl+0x26/0x30 [ 255.375383][T10962] drm_ioctl_kernel+0x23e/0x2e0 [ 255.380252][T10962] ? drm_mode_create_dumb+0x310/0x310 [ 255.385632][T10962] ? drm_setversion+0x8c0/0x8c0 [ 255.390505][T10962] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 255.396762][T10962] ? _copy_from_user+0xdd/0x150 [ 255.401625][T10962] drm_ioctl+0x545/0xa50 [ 255.405977][T10962] ? drm_mode_create_dumb+0x310/0x310 [ 255.411352][T10962] ? drm_version+0x3d0/0x3d0 [ 255.415937][T10962] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 255.421751][T10962] ? smack_log+0x415/0x540 [ 255.426193][T10962] ? drm_version+0x3d0/0x3d0 [ 255.430798][T10962] do_vfs_ioctl+0xd6e/0x1390 [ 255.435416][T10962] ? ioctl_preallocate+0x210/0x210 [ 255.440538][T10962] ? smack_file_ioctl+0x196/0x310 [ 255.445587][T10962] ? smack_inode_rename+0x2d0/0x2d0 [ 255.450889][T10962] ? fput_many+0x12c/0x1a0 [ 255.455322][T10962] ? tomoyo_file_ioctl+0x23/0x30 [ 255.460279][T10962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.466535][T10962] ? security_file_ioctl+0x93/0xc0 [ 255.471663][T10962] ksys_ioctl+0xab/0xd0 [ 255.471680][T10962] __x64_sys_ioctl+0x73/0xb0 [ 255.471699][T10962] do_syscall_64+0x103/0x610 [ 255.480591][T10962] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.480603][T10962] RIP: 0033:0x458209 00:13:17 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x400, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000040)={[{0x0, 0x4, 0x4, 0x8, 0x800, 0xffffffff, 0x6, 0x80000000, 0x3, 0x1000, 0x5, 0x7, 0x7}, {0x1200000000, 0x100000000, 0xc129, 0x3, 0xff, 0x1, 0x0, 0xfffffffffffffffc, 0x9, 0x47, 0x2, 0x20, 0x5}, {0x8, 0x5, 0x1, 0x3, 0x6, 0xffffffff, 0x8001, 0x0, 0x2, 0x112a, 0x5, 0x4, 0x101}], 0x80000000}) r2 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r2, &(0x7f0000000240)=""/117, 0x454) [ 255.480622][T10962] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 255.515266][T10962] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 255.523691][T10962] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 255.531672][T10962] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 255.539655][T10962] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 255.547637][T10962] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 00:13:17 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffff00000002, &(0x7f0000000040)) 00:13:17 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:17 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff4020940d, &(0x7f0000000040)) [ 255.555618][T10962] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 00:13:17 executing program 3 (fault-call:2 fault-nth:7): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:17 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005460, &(0x7f0000000040)) 00:13:17 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xc0045878, &(0x7f0000000040)) 00:13:17 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00000002, &(0x7f0000000040)) 00:13:17 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffff00005421, &(0x7f0000000040)) 00:13:17 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffc0045878, &(0x7f0000000040)) 00:13:17 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005421, &(0x7f0000000040)) [ 255.813943][T11212] FAULT_INJECTION: forcing a failure. [ 255.813943][T11212] name failslab, interval 1, probability 0, space 0, times 0 [ 255.826758][T11212] CPU: 1 PID: 11212 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 255.834730][T11212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.834736][T11212] Call Trace: [ 255.834760][T11212] dump_stack+0x172/0x1f0 [ 255.834779][T11212] should_fail.cold+0xa/0x15 [ 255.857005][T11212] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 255.862834][T11212] ? find_held_lock+0x35/0x130 [ 255.867611][T11212] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 255.873256][T11212] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.879501][T11212] ? should_fail+0x1de/0x852 [ 255.884104][T11212] __should_failslab+0x121/0x190 [ 255.889061][T11212] should_failslab+0x9/0x14 [ 255.893575][T11212] kmem_cache_alloc+0x47/0x6f0 [ 255.898381][T11212] radix_tree_node_alloc.constprop.0+0x1eb/0x340 [ 255.904715][T11212] idr_get_free+0x425/0x8d0 [ 255.904744][T11212] idr_alloc_u32+0x19e/0x330 [ 255.913813][T11212] ? __fprop_inc_percpu_max+0x230/0x230 [ 255.919372][T11212] ? drm_gem_handle_create+0x47/0x70 [ 255.919401][T11212] idr_alloc+0xe5/0x150 [ 255.928812][T11212] ? idr_alloc_u32+0x330/0x330 [ 255.928840][T11212] drm_gem_handle_create_tail+0x12a/0x3b0 [ 255.928859][T11212] drm_gem_handle_create+0x55/0x70 [ 255.939299][T11212] vgem_gem_dumb_create+0x10a/0x260 [ 255.939319][T11212] drm_mode_create_dumb+0x288/0x310 [ 255.939336][T11212] drm_mode_create_dumb_ioctl+0x26/0x30 [ 255.939354][T11212] drm_ioctl_kernel+0x23e/0x2e0 [ 255.965194][T11212] ? drm_mode_create_dumb+0x310/0x310 [ 255.970579][T11212] ? drm_setversion+0x8c0/0x8c0 [ 255.975451][T11212] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 255.981695][T11212] ? _copy_from_user+0xdd/0x150 [ 255.981715][T11212] drm_ioctl+0x545/0xa50 [ 255.981731][T11212] ? drm_mode_create_dumb+0x310/0x310 [ 255.981751][T11212] ? drm_version+0x3d0/0x3d0 [ 255.981764][T11212] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 255.981774][T11212] ? smack_log+0x415/0x540 00:13:17 executing program 5: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000040)={'vcan0\x00', {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}) r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xe0b2, 0x1aec}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000240)=""/117, 0x454) 00:13:17 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff40049409, &(0x7f0000000040)) 00:13:17 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffff00005450, &(0x7f0000000040)) 00:13:17 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000080)=""/117, 0xdd47872a65695a29) 00:13:17 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffff00005451, &(0x7f0000000040)) [ 255.981802][T11212] ? drm_version+0x3d0/0x3d0 [ 256.015570][T11212] do_vfs_ioctl+0xd6e/0x1390 [ 256.020189][T11212] ? ioctl_preallocate+0x210/0x210 [ 256.020205][T11212] ? smack_file_ioctl+0x196/0x310 [ 256.020219][T11212] ? smack_inode_rename+0x2d0/0x2d0 [ 256.020239][T11212] ? fput_many+0x12c/0x1a0 [ 256.020258][T11212] ? tomoyo_file_ioctl+0x23/0x30 [ 256.030373][T11212] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 256.030392][T11212] ? security_file_ioctl+0x93/0xc0 [ 256.030412][T11212] ksys_ioctl+0xab/0xd0 [ 256.030435][T11212] __x64_sys_ioctl+0x73/0xb0 [ 256.056382][T11212] do_syscall_64+0x103/0x610 [ 256.056405][T11212] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 256.056417][T11212] RIP: 0033:0x458209 [ 256.056430][T11212] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 256.056442][T11212] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 256.065172][T11212] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 256.065182][T11212] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 256.065190][T11212] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 256.065199][T11212] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 256.065208][T11212] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 00:13:17 executing program 3 (fault-call:2 fault-nth:8): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:17 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff4020940d, &(0x7f0000000040)) 00:13:17 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005450, &(0x7f0000000040)) 00:13:17 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffff00005452, &(0x7f0000000040)) 00:13:17 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffc0189436, &(0x7f0000000040)) 00:13:17 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffc020660b, &(0x7f0000000040)) 00:13:17 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005451, &(0x7f0000000040)) [ 256.322719][T11453] FAULT_INJECTION: forcing a failure. [ 256.322719][T11453] name failslab, interval 1, probability 0, space 0, times 0 [ 256.335469][T11453] CPU: 0 PID: 11453 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 256.343455][T11453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.353521][T11453] Call Trace: [ 256.356827][T11453] dump_stack+0x172/0x1f0 [ 256.361176][T11453] should_fail.cold+0xa/0x15 [ 256.365786][T11453] ? fault_create_debugfs_attr+0x1e0/0x1e0 00:13:18 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffff00005460, &(0x7f0000000040)) 00:13:18 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fsetxattr$security_smack_entry(r1, &(0x7f0000000000)='security.SMACK64MMAP\x00', &(0x7f0000000040)=',[\\\x00', 0x4, 0x0) r2 = socket(0xa, 0x3, 0x9) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f00000004c0)={0x0, 0x80000000}, 0x8) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) 00:13:18 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xc0045878, &(0x7f0000000040)) [ 256.371603][T11453] ? find_held_lock+0x35/0x130 [ 256.376390][T11453] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 256.382039][T11453] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 256.388293][T11453] ? should_fail+0x1de/0x852 [ 256.392909][T11453] __should_failslab+0x121/0x190 [ 256.397862][T11453] should_failslab+0x9/0x14 [ 256.402376][T11453] kmem_cache_alloc+0x47/0x6f0 [ 256.407166][T11453] radix_tree_node_alloc.constprop.0+0x1eb/0x340 [ 256.413544][T11453] idr_get_free+0x425/0x8d0 [ 256.418063][T11453] idr_alloc_u32+0x19e/0x330 [ 256.418084][T11453] ? __fprop_inc_percpu_max+0x230/0x230 [ 256.418100][T11453] ? drm_gem_handle_create+0x47/0x70 [ 256.418120][T11453] idr_alloc+0xe5/0x150 [ 256.418135][T11453] ? idr_alloc_u32+0x330/0x330 [ 256.418156][T11453] drm_gem_handle_create_tail+0x12a/0x3b0 [ 256.418174][T11453] drm_gem_handle_create+0x55/0x70 [ 256.418189][T11453] vgem_gem_dumb_create+0x10a/0x260 [ 256.418208][T11453] drm_mode_create_dumb+0x288/0x310 [ 256.418226][T11453] drm_mode_create_dumb_ioctl+0x26/0x30 [ 256.418241][T11453] drm_ioctl_kernel+0x23e/0x2e0 [ 256.418259][T11453] ? drm_mode_create_dumb+0x310/0x310 [ 256.453458][T11453] ? drm_setversion+0x8c0/0x8c0 [ 256.453478][T11453] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 256.453500][T11453] ? _copy_from_user+0xdd/0x150 [ 256.474266][T11453] drm_ioctl+0x545/0xa50 [ 256.499758][T11453] ? drm_mode_create_dumb+0x310/0x310 [ 256.505153][T11453] ? drm_version+0x3d0/0x3d0 [ 256.509753][T11453] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 256.515575][T11453] ? smack_log+0x415/0x540 00:13:18 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005452, &(0x7f0000000040)) [ 256.520009][T11453] ? drm_version+0x3d0/0x3d0 [ 256.520029][T11453] do_vfs_ioctl+0xd6e/0x1390 [ 256.520047][T11453] ? ioctl_preallocate+0x210/0x210 [ 256.534378][T11453] ? smack_file_ioctl+0x196/0x310 [ 256.534394][T11453] ? smack_inode_rename+0x2d0/0x2d0 [ 256.534415][T11453] ? fput_many+0x12c/0x1a0 [ 256.534435][T11453] ? tomoyo_file_ioctl+0x23/0x30 [ 256.554143][T11453] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 256.560402][T11453] ? security_file_ioctl+0x93/0xc0 [ 256.565528][T11453] ksys_ioctl+0xab/0xd0 [ 256.569698][T11453] __x64_sys_ioctl+0x73/0xb0 [ 256.574304][T11453] do_syscall_64+0x103/0x610 [ 256.579012][T11453] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 256.584908][T11453] RIP: 0033:0x458209 [ 256.588819][T11453] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 256.608706][T11453] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 00:13:18 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r2, &(0x7f0000000240)=""/117, 0x454) r3 = dup(r1) getsockopt$netrom_NETROM_N2(r3, 0x103, 0x3, &(0x7f0000000180)=0x8, &(0x7f00000001c0)=0x4) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x101040, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000040)={0x53c3, 0x75aa5ed5, 0x8, 0xbe0, 0x1, 0xa7, 0x4, 0x4, 0x0}, &(0x7f0000000080)=0x20) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f00000000c0)={r5, 0x63, "0f9205eb0ef4d569169a3ec8e8b0afc4f234dc8e8015176542130eed1d88f7e634504b559b6f71ad358a32f5c5f781b9bf6d841a1ba4405e2a61af3942ef438852938a3441e602dbfb8f347353c7983e27cb61703f7252ef8250a71ac554e286476e4f"}, &(0x7f0000000140)=0x6b) [ 256.617137][T11453] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 256.625119][T11453] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 256.633105][T11453] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 256.641092][T11453] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 256.649075][T11453] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 00:13:18 executing program 3 (fault-call:2 fault-nth:9): ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) 00:13:18 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffff40049409, &(0x7f0000000040)) 00:13:18 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff00005460, &(0x7f0000000040)) 00:13:18 executing program 4: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffc0045878, &(0x7f0000000040)) 00:13:18 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffc9, &(0x7f0000000040)) 00:13:18 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xffffffff4020940d, &(0x7f0000000040)) 00:13:18 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff40049409, &(0x7f0000000040)) 00:13:18 executing program 1: accept$unix(0xffffffffffffff9c, &(0x7f0000000040)=@abs, &(0x7f0000000000)=0xfffffffffffffff5) r0 = socket$bt_bnep(0x1f, 0x3, 0x4) ioctl(r0, 0xfffffffffffffbb2, &(0x7f0000000200)="b9bc5c450fcf0d5354314e3bb12869be5e28a982c49e985c41525a8ba720c06a") [ 256.881844][T11683] FAULT_INJECTION: forcing a failure. [ 256.881844][T11683] name failslab, interval 1, probability 0, space 0, times 0 00:13:18 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000100)={{{@in=@remote, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6}}, &(0x7f0000000000)=0xe8) ioprio_set$uid(0x3, r2, 0x4) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/\xc1\xa2\x1cU\xce\x1b\xff\a\x00\x00+nipv4/vs/c\xab*;\xcfy\xb5u\xfe6S\xb0w7\x96', 0x2, 0x0) connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @local}, 0x10) accept$packet(r3, &(0x7f0000000040), &(0x7f00000002c0)=0x14) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r1, &(0x7f0000000240)=""/117, 0x454) [ 256.922803][T11683] CPU: 0 PID: 11683 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 256.930837][T11683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.940891][T11683] Call Trace: [ 256.940917][T11683] dump_stack+0x172/0x1f0 [ 256.940941][T11683] should_fail.cold+0xa/0x15 [ 256.953131][T11683] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 256.958945][T11683] ? ___might_sleep+0x163/0x280 [ 256.958967][T11683] __should_failslab+0x121/0x190 [ 256.958983][T11683] should_failslab+0x9/0x14 [ 256.958998][T11683] kmem_cache_alloc_trace+0x2d1/0x760 [ 256.959018][T11683] ? wait_for_completion+0x440/0x440 [ 256.959036][T11683] drm_vma_node_allow+0x52/0x2f0 [ 256.959054][T11683] drm_gem_handle_create_tail+0x194/0x3b0 [ 256.959072][T11683] drm_gem_handle_create+0x55/0x70 [ 256.979735][T11683] vgem_gem_dumb_create+0x10a/0x260 [ 256.979754][T11683] drm_mode_create_dumb+0x288/0x310 [ 256.979773][T11683] drm_mode_create_dumb_ioctl+0x26/0x30 [ 257.000771][T11683] drm_ioctl_kernel+0x23e/0x2e0 [ 257.021522][T11683] ? drm_mode_create_dumb+0x310/0x310 [ 257.026918][T11683] ? drm_setversion+0x8c0/0x8c0 [ 257.026939][T11683] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 257.026954][T11683] ? _copy_from_user+0xdd/0x150 [ 257.026968][T11683] drm_ioctl+0x545/0xa50 [ 257.026982][T11683] ? drm_mode_create_dumb+0x310/0x310 [ 257.027000][T11683] ? drm_version+0x3d0/0x3d0 [ 257.027013][T11683] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 257.027025][T11683] ? smack_log+0x415/0x540 [ 257.027054][T11683] ? drm_version+0x3d0/0x3d0 00:13:18 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0acc1f123c123f3188b070") ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x9, 0x2, 0x4}) r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r1, 0xc0045878, &(0x7f0000000040)) [ 257.027071][T11683] do_vfs_ioctl+0xd6e/0x1390 [ 257.027088][T11683] ? ioctl_preallocate+0x210/0x210 [ 257.027104][T11683] ? smack_file_ioctl+0x196/0x310 [ 257.052714][T11683] ? smack_inode_rename+0x2d0/0x2d0 [ 257.052737][T11683] ? fput_many+0x12c/0x1a0 [ 257.052756][T11683] ? tomoyo_file_ioctl+0x23/0x30 [ 257.101418][T11683] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 257.107673][T11683] ? security_file_ioctl+0x93/0xc0 [ 257.107691][T11683] ksys_ioctl+0xab/0xd0 [ 257.107707][T11683] __x64_sys_ioctl+0x73/0xb0 [ 257.107724][T11683] do_syscall_64+0x103/0x610 [ 257.107743][T11683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.107754][T11683] RIP: 0033:0x458209 [ 257.107768][T11683] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 257.107775][T11683] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 257.107789][T11683] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 00:13:18 executing program 0: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x0, 0x2}) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffff4020940d, &(0x7f0000000040)) 00:13:18 executing program 1: r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x5d, 0x8c7f) ioctl(r0, 0xffffffffffffffb2, &(0x7f0000000040)) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x680001, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r1, 0x0, 0x483, &(0x7f0000000080)={0xff, @empty, 0x4e21, 0x4, 'rr\x00', 0x0, 0x3f, 0x4d}, 0x2c) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r1, 0x111, 0x1, 0x7b, 0xffffff3f) accept4$ax25(r1, &(0x7f00000000c0)={{}, [@bcast, @null, @netrom, @null, @default, @null, @rose, @bcast]}, &(0x7f0000000140)=0x48, 0x80800) [ 257.107802][T11683] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 257.135945][T11683] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 257.135954][T11683] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 257.135962][T11683] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 257.191299][T11683] ================================================================== [ 257.212586][T11683] BUG: KASAN: use-after-free in drm_gem_object_release+0xf1/0x110 [ 257.220403][T11683] Read of size 8 at addr ffff88809a0ff890 by task syz-executor.3/11683 [ 257.228644][T11683] [ 257.230985][T11683] CPU: 0 PID: 11683 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #33 [ 257.238959][T11683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.249017][T11683] Call Trace: [ 257.252319][T11683] dump_stack+0x172/0x1f0 [ 257.256662][T11683] ? drm_gem_object_release+0xf1/0x110 [ 257.262135][T11683] print_address_description.cold+0x7c/0x20d [ 257.268130][T11683] ? drm_gem_object_release+0xf1/0x110 [ 257.273601][T11683] ? drm_gem_object_release+0xf1/0x110 [ 257.279164][T11683] kasan_report.cold+0x1b/0x40 [ 257.283947][T11683] ? vgem_prime_import+0x30/0x60 [ 257.288899][T11683] ? drm_gem_object_release+0xf1/0x110 [ 257.294378][T11683] __asan_report_load8_noabort+0x14/0x20 [ 257.300027][T11683] drm_gem_object_release+0xf1/0x110 [ 257.305328][T11683] vgem_gem_dumb_create+0x205/0x260 [ 257.310548][T11683] drm_mode_create_dumb+0x288/0x310 [ 257.315755][T11683] drm_mode_create_dumb_ioctl+0x26/0x30 [ 257.315773][T11683] drm_ioctl_kernel+0x23e/0x2e0 [ 257.315788][T11683] ? drm_mode_create_dumb+0x310/0x310 [ 257.315803][T11683] ? drm_setversion+0x8c0/0x8c0 [ 257.315820][T11683] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 257.315836][T11683] ? _copy_from_user+0xdd/0x150 [ 257.315851][T11683] drm_ioctl+0x545/0xa50 [ 257.315864][T11683] ? drm_mode_create_dumb+0x310/0x310 [ 257.315884][T11683] ? drm_version+0x3d0/0x3d0 [ 257.315897][T11683] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 257.315907][T11683] ? smack_log+0x415/0x540 [ 257.315935][T11683] ? drm_version+0x3d0/0x3d0 [ 257.326296][T11683] do_vfs_ioctl+0xd6e/0x1390 [ 257.326318][T11683] ? ioctl_preallocate+0x210/0x210 [ 257.326331][T11683] ? smack_file_ioctl+0x196/0x310 [ 257.326343][T11683] ? smack_inode_rename+0x2d0/0x2d0 [ 257.326362][T11683] ? fput_many+0x12c/0x1a0 [ 257.326381][T11683] ? tomoyo_file_ioctl+0x23/0x30 [ 257.326396][T11683] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 257.326416][T11683] ? security_file_ioctl+0x93/0xc0 [ 257.326434][T11683] ksys_ioctl+0xab/0xd0 [ 257.342901][T11683] __x64_sys_ioctl+0x73/0xb0 [ 257.342920][T11683] do_syscall_64+0x103/0x610 [ 257.342938][T11683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.342954][T11683] RIP: 0033:0x458209 [ 257.367731][T11683] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 257.367740][T11683] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 257.367755][T11683] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 257.367764][T11683] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 257.367773][T11683] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 257.367782][T11683] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 257.367790][T11683] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 257.367808][T11683] [ 257.367815][T11683] Allocated by task 11683: [ 257.367835][T11683] save_stack+0x45/0xd0 [ 257.367848][T11683] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 257.367860][T11683] kasan_kmalloc+0x9/0x10 [ 257.367874][T11683] kmem_cache_alloc_trace+0x151/0x760 [ 257.367887][T11683] __vgem_gem_create+0x49/0x100 [ 257.367898][T11683] vgem_gem_dumb_create+0xd7/0x260 [ 257.367916][T11683] drm_mode_create_dumb+0x288/0x310 [ 257.382600][ T3876] kobject: 'loop4' (00000000bd0c67ed): kobject_uevent_env [ 257.386564][T11683] drm_mode_create_dumb_ioctl+0x26/0x30 [ 257.386578][T11683] drm_ioctl_kernel+0x23e/0x2e0 [ 257.386590][T11683] drm_ioctl+0x545/0xa50 [ 257.386603][T11683] do_vfs_ioctl+0xd6e/0x1390 [ 257.386615][T11683] ksys_ioctl+0xab/0xd0 [ 257.386628][T11683] __x64_sys_ioctl+0x73/0xb0 [ 257.386642][T11683] do_syscall_64+0x103/0x610 [ 257.386655][T11683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.386660][T11683] [ 257.386665][T11683] Freed by task 11683: [ 257.386680][T11683] save_stack+0x45/0xd0 [ 257.386692][T11683] __kasan_slab_free+0x102/0x150 [ 257.386704][T11683] kasan_slab_free+0xe/0x10 [ 257.386715][T11683] kfree+0xcf/0x230 [ 257.386728][T11683] vgem_gem_free_object+0xbe/0xe0 [ 257.386739][T11683] drm_gem_object_free+0x108/0x260 [ 257.386749][T11683] drm_gem_object_put_unlocked+0x129/0x170 [ 257.386760][T11683] vgem_gem_dumb_create+0x115/0x260 [ 257.386772][T11683] drm_mode_create_dumb+0x288/0x310 [ 257.386784][T11683] drm_mode_create_dumb_ioctl+0x26/0x30 [ 257.386794][T11683] drm_ioctl_kernel+0x23e/0x2e0 [ 257.386805][T11683] drm_ioctl+0x545/0xa50 [ 257.386816][T11683] do_vfs_ioctl+0xd6e/0x1390 [ 257.386827][T11683] ksys_ioctl+0xab/0xd0 [ 257.386838][T11683] __x64_sys_ioctl+0x73/0xb0 [ 257.386855][T11683] do_syscall_64+0x103/0x610 [ 257.398430][ T3876] kobject: 'loop4' (00000000bd0c67ed): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 257.401467][T11683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.401472][T11683] [ 257.401483][T11683] The buggy address belongs to the object at ffff88809a0ff780 [ 257.401483][T11683] which belongs to the cache kmalloc-512 of size 512 [ 257.401495][T11683] The buggy address is located 272 bytes inside of [ 257.401495][T11683] 512-byte region [ffff88809a0ff780, ffff88809a0ff980) [ 257.401500][T11683] The buggy address belongs to the page: [ 257.401512][T11683] page:ffffea0002683fc0 count:1 mapcount:0 mapping:ffff88812c3f0940 index:0x0 [ 257.472231][ T3876] kobject: 'loop1' (00000000f2151dd6): kobject_uevent_env [ 257.476857][T11683] flags: 0x1fffc0000000200(slab) [ 257.476875][T11683] raw: 01fffc0000000200 ffffea0002402b08 ffffea00023b3948 ffff88812c3f0940 [ 257.476888][T11683] raw: 0000000000000000 ffff88809a0ff000 0000000100000006 0000000000000000 [ 257.476894][T11683] page dumped because: kasan: bad access detected [ 257.476898][T11683] [ 257.476902][T11683] Memory state around the buggy address: [ 257.476912][T11683] ffff88809a0ff780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 257.476921][T11683] ffff88809a0ff800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 257.476931][T11683] >ffff88809a0ff880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 257.476936][T11683] ^ [ 257.476947][T11683] ffff88809a0ff900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 257.476957][T11683] ffff88809a0ff980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 257.476962][T11683] ================================================================== [ 257.476967][T11683] Disabling lock debugging due to kernel taint [ 257.484856][T11683] Kernel panic - not syncing: panic_on_warn set ... [ 257.520989][ T3876] kobject: 'loop1' (00000000f2151dd6): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 257.525462][T11683] CPU: 0 PID: 11683 Comm: syz-executor.3 Tainted: G B 5.1.0-rc1+ #33 [ 257.525469][T11683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.525474][T11683] Call Trace: [ 257.525494][T11683] dump_stack+0x172/0x1f0 [ 257.525588][T11683] panic+0x2cb/0x65c [ 257.554089][ T3876] kobject: 'loop0' (0000000095c0ba2b): kobject_uevent_env [ 257.557388][T11683] ? __warn_printk+0xf3/0xf3 [ 257.557408][T11683] ? drm_gem_object_release+0xf1/0x110 [ 257.557423][T11683] ? preempt_schedule+0x4b/0x60 [ 257.557436][T11683] ? ___preempt_schedule+0x16/0x18 [ 257.557543][T11683] ? trace_hardirqs_on+0x5e/0x230 [ 257.563138][ T3876] kobject: 'loop0' (0000000095c0ba2b): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 257.567818][T11683] ? drm_gem_object_release+0xf1/0x110 [ 257.567831][T11683] end_report+0x47/0x4f [ 257.567842][T11683] ? drm_gem_object_release+0xf1/0x110 [ 257.567851][T11683] kasan_report.cold+0xe/0x40 [ 257.567866][T11683] ? vgem_prime_import+0x30/0x60 [ 257.567876][T11683] ? drm_gem_object_release+0xf1/0x110 [ 257.567891][T11683] __asan_report_load8_noabort+0x14/0x20 [ 257.567902][T11683] drm_gem_object_release+0xf1/0x110 [ 257.567919][T11683] vgem_gem_dumb_create+0x205/0x260 [ 257.601365][ T3876] kobject: 'loop2' (000000004d6d2cc8): kobject_uevent_env [ 257.602264][T11683] drm_mode_create_dumb+0x288/0x310 [ 257.602283][T11683] drm_mode_create_dumb_ioctl+0x26/0x30 [ 257.608569][ T3876] kobject: 'loop2' (000000004d6d2cc8): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 257.611342][T11683] drm_ioctl_kernel+0x23e/0x2e0 [ 257.611361][T11683] ? drm_mode_create_dumb+0x310/0x310 [ 258.026248][T11683] ? drm_setversion+0x8c0/0x8c0 [ 258.031094][T11683] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 258.037317][T11683] ? _copy_from_user+0xdd/0x150 [ 258.042145][T11683] drm_ioctl+0x545/0xa50 [ 258.046394][T11683] ? drm_mode_create_dumb+0x310/0x310 [ 258.051780][T11683] ? drm_version+0x3d0/0x3d0 [ 258.056368][T11683] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 258.062159][T11683] ? smack_log+0x415/0x540 [ 258.066572][T11683] ? drm_version+0x3d0/0x3d0 [ 258.071152][T11683] do_vfs_ioctl+0xd6e/0x1390 [ 258.075729][T11683] ? ioctl_preallocate+0x210/0x210 [ 258.080820][T11683] ? smack_file_ioctl+0x196/0x310 [ 258.085850][T11683] ? smack_inode_rename+0x2d0/0x2d0 [ 258.091040][T11683] ? fput_many+0x12c/0x1a0 [ 258.095439][T11683] ? tomoyo_file_ioctl+0x23/0x30 [ 258.100361][T11683] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 258.106590][T11683] ? security_file_ioctl+0x93/0xc0 [ 258.111706][T11683] ksys_ioctl+0xab/0xd0 [ 258.115846][T11683] __x64_sys_ioctl+0x73/0xb0 [ 258.120421][T11683] do_syscall_64+0x103/0x610 [ 258.124997][T11683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.130873][T11683] RIP: 0033:0x458209 [ 258.134773][T11683] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 258.154386][T11683] RSP: 002b:00007f43d0faec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 258.162800][T11683] RAX: ffffffffffffffda RBX: 00007f43d0faec90 RCX: 0000000000458209 [ 258.170752][T11683] RDX: 0000000020000040 RSI: ffffffffffffffb2 RDI: 0000000000000003 [ 258.178701][T11683] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 258.186670][T11683] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43d0faf6d4 [ 258.194628][T11683] R13: 00000000004bf379 R14: 00000000004d0d48 R15: 0000000000000004 [ 258.203764][T11683] Kernel Offset: disabled [ 258.208109][T11683] Rebooting in 86400 seconds..