099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:00 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3040.055835] FAULT_INJECTION: forcing a failure. [ 3040.055835] name failslab, interval 1, probability 0, space 0, times 0 [ 3040.067280] CPU: 1 PID: 8000 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3040.074564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3040.083923] Call Trace: [ 3040.086529] dump_stack+0x1c9/0x2b4 [ 3040.090179] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3040.095399] should_fail.cold.4+0xa/0x1a [ 3040.099839] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3040.104963] ? kasan_kmalloc+0xc4/0xe0 [ 3040.108867] ? kasan_slab_alloc+0x12/0x20 [ 3040.113029] ? kmem_cache_alloc+0x12e/0x760 [ 3040.117362] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 3040.122219] ? kvm_mmu_load+0x21/0x10e0 [ 3040.126210] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3040.130720] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3040.135751] ? graph_lock+0x170/0x170 [ 3040.139568] ? do_syscall_64+0x1b9/0x820 [ 3040.143643] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3040.149025] ? find_held_lock+0x36/0x1c0 [ 3040.153108] ? __lock_is_held+0xb5/0x140 [ 3040.157196] ? check_same_owner+0x340/0x340 [ 3040.161536] ? rcu_note_context_switch+0x730/0x730 [ 3040.166483] __should_failslab+0x124/0x180 [ 3040.170731] should_failslab+0x9/0x14 [ 3040.174546] kmem_cache_alloc+0x2af/0x760 [ 3040.178714] ? lock_acquire+0x1e4/0x540 [ 3040.182709] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 3040.185314] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3040.187563] mmu_topup_memory_caches+0xf7/0x3a0 [ 3040.187588] kvm_mmu_load+0x21/0x10e0 14:36:00 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:00 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29040000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3040.187615] vcpu_enter_guest+0x3aa6/0x6090 [ 3040.187632] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3040.187647] ? __lock_is_held+0xb5/0x140 [ 3040.187670] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3040.220728] ? vmx_vcpu_load+0xadf/0xff0 [ 3040.224805] ? __lock_is_held+0xb5/0x140 [ 3040.228878] ? __account_cfs_rq_runtime+0x770/0x770 [ 3040.233908] ? vmx_vcpu_reset+0x1040/0x1040 [ 3040.236764] device lo left promiscuous mode [ 3040.238278] ? graph_lock+0x170/0x170 [ 3040.238299] ? __lock_acquire+0x7fc/0x5020 [ 3040.238325] ? __lock_is_held+0xb5/0x140 [ 3040.238345] ? lock_acquire+0x1e4/0x540 [ 3040.258685] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3040.263738] ? lock_release+0xa30/0xa30 [ 3040.267728] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3040.273020] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3040.277526] ? preempt_notifier_dec+0x20/0x20 [ 3040.278431] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3040.282038] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3040.282053] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3040.282079] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3040.282098] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3040.282116] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 3040.282131] ? trace_hardirqs_on+0xd/0x10 [ 3040.282146] ? find_held_lock+0x36/0x1c0 [ 3040.282168] ? lock_downgrade+0x8f0/0x8f0 [ 3040.333487] ? kasan_check_read+0x11/0x20 [ 3040.337643] ? rcu_is_watching+0x8c/0x150 [ 3040.341800] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3040.346231] ? __fget+0x414/0x670 [ 3040.349702] ? expand_files.part.8+0x9c0/0x9c0 [ 3040.354292] ? kasan_check_write+0x14/0x20 [ 3040.358533] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3040.363481] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3040.369200] do_vfs_ioctl+0x1de/0x1720 [ 3040.373104] ? ioctl_preallocate+0x300/0x300 [ 3040.377518] ? __fget_light+0x2f7/0x440 [ 3040.381503] ? __schedule+0x1ed0/0x1ed0 [ 3040.385488] ? fget_raw+0x20/0x20 [ 3040.388953] ? __sb_end_write+0xac/0xe0 [ 3040.392940] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3040.398489] ? exit_to_usermode_loop+0x8c/0x370 [ 3040.403173] ? security_file_ioctl+0x94/0xc0 [ 3040.407598] ksys_ioctl+0xa9/0xd0 [ 3040.411069] __x64_sys_ioctl+0x73/0xb0 [ 3040.414965] do_syscall_64+0x1b9/0x820 [ 3040.418863] ? syscall_slow_exit_work+0x500/0x500 [ 3040.423718] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3040.428663] ? syscall_return_slowpath+0x31d/0x5e0 [ 3040.433606] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3040.438985] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3040.443849] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3040.449047] RIP: 0033:0x455ab9 [ 3040.452238] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3040.471603] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3040.479330] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3040.486601] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3040.493874] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3040.501152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3040.508428] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000026 14:36:00 executing program 2 (fault-call:7 fault-nth:39): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:00 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000f0ffffffffffff00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:00 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000fd00", 0xfff}) 14:36:00 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f9], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:00 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc3ffffff00000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:00 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000000)={0x0, 0x3}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f00000000c0)={r1, 0x140000000000000, 0x6}, 0x8) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:00 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:00 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x0, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:01 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:01 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000000240)='/dev/snd/pcmC#D#c\x00', 0x961, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000280)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000", @ANYPTR=&(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000df00000000000000000000000000000000000000000000"], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x88) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x2, 0x100b}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f00000001c0)={0xb, 0x10, 0xfa00, {&(0x7f00000000c0), r1, 0x1f}}, 0x18) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r2, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3040.809627] FAULT_INJECTION: forcing a failure. [ 3040.809627] name failslab, interval 1, probability 0, space 0, times 0 [ 3040.819114] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3040.821087] CPU: 1 PID: 8054 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3040.835550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3040.839938] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:01 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000), 0x18, 0x0) 14:36:01 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:01 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3040.844904] Call Trace: [ 3040.844929] dump_stack+0x1c9/0x2b4 [ 3040.844948] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3040.844976] should_fail.cold.4+0xa/0x1a [ 3040.844996] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3040.845014] ? kasan_kmalloc+0xc4/0xe0 [ 3040.845029] ? kasan_slab_alloc+0x12/0x20 [ 3040.845041] ? kmem_cache_alloc+0x12e/0x760 [ 3040.845060] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 3040.897089] ? kvm_mmu_load+0x21/0x10e0 [ 3040.901073] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3040.905583] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3040.910619] ? graph_lock+0x170/0x170 [ 3040.914431] ? do_syscall_64+0x1b9/0x820 [ 3040.918503] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3040.923885] ? find_held_lock+0x36/0x1c0 [ 3040.927966] ? __lock_is_held+0xb5/0x140 [ 3040.932049] ? check_same_owner+0x340/0x340 [ 3040.936386] ? rcu_note_context_switch+0x730/0x730 [ 3040.941324] __should_failslab+0x124/0x180 [ 3040.945567] should_failslab+0x9/0x14 [ 3040.949379] kmem_cache_alloc+0x2af/0x760 [ 3040.953543] ? mmu_topup_memory_caches+0xf7/0x3a0 14:36:01 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:01 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3040.958399] mmu_topup_memory_caches+0xf7/0x3a0 [ 3040.963085] kvm_mmu_load+0x21/0x10e0 [ 3040.966911] vcpu_enter_guest+0x3aa6/0x6090 [ 3040.971242] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3040.975492] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3040.980183] ? vmx_vcpu_load+0xadf/0xff0 [ 3040.984249] ? __lock_acquire+0x7fc/0x5020 [ 3040.988486] ? vmx_vcpu_reset+0x1040/0x1040 [ 3040.992812] ? graph_lock+0x170/0x170 [ 3040.996624] ? __lock_acquire+0x7fc/0x5020 [ 3041.000876] ? __lock_is_held+0xb5/0x140 [ 3041.004952] ? lock_acquire+0x1e4/0x540 [ 3041.008932] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3041.013962] ? lock_release+0xa30/0xa30 [ 3041.017952] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3041.023243] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3041.027748] ? preempt_notifier_dec+0x20/0x20 [ 3041.032264] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3041.037131] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3041.042191] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3041.046274] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3041.052002] ? find_held_lock+0x36/0x1c0 [ 3041.056099] ? find_held_lock+0x36/0x1c0 [ 3041.060191] ? lock_downgrade+0x8f0/0x8f0 [ 3041.064529] ? kasan_check_read+0x11/0x20 [ 3041.068686] ? rcu_is_watching+0x8c/0x150 [ 3041.072874] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3041.075581] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3041.077293] ? __fget+0x414/0x670 [ 3041.077315] ? find_held_lock+0x11/0x1c0 [ 3041.077332] ? expand_files.part.8+0x9c0/0x9c0 [ 3041.077351] ? kasan_check_write+0x14/0x20 [ 3041.077367] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3041.077390] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3041.118675] do_vfs_ioctl+0x1de/0x1720 [ 3041.122577] ? __lock_is_held+0xb5/0x140 [ 3041.126656] ? ioctl_preallocate+0x300/0x300 [ 3041.131074] ? __fget_light+0x2f7/0x440 [ 3041.135059] ? fget_raw+0x20/0x20 [ 3041.138527] ? __sb_end_write+0xac/0xe0 [ 3041.142518] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3041.148065] ? fput+0x130/0x1a0 [ 3041.151351] ? ksys_write+0x1ae/0x260 [ 3041.155173] ? security_file_ioctl+0x94/0xc0 [ 3041.159605] ksys_ioctl+0xa9/0xd0 [ 3041.163070] __x64_sys_ioctl+0x73/0xb0 [ 3041.167055] do_syscall_64+0x1b9/0x820 [ 3041.170951] ? syscall_slow_exit_work+0x500/0x500 [ 3041.175805] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3041.180743] ? syscall_return_slowpath+0x31d/0x5e0 [ 3041.185694] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3041.191078] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3041.195946] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3041.201141] RIP: 0033:0x455ab9 [ 3041.204345] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3041.223688] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3041.231412] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3041.238692] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3041.245969] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3041.253239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3041.260525] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000027 14:36:01 executing program 2 (fault-call:7 fault-nth:40): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:01 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f0000000000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x2, 0x0) 14:36:01 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:01 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:01 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff8d], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:01 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000feffffff00", 0xfff}) 14:36:01 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x0, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:01 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000600"}}}]}, 0x138}, 0x1}, 0x0) 14:36:01 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:01 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)="6e65742f77229878453f00d88eb5664924bed394acd38c06f97e1289008b0a59bdbd725b37399a99657aa8ca452cf7a2897e6225f433c741ea21d7b3fcb90cc029a74423b84ad85810a750132c625ce1993f773aee945631fb29ca06a98cc4fde764308466aea2b6690119857381badf1b7932aff49cd4e91f6e14b08b4a74089d02fe3aa3ebf908870700ae21efa1a2d5f35256cdb1af87b10aff97d076f01d47f8e8155da63db2362e1fd5e9a84c707844a2a968993bdc7c8f45a02e147831024cf00d223169f0a3f5a57ff8ba46227493f5f75e4271483d476d7437269b9c5fd4f2fb7909b0dc2840eb47683872") preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f0000000000)=""/26) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f00000000c0)=0x40) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000040)={{0xc657f7fdc1c23de7, @remote={0xac, 0x14, 0x14, 0xbb}, 0x4e20, 0x1, 'sed\x00', 0xa, 0x38, 0x4a}, {@empty, 0x4e20, 0x2, 0x0, 0x1ff, 0x8000}}, 0x44) [ 3041.484430] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:01 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000000000000fe", 0xfff}) 14:36:01 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3041.591020] FAULT_INJECTION: forcing a failure. [ 3041.591020] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3041.603061] CPU: 1 PID: 8102 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3041.610346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3041.619711] Call Trace: [ 3041.622315] dump_stack+0x1c9/0x2b4 [ 3041.625966] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3041.631174] ? lock_downgrade+0x8f0/0x8f0 [ 3041.635347] should_fail.cold.4+0xa/0x1a 14:36:02 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000000fffffff5", 0xfff}) 14:36:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000000000f00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:02 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f00000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3041.639427] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3041.644541] ? graph_lock+0x170/0x170 [ 3041.648352] ? is_bpf_text_address+0xd7/0x170 [ 3041.652862] ? find_held_lock+0x36/0x1c0 [ 3041.656944] ? __lock_is_held+0xb5/0x140 [ 3041.661033] ? check_same_owner+0x340/0x340 [ 3041.665371] ? save_stack+0x43/0xd0 [ 3041.669012] ? kasan_kmalloc+0xc4/0xe0 [ 3041.672914] ? rcu_note_context_switch+0x730/0x730 [ 3041.677865] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3041.682393] __alloc_pages_nodemask+0x36e/0xdb0 [ 3041.687078] ? lock_downgrade+0x8f0/0x8f0 [ 3041.691254] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3041.696287] ? graph_lock+0x170/0x170 [ 3041.700103] ? __lock_is_held+0xb5/0x140 [ 3041.704182] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3041.708620] ? __lock_is_held+0xb5/0x140 [ 3041.712714] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3041.718280] alloc_pages_current+0x10c/0x210 [ 3041.722717] __get_free_pages+0xf/0x40 [ 3041.726629] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3041.731400] kvm_mmu_load+0x21/0x10e0 [ 3041.735216] vcpu_enter_guest+0x3aa6/0x6090 14:36:02 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x68000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3041.739560] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3041.743822] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3041.748511] ? vmx_vcpu_load+0xadf/0xff0 [ 3041.752589] ? __lock_acquire+0x7fc/0x5020 [ 3041.756835] ? vmx_vcpu_reset+0x1040/0x1040 [ 3041.761170] ? graph_lock+0x170/0x170 [ 3041.765023] ? __lock_acquire+0x7fc/0x5020 [ 3041.769276] ? __lock_is_held+0xb5/0x140 [ 3041.773346] ? lock_acquire+0x1e4/0x540 [ 3041.777329] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3041.782360] ? lock_release+0xa30/0xa30 [ 3041.786344] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3041.791635] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3041.796140] ? preempt_notifier_dec+0x20/0x20 [ 3041.800657] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3041.805511] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3041.810549] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3041.814708] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3041.820431] ? find_held_lock+0x36/0x1c0 [ 3041.824509] ? find_held_lock+0x36/0x1c0 [ 3041.828590] ? lock_downgrade+0x8f0/0x8f0 [ 3041.833978] ? kasan_check_read+0x11/0x20 [ 3041.838140] ? rcu_is_watching+0x8c/0x150 [ 3041.842298] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3041.846727] ? __fget+0x414/0x670 [ 3041.850191] ? find_held_lock+0x11/0x1c0 [ 3041.854260] ? expand_files.part.8+0x9c0/0x9c0 [ 3041.858853] ? kasan_check_write+0x14/0x20 [ 3041.863103] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3041.868047] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3041.871915] validate_nla: 2 callbacks suppressed [ 3041.871924] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3041.873760] do_vfs_ioctl+0x1de/0x1720 [ 3041.873779] ? __lock_is_held+0xb5/0x140 [ 3041.873795] ? ioctl_preallocate+0x300/0x300 [ 3041.873809] ? __fget_light+0x2f7/0x440 [ 3041.873822] ? fget_raw+0x20/0x20 [ 3041.873841] ? __sb_end_write+0xac/0xe0 [ 3041.878643] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3041.885939] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3041.885954] ? fput+0x130/0x1a0 [ 3041.885971] ? ksys_write+0x1ae/0x260 [ 3041.938516] ? security_file_ioctl+0x94/0xc0 [ 3041.942945] ksys_ioctl+0xa9/0xd0 [ 3041.946415] __x64_sys_ioctl+0x73/0xb0 [ 3041.950316] do_syscall_64+0x1b9/0x820 [ 3041.954217] ? syscall_slow_exit_work+0x500/0x500 [ 3041.959076] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3041.964025] ? syscall_return_slowpath+0x31d/0x5e0 [ 3041.968973] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3041.974382] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3041.979249] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3041.984444] RIP: 0033:0x455ab9 [ 3041.987633] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3042.006964] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3042.014686] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3042.021962] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3042.029240] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 14:36:02 executing program 2 (fault-call:7 fault-nth:41): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:02 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x0, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:02 executing program 5: r0 = fcntl$getown(0xffffffffffffff9c, 0x9) r1 = syz_open_procfs(r0, &(0x7f0000000200)="74f40000e1addf78f6fe8d4c3ee1f26d9a7c12c4212e7119fbc8f6e36217c937be5ecd5ced9d741cd031c66b8ca4decd8fd211e887a1560e6ff88c494f7ad3820697ae47f73f9925905806de47e40f63435cb1d62df8b2cdf0965ca046679a1a73bddbf13f50222b8a3468b8f068a70e43ce52081b5c5552751107b788c643d101783c09cb2da3136852453c2a4626ad64fde35129a442f27e022568af9b525bb168124e4230bbae071695ac513e061abbb12a42305fe3baaaf6fdae448d0cc349941379dbcf6c026faf15bd8822dc6e2a719c31603b6b22cc67c14c9a3b2c370b46bfdac051f7d35773575e6be4383c7903acdd62c68b56626264a3ee1faf0e67ca1b") ioctl$SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000000000000002ebf000000000000000000000000000000"]) preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000040)={{0xffffffffffffffff, 0x1, 0x9680000000000000, 0x0, 0x4}}) 14:36:02 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000000fffffffe", 0xfff}) 14:36:02 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:02 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000000500"}}}]}, 0x138}, 0x1}, 0x0) 14:36:02 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:02 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x6c00}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3042.036512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3042.043766] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000028 [ 3042.088427] netlink: 'syz-executor0': attribute type 39 has an invalid length. 14:36:02 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:02 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f00000000c0)=""/189, 0xfffffffffffffed8}, {&(0x7f000000bf80)=""/66, 0x4}], 0x1000000000000146, 0x0) 14:36:02 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xf000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:02 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x0, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:02 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:02 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b', 0xfff}) 14:36:02 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f0000000000)=""/66, 0x42}], 0x2, 0x0) sendfile(r0, r0, &(0x7f00000000c0), 0x4) 14:36:02 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3042.276482] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3042.356965] FAULT_INJECTION: forcing a failure. [ 3042.356965] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3042.368955] CPU: 0 PID: 8161 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3042.376239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3042.385600] Call Trace: [ 3042.388200] dump_stack+0x1c9/0x2b4 [ 3042.391844] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3042.397053] ? lock_downgrade+0x8f0/0x8f0 [ 3042.401224] should_fail.cold.4+0xa/0x1a [ 3042.405303] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3042.410421] ? graph_lock+0x170/0x170 [ 3042.414237] ? is_bpf_text_address+0xd7/0x170 [ 3042.418752] ? find_held_lock+0x36/0x1c0 [ 3042.422831] ? __lock_is_held+0xb5/0x140 [ 3042.426916] ? check_same_owner+0x340/0x340 [ 3042.431253] ? rcu_note_context_switch+0x730/0x730 [ 3042.436205] __alloc_pages_nodemask+0x36e/0xdb0 [ 3042.440890] ? lock_downgrade+0x8f0/0x8f0 [ 3042.445055] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3042.450083] ? graph_lock+0x170/0x170 [ 3042.453896] ? __lock_is_held+0xb5/0x140 [ 3042.457966] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3042.462399] ? __lock_is_held+0xb5/0x140 [ 3042.466485] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3042.472043] alloc_pages_current+0x10c/0x210 [ 3042.476470] __get_free_pages+0xf/0x40 [ 3042.480379] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3042.485155] kvm_mmu_load+0x21/0x10e0 [ 3042.488980] vcpu_enter_guest+0x3aa6/0x6090 [ 3042.493315] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3042.497576] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3042.502259] ? vmx_vcpu_load+0xadf/0xff0 [ 3042.506336] ? __lock_acquire+0x7fc/0x5020 [ 3042.510595] ? vmx_vcpu_reset+0x1040/0x1040 [ 3042.514932] ? graph_lock+0x170/0x170 [ 3042.518750] ? __lock_acquire+0x7fc/0x5020 [ 3042.523014] ? __lock_is_held+0xb5/0x140 [ 3042.527098] ? lock_acquire+0x1e4/0x540 [ 3042.531083] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3042.536121] ? lock_release+0xa30/0xa30 [ 3042.540107] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3042.545396] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3042.549902] ? preempt_notifier_dec+0x20/0x20 [ 3042.554417] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3042.559273] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3042.564323] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3042.568400] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3042.574122] ? find_held_lock+0x36/0x1c0 [ 3042.578177] ? find_held_lock+0x36/0x1c0 [ 3042.582270] ? lock_downgrade+0x8f0/0x8f0 [ 3042.586414] ? kasan_check_read+0x11/0x20 [ 3042.590566] ? rcu_is_watching+0x8c/0x150 [ 3042.595255] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3042.599668] ? __fget+0x414/0x670 [ 3042.603109] ? find_held_lock+0x11/0x1c0 [ 3042.607153] ? expand_files.part.8+0x9c0/0x9c0 [ 3042.611719] ? kasan_check_write+0x14/0x20 [ 3042.615939] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3042.620855] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3042.626554] do_vfs_ioctl+0x1de/0x1720 [ 3042.630438] ? __lock_is_held+0xb5/0x140 [ 3042.634485] ? ioctl_preallocate+0x300/0x300 [ 3042.638894] ? __fget_light+0x2f7/0x440 [ 3042.642861] ? fget_raw+0x20/0x20 [ 3042.646300] ? __sb_end_write+0xac/0xe0 [ 3042.650264] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3042.655783] ? fput+0x130/0x1a0 [ 3042.659047] ? ksys_write+0x1ae/0x260 [ 3042.662834] ? security_file_ioctl+0x94/0xc0 [ 3042.667227] ksys_ioctl+0xa9/0xd0 [ 3042.670678] __x64_sys_ioctl+0x73/0xb0 [ 3042.674556] do_syscall_64+0x1b9/0x820 [ 3042.678426] ? syscall_slow_exit_work+0x500/0x500 [ 3042.683263] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3042.688181] ? syscall_return_slowpath+0x31d/0x5e0 [ 3042.693101] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3042.698461] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3042.703299] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3042.708479] RIP: 0033:0x455ab9 [ 3042.711648] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3042.730838] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3042.738540] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3042.745797] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:03 executing program 2 (fault-call:7 fault-nth:42): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:03 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x68}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:03 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:03 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:03 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:03 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8dffffff], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:03 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00?\x00', 0xfff}) [ 3042.753051] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3042.760302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3042.767557] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000029 14:36:03 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x0, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:03 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) perf_event_open(&(0x7f0000000000)={0x4, 0x70, 0x1f, 0x5, 0x2, 0x9, 0x0, 0x6, 0x1, 0x4, 0x80, 0x401, 0x13, 0x6, 0xffff, 0x3ff, 0xfffffffffffffffe, 0x100000000, 0x9, 0x100000000, 0x0, 0x8e, 0x401, 0x200, 0x2, 0x4, 0x800, 0x94, 0x2, 0x9, 0xdb4, 0x5, 0x100, 0x81, 0x8000, 0xffffffffffffff6e, 0xfffffffffffffffc, 0xef39, 0x0, 0x1, 0x1, @perf_config_ext={0x5c, 0x4}, 0x2fc10, 0x87, 0x8, 0x7, 0x1, 0xfffffffffffffffe, 0x8}, r1, 0x5, r0, 0x2) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:03 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:03 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3042.894174] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3042.901828] net_ratelimit: 2 callbacks suppressed [ 3042.901837] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:03 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000f00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:03 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000140)={'ip_vti0\x00', 0x7fff}) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x80000000, 0x30}, &(0x7f0000000040)=0xc) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r1, 0x0, 0x3}, &(0x7f0000000100)=0xc) 14:36:03 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x0, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:03 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x600000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:03 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000500", 0xfff}) [ 3043.113938] FAULT_INJECTION: forcing a failure. [ 3043.113938] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3043.125874] CPU: 1 PID: 8209 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3043.133163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3043.136291] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3043.142529] Call Trace: [ 3043.142557] dump_stack+0x1c9/0x2b4 [ 3043.142576] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3043.142595] ? lock_downgrade+0x8f0/0x8f0 [ 3043.142624] should_fail.cold.4+0xa/0x1a [ 3043.150076] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3043.152565] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3043.152588] ? graph_lock+0x170/0x170 [ 3043.152608] ? is_bpf_text_address+0xd7/0x170 [ 3043.197540] ? find_held_lock+0x36/0x1c0 [ 3043.201632] ? __lock_is_held+0xb5/0x140 [ 3043.205719] ? check_same_owner+0x340/0x340 [ 3043.210054] ? rcu_note_context_switch+0x730/0x730 [ 3043.215027] __alloc_pages_nodemask+0x36e/0xdb0 [ 3043.219705] ? lock_downgrade+0x8f0/0x8f0 [ 3043.223872] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3043.228991] ? graph_lock+0x170/0x170 [ 3043.232801] ? __lock_is_held+0xb5/0x140 [ 3043.236870] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3043.241300] ? __lock_is_held+0xb5/0x140 [ 3043.245384] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3043.250933] alloc_pages_current+0x10c/0x210 [ 3043.255356] __get_free_pages+0xf/0x40 [ 3043.259260] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3043.264049] kvm_mmu_load+0x21/0x10e0 [ 3043.267870] vcpu_enter_guest+0x3aa6/0x6090 [ 3043.272291] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3043.276549] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3043.281243] ? vmx_vcpu_load+0xadf/0xff0 [ 3043.285318] ? __lock_acquire+0x7fc/0x5020 [ 3043.289738] ? vmx_vcpu_reset+0x1040/0x1040 [ 3043.294075] ? graph_lock+0x170/0x170 [ 3043.297893] ? __lock_acquire+0x7fc/0x5020 [ 3043.302150] ? __lock_is_held+0xb5/0x140 [ 3043.306228] ? lock_acquire+0x1e4/0x540 [ 3043.310212] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3043.315332] ? lock_release+0xa30/0xa30 [ 3043.319329] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3043.324624] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3043.329215] ? preempt_notifier_dec+0x20/0x20 [ 3043.333736] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3043.338604] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3043.343644] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3043.347724] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3043.353449] ? find_held_lock+0x36/0x1c0 [ 3043.357521] ? find_held_lock+0x36/0x1c0 [ 3043.361605] ? lock_downgrade+0x8f0/0x8f0 [ 3043.365767] ? kasan_check_read+0x11/0x20 [ 3043.369923] ? rcu_is_watching+0x8c/0x150 [ 3043.374080] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3043.378510] ? __fget+0x414/0x670 [ 3043.381986] ? find_held_lock+0x11/0x1c0 [ 3043.386057] ? expand_files.part.8+0x9c0/0x9c0 [ 3043.390634] ? kasan_check_write+0x14/0x20 [ 3043.394859] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3043.399777] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3043.405476] do_vfs_ioctl+0x1de/0x1720 [ 3043.409355] ? __lock_is_held+0xb5/0x140 [ 3043.413408] ? ioctl_preallocate+0x300/0x300 [ 3043.417801] ? __fget_light+0x2f7/0x440 [ 3043.421768] ? fget_raw+0x20/0x20 [ 3043.425219] ? __sb_end_write+0xac/0xe0 [ 3043.429191] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3043.434712] ? fput+0x130/0x1a0 [ 3043.437982] ? ksys_write+0x1ae/0x260 [ 3043.441771] ? security_file_ioctl+0x94/0xc0 [ 3043.446166] ksys_ioctl+0xa9/0xd0 [ 3043.449614] __x64_sys_ioctl+0x73/0xb0 [ 3043.453488] do_syscall_64+0x1b9/0x820 [ 3043.457360] ? syscall_slow_exit_work+0x500/0x500 [ 3043.462188] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3043.467102] ? syscall_return_slowpath+0x31d/0x5e0 [ 3043.472039] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3043.477424] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3043.482276] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3043.487447] RIP: 0033:0x455ab9 [ 3043.490619] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:36:03 executing program 2 (fault-call:7 fault-nth:43): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:03 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:03 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:03 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000feffffff00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:03 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3043.509840] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3043.517543] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3043.524808] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3043.532081] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3043.539347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3043.546605] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002a 14:36:03 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\b\x00', 0xfff}) 14:36:03 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) r2 = syz_open_procfs(r1, &(0x7f0000000080)='net/wireless\x00') r3 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x4) ioctl$SCSI_IOCTL_STOP_UNIT(r2, 0x6) splice(r3, &(0x7f0000000100), r3, &(0x7f0000000140), 0x4, 0xe) preadv(r2, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e24, 0x8000, @remote={0xfe, 0x80, [], 0xbb}, 0x1}, 0x1c) 14:36:03 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x0, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:04 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x40400, 0x0) ioctl$TIOCSTI(r0, 0x5412, 0x400) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:04 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000600", 0xfff}) 14:36:04 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000007fffffff00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:04 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x0, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:04 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3043.820919] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3043.828474] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:04 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000000)={0xff}, 0x0) ioctl$RTC_AIE_ON(r0, 0x7001) read(r0, &(0x7f0000000040)=""/17, 0x11) 14:36:04 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3043.999103] FAULT_INJECTION: forcing a failure. [ 3043.999103] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3044.011105] CPU: 0 PID: 8269 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3044.018388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3044.027756] Call Trace: [ 3044.030377] dump_stack+0x1c9/0x2b4 [ 3044.034120] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3044.039329] ? lock_downgrade+0x8f0/0x8f0 [ 3044.043514] should_fail.cold.4+0xa/0x1a [ 3044.047597] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3044.052729] ? graph_lock+0x170/0x170 [ 3044.056552] ? is_bpf_text_address+0xd7/0x170 [ 3044.061068] ? find_held_lock+0x36/0x1c0 [ 3044.065146] ? __lock_is_held+0xb5/0x140 [ 3044.069238] ? check_same_owner+0x340/0x340 [ 3044.073580] ? rcu_note_context_switch+0x730/0x730 [ 3044.078537] __alloc_pages_nodemask+0x36e/0xdb0 [ 3044.083446] ? lock_downgrade+0x8f0/0x8f0 [ 3044.087621] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3044.092657] ? graph_lock+0x170/0x170 [ 3044.096479] ? __lock_is_held+0xb5/0x140 [ 3044.100554] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3044.104987] ? __lock_is_held+0xb5/0x140 [ 3044.109080] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3044.114639] alloc_pages_current+0x10c/0x210 [ 3044.119068] __get_free_pages+0xf/0x40 [ 3044.122969] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3044.127741] kvm_mmu_load+0x21/0x10e0 [ 3044.131576] vcpu_enter_guest+0x3aa6/0x6090 [ 3044.135917] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3044.140178] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3044.144870] ? vmx_vcpu_load+0xadf/0xff0 [ 3044.148950] ? __lock_acquire+0x7fc/0x5020 [ 3044.153198] ? vmx_vcpu_reset+0x1040/0x1040 [ 3044.157534] ? graph_lock+0x170/0x170 [ 3044.161352] ? __lock_acquire+0x7fc/0x5020 [ 3044.165610] ? __lock_is_held+0xb5/0x140 [ 3044.169689] ? lock_acquire+0x1e4/0x540 [ 3044.173671] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3044.178705] ? lock_release+0xa30/0xa30 [ 3044.182689] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3044.187980] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3044.192494] ? preempt_notifier_dec+0x20/0x20 [ 3044.197708] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3044.202564] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3044.207614] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3044.211688] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3044.217417] ? find_held_lock+0x36/0x1c0 [ 3044.221498] ? find_held_lock+0x36/0x1c0 [ 3044.225570] ? lock_downgrade+0x8f0/0x8f0 [ 3044.229706] ? kasan_check_read+0x11/0x20 [ 3044.233843] ? rcu_is_watching+0x8c/0x150 [ 3044.237975] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3044.242378] ? __fget+0x414/0x670 [ 3044.245832] ? find_held_lock+0x11/0x1c0 [ 3044.249877] ? expand_files.part.8+0x9c0/0x9c0 [ 3044.254449] ? kasan_check_write+0x14/0x20 [ 3044.258670] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3044.263610] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3044.269309] do_vfs_ioctl+0x1de/0x1720 [ 3044.273183] ? __lock_is_held+0xb5/0x140 [ 3044.277409] ? ioctl_preallocate+0x300/0x300 [ 3044.281798] ? __fget_light+0x2f7/0x440 [ 3044.285755] ? fget_raw+0x20/0x20 [ 3044.289202] ? __sb_end_write+0xac/0xe0 [ 3044.293165] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3044.298694] ? fput+0x130/0x1a0 [ 3044.301959] ? ksys_write+0x1ae/0x260 [ 3044.305753] ? security_file_ioctl+0x94/0xc0 [ 3044.310161] ksys_ioctl+0xa9/0xd0 [ 3044.313617] __x64_sys_ioctl+0x73/0xb0 [ 3044.317497] do_syscall_64+0x1b9/0x820 [ 3044.321387] ? syscall_slow_exit_work+0x500/0x500 [ 3044.326232] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3044.331147] ? syscall_return_slowpath+0x31d/0x5e0 [ 3044.336075] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3044.341426] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3044.346267] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3044.351447] RIP: 0033:0x455ab9 [ 3044.354616] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3044.373796] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3044.381489] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3044.388740] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:04 executing program 2 (fault-call:7 fault-nth:44): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:04 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:04 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000fe00", 0xfff}) 14:36:04 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000ffffff9e00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:04 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x4, 0x8000) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:04 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:04 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x6000000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:04 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x0, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) [ 3044.395994] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3044.403255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3044.410525] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002b 14:36:04 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:04 executing program 5: openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0x20000, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f0000000280), 0x3bb, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0xc0, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xd}}, @in={0x2, 0x4e24, @multicast1=0xe0000001}, @in6={0xa, 0x4e23, 0x100000000, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x1000}, @in6={0xa, 0x4e24, 0x0, @dev={0xfe, 0x80, [], 0xc}, 0x4}, @in6={0xa, 0x4e23, 0x4, @mcast1={0xff, 0x1, [], 0x1}, 0xf000000000000000}, @in={0x2, 0x4e23}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}, @in6={0xa, 0x4e24, 0x8, @loopback={0x0, 0x1}, 0x2}]}, &(0x7f0000000040)=0x10) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000180)={r1, 0x2}, &(0x7f00000001c0)=0x8) 14:36:04 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:04 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000000100", 0xfff}) 14:36:05 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3044.588953] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3044.596536] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:05 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000fffffff000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:05 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x0, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:05 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3044.770108] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3044.777622] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3044.794876] FAULT_INJECTION: forcing a failure. [ 3044.794876] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3044.806774] CPU: 0 PID: 8326 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3044.814080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3044.823446] Call Trace: [ 3044.826051] dump_stack+0x1c9/0x2b4 [ 3044.829697] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3044.834906] ? lock_downgrade+0x8f0/0x8f0 [ 3044.839080] should_fail.cold.4+0xa/0x1a [ 3044.843165] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3044.848287] ? graph_lock+0x170/0x170 [ 3044.852175] ? is_bpf_text_address+0xd7/0x170 [ 3044.856690] ? find_held_lock+0x36/0x1c0 [ 3044.860771] ? __lock_is_held+0xb5/0x140 [ 3044.864852] ? check_same_owner+0x340/0x340 [ 3044.869186] ? rcu_note_context_switch+0x730/0x730 [ 3044.874137] __alloc_pages_nodemask+0x36e/0xdb0 [ 3044.878828] ? lock_downgrade+0x8f0/0x8f0 [ 3044.882995] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3044.888031] ? graph_lock+0x170/0x170 [ 3044.891843] ? __lock_is_held+0xb5/0x140 [ 3044.895915] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3044.900356] ? __lock_is_held+0xb5/0x140 [ 3044.904468] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3044.910024] alloc_pages_current+0x10c/0x210 [ 3044.914447] __get_free_pages+0xf/0x40 [ 3044.918354] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3044.923138] kvm_mmu_load+0x21/0x10e0 [ 3044.926955] ? vcpu_enter_guest+0x298c/0x6090 [ 3044.931472] vcpu_enter_guest+0x3aa6/0x6090 [ 3044.935821] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3044.940513] ? vmx_vcpu_load+0xadf/0xff0 [ 3044.944597] ? __lock_acquire+0x7fc/0x5020 [ 3044.948854] ? vmx_vcpu_reset+0x1040/0x1040 [ 3044.953192] ? graph_lock+0x170/0x170 [ 3044.957012] ? __lock_acquire+0x7fc/0x5020 [ 3044.961305] ? __lock_is_held+0xb5/0x140 [ 3044.965406] ? init_vqs+0x610/0xb40 [ 3044.969053] ? lock_acquire+0x1e4/0x540 [ 3044.973037] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3044.978065] ? lock_release+0xa30/0xa30 [ 3044.982048] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3044.987341] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3044.991844] ? preempt_notifier_dec+0x20/0x20 [ 3044.996366] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3045.001219] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3045.006260] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3045.011644] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3045.017401] ? find_held_lock+0x36/0x1c0 [ 3045.021471] ? find_held_lock+0x36/0x1c0 [ 3045.025538] ? lock_downgrade+0x8f0/0x8f0 [ 3045.029679] ? kasan_check_read+0x11/0x20 [ 3045.033810] ? rcu_is_watching+0x8c/0x150 [ 3045.037957] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3045.042377] ? __fget+0x414/0x670 [ 3045.045828] ? find_held_lock+0x11/0x1c0 [ 3045.050100] ? expand_files.part.8+0x9c0/0x9c0 [ 3045.054674] ? kasan_check_write+0x14/0x20 [ 3045.058908] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3045.063839] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3045.069553] do_vfs_ioctl+0x1de/0x1720 [ 3045.073429] ? __lock_is_held+0xb5/0x140 [ 3045.077486] ? ioctl_preallocate+0x300/0x300 [ 3045.081885] ? __fget_light+0x2f7/0x440 [ 3045.085850] ? fget_raw+0x20/0x20 [ 3045.089315] ? __sb_end_write+0xac/0xe0 [ 3045.093377] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3045.098899] ? fput+0x130/0x1a0 [ 3045.102166] ? ksys_write+0x1ae/0x260 [ 3045.105955] ? security_file_ioctl+0x94/0xc0 [ 3045.110354] ksys_ioctl+0xa9/0xd0 [ 3045.113794] __x64_sys_ioctl+0x73/0xb0 [ 3045.117670] do_syscall_64+0x1b9/0x820 [ 3045.121544] ? syscall_slow_exit_work+0x500/0x500 [ 3045.126375] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3045.131292] ? syscall_return_slowpath+0x31d/0x5e0 [ 3045.136214] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3045.141579] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3045.146418] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3045.151615] RIP: 0033:0x455ab9 14:36:05 executing program 2 (fault-call:7 fault-nth:45): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:05 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) write(r0, &(0x7f00000000c0)="42d16461bda33f7d9875cafc1eb06c0b0551f81afddf487f59f946a919a4b47e0e39fd5b670bc1c9ec79488b148e70ffb1d28e467b761b3514465e6b4b1954f2649c673816d74a5b6ca4fe723615130d72fa8e905e25d63115989874e18039647d23fd22e52c940814f2fb16d8182c0fa975761fcff1920b0bc1e1cb88351305d3fc2e544894a9d555d2ab6ddd6472eca3bb311807c4710914e3d0249913c6c7bf99220468fc4b8e6a", 0xa9) 14:36:05 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 ', 0xfff}) 14:36:05 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x7a00000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:05 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:05 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:05 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3045.154796] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3045.173998] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3045.181713] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3045.188970] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3045.196237] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3045.203504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3045.210761] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002c 14:36:05 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x0, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:05 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:05 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0xffffffff, 0x200) preadv(r0, &(0x7f00000004c0)=[{&(0x7f00000000c0)=""/175, 0xaf}, {&(0x7f0000000180)=""/192, 0xc0}, {&(0x7f0000000240)=""/236, 0xec}, {&(0x7f0000000340)=""/161, 0xa1}, {&(0x7f0000000400)=""/177, 0xb1}], 0x5, 0x0) 14:36:05 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000000400"}}}]}, 0x138}, 0x1}, 0x0) 14:36:05 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3045.420758] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3045.428242] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3045.482104] FAULT_INJECTION: forcing a failure. [ 3045.482104] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3045.494044] CPU: 0 PID: 8376 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3045.501328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3045.510690] Call Trace: [ 3045.513296] dump_stack+0x1c9/0x2b4 [ 3045.516944] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3045.522153] ? lock_downgrade+0x8f0/0x8f0 [ 3045.526331] should_fail.cold.4+0xa/0x1a [ 3045.530412] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3045.535540] ? graph_lock+0x170/0x170 [ 3045.539364] ? is_bpf_text_address+0xd7/0x170 [ 3045.543884] ? find_held_lock+0x36/0x1c0 [ 3045.547967] ? __lock_is_held+0xb5/0x140 [ 3045.552056] ? check_same_owner+0x340/0x340 [ 3045.556398] ? rcu_note_context_switch+0x730/0x730 [ 3045.561357] __alloc_pages_nodemask+0x36e/0xdb0 [ 3045.566042] ? lock_downgrade+0x8f0/0x8f0 [ 3045.570230] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3045.575266] ? graph_lock+0x170/0x170 14:36:05 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0xfffffffffffffffd}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={r1, 0x70a}, &(0x7f0000000100)=0x8) 14:36:05 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000fffffffd00", 0xfff}) 14:36:05 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x7000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:06 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3045.579084] ? __lock_is_held+0xb5/0x140 [ 3045.583154] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3045.587595] ? __lock_is_held+0xb5/0x140 [ 3045.591681] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3045.597238] alloc_pages_current+0x10c/0x210 [ 3045.601668] __get_free_pages+0xf/0x40 [ 3045.605576] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3045.610354] kvm_mmu_load+0x21/0x10e0 [ 3045.614185] vcpu_enter_guest+0x3aa6/0x6090 [ 3045.618525] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3045.622783] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3045.627477] ? vmx_vcpu_load+0xadf/0xff0 [ 3045.631562] ? __lock_acquire+0x7fc/0x5020 [ 3045.635817] ? vmx_vcpu_reset+0x1040/0x1040 [ 3045.640153] ? graph_lock+0x170/0x170 [ 3045.643972] ? __lock_acquire+0x7fc/0x5020 [ 3045.648233] ? __lock_is_held+0xb5/0x140 [ 3045.652322] ? lock_acquire+0x1e4/0x540 [ 3045.656317] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3045.661354] ? lock_release+0xa30/0xa30 [ 3045.665341] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3045.670633] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3045.675142] ? preempt_notifier_dec+0x20/0x20 [ 3045.679661] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3045.684517] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3045.689565] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3045.693665] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3045.699393] ? find_held_lock+0x36/0x1c0 [ 3045.703476] ? find_held_lock+0x36/0x1c0 [ 3045.707563] ? lock_downgrade+0x8f0/0x8f0 [ 3045.711731] ? kasan_check_read+0x11/0x20 [ 3045.715888] ? rcu_is_watching+0x8c/0x150 [ 3045.720045] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3045.724472] ? __fget+0x414/0x670 [ 3045.727945] ? find_held_lock+0x11/0x1c0 [ 3045.731269] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3045.732018] ? expand_files.part.8+0x9c0/0x9c0 [ 3045.732037] ? kasan_check_write+0x14/0x20 [ 3045.732054] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3045.732077] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3045.732092] do_vfs_ioctl+0x1de/0x1720 [ 3045.732111] ? __lock_is_held+0xb5/0x140 [ 3045.739635] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3045.781821] ? ioctl_preallocate+0x300/0x300 [ 3045.786245] ? __fget_light+0x2f7/0x440 [ 3045.790265] ? fget_raw+0x20/0x20 [ 3045.793741] ? __sb_end_write+0xac/0xe0 [ 3045.797734] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3045.803291] ? fput+0x130/0x1a0 [ 3045.806584] ? ksys_write+0x1ae/0x260 [ 3045.810395] ? security_file_ioctl+0x94/0xc0 [ 3045.814817] ksys_ioctl+0xa9/0xd0 [ 3045.818288] __x64_sys_ioctl+0x73/0xb0 [ 3045.822190] do_syscall_64+0x1b9/0x820 [ 3045.826083] ? syscall_slow_exit_work+0x500/0x500 [ 3045.830932] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3045.835873] ? syscall_return_slowpath+0x31d/0x5e0 [ 3045.840824] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3045.846206] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3045.851070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3045.856271] RIP: 0033:0x455ab9 [ 3045.859457] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:36:06 executing program 2 (fault-call:7 fault-nth:46): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:06 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:06 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc006], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:06 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:06 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000000000ffffff", 0xfff}) 14:36:06 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f0000001780)=[{&(0x7f0000000280)=""/43}, {&(0x7f00000002c0)=""/126}, {&(0x7f0000000340)=""/206, 0x132}, {&(0x7f0000001800)=""/223}, {&(0x7f0000000540)=""/4096}, {&(0x7f0000001540)=""/26}, {&(0x7f00000016c0)=""/158, 0xffffffffffffff6c}], 0x178, 0x0) [ 3045.878817] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3045.886543] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3045.893822] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3045.901104] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3045.908380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3045.915650] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002d 14:36:06 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x0, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:06 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:06 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000280)={'bridge_slave_1\x00', {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0xfb5df58feb10f247, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000100)={0x0, 0xfffffea5, "c9cb639f35a492068877959fdba0becf278ebb31d0aca3bb57cb92861083aaef348c4e1095e2050b44ac14ed1257e55a9e28c5f141a655a7b6351cbf040cf4d141636893b18da5115922c1d2b34fb19cacfb19bbc7685a6c0a6e8952e3268cca746a9914c4a319897ecf6ce50f7fb5d2d5037be8ec1f2019bf16137612a00bf0853ab00939cdfe"}, &(0x7f00000001c0)=0x8f) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000200)={r2, 0x9, 0xa, [0x9, 0x6, 0x0, 0x6, 0x1, 0xfffffffffffffffe, 0x7, 0x5, 0x0, 0x3f]}, &(0x7f0000000240)=0x1c) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r3, &(0x7f0000000380)=[{&(0x7f00000002c0)=""/189, 0xbd}, {&(0x7f00000003c0)=""/66, 0xfffffc77}], 0x309, 0x0) read(r3, &(0x7f0000000000)=""/128, 0x80) [ 3046.058136] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:06 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:06 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) recvmmsg(r0, &(0x7f0000000680)=[{{&(0x7f0000000000)=@hci={0x0, 0x0}, 0x80, &(0x7f0000000580)=[{&(0x7f00000000c0)=""/175, 0xaf}, {&(0x7f0000000180)=""/208, 0xd0}, {&(0x7f0000000280)=""/241, 0xf1}, {&(0x7f0000000380)=""/42, 0x2a}, {&(0x7f00000003c0)=""/46, 0x2e}, {&(0x7f0000000400)=""/206, 0xce}, {&(0x7f0000000500)=""/96, 0x60}], 0x7, &(0x7f0000000600)=""/75, 0x4b, 0xc0}, 0x5}], 0x1, 0x40000000, &(0x7f00000006c0)) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000700)={@local={0xfe, 0x80, [], 0xaa}, 0x6, r1}) [ 3046.145411] FAULT_INJECTION: forcing a failure. [ 3046.145411] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3046.157378] CPU: 0 PID: 8418 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3046.164663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3046.174028] Call Trace: [ 3046.176633] dump_stack+0x1c9/0x2b4 [ 3046.180281] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3046.185489] ? lock_downgrade+0x8f0/0x8f0 [ 3046.189663] should_fail.cold.4+0xa/0x1a 14:36:06 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3046.193748] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3046.198873] ? graph_lock+0x170/0x170 [ 3046.202690] ? is_bpf_text_address+0xd7/0x170 [ 3046.207203] ? find_held_lock+0x36/0x1c0 [ 3046.211289] ? __lock_is_held+0xb5/0x140 [ 3046.215374] ? check_same_owner+0x340/0x340 [ 3046.219709] ? rcu_note_context_switch+0x730/0x730 [ 3046.224774] __alloc_pages_nodemask+0x36e/0xdb0 [ 3046.229460] ? lock_downgrade+0x8f0/0x8f0 [ 3046.233629] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3046.238671] ? graph_lock+0x170/0x170 14:36:06 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x7, 0x80040) syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x29b00000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)=""/135) 14:36:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000000000600"}}}]}, 0x138}, 0x1}, 0x0) [ 3046.242485] ? __lock_is_held+0xb5/0x140 [ 3046.246560] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3046.250992] ? __lock_is_held+0xb5/0x140 [ 3046.255078] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3046.260640] alloc_pages_current+0x10c/0x210 [ 3046.265083] __get_free_pages+0xf/0x40 [ 3046.268986] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3046.273768] kvm_mmu_load+0x21/0x10e0 [ 3046.277619] vcpu_enter_guest+0x3aa6/0x6090 [ 3046.281952] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3046.286214] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3046.290910] ? vmx_vcpu_load+0xadf/0xff0 14:36:06 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) [ 3046.294989] ? __lock_acquire+0x7fc/0x5020 [ 3046.299255] ? vmx_vcpu_reset+0x1040/0x1040 [ 3046.303589] ? graph_lock+0x170/0x170 [ 3046.307406] ? __lock_acquire+0x7fc/0x5020 [ 3046.311666] ? __lock_is_held+0xb5/0x140 [ 3046.315747] ? lock_acquire+0x1e4/0x540 [ 3046.319733] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3046.324763] ? lock_release+0xa30/0xa30 [ 3046.328742] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3046.334029] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3046.338539] ? preempt_notifier_dec+0x20/0x20 [ 3046.343049] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3046.347899] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3046.352936] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3046.357013] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3046.362729] ? find_held_lock+0x36/0x1c0 [ 3046.366803] ? find_held_lock+0x36/0x1c0 [ 3046.370887] ? lock_downgrade+0x8f0/0x8f0 [ 3046.375054] ? kasan_check_read+0x11/0x20 [ 3046.379214] ? rcu_is_watching+0x8c/0x150 [ 3046.383374] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3046.387796] ? __fget+0x414/0x670 [ 3046.391264] ? find_held_lock+0x11/0x1c0 [ 3046.395330] ? expand_files.part.8+0x9c0/0x9c0 [ 3046.399917] ? kasan_check_write+0x14/0x20 [ 3046.404161] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3046.409110] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3046.414835] do_vfs_ioctl+0x1de/0x1720 [ 3046.418739] ? __lock_is_held+0xb5/0x140 [ 3046.422814] ? ioctl_preallocate+0x300/0x300 [ 3046.427256] ? __fget_light+0x2f7/0x440 [ 3046.431250] ? fget_raw+0x20/0x20 [ 3046.434719] ? __sb_end_write+0xac/0xe0 [ 3046.438709] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3046.444255] ? fput+0x130/0x1a0 [ 3046.447543] ? ksys_write+0x1ae/0x260 [ 3046.451352] ? security_file_ioctl+0x94/0xc0 [ 3046.455776] ksys_ioctl+0xa9/0xd0 [ 3046.459247] __x64_sys_ioctl+0x73/0xb0 [ 3046.463146] do_syscall_64+0x1b9/0x820 [ 3046.467042] ? syscall_slow_exit_work+0x500/0x500 [ 3046.471902] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3046.476847] ? syscall_return_slowpath+0x31d/0x5e0 [ 3046.481796] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3046.487176] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3046.492044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3046.497247] RIP: 0033:0x455ab9 [ 3046.500430] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3046.519762] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3046.527488] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3046.534769] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:06 executing program 2 (fault-call:7 fault-nth:47): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:06 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:06 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf903000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:06 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:06 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)="6e65742f776972656c6573730066c8690d38c35ed3a11853ede327be71bfad00fbe39223d4fae49babb3d2b844d3d30da2c94981c38dccb2c2bb709e6dc1d5c7d37b82cff5e6bc5b3a2f046359eb85ca8f1fa2a3a2906d15b0c3") preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$KDMKTONE(r0, 0x4b30, 0x8) openat$cgroup_subtree(r0, &(0x7f0000000080)='cgroup.subtree_control\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000100), &(0x7f0000000140)=0x8) ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000000)={0x101}) 14:36:06 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000fffffdfd00", 0xfff}) 14:36:06 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000000000200"}}}]}, 0x138}, 0x1}, 0x0) [ 3046.542051] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3046.549329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3046.556607] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002e 14:36:07 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x0, &(0x7f0000000200)) 14:36:07 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:07 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x408000, 0x0) 14:36:07 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00@\x00', 0xfff}) 14:36:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3046.779700] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3046.802284] FAULT_INJECTION: forcing a failure. [ 3046.802284] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3046.814236] CPU: 0 PID: 8477 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 14:36:07 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:07 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) 14:36:07 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x68000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3046.821526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3046.830887] Call Trace: [ 3046.833602] dump_stack+0x1c9/0x2b4 [ 3046.837258] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3046.842465] ? lock_downgrade+0x8f0/0x8f0 [ 3046.846639] should_fail.cold.4+0xa/0x1a [ 3046.850718] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3046.855842] ? graph_lock+0x170/0x170 [ 3046.859660] ? is_bpf_text_address+0xd7/0x170 [ 3046.864173] ? find_held_lock+0x36/0x1c0 [ 3046.868350] ? __lock_is_held+0xb5/0x140 [ 3046.872436] ? check_same_owner+0x340/0x340 14:36:07 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000007fffffff00", 0xfff}) [ 3046.876779] ? rcu_note_context_switch+0x730/0x730 [ 3046.881733] __alloc_pages_nodemask+0x36e/0xdb0 [ 3046.886415] ? lock_downgrade+0x8f0/0x8f0 [ 3046.890589] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3046.895624] ? graph_lock+0x170/0x170 [ 3046.899439] ? __lock_is_held+0xb5/0x140 [ 3046.903509] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3046.907947] ? __lock_is_held+0xb5/0x140 [ 3046.912037] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3046.917599] alloc_pages_current+0x10c/0x210 [ 3046.922138] __get_free_pages+0xf/0x40 [ 3046.926052] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3046.930826] kvm_mmu_load+0x21/0x10e0 [ 3046.934648] vcpu_enter_guest+0x3aa6/0x6090 [ 3046.939072] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3046.943347] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3046.948031] ? vmx_vcpu_load+0xadf/0xff0 [ 3046.952108] ? __lock_acquire+0x7fc/0x5020 [ 3046.956355] ? vmx_vcpu_reset+0x1040/0x1040 [ 3046.960693] ? graph_lock+0x170/0x170 [ 3046.964515] ? __lock_acquire+0x7fc/0x5020 [ 3046.968784] ? __lock_is_held+0xb5/0x140 [ 3046.972872] ? lock_acquire+0x1e4/0x540 [ 3046.976861] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3046.981887] ? lock_release+0xa30/0xa30 [ 3046.985859] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3046.991140] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3046.995652] ? preempt_notifier_dec+0x20/0x20 [ 3047.000162] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3047.005020] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3047.010055] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3047.014136] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3047.019863] ? find_held_lock+0x36/0x1c0 [ 3047.023942] ? find_held_lock+0x36/0x1c0 [ 3047.028023] ? lock_downgrade+0x8f0/0x8f0 [ 3047.032195] ? kasan_check_read+0x11/0x20 [ 3047.036353] ? rcu_is_watching+0x8c/0x150 [ 3047.040507] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3047.044932] ? __fget+0x414/0x670 [ 3047.048397] ? find_held_lock+0x11/0x1c0 [ 3047.052463] ? expand_files.part.8+0x9c0/0x9c0 [ 3047.057060] ? kasan_check_write+0x14/0x20 [ 3047.061303] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3047.066245] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3047.071965] do_vfs_ioctl+0x1de/0x1720 [ 3047.075859] ? __lock_is_held+0xb5/0x140 [ 3047.079927] ? ioctl_preallocate+0x300/0x300 [ 3047.084338] ? __fget_light+0x2f7/0x440 [ 3047.088318] ? fget_raw+0x20/0x20 [ 3047.091779] ? __sb_end_write+0xac/0xe0 [ 3047.095768] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3047.101312] ? fput+0x130/0x1a0 [ 3047.104601] ? ksys_write+0x1ae/0x260 [ 3047.106517] validate_nla: 2 callbacks suppressed [ 3047.106527] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3047.108406] ? security_file_ioctl+0x94/0xc0 [ 3047.108424] ksys_ioctl+0xa9/0xd0 [ 3047.108441] __x64_sys_ioctl+0x73/0xb0 [ 3047.108460] do_syscall_64+0x1b9/0x820 [ 3047.108473] ? syscall_slow_exit_work+0x500/0x500 [ 3047.108491] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3047.113273] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3047.120589] ? syscall_return_slowpath+0x31d/0x5e0 [ 3047.120610] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3047.120628] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3047.175536] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3047.180735] RIP: 0033:0x455ab9 [ 3047.183924] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3047.203264] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3047.211008] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3047.218287] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:07 executing program 2 (fault-call:7 fault-nth:48): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:07 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff00000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:07 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x10000000000000) 14:36:07 executing program 5: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x102, 0x0) ioctl$TIOCNOTTY(r0, 0x5422) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') signalfd4(r0, &(0x7f0000000240), 0x8, 0x80800) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000001c0)={0x0, @local, @broadcast}, &(0x7f0000000040)=0xc) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000002}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r2, 0x400, 0x70bd27, 0x25dfdbfb, {0xb}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7f}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x8040) preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:07 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:07 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000fd00", 0xfff}) 14:36:07 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3047.225562] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3047.232838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3047.240117] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000002f 14:36:07 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x0, &(0x7f0000000200)) 14:36:07 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xa000000) [ 3047.354781] netlink: 'syz-executor0': attribute type 39 has an invalid length. 14:36:07 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/wireless\x00') setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000180)={@nfc_llcp={0x27, 0x1, 0x1, 0x3, 0xff, 0x9, "546c26750ba59533fc6e52c74d9913a220fb43805871a5f038944b9bfcbaf8dfa7a8ced6dd6cfd18fb068bd1a5194c43ae2a726ebaa04e6aa9df3516965373", 0x6}, {&(0x7f00000000c0)=""/130, 0x82}, &(0x7f0000000040), 0x79}, 0xa0) preadv(r0, &(0x7f000000c000), 0x0, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="edca83985443876f6df3a2f544e1756f", 0x10) 14:36:07 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000c3ffffff00", 0xfff}) 14:36:07 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7400000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3047.483278] FAULT_INJECTION: forcing a failure. [ 3047.483278] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3047.495250] CPU: 1 PID: 8531 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3047.502536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3047.511897] Call Trace: [ 3047.514501] dump_stack+0x1c9/0x2b4 [ 3047.518150] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3047.523357] ? lock_downgrade+0x8f0/0x8f0 [ 3047.527525] should_fail.cold.4+0xa/0x1a [ 3047.531608] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3047.536795] ? graph_lock+0x170/0x170 [ 3047.540604] ? is_bpf_text_address+0xd7/0x170 [ 3047.545124] ? find_held_lock+0x36/0x1c0 [ 3047.549198] ? __lock_is_held+0xb5/0x140 [ 3047.553276] ? check_same_owner+0x340/0x340 [ 3047.557605] ? rcu_note_context_switch+0x730/0x730 [ 3047.562559] __alloc_pages_nodemask+0x36e/0xdb0 [ 3047.567244] ? lock_downgrade+0x8f0/0x8f0 [ 3047.571407] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3047.576431] ? graph_lock+0x170/0x170 [ 3047.580236] ? __lock_is_held+0xb5/0x140 [ 3047.584299] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3047.588726] ? __lock_is_held+0xb5/0x140 [ 3047.592805] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3047.598355] alloc_pages_current+0x10c/0x210 [ 3047.602774] __get_free_pages+0xf/0x40 [ 3047.606668] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3047.611436] kvm_mmu_load+0x21/0x10e0 [ 3047.615256] vcpu_enter_guest+0x3aa6/0x6090 [ 3047.619587] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3047.623846] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3047.628533] ? vmx_vcpu_load+0xadf/0xff0 [ 3047.632606] ? __lock_acquire+0x7fc/0x5020 [ 3047.636858] ? vmx_vcpu_reset+0x1040/0x1040 [ 3047.641298] ? graph_lock+0x170/0x170 [ 3047.645116] ? __lock_acquire+0x7fc/0x5020 [ 3047.647507] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3047.649372] ? __lock_is_held+0xb5/0x140 [ 3047.649391] ? lock_acquire+0x1e4/0x540 [ 3047.649410] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3047.669803] ? lock_release+0xa30/0xa30 [ 3047.673794] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3047.679083] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3047.683582] ? preempt_notifier_dec+0x20/0x20 [ 3047.688101] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3047.692956] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3047.698083] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3047.702160] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3047.707895] ? find_held_lock+0x36/0x1c0 [ 3047.712008] ? find_held_lock+0x36/0x1c0 [ 3047.716092] ? lock_downgrade+0x8f0/0x8f0 [ 3047.720258] ? kasan_check_read+0x11/0x20 [ 3047.724416] ? rcu_is_watching+0x8c/0x150 [ 3047.728569] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3047.733000] ? __fget+0x414/0x670 [ 3047.736468] ? find_held_lock+0x11/0x1c0 [ 3047.740542] ? expand_files.part.8+0x9c0/0x9c0 [ 3047.745142] ? kasan_check_write+0x14/0x20 [ 3047.749390] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3047.754339] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3047.760067] do_vfs_ioctl+0x1de/0x1720 [ 3047.763967] ? __lock_is_held+0xb5/0x140 [ 3047.768040] ? ioctl_preallocate+0x300/0x300 [ 3047.772463] ? __fget_light+0x2f7/0x440 [ 3047.776458] ? fget_raw+0x20/0x20 [ 3047.779936] ? __sb_end_write+0xac/0xe0 [ 3047.783943] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3047.789496] ? fput+0x130/0x1a0 [ 3047.792788] ? ksys_write+0x1ae/0x260 [ 3047.796609] ? security_file_ioctl+0x94/0xc0 [ 3047.801038] ksys_ioctl+0xa9/0xd0 [ 3047.804515] __x64_sys_ioctl+0x73/0xb0 [ 3047.808425] do_syscall_64+0x1b9/0x820 [ 3047.812328] ? syscall_slow_exit_work+0x500/0x500 [ 3047.817187] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3047.822134] ? syscall_return_slowpath+0x31d/0x5e0 [ 3047.827085] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe 14:36:08 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffffffffffff}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:08 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000300", 0xfff}) 14:36:08 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x0, &(0x7f0000000200)) 14:36:08 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3047.832473] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3047.837342] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3047.842542] RIP: 0033:0x455ab9 [ 3047.845759] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3047.860655] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3047.865166] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3047.865184] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3047.865192] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3047.865201] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3047.865209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3047.865217] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000030 [ 3047.917258] net_ratelimit: 2 callbacks suppressed [ 3047.917267] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:08 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') socket$inet_udplite(0x2, 0x2, 0x88) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:08 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:08 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:08 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xdc05) 14:36:08 executing program 2 (fault-call:7 fault-nth:49): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:08 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:08 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000500", 0xfff}) 14:36:08 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x10000000) 14:36:08 executing program 5: r0 = syz_open_dev$midi(&(0x7f0000000180)='/dev/midi#\x00', 0x35e, 0x4002) ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f00000001c0)) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/sctp\x00') preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000000)=0x0) getsockopt$inet_tcp_buf(r1, 0x6, 0x1f, &(0x7f0000000200)=""/84, &(0x7f0000000280)=0x54) syz_open_procfs$namespace(r2, &(0x7f0000000140)='ns/net\x00') getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f00000002c0), &(0x7f0000000300)=0x4) open_by_handle_at(r1, &(0x7f0000000080)={0x96, 0x8, "9d8bc83e2955d4a1a964bf7f2ec08622fddc31af9472d8eda01f82736594f3c8e47ebeb2b3bc888d1b1aeccd9282ff7fcc83430bbedc470321970fb79a1fc365363e88d4ead5c5d7bc61a877711329dc8dd1f2421114f188625085c5ca3fc5101b81f79dac6fb450e1536b2931bad33a4bf21a1a3d9761426c5efaf2232cb483c08ffe8bbacf66de54791dfa3e2c"}, 0x100) 14:36:08 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000bfddd9c2d00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:08 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3048.253154] FAULT_INJECTION: forcing a failure. [ 3048.253154] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3048.265152] CPU: 1 PID: 8586 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3048.272439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3048.281797] Call Trace: [ 3048.284401] dump_stack+0x1c9/0x2b4 [ 3048.288046] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3048.293686] ? lock_downgrade+0x8f0/0x8f0 [ 3048.297853] should_fail.cold.4+0xa/0x1a [ 3048.301930] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3048.307052] ? graph_lock+0x170/0x170 [ 3048.310865] ? is_bpf_text_address+0xd7/0x170 [ 3048.315382] ? find_held_lock+0x36/0x1c0 [ 3048.319462] ? __lock_is_held+0xb5/0x140 [ 3048.323552] ? check_same_owner+0x340/0x340 [ 3048.327900] ? rcu_note_context_switch+0x730/0x730 [ 3048.332852] __alloc_pages_nodemask+0x36e/0xdb0 [ 3048.337534] ? lock_downgrade+0x8f0/0x8f0 [ 3048.341708] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3048.346735] ? graph_lock+0x170/0x170 [ 3048.350545] ? __lock_is_held+0xb5/0x140 [ 3048.354615] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3048.359044] ? __lock_is_held+0xb5/0x140 [ 3048.363135] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3048.368778] alloc_pages_current+0x10c/0x210 [ 3048.373202] __get_free_pages+0xf/0x40 [ 3048.377107] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3048.381882] kvm_mmu_load+0x21/0x10e0 [ 3048.385703] vcpu_enter_guest+0x3aa6/0x6090 [ 3048.390036] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3048.394294] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3048.398983] ? vmx_vcpu_load+0xadf/0xff0 [ 3048.403067] ? __lock_acquire+0x7fc/0x5020 [ 3048.407317] ? vmx_vcpu_reset+0x1040/0x1040 [ 3048.411654] ? graph_lock+0x170/0x170 [ 3048.415470] ? __lock_acquire+0x7fc/0x5020 [ 3048.419730] ? __lock_is_held+0xb5/0x140 [ 3048.423815] ? lock_acquire+0x1e4/0x540 [ 3048.427798] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3048.432827] ? lock_release+0xa30/0xa30 [ 3048.436808] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3048.442095] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3048.446601] ? preempt_notifier_dec+0x20/0x20 [ 3048.447533] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3048.451109] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3048.451125] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3048.451147] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3048.458525] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3048.463325] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3048.463341] ? find_held_lock+0x36/0x1c0 [ 3048.463359] ? find_held_lock+0x36/0x1c0 [ 3048.463382] ? lock_downgrade+0x8f0/0x8f0 [ 3048.504761] ? kasan_check_read+0x11/0x20 [ 3048.508925] ? rcu_is_watching+0x8c/0x150 [ 3048.513084] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3048.517511] ? __fget+0x414/0x670 [ 3048.520984] ? find_held_lock+0x11/0x1c0 [ 3048.525055] ? expand_files.part.8+0x9c0/0x9c0 [ 3048.529653] ? kasan_check_write+0x14/0x20 [ 3048.533897] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3048.538846] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3048.544576] do_vfs_ioctl+0x1de/0x1720 [ 3048.548477] ? __lock_is_held+0xb5/0x140 [ 3048.552556] ? ioctl_preallocate+0x300/0x300 [ 3048.556970] ? __fget_light+0x2f7/0x440 [ 3048.560959] ? fget_raw+0x20/0x20 [ 3048.564423] ? __sb_end_write+0xac/0xe0 [ 3048.568406] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3048.574598] ? fput+0x130/0x1a0 [ 3048.577884] ? ksys_write+0x1ae/0x260 [ 3048.581688] ? security_file_ioctl+0x94/0xc0 [ 3048.586101] ksys_ioctl+0xa9/0xd0 [ 3048.589572] __x64_sys_ioctl+0x73/0xb0 [ 3048.593468] do_syscall_64+0x1b9/0x820 [ 3048.597364] ? syscall_slow_exit_work+0x500/0x500 14:36:08 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000200", 0xfff}) 14:36:08 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:08 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:08 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:08 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000400", 0xfff}) [ 3048.602223] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3048.607161] ? syscall_return_slowpath+0x31d/0x5e0 [ 3048.612117] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3048.619406] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3048.624271] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3048.629642] RIP: 0033:0x455ab9 [ 3048.632832] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3048.652172] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3048.659892] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3048.667164] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3048.674440] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3048.681716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3048.688993] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000031 14:36:09 executing program 2 (fault-call:7 fault-nth:50): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:09 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:09 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x4000000) 14:36:09 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:09 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:09 executing program 5: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x800, 0x0) inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x2) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:09 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000009effffff00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:09 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xaa00000000000000) 14:36:09 executing program 7: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x68) 14:36:09 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x20000, 0x0) write$binfmt_elf32(r0, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0xc01, 0x8001, 0x8, 0x5, 0x9, 0x3, 0x3f, 0xffff, 0x74, 0x38, 0xd9, 0xf6bd, 0x80000000, 0x20, 0x2, 0x6, 0x80000001, 0x9}, [{0x7, 0x1, 0x1, 0x80000000, 0x0, 0x5, 0x6, 0x8}, {0x1, 0x20, 0x0, 0x1, 0x7, 0x8, 0xff, 0x2}], "cc49e1d9ea61c027fe3e2a421079e5db3090af7dab7eaa7d88447cfeece8e49f4c19c26791f5b679a711c28a166b572412a7cb1353b2b45d8c3f17a76d07c14130aa8e5af0d4e762add0446403bdad67dee85f224797889f43df2fdbf9717cba753ddae339ac7569b66ffcd77b256c37da5e641926a95acdf6cf50d355c302b84669d44d7127153e09d752e7fc50797d2447abe3bfb76694bdc5fd", [[], [], [], [], [], [], [], []]}, 0x913) gettid() ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)) r1 = gettid() r2 = syz_open_procfs(r1, &(0x7f00000000c0)='net/wireless\x00') preadv(r2, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:09 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000fffffffffffff000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:09 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000200", 0xfff}) 14:36:09 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x400000000000000) 14:36:09 executing program 5: r0 = getpgid(0xffffffffffffffff) r1 = syz_open_procfs(r0, &(0x7f00000000c0)='net/wireless\x00') preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) [ 3048.986209] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3048.993729] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3049.025997] FAULT_INJECTION: forcing a failure. [ 3049.025997] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3049.037959] CPU: 1 PID: 8639 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3049.045240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3049.054596] Call Trace: [ 3049.057206] dump_stack+0x1c9/0x2b4 [ 3049.060854] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3049.066074] ? lock_downgrade+0x8f0/0x8f0 [ 3049.070250] should_fail.cold.4+0xa/0x1a [ 3049.074336] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3049.079457] ? graph_lock+0x170/0x170 14:36:09 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) poll(&(0x7f0000000000)=[{r0, 0x4018}, {r0, 0x20}, {r0, 0x400}, {r0}, {r0}], 0x5, 0x100000001) [ 3049.083286] ? is_bpf_text_address+0xd7/0x170 [ 3049.087802] ? find_held_lock+0x36/0x1c0 [ 3049.091885] ? __lock_is_held+0xb5/0x140 [ 3049.095971] ? check_same_owner+0x340/0x340 [ 3049.100307] ? rcu_note_context_switch+0x730/0x730 [ 3049.105260] __alloc_pages_nodemask+0x36e/0xdb0 [ 3049.109937] ? lock_downgrade+0x8f0/0x8f0 [ 3049.114105] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3049.119132] ? graph_lock+0x170/0x170 [ 3049.122950] ? __lock_is_held+0xb5/0x140 [ 3049.127023] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3049.131451] ? __lock_is_held+0xb5/0x140 14:36:09 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x1100000000000000) [ 3049.135547] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3049.141109] alloc_pages_current+0x10c/0x210 [ 3049.145536] __get_free_pages+0xf/0x40 [ 3049.149439] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3049.154219] kvm_mmu_load+0x21/0x10e0 [ 3049.158041] vcpu_enter_guest+0x3aa6/0x6090 [ 3049.162380] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3049.166638] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3049.171330] ? vmx_vcpu_load+0xadf/0xff0 [ 3049.175420] ? __lock_acquire+0x7fc/0x5020 [ 3049.179672] ? vmx_vcpu_reset+0x1040/0x1040 [ 3049.184013] ? graph_lock+0x170/0x170 [ 3049.187834] ? __lock_acquire+0x7fc/0x5020 [ 3049.192099] ? __lock_is_held+0xb5/0x140 [ 3049.196189] ? lock_acquire+0x1e4/0x540 [ 3049.200177] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3049.205212] ? lock_release+0xa30/0xa30 [ 3049.209191] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3049.214476] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3049.218982] ? preempt_notifier_dec+0x20/0x20 [ 3049.223498] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3049.228441] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3049.233485] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3049.237561] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3049.243282] ? find_held_lock+0x36/0x1c0 [ 3049.247364] ? find_held_lock+0x36/0x1c0 [ 3049.251441] ? lock_downgrade+0x8f0/0x8f0 [ 3049.255601] ? kasan_check_read+0x11/0x20 [ 3049.259765] ? rcu_is_watching+0x8c/0x150 [ 3049.263915] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3049.269047] ? __fget+0x414/0x670 [ 3049.272520] ? find_held_lock+0x11/0x1c0 [ 3049.276587] ? expand_files.part.8+0x9c0/0x9c0 [ 3049.281177] ? kasan_check_write+0x14/0x20 [ 3049.285423] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3049.290373] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3049.296097] do_vfs_ioctl+0x1de/0x1720 [ 3049.299998] ? __lock_is_held+0xb5/0x140 [ 3049.304161] ? ioctl_preallocate+0x300/0x300 [ 3049.308580] ? __fget_light+0x2f7/0x440 [ 3049.312564] ? fget_raw+0x20/0x20 [ 3049.316030] ? __sb_end_write+0xac/0xe0 [ 3049.320020] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3049.325562] ? fput+0x130/0x1a0 [ 3049.328851] ? ksys_write+0x1ae/0x260 [ 3049.332663] ? security_file_ioctl+0x94/0xc0 [ 3049.337085] ksys_ioctl+0xa9/0xd0 [ 3049.340548] __x64_sys_ioctl+0x73/0xb0 [ 3049.344449] do_syscall_64+0x1b9/0x820 [ 3049.348341] ? syscall_slow_exit_work+0x500/0x500 [ 3049.353192] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3049.358136] ? syscall_return_slowpath+0x31d/0x5e0 [ 3049.363082] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3049.368463] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3049.373349] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3049.378549] RIP: 0033:0x455ab9 [ 3049.381739] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3049.401083] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3049.408784] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3049.416043] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3049.423305] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3049.430563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 14:36:09 executing program 2 (fault-call:7 fault-nth:51): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:09 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00`\x00', 0xfff}) 14:36:09 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000040)=0xd59) pipe(&(0x7f0000000000)) 14:36:09 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c0], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:09 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xaa) 14:36:09 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x60000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:09 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:09 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000000300"}}}]}, 0x138}, 0x1}, 0x0) [ 3049.437819] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000032 14:36:09 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xdc05000000000000) [ 3049.551893] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3049.559384] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:10 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40030000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:10 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000000f00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:10 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x3, 0xb9}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000000c0)={r1, 0x80000000}, &(0x7f0000000100)=0x8) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:10 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x700}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:10 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xffffff7f) 14:36:10 executing program 5: openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) [ 3049.749485] netlink: 'syz-executor7': attribute type 39 has an invalid length. 14:36:10 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3050.058427] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3050.073427] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3050.080887] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3050.173904] FAULT_INJECTION: forcing a failure. [ 3050.173904] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3050.186010] CPU: 1 PID: 8711 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3050.193304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3050.202664] Call Trace: [ 3050.205268] dump_stack+0x1c9/0x2b4 [ 3050.208919] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3050.214131] ? lock_downgrade+0x8f0/0x8f0 [ 3050.218291] should_fail.cold.4+0xa/0x1a [ 3050.222368] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3050.227496] ? graph_lock+0x170/0x170 [ 3050.231314] ? is_bpf_text_address+0xd7/0x170 [ 3050.235828] ? find_held_lock+0x36/0x1c0 [ 3050.239909] ? __lock_is_held+0xb5/0x140 [ 3050.244019] ? check_same_owner+0x340/0x340 [ 3050.248349] ? rcu_note_context_switch+0x730/0x730 [ 3050.253286] __alloc_pages_nodemask+0x36e/0xdb0 [ 3050.257950] ? lock_downgrade+0x8f0/0x8f0 [ 3050.262088] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3050.267111] ? graph_lock+0x170/0x170 [ 3050.270895] ? __lock_is_held+0xb5/0x140 [ 3050.274941] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3050.279356] ? __lock_is_held+0xb5/0x140 [ 3050.283414] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3050.288951] alloc_pages_current+0x10c/0x210 [ 3050.293348] __get_free_pages+0xf/0x40 [ 3050.297223] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3050.301982] kvm_mmu_load+0x21/0x10e0 [ 3050.305783] ? vcpu_enter_guest+0x298c/0x6090 [ 3050.310270] vcpu_enter_guest+0x3aa6/0x6090 [ 3050.314596] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3050.319256] ? vmx_vcpu_load+0xadf/0xff0 [ 3050.323305] ? __lock_acquire+0x7fc/0x5020 [ 3050.327533] ? vmx_vcpu_reset+0x1040/0x1040 [ 3050.331851] ? graph_lock+0x170/0x170 [ 3050.335637] ? __lock_acquire+0x7fc/0x5020 [ 3050.339877] ? __lock_is_held+0xb5/0x140 [ 3050.343930] ? lock_acquire+0x1e4/0x540 [ 3050.347887] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3050.352926] ? lock_release+0xa30/0xa30 [ 3050.356899] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3050.362159] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3050.366640] ? preempt_notifier_dec+0x20/0x20 [ 3050.371126] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3050.375964] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3050.380968] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3050.385021] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3050.390735] ? find_held_lock+0x36/0x1c0 [ 3050.394794] ? find_held_lock+0x36/0x1c0 [ 3050.398848] ? lock_downgrade+0x8f0/0x8f0 [ 3050.402983] ? kasan_check_read+0x11/0x20 [ 3050.407117] ? rcu_is_watching+0x8c/0x150 [ 3050.411247] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3050.415661] ? __fget+0x414/0x670 [ 3050.419100] ? find_held_lock+0x11/0x1c0 [ 3050.423156] ? expand_files.part.8+0x9c0/0x9c0 [ 3050.427722] ? kasan_check_write+0x14/0x20 [ 3050.431946] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3050.436864] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3050.442561] do_vfs_ioctl+0x1de/0x1720 [ 3050.446432] ? __lock_is_held+0xb5/0x140 [ 3050.450477] ? ioctl_preallocate+0x300/0x300 [ 3050.454869] ? __fget_light+0x2f7/0x440 [ 3050.458825] ? fget_raw+0x20/0x20 [ 3050.462264] ? __sb_end_write+0xac/0xe0 [ 3050.466221] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3050.471742] ? fput+0x130/0x1a0 [ 3050.475009] ? ksys_write+0x1ae/0x260 [ 3050.478805] ? security_file_ioctl+0x94/0xc0 [ 3050.483198] ksys_ioctl+0xa9/0xd0 [ 3050.486635] __x64_sys_ioctl+0x73/0xb0 [ 3050.490520] do_syscall_64+0x1b9/0x820 [ 3050.494474] ? syscall_slow_exit_work+0x500/0x500 [ 3050.499313] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3050.504226] ? syscall_return_slowpath+0x31d/0x5e0 [ 3050.509141] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3050.514488] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3050.519316] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3050.524487] RIP: 0033:0x455ab9 [ 3050.527666] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3050.546848] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3050.554548] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3050.561801] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:10 executing program 2 (fault-call:7 fault-nth:52): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:10 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x1000000) 14:36:10 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:10 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000f00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:10 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') ioctl$SG_GET_SCSI_ID(r0, 0x2276, &(0x7f0000000000)) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xfffffffffffffee9}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:10 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:10 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00 \x00', 0xfff}) 14:36:10 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x60000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3050.569059] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3050.576316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3050.583571] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000033 14:36:11 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x9) 14:36:11 executing program 5: gettid() getpgrp(0xffffffffffffffff) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000080)='net/wireless\x00') preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) [ 3050.680922] netlink: 'syz-executor7': attribute type 39 has an invalid length. [ 3050.688413] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:11 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000200"}}}]}, 0x138}, 0x1}, 0x0) [ 3050.743759] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:11 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xffff000000000000) [ 3050.851697] FAULT_INJECTION: forcing a failure. [ 3050.851697] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3050.863645] CPU: 1 PID: 8752 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3050.870956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3050.880322] Call Trace: [ 3050.882933] dump_stack+0x1c9/0x2b4 [ 3050.886580] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3050.891788] ? lock_downgrade+0x8f0/0x8f0 [ 3050.895961] should_fail.cold.4+0xa/0x1a 14:36:11 executing program 7 (fault-call:6 fault-nth:0): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) [ 3050.900046] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3050.905166] ? graph_lock+0x170/0x170 [ 3050.908986] ? is_bpf_text_address+0xd7/0x170 [ 3050.913505] ? find_held_lock+0x36/0x1c0 [ 3050.917589] ? __lock_is_held+0xb5/0x140 [ 3050.921674] ? check_same_owner+0x340/0x340 [ 3050.926023] ? rcu_note_context_switch+0x730/0x730 [ 3050.930981] __alloc_pages_nodemask+0x36e/0xdb0 [ 3050.935673] ? lock_downgrade+0x8f0/0x8f0 [ 3050.942538] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3050.947578] ? graph_lock+0x170/0x170 [ 3050.951400] ? __lock_is_held+0xb5/0x140 [ 3050.955476] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3050.959921] ? __lock_is_held+0xb5/0x140 [ 3050.964012] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3050.969574] alloc_pages_current+0x10c/0x210 [ 3050.974001] __get_free_pages+0xf/0x40 [ 3050.977905] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3050.979565] FAULT_INJECTION: forcing a failure. [ 3050.979565] name failslab, interval 1, probability 0, space 0, times 0 [ 3050.982770] kvm_mmu_load+0x21/0x10e0 [ 3050.982799] vcpu_enter_guest+0x3aa6/0x6090 [ 3050.982823] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3051.006401] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3051.011070] ? vmx_vcpu_load+0xadf/0xff0 [ 3051.015130] ? __lock_acquire+0x7fc/0x5020 [ 3051.019364] ? vmx_vcpu_reset+0x1040/0x1040 [ 3051.023697] ? graph_lock+0x170/0x170 [ 3051.027495] ? __lock_acquire+0x7fc/0x5020 [ 3051.031740] ? __lock_is_held+0xb5/0x140 [ 3051.035796] ? lock_acquire+0x1e4/0x540 [ 3051.039762] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3051.044796] ? lock_release+0xa30/0xa30 [ 3051.048770] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3051.054040] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3051.058529] ? preempt_notifier_dec+0x20/0x20 [ 3051.063033] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3051.067873] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3051.072890] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3051.076950] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3051.082657] ? find_held_lock+0x36/0x1c0 [ 3051.086719] ? find_held_lock+0x36/0x1c0 [ 3051.090784] ? lock_downgrade+0x8f0/0x8f0 [ 3051.094950] ? kasan_check_read+0x11/0x20 [ 3051.099089] ? rcu_is_watching+0x8c/0x150 [ 3051.103227] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3051.107639] ? __fget+0x414/0x670 [ 3051.111087] ? find_held_lock+0x11/0x1c0 [ 3051.115141] ? expand_files.part.8+0x9c0/0x9c0 [ 3051.119718] ? kasan_check_write+0x14/0x20 [ 3051.123944] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3051.129139] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3051.134845] do_vfs_ioctl+0x1de/0x1720 [ 3051.138821] ? __lock_is_held+0xb5/0x140 [ 3051.142878] ? ioctl_preallocate+0x300/0x300 [ 3051.147282] ? __fget_light+0x2f7/0x440 [ 3051.151247] ? fget_raw+0x20/0x20 [ 3051.154697] ? __sb_end_write+0xac/0xe0 [ 3051.158667] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3051.164196] ? fput+0x130/0x1a0 [ 3051.167469] ? ksys_write+0x1ae/0x260 [ 3051.171278] ? security_file_ioctl+0x94/0xc0 [ 3051.175684] ksys_ioctl+0xa9/0xd0 [ 3051.179138] __x64_sys_ioctl+0x73/0xb0 [ 3051.183020] do_syscall_64+0x1b9/0x820 [ 3051.186903] ? syscall_slow_exit_work+0x500/0x500 [ 3051.191740] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3051.196680] ? syscall_return_slowpath+0x31d/0x5e0 [ 3051.201610] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3051.206977] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3051.211819] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3051.216998] RIP: 0033:0x455ab9 [ 3051.220175] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3051.239500] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3051.247212] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3051.254472] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3051.261737] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3051.268997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3051.276259] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000034 [ 3051.283538] CPU: 0 PID: 8773 Comm: syz-executor7 Not tainted 4.18.0-rc5+ #154 [ 3051.290846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3051.300206] Call Trace: [ 3051.302812] dump_stack+0x1c9/0x2b4 [ 3051.306458] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3051.311677] should_fail.cold.4+0xa/0x1a [ 3051.315762] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3051.320885] ? trace_hardirqs_on+0x10/0x10 [ 3051.325146] ? find_held_lock+0x36/0x1c0 [ 3051.329236] ? check_same_owner+0x340/0x340 [ 3051.333577] ? rcu_note_context_switch+0x730/0x730 [ 3051.338526] __should_failslab+0x124/0x180 [ 3051.342776] should_failslab+0x9/0x14 [ 3051.346595] kmem_cache_alloc+0x2af/0x760 [ 3051.350761] ? __lock_acquire+0x7fc/0x5020 [ 3051.355009] ? _parse_integer+0x190/0x190 [ 3051.359170] ioctx_alloc+0x21f/0x2400 [ 3051.362993] ? trace_hardirqs_on+0x10/0x10 [ 3051.367239] ? free_ioctx_users+0x700/0x700 [ 3051.371576] ? lock_downgrade+0x8f0/0x8f0 [ 3051.375743] ? find_held_lock+0x36/0x1c0 [ 3051.379824] ? lock_downgrade+0x8f0/0x8f0 [ 3051.383964] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3051.389489] ? proc_fail_nth_write+0x9e/0x210 [ 3051.393971] ? proc_cwd_link+0x1d0/0x1d0 [ 3051.398289] ? graph_lock+0x170/0x170 [ 3051.402080] ? find_held_lock+0x36/0x1c0 [ 3051.406129] ? kasan_check_write+0x14/0x20 [ 3051.410347] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3051.415261] ? find_held_lock+0x36/0x1c0 [ 3051.419316] ? lock_downgrade+0x8f0/0x8f0 [ 3051.423450] ? lock_release+0xa30/0xa30 [ 3051.427428] ? check_same_owner+0x340/0x340 [ 3051.431739] ? __sb_end_write+0xac/0xe0 [ 3051.435712] __x64_sys_io_setup+0x111/0x4b0 [ 3051.440022] ? exit_aio+0x560/0x560 [ 3051.443651] ? do_syscall_64+0x9a/0x820 [ 3051.447615] do_syscall_64+0x1b9/0x820 [ 3051.451489] ? finish_task_switch+0x1d3/0x870 [ 3051.455971] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3051.460896] ? syscall_return_slowpath+0x31d/0x5e0 [ 3051.465840] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3051.471196] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3051.476036] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3051.481227] RIP: 0033:0x455ab9 [ 3051.484408] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:36:11 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:11 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf00000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:11 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc006000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3051.503638] RSP: 002b:00007f5bafce9c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 3051.511336] RAX: ffffffffffffffda RBX: 00007f5bafcea6d4 RCX: 0000000000455ab9 [ 3051.518592] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000800 [ 3051.525844] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3051.533105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 3051.540358] R13: 00000000004bc519 R14: 00000000004cab28 R15: 0000000000000000 14:36:12 executing program 2 (fault-call:7 fault-nth:53): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:12 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/nfsfs\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x8, 0x5}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@assoc_value={r1, 0x8}, 0x8) 14:36:12 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:12 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x100000000000000) 14:36:12 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000000000ffffff", 0xfff}) 14:36:12 executing program 7 (fault-call:6 fault-nth:1): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) [ 3051.663604] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:12 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f0000000000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x2, 0x0) 14:36:12 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:12 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xfe80000000000000) 14:36:12 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000100279c", 0xfff}) 14:36:12 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000300"}}}]}, 0x138}, 0x1}, 0x0) 14:36:12 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:12 executing program 5: getresgid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000180)=0xc) r2 = syz_open_procfs(r1, &(0x7f0000000080)='net/wireless\x00') preadv(r2, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:12 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf9030000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3052.000389] FAULT_INJECTION: forcing a failure. [ 3052.000389] name failslab, interval 1, probability 0, space 0, times 0 [ 3052.012121] CPU: 0 PID: 8810 Comm: syz-executor7 Not tainted 4.18.0-rc5+ #154 [ 3052.019409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3052.028780] Call Trace: [ 3052.031387] dump_stack+0x1c9/0x2b4 [ 3052.035035] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3052.040256] should_fail.cold.4+0xa/0x1a [ 3052.044345] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3052.049477] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3052.055025] ? find_next_zero_bit+0x111/0x140 [ 3052.059542] ? graph_lock+0x170/0x170 [ 3052.063366] ? find_held_lock+0x36/0x1c0 [ 3052.067443] ? __lock_is_held+0xb5/0x140 [ 3052.071530] ? check_same_owner+0x340/0x340 [ 3052.075870] ? rcu_note_context_switch+0x730/0x730 [ 3052.080816] __should_failslab+0x124/0x180 [ 3052.085066] should_failslab+0x9/0x14 [ 3052.088877] kmem_cache_alloc+0x2af/0x760 [ 3052.093039] ? debug_mutex_init+0x2d/0x60 [ 3052.097200] ? __mutex_init+0x1f7/0x290 14:36:12 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:12 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000000000500"}}}]}, 0x138}, 0x1}, 0x0) [ 3052.101196] alloc_inode+0xb2/0x190 [ 3052.104844] new_inode_pseudo+0x71/0x1a0 [ 3052.108922] ? prune_icache_sb+0x1b0/0x1b0 [ 3052.113173] ? kill_ioctx+0x4d0/0x4d0 [ 3052.116994] ? percpu_ref_noop_confirm_switch+0x10/0x10 [ 3052.122376] alloc_anon_inode+0x22/0x3b0 [ 3052.126456] ? __alloc_percpu+0x24/0x30 [ 3052.130458] ioctx_alloc+0x658/0x2400 [ 3052.132911] validate_nla: 2 callbacks suppressed [ 3052.132920] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3052.134278] ? free_ioctx_users+0x700/0x700 [ 3052.134313] ? lock_downgrade+0x8f0/0x8f0 [ 3052.134335] ? find_held_lock+0x36/0x1c0 [ 3052.139568] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3052.146875] ? lock_downgrade+0x8f0/0x8f0 [ 3052.146893] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3052.146911] ? proc_fail_nth_write+0x9e/0x210 [ 3052.187943] ? proc_cwd_link+0x1d0/0x1d0 [ 3052.192981] ? graph_lock+0x170/0x170 [ 3052.196853] ? find_held_lock+0x36/0x1c0 [ 3052.200965] ? kasan_check_write+0x14/0x20 [ 3052.205213] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3052.210153] ? find_held_lock+0x36/0x1c0 [ 3052.214219] ? lock_downgrade+0x8f0/0x8f0 [ 3052.218366] ? lock_release+0xa30/0xa30 [ 3052.222333] ? check_same_owner+0x340/0x340 [ 3052.226657] ? __sb_end_write+0xac/0xe0 [ 3052.230806] __x64_sys_io_setup+0x111/0x4b0 [ 3052.235115] ? exit_aio+0x560/0x560 [ 3052.238733] ? do_syscall_64+0x9a/0x820 [ 3052.242696] do_syscall_64+0x1b9/0x820 [ 3052.246567] ? finish_task_switch+0x1d3/0x870 [ 3052.251050] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3052.255966] ? syscall_return_slowpath+0x31d/0x5e0 [ 3052.260886] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3052.266240] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3052.271073] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3052.276245] RIP: 0033:0x455ab9 [ 3052.279424] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3052.298647] RSP: 002b:00007f5bafce9c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 3052.306341] RAX: ffffffffffffffda RBX: 00007f5bafcea6d4 RCX: 0000000000455ab9 [ 3052.313607] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000800 [ 3052.320860] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3052.328113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 3052.335368] R13: 00000000004bc519 R14: 00000000004cab28 R15: 0000000000000001 [ 3052.364985] FAULT_INJECTION: forcing a failure. [ 3052.364985] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3052.377006] CPU: 1 PID: 8806 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3052.384296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3052.393679] Call Trace: [ 3052.396283] dump_stack+0x1c9/0x2b4 [ 3052.399927] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3052.405154] ? lock_downgrade+0x8f0/0x8f0 [ 3052.409338] should_fail.cold.4+0xa/0x1a [ 3052.413425] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3052.418555] ? graph_lock+0x170/0x170 [ 3052.422375] ? is_bpf_text_address+0xd7/0x170 [ 3052.426896] ? find_held_lock+0x36/0x1c0 [ 3052.430978] ? __lock_is_held+0xb5/0x140 [ 3052.435070] ? check_same_owner+0x340/0x340 [ 3052.439423] ? rcu_note_context_switch+0x730/0x730 [ 3052.444383] __alloc_pages_nodemask+0x36e/0xdb0 [ 3052.449070] ? lock_downgrade+0x8f0/0x8f0 [ 3052.453250] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3052.458290] ? graph_lock+0x170/0x170 [ 3052.462111] ? __lock_is_held+0xb5/0x140 [ 3052.466190] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3052.470675] ? __lock_is_held+0xb5/0x140 [ 3052.474772] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3052.480324] alloc_pages_current+0x10c/0x210 [ 3052.484746] __get_free_pages+0xf/0x40 [ 3052.488896] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3052.493657] kvm_mmu_load+0x21/0x10e0 [ 3052.497456] ? vcpu_enter_guest+0x298c/0x6090 [ 3052.501944] vcpu_enter_guest+0x3aa6/0x6090 [ 3052.506259] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3052.510916] ? vmx_vcpu_load+0xadf/0xff0 [ 3052.515025] ? __lock_acquire+0x7fc/0x5020 [ 3052.519254] ? vmx_vcpu_reset+0x1040/0x1040 [ 3052.523579] ? graph_lock+0x170/0x170 [ 3052.527377] ? __lock_acquire+0x7fc/0x5020 [ 3052.531607] ? __lock_is_held+0xb5/0x140 [ 3052.535658] ? lock_acquire+0x1e4/0x540 [ 3052.539629] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3052.544642] ? lock_release+0xa30/0xa30 [ 3052.548622] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3052.553889] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3052.558376] ? preempt_notifier_dec+0x20/0x20 [ 3052.562868] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3052.567700] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3052.573435] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3052.577488] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3052.583188] ? find_held_lock+0x36/0x1c0 [ 3052.587275] ? find_held_lock+0x36/0x1c0 [ 3052.591336] ? lock_downgrade+0x8f0/0x8f0 [ 3052.595487] ? kasan_check_read+0x11/0x20 [ 3052.599622] ? rcu_is_watching+0x8c/0x150 [ 3052.603765] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3052.608178] ? __fget+0x414/0x670 [ 3052.611634] ? find_held_lock+0x11/0x1c0 [ 3052.615683] ? expand_files.part.8+0x9c0/0x9c0 [ 3052.620273] ? kasan_check_write+0x14/0x20 [ 3052.624499] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3052.629436] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3052.635139] do_vfs_ioctl+0x1de/0x1720 [ 3052.639025] ? __lock_is_held+0xb5/0x140 [ 3052.643082] ? ioctl_preallocate+0x300/0x300 [ 3052.647480] ? __fget_light+0x2f7/0x440 [ 3052.651443] ? fget_raw+0x20/0x20 [ 3052.654890] ? __sb_end_write+0xac/0xe0 [ 3052.658860] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3052.664384] ? fput+0x130/0x1a0 [ 3052.667651] ? ksys_write+0x1ae/0x260 [ 3052.671444] ? security_file_ioctl+0x94/0xc0 [ 3052.675846] ksys_ioctl+0xa9/0xd0 [ 3052.679297] __x64_sys_ioctl+0x73/0xb0 [ 3052.683186] do_syscall_64+0x1b9/0x820 [ 3052.687090] ? syscall_slow_exit_work+0x500/0x500 [ 3052.691932] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3052.696858] ? syscall_return_slowpath+0x31d/0x5e0 [ 3052.703009] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3052.708384] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3052.713229] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3052.718417] RIP: 0033:0x455ab9 [ 3052.721590] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3052.740840] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3052.748541] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3052.755802] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:13 executing program 2 (fault-call:7 fault-nth:54): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:13 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000000)={'bridge0\x00', 0x8001}) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:13 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x4000) 14:36:13 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:13 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:13 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000000000ffffff", 0xfff}) 14:36:13 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:13 executing program 7 (fault-call:6 fault-nth:2): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) [ 3052.763058] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3052.770317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3052.777571] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000035 14:36:13 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xdc050000) 14:36:13 executing program 5: gettid() socket$nl_xfrm(0x10, 0x3, 0x6) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x80, 0x0) accept$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000100)=0x1c) r0 = socket$inet(0x2, 0x807, 0x101) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000180)=0x0) r2 = syz_open_procfs(r1, &(0x7f0000000080)='net/wireless\x00') preadv(r2, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:13 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000000000400"}}}]}, 0x138}, 0x1}, 0x0) [ 3053.001487] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3053.009009] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:13 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x3f000000) [ 3053.107398] FAULT_INJECTION: forcing a failure. [ 3053.107398] name failslab, interval 1, probability 0, space 0, times 0 [ 3053.118733] CPU: 1 PID: 8859 Comm: syz-executor7 Not tainted 4.18.0-rc5+ #154 [ 3053.126018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3053.135414] Call Trace: [ 3053.138023] dump_stack+0x1c9/0x2b4 [ 3053.141669] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3053.146875] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3053.151316] should_fail.cold.4+0xa/0x1a [ 3053.155401] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3053.160519] ? __kernel_text_address+0xd/0x40 [ 3053.165035] ? unwind_get_return_address+0x61/0xa0 [ 3053.169995] ? graph_lock+0x170/0x170 [ 3053.173823] ? find_held_lock+0x36/0x1c0 [ 3053.177934] ? __lock_is_held+0xb5/0x140 [ 3053.182068] ? check_same_owner+0x340/0x340 [ 3053.186767] ? print_usage_bug+0xc0/0xc0 [ 3053.190848] ? rcu_note_context_switch+0x730/0x730 [ 3053.196236] __should_failslab+0x124/0x180 [ 3053.200499] should_failslab+0x9/0x14 [ 3053.204318] kmem_cache_alloc+0x2af/0x760 [ 3053.208834] ? lock_release+0xa30/0xa30 [ 3053.212925] __d_alloc+0xc8/0xd50 [ 3053.216404] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 3053.221440] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3053.226480] ? ktime_get_coarse_real_ts64+0x243/0x3a0 [ 3053.231715] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3053.237273] ? timespec64_trunc+0xea/0x180 [ 3053.241524] ? inode_init_owner+0x340/0x340 [ 3053.245862] ? do_raw_spin_lock+0xc1/0x200 [ 3053.250182] ? current_time+0x131/0x1b0 [ 3053.254191] ? timespec64_trunc+0x180/0x180 [ 3053.258534] ? percpu_ref_noop_confirm_switch+0x10/0x10 [ 3053.263911] d_alloc_pseudo+0x1d/0x30 [ 3053.267737] ioctx_alloc+0x7de/0x2400 [ 3053.271563] ? free_ioctx_users+0x700/0x700 [ 3053.272491] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3053.275892] ? lock_downgrade+0x8f0/0x8f0 [ 3053.275917] ? find_held_lock+0x36/0x1c0 [ 3053.275944] ? lock_downgrade+0x8f0/0x8f0 [ 3053.275964] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3053.275986] ? proc_fail_nth_write+0x9e/0x210 [ 3053.283382] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3053.287490] ? proc_cwd_link+0x1d0/0x1d0 [ 3053.287509] ? graph_lock+0x170/0x170 [ 3053.287529] ? find_held_lock+0x36/0x1c0 [ 3053.331952] ? kasan_check_write+0x14/0x20 [ 3053.336173] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3053.341090] ? find_held_lock+0x36/0x1c0 [ 3053.345159] ? lock_downgrade+0x8f0/0x8f0 [ 3053.349296] ? lock_release+0xa30/0xa30 [ 3053.353267] ? check_same_owner+0x340/0x340 [ 3053.357573] ? __sb_end_write+0xac/0xe0 [ 3053.361544] __x64_sys_io_setup+0x111/0x4b0 [ 3053.365853] ? exit_aio+0x560/0x560 [ 3053.369467] ? do_syscall_64+0x9a/0x820 [ 3053.373439] do_syscall_64+0x1b9/0x820 [ 3053.377310] ? finish_task_switch+0x1d3/0x870 [ 3053.381794] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3053.386710] ? syscall_return_slowpath+0x31d/0x5e0 [ 3053.391629] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3053.396982] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3053.401824] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3053.406998] RIP: 0033:0x455ab9 [ 3053.410171] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3053.429392] RSP: 002b:00007f5bafce9c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 3053.437089] RAX: ffffffffffffffda RBX: 00007f5bafcea6d4 RCX: 0000000000455ab9 [ 3053.444341] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000800 [ 3053.451592] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 14:36:13 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:13 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x81000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:13 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000002d9cddfd0b00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:13 executing program 5: fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000000)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00') fcntl$notify(r1, 0x402, 0xe5237dde7697b6e0) preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) [ 3053.458853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 3053.466105] R13: 00000000004bc519 R14: 00000000004cab28 R15: 0000000000000002 [ 3053.583888] FAULT_INJECTION: forcing a failure. [ 3053.583888] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3053.595891] CPU: 1 PID: 8865 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3053.603176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3053.612626] Call Trace: [ 3053.615239] dump_stack+0x1c9/0x2b4 [ 3053.618888] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3053.625230] ? lock_downgrade+0x8f0/0x8f0 [ 3053.629405] should_fail.cold.4+0xa/0x1a [ 3053.633498] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3053.638624] ? graph_lock+0x170/0x170 [ 3053.642450] ? is_bpf_text_address+0xd7/0x170 [ 3053.646971] ? find_held_lock+0x36/0x1c0 [ 3053.651056] ? __lock_is_held+0xb5/0x140 [ 3053.655155] ? check_same_owner+0x340/0x340 [ 3053.659585] ? rcu_note_context_switch+0x730/0x730 [ 3053.664534] __alloc_pages_nodemask+0x36e/0xdb0 [ 3053.669205] ? lock_downgrade+0x8f0/0x8f0 [ 3053.673350] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3053.678360] ? graph_lock+0x170/0x170 [ 3053.682151] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3053.686552] ? lock_downgrade+0x8f0/0x8f0 [ 3053.690699] ? __lock_is_held+0xb5/0x140 [ 3053.694759] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3053.700297] alloc_pages_current+0x10c/0x210 [ 3053.704705] __get_free_pages+0xf/0x40 [ 3053.708584] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3053.713334] kvm_mmu_load+0x21/0x10e0 [ 3053.717129] ? vcpu_enter_guest+0x298c/0x6090 [ 3053.721626] vcpu_enter_guest+0x3aa6/0x6090 [ 3053.725955] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3053.730613] ? vmx_vcpu_load+0xadf/0xff0 [ 3053.734676] ? __lock_acquire+0x7fc/0x5020 [ 3053.738917] ? vmx_vcpu_reset+0x1040/0x1040 [ 3053.743246] ? graph_lock+0x170/0x170 [ 3053.747043] ? __lock_acquire+0x7fc/0x5020 [ 3053.751707] ? __lock_is_held+0xb5/0x140 [ 3053.755766] ? lock_acquire+0x1e4/0x540 [ 3053.759725] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3053.764730] ? lock_release+0xa30/0xa30 [ 3053.768688] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3053.773971] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3053.778481] ? preempt_notifier_dec+0x20/0x20 [ 3053.782983] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3053.787827] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3053.792972] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3053.797034] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3053.802734] ? find_held_lock+0x36/0x1c0 [ 3053.806787] ? find_held_lock+0x36/0x1c0 [ 3053.810840] ? lock_downgrade+0x8f0/0x8f0 [ 3053.814985] ? kasan_check_read+0x11/0x20 [ 3053.819126] ? rcu_is_watching+0x8c/0x150 [ 3053.823263] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3053.827660] ? __fget+0x414/0x670 [ 3053.831114] ? find_held_lock+0x11/0x1c0 [ 3053.835161] ? expand_files.part.8+0x9c0/0x9c0 [ 3053.839728] ? kasan_check_write+0x14/0x20 [ 3053.843960] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3053.848879] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3053.854586] do_vfs_ioctl+0x1de/0x1720 [ 3053.858470] ? __lock_is_held+0xb5/0x140 [ 3053.862529] ? ioctl_preallocate+0x300/0x300 [ 3053.866929] ? __fget_light+0x2f7/0x440 [ 3053.870902] ? fget_raw+0x20/0x20 [ 3053.874347] ? __sb_end_write+0xac/0xe0 [ 3053.878321] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3053.883860] ? fput+0x130/0x1a0 [ 3053.887144] ? ksys_write+0x1ae/0x260 [ 3053.891044] ? security_file_ioctl+0x94/0xc0 [ 3053.895464] ksys_ioctl+0xa9/0xd0 [ 3053.898904] __x64_sys_ioctl+0x73/0xb0 [ 3053.902798] do_syscall_64+0x1b9/0x820 [ 3053.906762] ? syscall_slow_exit_work+0x500/0x500 [ 3053.911593] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3053.916506] ? syscall_return_slowpath+0x31d/0x5e0 [ 3053.921444] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3053.926800] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3053.931634] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3053.936814] RIP: 0033:0x455ab9 [ 3053.939987] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3053.960680] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3053.968377] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3053.975632] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:14 executing program 2 (fault-call:7 fault-nth:55): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:14 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2904000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:14 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000fffffff500", 0xfff}) 14:36:14 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffffff}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:14 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x3f00) 14:36:14 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000f0ffff00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:14 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') write$P9_RMKDIR(r0, &(0x7f0000000000)={0x14, 0x49, 0x2, {0x0, 0x1, 0x4}}, 0x14) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) read(r0, &(0x7f0000000180)=""/19, 0xfffffffffffffeab) r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$get_security(0x11, r1, &(0x7f0000000140)=""/45, 0x2d) 14:36:14 executing program 7 (fault-call:6 fault-nth:3): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) [ 3053.982888] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3053.990142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3053.997400] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000036 14:36:14 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x3f00000000000000) 14:36:14 executing program 5: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f00000000c0)=0xc) r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/ip_vs_stats\x00') preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:14 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:14 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3054.195905] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3054.203403] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3054.240932] FAULT_INJECTION: forcing a failure. [ 3054.240932] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3054.252878] CPU: 1 PID: 8916 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3054.260161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3054.269525] Call Trace: [ 3054.272134] dump_stack+0x1c9/0x2b4 [ 3054.272224] FAULT_INJECTION: forcing a failure. [ 3054.272224] name failslab, interval 1, probability 0, space 0, times 0 [ 3054.275773] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3054.275795] ? lock_downgrade+0x8f0/0x8f0 [ 3054.275823] should_fail.cold.4+0xa/0x1a [ 3054.300374] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3054.305483] ? graph_lock+0x170/0x170 [ 3054.309282] ? is_bpf_text_address+0xd7/0x170 [ 3054.313777] ? find_held_lock+0x36/0x1c0 [ 3054.317847] ? __lock_is_held+0xb5/0x140 [ 3054.321913] ? check_same_owner+0x340/0x340 [ 3054.326235] ? rcu_note_context_switch+0x730/0x730 [ 3054.331173] __alloc_pages_nodemask+0x36e/0xdb0 [ 3054.335839] ? lock_downgrade+0x8f0/0x8f0 [ 3054.339986] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3054.344997] ? graph_lock+0x170/0x170 [ 3054.348795] ? __lock_is_held+0xb5/0x140 [ 3054.352848] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3054.357263] ? __lock_is_held+0xb5/0x140 [ 3054.361343] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3054.366890] alloc_pages_current+0x10c/0x210 [ 3054.371296] __get_free_pages+0xf/0x40 [ 3054.375178] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3054.379935] kvm_mmu_load+0x21/0x10e0 [ 3054.383740] vcpu_enter_guest+0x3aa6/0x6090 [ 3054.388062] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3054.392300] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3054.396977] ? vmx_vcpu_load+0xadf/0xff0 [ 3054.401037] ? __lock_acquire+0x7fc/0x5020 [ 3054.405268] ? vmx_vcpu_reset+0x1040/0x1040 [ 3054.409583] ? graph_lock+0x170/0x170 [ 3054.413380] ? __lock_acquire+0x7fc/0x5020 [ 3054.417621] ? __lock_is_held+0xb5/0x140 [ 3054.421684] ? lock_acquire+0x1e4/0x540 [ 3054.425653] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3054.430670] ? lock_release+0xa30/0xa30 [ 3054.434637] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3054.439911] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3054.444400] ? preempt_notifier_dec+0x20/0x20 [ 3054.448911] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3054.453749] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3054.458772] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3054.462832] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3054.468538] ? find_held_lock+0x36/0x1c0 [ 3054.472602] ? find_held_lock+0x36/0x1c0 [ 3054.476669] ? lock_downgrade+0x8f0/0x8f0 [ 3054.480821] ? kasan_check_read+0x11/0x20 [ 3054.484962] ? rcu_is_watching+0x8c/0x150 [ 3054.489106] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3054.493530] ? __fget+0x414/0x670 [ 3054.496978] ? find_held_lock+0x11/0x1c0 [ 3054.501034] ? expand_files.part.8+0x9c0/0x9c0 [ 3054.505622] ? kasan_check_write+0x14/0x20 [ 3054.509859] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3054.514795] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3054.520502] do_vfs_ioctl+0x1de/0x1720 [ 3054.524403] ? __lock_is_held+0xb5/0x140 [ 3054.528469] ? ioctl_preallocate+0x300/0x300 [ 3054.532871] ? __fget_light+0x2f7/0x440 [ 3054.536841] ? fget_raw+0x20/0x20 [ 3054.540292] ? retint_kernel+0x10/0x10 [ 3054.544176] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 3054.549187] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3054.553943] ? security_file_ioctl+0x94/0xc0 [ 3054.558351] ksys_ioctl+0xa9/0xd0 [ 3054.561800] __x64_sys_ioctl+0x73/0xb0 [ 3054.565682] ? do_syscall_64+0xca/0x820 [ 3054.569650] do_syscall_64+0x1b9/0x820 [ 3054.574255] ? syscall_slow_exit_work+0x500/0x500 [ 3054.579099] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3054.584198] ? syscall_return_slowpath+0x31d/0x5e0 [ 3054.589126] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3054.594490] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3054.599333] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3054.604513] RIP: 0033:0x455ab9 [ 3054.607691] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3054.627318] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3054.635029] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3054.642293] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3054.649557] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3054.656816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3054.664169] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000037 [ 3054.671455] CPU: 0 PID: 8919 Comm: syz-executor7 Not tainted 4.18.0-rc5+ #154 [ 3054.678739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3054.688095] Call Trace: [ 3054.690699] dump_stack+0x1c9/0x2b4 [ 3054.694445] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3054.699654] ? __lock_acquire+0x7fc/0x5020 [ 3054.703905] ? save_stack+0xa9/0xd0 [ 3054.707558] should_fail.cold.4+0xa/0x1a [ 3054.711637] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3054.716759] ? graph_lock+0x170/0x170 [ 3054.720587] ? find_held_lock+0x36/0x1c0 [ 3054.724672] ? __lock_is_held+0xb5/0x140 [ 3054.728759] ? check_same_owner+0x340/0x340 [ 3054.733093] ? graph_lock+0x170/0x170 [ 3054.737177] ? rcu_note_context_switch+0x730/0x730 [ 3054.742125] ? kasan_check_read+0x11/0x20 [ 3054.746290] __should_failslab+0x124/0x180 [ 3054.750543] should_failslab+0x9/0x14 [ 3054.754357] kmem_cache_alloc+0x2af/0x760 [ 3054.758524] ? find_held_lock+0x36/0x1c0 [ 3054.762607] get_empty_filp+0x12d/0x530 [ 3054.766595] ? proc_nr_files+0x60/0x60 [ 3054.770487] ? inode_init_owner+0x340/0x340 [ 3054.774829] ? kasan_check_read+0x11/0x20 [ 3054.778988] ? do_raw_spin_unlock+0xa7/0x2f0 [ 3054.783413] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 3054.788012] ? kasan_check_write+0x14/0x20 [ 3054.792260] ? do_raw_spin_lock+0xc1/0x200 [ 3054.796508] alloc_file+0x24/0x3e0 [ 3054.800066] ioctx_alloc+0x882/0x2400 [ 3054.803890] ? free_ioctx_users+0x700/0x700 [ 3054.808221] ? lock_downgrade+0x8f0/0x8f0 [ 3054.812480] ? find_held_lock+0x36/0x1c0 [ 3054.816582] ? lock_downgrade+0x8f0/0x8f0 [ 3054.820749] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3054.826298] ? proc_fail_nth_write+0x9e/0x210 [ 3054.830809] ? proc_cwd_link+0x1d0/0x1d0 [ 3054.834911] ? graph_lock+0x170/0x170 [ 3054.838778] ? find_held_lock+0x36/0x1c0 14:36:15 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000400", 0xfff}) 14:36:15 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xffffff7f00000000) 14:36:15 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000002c0)={0x0, 0x7}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000340)={r1, 0x0, 0x5, 0x7}, 0x10) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)=0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x148, 0x1d, 0x800, 0x70bd25, 0x25dfdbfe, {0xf}, [@nested={0x134, 0x53, [@typed={0x8, 0x59, @pid=r2}, @generic="934f65de5b420f2f43feb1d61e4779fab293597a785ccddbae1cdfc06e7ad1ef6330c50a19f0103f0c2bfaa4c49a97e0d3eac7a2ca35c00e48e35c0af0735f6fc23b36c7cce627fdba4ce37e0de14c70502708130e69b803079a4bb2d12741ba90d2f5f9e8a4b15cd244941f1b173572623d38a781232ddb1179650c001b1aed93f98f7cb12d4606d98e6e870c2628", @typed={0x98, 0x96, @binary="b7e278e2a57e14ad0e2ca80066c085fe264a4ccbfebac30b00c40f6f1fca45b2c922086d1d44a647859651e1b2b927d0192ba4daad2dfabfbc5c694b45932bb13fbd08e5a0e7269ca19df209f2ffbdd8a6c631b28aae59c811e9175ddae9a18ef765c380b77f9f1a7ac9176e01f848db33bf34d663a65619de42806d1820a0133daf6deaf9fb4bb470a29a091598c050b83376fb"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x10}, 0x20000845) 14:36:15 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3054.842863] ? kasan_check_write+0x14/0x20 [ 3054.847113] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3054.852059] ? find_held_lock+0x36/0x1c0 [ 3054.856144] ? lock_downgrade+0x8f0/0x8f0 [ 3054.860315] ? lock_release+0xa30/0xa30 [ 3054.864315] ? check_same_owner+0x340/0x340 [ 3054.868653] ? __sb_end_write+0xac/0xe0 [ 3054.872654] __x64_sys_io_setup+0x111/0x4b0 [ 3054.877100] ? exit_aio+0x560/0x560 [ 3054.880742] ? do_syscall_64+0x9a/0x820 [ 3054.884739] do_syscall_64+0x1b9/0x820 [ 3054.888638] ? finish_task_switch+0x1d3/0x870 [ 3054.893156] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3054.898102] ? syscall_return_slowpath+0x31d/0x5e0 [ 3054.903054] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3054.908442] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3054.913308] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3054.918618] RIP: 0033:0x455ab9 [ 3054.921809] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3054.941352] RSP: 002b:00007f5bafce9c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 3054.949051] RAX: ffffffffffffffda RBX: 00007f5bafcea6d4 RCX: 0000000000455ab9 [ 3054.956305] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000800 [ 3054.963561] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3054.970814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 3054.978067] R13: 00000000004bc519 R14: 00000000004cab28 R15: 0000000000000003 14:36:15 executing program 2 (fault-call:7 fault-nth:56): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:15 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7a00}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:15 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:15 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x4000000000000000) 14:36:15 executing program 5: r0 = gettid() r1 = syz_open_procfs(r0, &(0x7f0000000000)="410242000007") preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x200000, 0x0) 14:36:15 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:15 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0060000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:15 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000000600"}}}]}, 0x138}, 0x1}, 0x0) 14:36:15 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x500000000000000) 14:36:15 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0xffffffffffff0001, 0x80200) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000100)) r1 = fcntl$getown(0xffffffffffffff9c, 0x9) r2 = syz_open_procfs(r1, &(0x7f0000000140)='attr/prev\x00') preadv(r2, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) write$P9_RCLUNK(r2, &(0x7f0000000000)={0x7, 0x79, 0x2}, 0x7) [ 3055.226450] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3055.233997] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:15 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000ffffffc300", 0xfff}) 14:36:15 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xb4050000) 14:36:15 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:15 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000f0ffffff00"}}}]}, 0x138}, 0x1}, 0x0) [ 3055.351985] FAULT_INJECTION: forcing a failure. [ 3055.351985] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3055.363923] CPU: 0 PID: 8970 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3055.371206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3055.380569] Call Trace: [ 3055.383169] dump_stack+0x1c9/0x2b4 [ 3055.386810] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3055.392020] ? lock_downgrade+0x8f0/0x8f0 [ 3055.396203] should_fail.cold.4+0xa/0x1a 14:36:15 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x34000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:15 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f0000000000)=""/66, 0x42}], 0x2, 0x0) [ 3055.400289] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3055.405416] ? graph_lock+0x170/0x170 [ 3055.409269] ? is_bpf_text_address+0xd7/0x170 [ 3055.413876] ? find_held_lock+0x36/0x1c0 [ 3055.417960] ? __lock_is_held+0xb5/0x140 [ 3055.422056] ? check_same_owner+0x340/0x340 [ 3055.426745] ? rcu_note_context_switch+0x730/0x730 [ 3055.431813] __alloc_pages_nodemask+0x36e/0xdb0 [ 3055.436505] ? lock_downgrade+0x8f0/0x8f0 [ 3055.440679] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3055.445710] ? graph_lock+0x170/0x170 [ 3055.449526] ? __lock_is_held+0xb5/0x140 [ 3055.453608] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3055.458044] ? __lock_is_held+0xb5/0x140 [ 3055.462132] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3055.467690] alloc_pages_current+0x10c/0x210 [ 3055.472117] __get_free_pages+0xf/0x40 [ 3055.476019] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3055.480794] kvm_mmu_load+0x21/0x10e0 [ 3055.484615] vcpu_enter_guest+0x3aa6/0x6090 [ 3055.489036] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3055.493292] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3055.497983] ? vmx_vcpu_load+0xadf/0xff0 [ 3055.502067] ? __lock_acquire+0x7fc/0x5020 [ 3055.506326] ? vmx_vcpu_reset+0x1040/0x1040 [ 3055.510662] ? graph_lock+0x170/0x170 [ 3055.514509] ? __lock_acquire+0x7fc/0x5020 [ 3055.518771] ? __lock_is_held+0xb5/0x140 [ 3055.522450] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3055.522854] ? lock_acquire+0x1e4/0x540 [ 3055.522871] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3055.522891] ? lock_release+0xa30/0xa30 [ 3055.530324] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3055.534225] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3055.534242] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3055.534255] ? preempt_notifier_dec+0x20/0x20 [ 3055.534281] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3055.576702] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3055.581740] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3055.585822] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3055.591551] ? find_held_lock+0x36/0x1c0 [ 3055.595631] ? find_held_lock+0x36/0x1c0 [ 3055.599713] ? lock_downgrade+0x8f0/0x8f0 [ 3055.603878] ? kasan_check_read+0x11/0x20 [ 3055.608033] ? rcu_is_watching+0x8c/0x150 [ 3055.612188] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3055.616609] ? __fget+0x414/0x670 [ 3055.620075] ? find_held_lock+0x11/0x1c0 [ 3055.624150] ? expand_files.part.8+0x9c0/0x9c0 [ 3055.628745] ? kasan_check_write+0x14/0x20 [ 3055.632993] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3055.637939] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3055.643659] do_vfs_ioctl+0x1de/0x1720 [ 3055.647559] ? __lock_is_held+0xb5/0x140 [ 3055.651634] ? ioctl_preallocate+0x300/0x300 [ 3055.656057] ? __fget_light+0x2f7/0x440 [ 3055.660042] ? fget_raw+0x20/0x20 [ 3055.663509] ? __sb_end_write+0xac/0xe0 [ 3055.667502] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3055.673050] ? fput+0x130/0x1a0 [ 3055.676342] ? ksys_write+0x1ae/0x260 [ 3055.680153] ? security_file_ioctl+0x94/0xc0 [ 3055.684572] ksys_ioctl+0xa9/0xd0 [ 3055.688038] __x64_sys_ioctl+0x73/0xb0 [ 3055.691937] do_syscall_64+0x1b9/0x820 [ 3055.696023] ? syscall_slow_exit_work+0x500/0x500 [ 3055.701076] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3055.706114] ? syscall_return_slowpath+0x31d/0x5e0 [ 3055.711062] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3055.716455] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3055.721345] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3055.726548] RIP: 0033:0x455ab9 [ 3055.729733] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3055.749813] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3055.757531] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3055.764818] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3055.772100] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3055.779401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3055.786705] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000038 14:36:16 executing program 2 (fault-call:7 fault-nth:57): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:16 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x34, 0x14, 0x400, 0x70bd29, 0x25dfdbfd, {0x2, 0x0, 0xc, 0xfe, r1}, [@IFA_BROADCAST={0x8, 0x4, @rand_addr=0xea3e}, @IFA_LABEL={0x14, 0x3, 'teql0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x20040004) 14:36:16 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xa00) 14:36:16 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x385f}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:16 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:16 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:16 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x80a, &(0x7f0000000200)) [ 3055.894764] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3055.902277] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:16 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xfe80) 14:36:16 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') fchmodat(r0, &(0x7f0000000000)='./file0\x00', 0x8) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000001000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:16 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc3ffffff00000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:16 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x5dc) 14:36:16 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x81c, &(0x7f0000000200)) 14:36:16 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:16 executing program 5: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f00000000c0)="77657c2f776972656c02000000cca25ebbff858497518c02379820d15a5b532b07cfbf1e95d418cb8315c6ded9c23c51fcb72fe215e9c459e36c90065975d3dd38bffc2f003962c1f07948ad99fdb9eae5e49784156a268839e981d46be10b9270d125db4ecebb768b03f9d38ffcc1ef6278d69362502f0e85f34b8a35f81ca9fcca1a792675945fa4e408ada43a66de32693179348e4a69cdcf520052b44e204c6248f248c6ee5a614ffe58ad70874f912250cedae3c005b0e6") getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000040)={0x0, 0xf4}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000180)={r2}, 0x8) bind$bt_rfcomm(r1, &(0x7f00000001c0)={0x1f, {0x800, 0x2, 0x0, 0x8, 0x6, 0x37}, 0xff}, 0xa) preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) [ 3056.229669] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3056.237215] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3056.328823] FAULT_INJECTION: forcing a failure. [ 3056.328823] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3056.340789] CPU: 0 PID: 9033 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3056.348074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3056.357439] Call Trace: [ 3056.360050] dump_stack+0x1c9/0x2b4 [ 3056.363703] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3056.368920] ? lock_downgrade+0x8f0/0x8f0 [ 3056.373099] should_fail.cold.4+0xa/0x1a [ 3056.377281] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3056.382411] ? graph_lock+0x170/0x170 [ 3056.386242] ? is_bpf_text_address+0xd7/0x170 [ 3056.390794] ? find_held_lock+0x36/0x1c0 [ 3056.394918] ? __lock_is_held+0xb5/0x140 [ 3056.399015] ? check_same_owner+0x340/0x340 [ 3056.403365] ? rcu_note_context_switch+0x730/0x730 [ 3056.408338] __alloc_pages_nodemask+0x36e/0xdb0 [ 3056.413043] ? lock_downgrade+0x8f0/0x8f0 [ 3056.417225] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3056.422275] ? graph_lock+0x170/0x170 [ 3056.426103] ? __lock_is_held+0xb5/0x140 [ 3056.430195] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3056.434637] ? __lock_is_held+0xb5/0x140 [ 3056.438719] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3056.444259] alloc_pages_current+0x10c/0x210 [ 3056.448680] __get_free_pages+0xf/0x40 [ 3056.452573] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3056.457402] kvm_mmu_load+0x21/0x10e0 [ 3056.461241] ? vcpu_enter_guest+0x298c/0x6090 [ 3056.465771] vcpu_enter_guest+0x3aa6/0x6090 [ 3056.470195] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3056.474874] ? vmx_vcpu_load+0xadf/0xff0 [ 3056.478954] ? __lock_acquire+0x7fc/0x5020 [ 3056.483302] ? vmx_vcpu_reset+0x1040/0x1040 [ 3056.487625] ? graph_lock+0x170/0x170 [ 3056.491443] ? __lock_acquire+0x7fc/0x5020 [ 3056.495700] ? __lock_is_held+0xb5/0x140 [ 3056.499769] ? lock_acquire+0x1e4/0x540 [ 3056.503737] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3056.508838] ? lock_release+0xa30/0xa30 [ 3056.512822] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3056.518125] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3056.522624] ? preempt_notifier_dec+0x20/0x20 [ 3056.527125] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3056.531986] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3056.537023] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3056.541113] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3056.546834] ? find_held_lock+0x36/0x1c0 [ 3056.550908] ? find_held_lock+0x36/0x1c0 [ 3056.554974] ? lock_downgrade+0x8f0/0x8f0 [ 3056.559127] ? kasan_check_read+0x11/0x20 [ 3056.563277] ? rcu_is_watching+0x8c/0x150 [ 3056.567427] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3056.571872] ? __fget+0x414/0x670 [ 3056.575332] ? find_held_lock+0x11/0x1c0 [ 3056.579403] ? expand_files.part.8+0x9c0/0x9c0 [ 3056.583985] ? kasan_check_write+0x14/0x20 [ 3056.588242] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3056.593184] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3056.598922] do_vfs_ioctl+0x1de/0x1720 [ 3056.602822] ? __lock_is_held+0xb5/0x140 [ 3056.606878] ? ioctl_preallocate+0x300/0x300 [ 3056.611293] ? __fget_light+0x2f7/0x440 [ 3056.615261] ? fget_raw+0x20/0x20 [ 3056.618706] ? __sb_end_write+0xac/0xe0 [ 3056.622681] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3056.628232] ? fput+0x130/0x1a0 [ 3056.631545] ? ksys_write+0x1ae/0x260 [ 3056.635352] ? security_file_ioctl+0x94/0xc0 [ 3056.639763] ksys_ioctl+0xa9/0xd0 [ 3056.643227] __x64_sys_ioctl+0x73/0xb0 [ 3056.647113] do_syscall_64+0x1b9/0x820 [ 3056.650992] ? syscall_slow_exit_work+0x500/0x500 [ 3056.655833] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3056.660764] ? syscall_return_slowpath+0x31d/0x5e0 [ 3056.665704] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3056.671078] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3056.675945] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3056.681138] RIP: 0033:0x455ab9 [ 3056.684322] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3056.703538] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3056.711257] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3056.718526] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:17 executing program 2 (fault-call:7 fault-nth:58): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:17 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xb405000000000000) 14:36:17 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:17 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000001000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:17 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x28000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000040)={0x29b, 0x8000, 0x4ba, 0x106c400000000000, 0x0}, &(0x7f00000000c0)=0x10) ioctl$EVIOCSABS0(r0, 0x401845c0, &(0x7f0000000300)={0x7f, 0x7, 0x30f2, 0x8ab09a5, 0x0, 0xffffffffffff3d90}) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000100)={0x0, 0xa7, "4e53167a5fdcf70071d9add892c49d4f4e1657f843c72a2b307e217d5bb129380db8e0ad91c0aafd43d9b74a0540de97d7274dc405989619dc3220684e0a517c0cc842fb6ccc11023ff81683968c3b3a69b033b121a1973517b85b529c7ecca155cd2227b0f4690ab4ffc6ae8cd3e75b31424ad717395e10fb243958e542157fc0483a73c12bf3886978c9326353825e3981c3a633b7e66a30264dc2eca702c390bbfaccecb340"}, &(0x7f00000001c0)=0xaf) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000200)={r1, 0x3, 0x9, 0x3ff, 0x7, 0x7, 0x401, 0x2, {r2, @in={{0x2, 0x4e23, @rand_addr=0x2}}, 0x3ef, 0x3, 0x3, 0xf13, 0x1800}}, &(0x7f00000002c0)=0xb0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r3, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:17 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:17 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x48000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:17 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x817, &(0x7f0000000200)) [ 3056.725787] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3056.733056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3056.740358] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000039 14:36:17 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xfe800000) 14:36:17 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') r1 = fcntl$getown(r0, 0x9) syz_open_procfs(r1, &(0x7f0000000000)='net/udplite\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:17 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000000200"}}}]}, 0x138}, 0x1}, 0x0) [ 3056.909907] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3056.917444] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3056.995341] FAULT_INJECTION: forcing a failure. [ 3056.995341] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3057.007308] CPU: 1 PID: 9081 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3057.014594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3057.023958] Call Trace: [ 3057.026562] dump_stack+0x1c9/0x2b4 [ 3057.030213] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3057.035424] ? lock_downgrade+0x8f0/0x8f0 [ 3057.039602] should_fail.cold.4+0xa/0x1a 14:36:17 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x40000) 14:36:17 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000300", 0xfff}) 14:36:17 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x429], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:17 executing program 5: socketpair(0x1, 0x0, 0x10001, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCGBITKEY(r0, 0x80404521, &(0x7f0000000040)=""/14) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) [ 3057.043688] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3057.048809] ? graph_lock+0x170/0x170 [ 3057.052637] ? is_bpf_text_address+0xd7/0x170 [ 3057.057155] ? find_held_lock+0x36/0x1c0 [ 3057.061242] ? __lock_is_held+0xb5/0x140 [ 3057.065335] ? check_same_owner+0x340/0x340 [ 3057.069682] ? rcu_note_context_switch+0x730/0x730 [ 3057.074642] __alloc_pages_nodemask+0x36e/0xdb0 [ 3057.079332] ? lock_downgrade+0x8f0/0x8f0 [ 3057.083506] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3057.088545] ? graph_lock+0x170/0x170 14:36:17 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4c00}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3057.092367] ? __lock_is_held+0xb5/0x140 [ 3057.096443] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3057.100885] ? __lock_is_held+0xb5/0x140 [ 3057.104983] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3057.110544] alloc_pages_current+0x10c/0x210 [ 3057.114972] __get_free_pages+0xf/0x40 [ 3057.118880] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3057.123840] kvm_mmu_load+0x21/0x10e0 [ 3057.127674] vcpu_enter_guest+0x3aa6/0x6090 [ 3057.132017] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3057.136275] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3057.140984] ? vmx_vcpu_load+0xadf/0xff0 [ 3057.145064] ? __lock_acquire+0x7fc/0x5020 [ 3057.149317] ? vmx_vcpu_reset+0x1040/0x1040 [ 3057.153659] ? graph_lock+0x170/0x170 [ 3057.157486] ? __lock_acquire+0x7fc/0x5020 [ 3057.161750] ? __lock_is_held+0xb5/0x140 [ 3057.165839] ? lock_acquire+0x1e4/0x540 [ 3057.169835] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3057.174875] ? lock_release+0xa30/0xa30 [ 3057.178865] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3057.184159] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3057.188696] ? preempt_notifier_dec+0x20/0x20 [ 3057.193232] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3057.198094] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3057.203139] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3057.207259] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3057.213859] ? find_held_lock+0x36/0x1c0 [ 3057.217961] ? find_held_lock+0x36/0x1c0 [ 3057.222052] ? lock_downgrade+0x8f0/0x8f0 [ 3057.226221] ? kasan_check_read+0x11/0x20 [ 3057.230380] ? rcu_is_watching+0x8c/0x150 [ 3057.234542] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3057.236749] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3057.238961] ? __fget+0x414/0x670 [ 3057.238983] ? find_held_lock+0x11/0x1c0 [ 3057.238997] ? expand_files.part.8+0x9c0/0x9c0 [ 3057.239020] ? kasan_check_write+0x14/0x20 [ 3057.246406] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3057.249815] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3057.249838] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3057.249854] do_vfs_ioctl+0x1de/0x1720 [ 3057.292217] ? __lock_is_held+0xb5/0x140 [ 3057.296300] ? ioctl_preallocate+0x300/0x300 [ 3057.300723] ? __fget_light+0x2f7/0x440 [ 3057.304715] ? fget_raw+0x20/0x20 [ 3057.308185] ? __sb_end_write+0xac/0xe0 [ 3057.312189] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3057.317740] ? fput+0x130/0x1a0 [ 3057.321038] ? ksys_write+0x1ae/0x260 [ 3057.324860] ? security_file_ioctl+0x94/0xc0 [ 3057.329285] ksys_ioctl+0xa9/0xd0 [ 3057.332747] __x64_sys_ioctl+0x73/0xb0 [ 3057.336651] do_syscall_64+0x1b9/0x820 [ 3057.340552] ? syscall_slow_exit_work+0x500/0x500 [ 3057.345407] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3057.350356] ? syscall_return_slowpath+0x31d/0x5e0 [ 3057.355312] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3057.360696] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3057.365562] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3057.370766] RIP: 0033:0x455ab9 [ 3057.373959] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:36:17 executing program 2 (fault-call:7 fault-nth:59): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:17 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000500"}}}]}, 0x138}, 0x1}, 0x0) 14:36:17 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x4) 14:36:17 executing program 5: getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0, 0x8}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000000c0)=ANY=[@ANYRES32=r0, @ANYBLOB="2000008037835446f5405c0ec32e5a6c5a29ee8b6a783526fcabd68f51c0b5256d15a441"], &(0x7f0000000100)=0x28) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') setsockopt$sock_void(r1, 0x1, 0x1b, 0x0, 0x0) preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:17 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:17 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:17 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\a\x00', 0xfff}) 14:36:17 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x81e, &(0x7f0000000200)) [ 3057.393309] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3057.401045] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3057.408327] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3057.415606] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3057.422887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3057.430190] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000003a 14:36:17 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x200000000000000) 14:36:17 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, &(0x7f0000000000)=0x278) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f00000001c0)={0x6, 0x0, [{}, {}, {}, {}, {}, {}]}) 14:36:18 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000fcffffff00"}}}]}, 0x138}, 0x1}, 0x0) [ 3057.663636] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3057.671146] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3057.703092] FAULT_INJECTION: forcing a failure. 14:36:18 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x8dffffff00000000) 14:36:18 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x810, &(0x7f0000000200)) [ 3057.703092] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3057.715067] CPU: 0 PID: 9136 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3057.722350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3057.731726] Call Trace: [ 3057.734354] dump_stack+0x1c9/0x2b4 [ 3057.738001] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3057.744163] ? lock_downgrade+0x8f0/0x8f0 [ 3057.748339] should_fail.cold.4+0xa/0x1a [ 3057.752424] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3057.757547] ? graph_lock+0x170/0x170 14:36:18 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:18 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x68}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3057.761384] ? is_bpf_text_address+0xd7/0x170 [ 3057.765902] ? find_held_lock+0x36/0x1c0 [ 3057.769985] ? __lock_is_held+0xb5/0x140 [ 3057.774074] ? check_same_owner+0x340/0x340 [ 3057.778410] ? rcu_note_context_switch+0x730/0x730 [ 3057.783360] __alloc_pages_nodemask+0x36e/0xdb0 [ 3057.788130] ? lock_downgrade+0x8f0/0x8f0 [ 3057.792315] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3057.797345] ? graph_lock+0x170/0x170 [ 3057.801157] ? __lock_is_held+0xb5/0x140 [ 3057.805229] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3057.809755] ? __lock_is_held+0xb5/0x140 [ 3057.813835] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3057.819391] alloc_pages_current+0x10c/0x210 [ 3057.823829] __get_free_pages+0xf/0x40 [ 3057.827737] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3057.832516] kvm_mmu_load+0x21/0x10e0 [ 3057.836342] vcpu_enter_guest+0x3aa6/0x6090 [ 3057.840683] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3057.844944] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3057.849636] ? vmx_vcpu_load+0xadf/0xff0 [ 3057.853715] ? __lock_acquire+0x7fc/0x5020 [ 3057.857964] ? vmx_vcpu_reset+0x1040/0x1040 [ 3057.862316] ? graph_lock+0x170/0x170 [ 3057.866140] ? __lock_acquire+0x7fc/0x5020 [ 3057.870404] ? __lock_is_held+0xb5/0x140 [ 3057.874487] ? lock_acquire+0x1e4/0x540 [ 3057.878476] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3057.883509] ? lock_release+0xa30/0xa30 [ 3057.887497] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3057.892789] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3057.897307] ? preempt_notifier_dec+0x20/0x20 [ 3057.901825] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3057.906685] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3057.911724] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3057.915807] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3057.921530] ? find_held_lock+0x36/0x1c0 [ 3057.925611] ? find_held_lock+0x36/0x1c0 [ 3057.929694] ? lock_downgrade+0x8f0/0x8f0 [ 3057.933861] ? kasan_check_read+0x11/0x20 [ 3057.938035] ? rcu_is_watching+0x8c/0x150 [ 3057.942196] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3057.946627] ? __fget+0x414/0x670 [ 3057.950098] ? find_held_lock+0x11/0x1c0 [ 3057.954165] ? expand_files.part.8+0x9c0/0x9c0 [ 3057.958756] ? kasan_check_write+0x14/0x20 [ 3057.963005] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3057.967968] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3057.973694] do_vfs_ioctl+0x1de/0x1720 [ 3057.977597] ? __lock_is_held+0xb5/0x140 [ 3057.981677] ? ioctl_preallocate+0x300/0x300 [ 3057.986095] ? __fget_light+0x2f7/0x440 [ 3057.990080] ? fget_raw+0x20/0x20 [ 3057.993812] ? __sb_end_write+0xac/0xe0 [ 3057.997811] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3058.003363] ? fput+0x130/0x1a0 [ 3058.006659] ? ksys_write+0x1ae/0x260 [ 3058.010474] ? security_file_ioctl+0x94/0xc0 [ 3058.014899] ksys_ioctl+0xa9/0xd0 [ 3058.018367] __x64_sys_ioctl+0x73/0xb0 [ 3058.018911] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3058.022269] do_syscall_64+0x1b9/0x820 [ 3058.022285] ? syscall_slow_exit_work+0x500/0x500 [ 3058.022301] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3058.022316] ? syscall_return_slowpath+0x31d/0x5e0 [ 3058.022337] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3058.029767] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3058.033570] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3058.033592] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3058.033605] RIP: 0033:0x455ab9 [ 3058.033613] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3058.100651] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3058.108387] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3058.115667] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3058.122948] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3058.130230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3058.137520] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000003b 14:36:18 executing program 2 (fault-call:7 fault-nth:60): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:18 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x7fffffff, 0x10000) 14:36:18 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00 \x00', 0xfff}) 14:36:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000000000300"}}}]}, 0x138}, 0x1}, 0x0) 14:36:18 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:18 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:18 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x40000000) 14:36:18 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x900, &(0x7f0000000200)) 14:36:18 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x8) [ 3058.289626] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3058.297188] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:18 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x100000) 14:36:18 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000000000ffffff", 0xfff}) 14:36:18 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:18 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:18 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xffff0000) [ 3058.454835] FAULT_INJECTION: forcing a failure. [ 3058.454835] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3058.466882] CPU: 0 PID: 9192 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3058.474178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3058.483581] Call Trace: [ 3058.486187] dump_stack+0x1c9/0x2b4 [ 3058.489844] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3058.495058] ? lock_downgrade+0x8f0/0x8f0 [ 3058.499245] should_fail.cold.4+0xa/0x1a 14:36:18 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') ioctl$EVIOCSABS0(r0, 0x401845c0, &(0x7f0000000000)={0x0, 0x1, 0x7fffffff, 0x8, 0xcc, 0x7f}) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:18 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3058.503336] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3058.508468] ? graph_lock+0x170/0x170 [ 3058.512294] ? is_bpf_text_address+0xd7/0x170 [ 3058.516817] ? find_held_lock+0x36/0x1c0 [ 3058.520906] ? __lock_is_held+0xb5/0x140 [ 3058.525104] ? check_same_owner+0x340/0x340 [ 3058.529462] ? rcu_note_context_switch+0x730/0x730 [ 3058.534428] __alloc_pages_nodemask+0x36e/0xdb0 [ 3058.539132] ? lock_downgrade+0x8f0/0x8f0 [ 3058.543309] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3058.548353] ? graph_lock+0x170/0x170 [ 3058.552202] ? __lock_is_held+0xb5/0x140 [ 3058.556289] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3058.560737] ? __lock_is_held+0xb5/0x140 [ 3058.564835] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3058.570410] alloc_pages_current+0x10c/0x210 [ 3058.574855] __get_free_pages+0xf/0x40 [ 3058.578765] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3058.583550] kvm_mmu_load+0x21/0x10e0 [ 3058.587387] vcpu_enter_guest+0x3aa6/0x6090 [ 3058.591819] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3058.596098] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3058.600792] ? vmx_vcpu_load+0xadf/0xff0 [ 3058.604868] ? __lock_acquire+0x7fc/0x5020 [ 3058.609118] ? vmx_vcpu_reset+0x1040/0x1040 [ 3058.613458] ? graph_lock+0x170/0x170 [ 3058.617279] ? __lock_acquire+0x7fc/0x5020 [ 3058.621544] ? __lock_is_held+0xb5/0x140 [ 3058.625643] ? lock_acquire+0x1e4/0x540 [ 3058.629640] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3058.634681] ? lock_release+0xa30/0xa30 [ 3058.638670] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3058.643969] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3058.648481] ? preempt_notifier_dec+0x20/0x20 [ 3058.653007] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3058.658222] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3058.663267] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3058.667350] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3058.673079] ? find_held_lock+0x36/0x1c0 [ 3058.677166] ? find_held_lock+0x36/0x1c0 [ 3058.681281] ? lock_downgrade+0x8f0/0x8f0 [ 3058.685456] ? kasan_check_read+0x11/0x20 [ 3058.689620] ? rcu_is_watching+0x8c/0x150 [ 3058.693785] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3058.698226] ? __fget+0x414/0x670 [ 3058.701700] ? find_held_lock+0x11/0x1c0 [ 3058.705785] ? expand_files.part.8+0x9c0/0x9c0 [ 3058.710399] ? kasan_check_write+0x14/0x20 [ 3058.714652] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3058.719606] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3058.725335] do_vfs_ioctl+0x1de/0x1720 [ 3058.729240] ? __lock_is_held+0xb5/0x140 [ 3058.733319] ? ioctl_preallocate+0x300/0x300 [ 3058.737737] ? __fget_light+0x2f7/0x440 [ 3058.741738] ? fget_raw+0x20/0x20 [ 3058.745216] ? __sb_end_write+0xac/0xe0 [ 3058.749224] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3058.754776] ? fput+0x130/0x1a0 [ 3058.758082] ? ksys_write+0x1ae/0x260 [ 3058.761900] ? security_file_ioctl+0x94/0xc0 [ 3058.766323] ksys_ioctl+0xa9/0xd0 [ 3058.769794] __x64_sys_ioctl+0x73/0xb0 [ 3058.773697] do_syscall_64+0x1b9/0x820 [ 3058.777601] ? syscall_slow_exit_work+0x500/0x500 [ 3058.782460] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3058.787416] ? syscall_return_slowpath+0x31d/0x5e0 [ 3058.792363] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3058.797749] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3058.802621] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3058.804051] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3058.807822] RIP: 0033:0x455ab9 [ 3058.807828] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 [ 3058.815348] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3058.818486] f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3058.853783] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3058.861505] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3058.868787] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3058.876069] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3058.883353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3058.890639] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000003c 14:36:19 executing program 2 (fault-call:7 fault-nth:61): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:19 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000000000ffffff9e00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:19 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x1100) 14:36:19 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000c39c27000100", 0xfff}) 14:36:19 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff8d], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:19 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x2100, &(0x7f0000000200)) 14:36:19 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xffffffff) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6, 0x20012, r0, 0xd) pipe(&(0x7f00000000c0)) ioctl$KVM_PPC_GET_PVINFO(r0, 0x4080aea1, &(0x7f0000000000)=""/82) 14:36:19 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5f38}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:19 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x800000000000000) 14:36:19 executing program 5: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xcf8, 0x0) getsockname$inet6(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, @loopback}, &(0x7f00000000c0)=0x1c) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) 14:36:19 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3059.123053] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3059.130534] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:19 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:19 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:19 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x815, &(0x7f0000000200)) 14:36:19 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x900000000000000) [ 3059.308952] FAULT_INJECTION: forcing a failure. [ 3059.308952] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3059.321081] CPU: 1 PID: 9249 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3059.328366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3059.337733] Call Trace: [ 3059.340340] dump_stack+0x1c9/0x2b4 [ 3059.343998] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3059.349205] ? lock_downgrade+0x8f0/0x8f0 [ 3059.353380] should_fail.cold.4+0xa/0x1a [ 3059.357464] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3059.362596] ? graph_lock+0x170/0x170 [ 3059.366423] ? is_bpf_text_address+0xd7/0x170 [ 3059.370944] ? find_held_lock+0x36/0x1c0 [ 3059.375046] ? __lock_is_held+0xb5/0x140 [ 3059.379130] ? check_same_owner+0x340/0x340 [ 3059.383464] ? rcu_note_context_switch+0x730/0x730 [ 3059.388421] __alloc_pages_nodemask+0x36e/0xdb0 [ 3059.393108] ? lock_downgrade+0x8f0/0x8f0 [ 3059.397268] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3059.402469] ? graph_lock+0x170/0x170 [ 3059.406275] ? __lock_is_held+0xb5/0x140 [ 3059.410344] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3059.414763] ? __lock_is_held+0xb5/0x140 [ 3059.418842] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3059.424444] alloc_pages_current+0x10c/0x210 [ 3059.428870] __get_free_pages+0xf/0x40 [ 3059.432773] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3059.437546] kvm_mmu_load+0x21/0x10e0 [ 3059.441370] vcpu_enter_guest+0x3aa6/0x6090 [ 3059.445706] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3059.449961] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3059.454655] ? vmx_vcpu_load+0xadf/0xff0 [ 3059.458735] ? __lock_acquire+0x7fc/0x5020 [ 3059.462994] ? vmx_vcpu_reset+0x1040/0x1040 [ 3059.467330] ? graph_lock+0x170/0x170 [ 3059.471165] ? __lock_acquire+0x7fc/0x5020 [ 3059.475423] ? __lock_is_held+0xb5/0x140 [ 3059.479502] ? lock_acquire+0x1e4/0x540 [ 3059.483488] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3059.488523] ? lock_release+0xa30/0xa30 [ 3059.492506] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3059.497801] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3059.502304] ? preempt_notifier_dec+0x20/0x20 14:36:19 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000600", 0xfff}) [ 3059.506821] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3059.511674] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3059.516708] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3059.520784] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3059.526504] ? find_held_lock+0x36/0x1c0 [ 3059.530672] ? find_held_lock+0x36/0x1c0 [ 3059.534755] ? lock_downgrade+0x8f0/0x8f0 [ 3059.538923] ? kasan_check_read+0x11/0x20 [ 3059.543077] ? rcu_is_watching+0x8c/0x150 [ 3059.547233] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3059.551658] ? __fget+0x414/0x670 [ 3059.555119] ? find_held_lock+0x11/0x1c0 [ 3059.559191] ? expand_files.part.8+0x9c0/0x9c0 [ 3059.563788] ? kasan_check_write+0x14/0x20 [ 3059.568039] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3059.572984] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3059.578701] do_vfs_ioctl+0x1de/0x1720 [ 3059.582594] ? __lock_is_held+0xb5/0x140 [ 3059.586646] ? ioctl_preallocate+0x300/0x300 [ 3059.591044] ? __fget_light+0x2f7/0x440 [ 3059.595016] ? fget_raw+0x20/0x20 [ 3059.598472] ? __sb_end_write+0xac/0xe0 [ 3059.602434] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3059.607965] ? fput+0x130/0x1a0 [ 3059.611230] ? ksys_write+0x1ae/0x260 [ 3059.615033] ? security_file_ioctl+0x94/0xc0 [ 3059.619437] ksys_ioctl+0xa9/0xd0 [ 3059.622878] __x64_sys_ioctl+0x73/0xb0 [ 3059.626751] do_syscall_64+0x1b9/0x820 [ 3059.630628] ? syscall_slow_exit_work+0x500/0x500 [ 3059.635456] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3059.640377] ? syscall_return_slowpath+0x31d/0x5e0 [ 3059.645741] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3059.651091] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3059.655941] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3059.661131] RIP: 0033:0x455ab9 [ 3059.664297] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3059.685657] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3059.693355] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3059.701319] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:20 executing program 2 (fault-call:7 fault-nth:62): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:20 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:20 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000600"}}}]}, 0x138}, 0x1}, 0x0) 14:36:20 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000)=0x4, 0x4) 14:36:20 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6800}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:20 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x6000000) 14:36:20 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00\b\x00', 0xfff}) [ 3059.708587] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3059.715853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3059.723123] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000003d 14:36:20 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x81a, &(0x7f0000000200)) 14:36:20 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x2e8, 0x0) 14:36:20 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x8dffffff) 14:36:20 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000500"}}}]}, 0x138}, 0x1}, 0x0) 14:36:20 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3059.906995] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3059.914525] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:20 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5f380000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:20 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000fe00", 0xfff}) 14:36:20 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x5b4) 14:36:20 executing program 5: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x200, 0x0) preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000000180)=""/83, 0x53}, {&(0x7f0000000040)}, {&(0x7f0000000200)=""/170, 0xaa}, {&(0x7f00000002c0)=""/79, 0x4f}, {&(0x7f0000000340)=""/192, 0xc0}, {&(0x7f0000000400)=""/165, 0xa5}, {&(0x7f00000004c0)=""/202, 0xca}, {&(0x7f00000005c0)=""/203, 0xcb}], 0x8, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f00000000c0)=""/176) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000002e40)={0x0, 0x2}, &(0x7f0000002e80)=0x8) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000002ec0)={r2, @in={{0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}}, 0x84) clock_gettime(0x1, &(0x7f0000000040)) preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x31}], 0x309, 0x0) timer_create(0x0, &(0x7f0000000840)={0x0, 0x9, 0x4, @thr={&(0x7f0000000740)="335dfc0553079a6a846020440feb6fe2511394a8d272b55fed041928beea55ed0820d15142ec69df1e12045a2efa52900f393ae6f5653a18bfbf9ddc3cc38446e70d69", &(0x7f00000007c0)="b9a2ff652caa8b0f284555f5e6426af1a9f07ee9e6a5fd3964717b62f3388e9df68c246e0fe02dae56efbd4148c179d7a6edfe042d5a8228c9e207c091c14b793df2d9a77c91bed60f612e7d8ce49c85fbc20ec6f416c553b89c8af9ea81a4715842218212093cc5bfc2c5075b3eff29a6f0b63757d7e972f2e9fe138c"}}, &(0x7f0000000880)=0x0) timer_gettime(r3, &(0x7f00000008c0)) preadv(r0, &(0x7f0000002d80)=[{&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)=""/75, 0x4b}, {&(0x7f0000001980)=""/236, 0xec}, {&(0x7f0000001a80)=""/34, 0x22}, {&(0x7f0000001ac0)=""/234, 0xea}, {&(0x7f0000001bc0)=""/4096, 0x1000}, {&(0x7f0000002bc0)=""/112, 0x70}, {&(0x7f0000002c40)=""/252, 0xfc}, {&(0x7f0000002d40)=""/3, 0x3}], 0x9, 0x0) [ 3060.083817] FAULT_INJECTION: forcing a failure. [ 3060.083817] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3060.095806] CPU: 1 PID: 9302 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3060.103094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3060.112462] Call Trace: [ 3060.115072] dump_stack+0x1c9/0x2b4 [ 3060.118723] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3060.123943] ? lock_downgrade+0x8f0/0x8f0 [ 3060.128114] should_fail.cold.4+0xa/0x1a [ 3060.131694] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3060.132195] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3060.132218] ? graph_lock+0x170/0x170 [ 3060.132234] ? is_bpf_text_address+0xd7/0x170 [ 3060.132254] ? find_held_lock+0x36/0x1c0 [ 3060.139655] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3060.144719] ? __lock_is_held+0xb5/0x140 [ 3060.144745] ? check_same_owner+0x340/0x340 [ 3060.144766] ? rcu_note_context_switch+0x730/0x730 [ 3060.184890] __alloc_pages_nodemask+0x36e/0xdb0 [ 3060.189580] ? lock_downgrade+0x8f0/0x8f0 [ 3060.193750] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3060.198866] ? graph_lock+0x170/0x170 [ 3060.202675] ? __lock_is_held+0xb5/0x140 [ 3060.206743] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3060.211173] ? __lock_is_held+0xb5/0x140 [ 3060.215257] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3060.220812] alloc_pages_current+0x10c/0x210 [ 3060.225236] __get_free_pages+0xf/0x40 [ 3060.229136] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3060.233910] kvm_mmu_load+0x21/0x10e0 [ 3060.237734] vcpu_enter_guest+0x3aa6/0x6090 [ 3060.242068] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3060.246322] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3060.251006] ? vmx_vcpu_load+0xadf/0xff0 [ 3060.255082] ? __lock_acquire+0x7fc/0x5020 [ 3060.259329] ? vmx_vcpu_reset+0x1040/0x1040 [ 3060.263666] ? graph_lock+0x170/0x170 [ 3060.267476] ? __lock_acquire+0x7fc/0x5020 [ 3060.271733] ? __lock_is_held+0xb5/0x140 [ 3060.275809] ? lock_acquire+0x1e4/0x540 [ 3060.279793] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3060.284823] ? lock_release+0xa30/0xa30 [ 3060.288803] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3060.294093] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3060.298599] ? preempt_notifier_dec+0x20/0x20 [ 3060.303121] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3060.307978] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3060.313019] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3060.317101] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3060.322823] ? find_held_lock+0x36/0x1c0 [ 3060.326903] ? find_held_lock+0x36/0x1c0 [ 3060.330989] ? lock_downgrade+0x8f0/0x8f0 [ 3060.335155] ? kasan_check_read+0x11/0x20 [ 3060.339317] ? rcu_is_watching+0x8c/0x150 [ 3060.343480] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3060.347906] ? __fget+0x414/0x670 [ 3060.351378] ? find_held_lock+0x11/0x1c0 [ 3060.355455] ? expand_files.part.8+0x9c0/0x9c0 [ 3060.360053] ? kasan_check_write+0x14/0x20 [ 3060.364299] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3060.369400] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3060.375121] do_vfs_ioctl+0x1de/0x1720 [ 3060.379022] ? __lock_is_held+0xb5/0x140 [ 3060.383189] ? ioctl_preallocate+0x300/0x300 [ 3060.387604] ? __fget_light+0x2f7/0x440 [ 3060.391589] ? fget_raw+0x20/0x20 [ 3060.395053] ? __sb_end_write+0xac/0xe0 [ 3060.399046] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3060.404592] ? fput+0x130/0x1a0 [ 3060.407862] ? ksys_write+0x1ae/0x260 [ 3060.411651] ? security_file_ioctl+0x94/0xc0 [ 3060.416046] ksys_ioctl+0xa9/0xd0 [ 3060.419498] __x64_sys_ioctl+0x73/0xb0 [ 3060.423371] do_syscall_64+0x1b9/0x820 [ 3060.427256] ? syscall_slow_exit_work+0x500/0x500 [ 3060.432094] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3060.437017] ? syscall_return_slowpath+0x31d/0x5e0 [ 3060.441947] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3060.447298] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3060.452133] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3060.457306] RIP: 0033:0x455ab9 [ 3060.460485] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:36:20 executing program 2 (fault-call:7 fault-nth:63): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:20 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x10) [ 3060.479692] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3060.487482] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3060.494735] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3060.502007] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3060.509290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3060.516563] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000003e 14:36:20 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:20 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000000031600"}}}]}, 0x138}, 0x1}, 0x0) 14:36:20 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000fdfdffff00", 0xfff}) 14:36:20 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:20 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x809, &(0x7f0000000200)) 14:36:20 executing program 5: getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) r1 = syz_open_procfs(r0, &(0x7f0000000180)='net/icmp6\x00') preadv(r1, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) [ 3060.562559] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3060.570110] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:21 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) recvmmsg(r0, &(0x7f00000012c0)=[{{&(0x7f0000000000)=@vsock={0x0, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000001240)=[{&(0x7f00000000c0)=""/220, 0xdc}, {&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/16, 0x10}, {&(0x7f0000001200)=""/63, 0x3f}], 0x4, &(0x7f0000001280)=""/13, 0xd, 0x77}}], 0x1, 0x20, &(0x7f0000001300)={0x77359400}) 14:36:21 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x7) 14:36:21 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:21 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf9030000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000007fffffff00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:21 executing program 5: syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x8, 0x0) accept4$inet6(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000180)=0x1c, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000200)=0x0) r2 = syz_open_procfs(r1, &(0x7f00000000c0)="6e65742d77697265ec65737300") preadv(r2, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r2, 0x4010ae94, &(0x7f0000000000)={0x6, 0x0, 0x3}) [ 3060.774422] FAULT_INJECTION: forcing a failure. [ 3060.774422] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3060.786469] CPU: 1 PID: 9357 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3060.793761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3060.803123] Call Trace: [ 3060.805725] dump_stack+0x1c9/0x2b4 [ 3060.809370] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3060.814573] ? lock_downgrade+0x8f0/0x8f0 [ 3060.818747] should_fail.cold.4+0xa/0x1a 14:36:21 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x819, &(0x7f0000000200)) [ 3060.822833] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3060.827972] ? graph_lock+0x170/0x170 [ 3060.831796] ? is_bpf_text_address+0xd7/0x170 [ 3060.836319] ? find_held_lock+0x36/0x1c0 [ 3060.840398] ? __lock_is_held+0xb5/0x140 [ 3060.844477] ? check_same_owner+0x340/0x340 [ 3060.848821] ? rcu_note_context_switch+0x730/0x730 [ 3060.853780] __alloc_pages_nodemask+0x36e/0xdb0 [ 3060.858465] ? lock_downgrade+0x8f0/0x8f0 [ 3060.862642] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3060.867677] ? graph_lock+0x170/0x170 [ 3060.871493] ? __lock_is_held+0xb5/0x140 [ 3060.875570] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3060.880007] ? __lock_is_held+0xb5/0x140 [ 3060.884091] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3060.889647] alloc_pages_current+0x10c/0x210 [ 3060.894072] __get_free_pages+0xf/0x40 [ 3060.897973] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3060.902750] kvm_mmu_load+0x21/0x10e0 [ 3060.906576] vcpu_enter_guest+0x3aa6/0x6090 [ 3060.910910] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3060.915166] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3060.919853] ? vmx_vcpu_load+0xadf/0xff0 14:36:21 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) sendmsg$nl_generic(r0, &(0x7f0000001680)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40800008}, 0xc, &(0x7f0000001640)={&(0x7f00000000c0)={0x1554, 0x14, 0x1, 0x70bd2d, 0x25dfdbfb, {0x19}, [@nested={0x214, 0x8a, [@typed={0xe0, 0x59, @binary="bdc24f2d88effb6fbfa38c81fb0704d76ac71304758ee7aecec646f5f0b89f55abdd024fc30fb1cd30429d769c3a499ffd12d94d0849034b7a45a98d8cf9f383a53de6f4db41cb05bd2f0e44ed6c593219a08a95c3d107dbc34cbf3b21706b6e02b1b8c1b603f4af24547748494cc7cbc01e6d989838b8138abd6c30cccb2b54016f40cfa04f6a139fed5ae769dec96aa8bdbe1a4d4a4a2974546805f3d68fff8e45e3ed4cf368759e55372464141229ef3d735fc0e4e92d11c631d6ac94a377abb4bedcffacef4d67d354569ff29f141137285c05370bcf89"}, @generic="8776daca4008b161bed6010f2f868b3914bbb9549c037adc50c0fc605bb05276d9c7cb7f0def876b3b57b7503512d998b0cc79a31f7478e6f7ef39d1800b1c79801e3cef417b3c83db7175eb2d9c98a3dca8022b93026838b70222e83d03a0706d6bf9deb48fc58abd8bbe35c2bc080d324e598f96324c1683b3eb1ca1", @generic="b01b7bd2425ebe73afa84301f4301ed0beccf6ee1af03d2be1af71f4a3bcaf055bd028c295772e1ed78719c5cb8d606a98f6ed458e98a13e68481194cedd405cbc3bd725e45210aed0157aed163dc178835dbe18f965a7f9d9db456baaf935a4cd1ccfd6678d821b089b35c0a4dd58", @generic="f9367bb7d0c75f04e26c2a959a33bbddf0d1c3043f1db04969f647e48b7523a15f2373c9e32966403cc7a95d5e7add2dcac81aa5d4a184351049ba8c6fe9152317"]}, @nested={0x10a4, 0x91, [@typed={0x4, 0x8d}, @generic="02d0848d55497f4ce99e888b001f58050f6e32da1f3bcae0af91632cbc1fd2110decb00396a1fef32de01e2e81a6d7184f1622f5f5281652e65fd5067f23aac02e6ddb76b4f2e59955633301965611c83a260f885d21a2cb1c40013b937ca13740334c40a56f26d56fc43768dbd2930b751bed648c799282748d7d80334dcfc4dc212ec9156df1c56ee8d480d8f13e39d578e2e9efcbc0c9b1265dfdcd8a69c021427ef195e890f5d5251b54c1aec07d110d24af6e96faa6bc877016c917825a857d04118447998e821f8c68fa72de4bafe97f4bb2a0ed6956b62f1ccfb6da1de082c28eef57b9058d0595866e63220feb631b7eb89ac3b1d4fd0bd98a4465137ea45fe52f5c5f2a1dc91eb97f0a1dae878058fa681f8987fe4a5d5f8c0f4fde914882ee9374d7ce5b8be123281c7a836484c677cf16afed7b991b76e6d1dceaf2e7c6ef6e98488bcacc57c43f50a4b6dda8edfab2a43461d5d93ea4778284ad60de02b78b89b5a43354f7035d7bbaa5d7b0a0b7398423b59af982c32710945013834e3cbd1b10c4cf8b11316b50eebba44bd24944e8b05084e1977cc3dae56e58a637aedfdde5b107dd080d6ec12d2670279e4f19577d0724f4fda26d877a4ede7ca61a9cb4249247faefb8285ee65f9be13a40e9aa2cec9e30f0a2e2e8881c0c286ddd0acb9a52104f900a613b60d452854fdf5ec6be4788a90e30bc2e08ff68cfa65d77ee167b829b5d10bcf76ffbaeb25f3dd6002064693b7a67237551023afca4f95a8c93536b27b19e9b54b8ad3d0b26b0b85c8e7da3fd10173371d606f24d99e98fcc2cd0faa734127426fb2aaae5780e3c618db5a44c40925965baa6866236434331f01eff5e643ec4cf88931b93b822f2566a64369680b423308dc89287b4375938785195b828036afe29e46635784365d46df624a491905416101d2980c2873c2a8105b3b7e32ed3d4a22094672e95d082a801f108189c8a10f86e59bc6743be3f2dedcc5b5cd8740192ef69cce033942f369920c57a2206f722c281c9ab4faddb709bd573b0c99320225e95ee115da8cb944b796e4d5d95cbfc8116d176e4c7eebb936da3fdcfdf7cac190d8d7e14f47195d202f3b227283e52f478b3c3e484708ea284f6a374da02c001ebb947579a47f5ea0a9a4481547671992fff9a160772621c8238847e7a5681c26a0ecb5284527d00ce0581bf57d9397acf0acba76b9c8bab7ec306c09d76134127de5d9e63cdb9ef695dbef04d14ad19dc9e814c96ca24c5f017baa9d19eb3f14c58fe834d0825f3ebb12e0fd446e91ccc2d24e7dcad6038c27b69d1e1f8cceec5167a752b708b57dff25c5ab0578203fe971fba1f8527dc56e90c761744b5cf1ef974a0c8e2f4c7e74e1e84e90952a673b7099e4ea4f3052431f6e673f5b3c60e5413ef385e2cf47c6def74a3798f7a04cc9df13a8e7c9c29827bbb1fc3f16ca8b520903c45f6e0876a456b5759cb8a95b4a71bc81804dcccf2acda850e9eedd6b2f3ad8eb15c2dd37598865d631ecd2959975122349a063a9aa5a6bdb44ac41e7fdff9dcc6b9ebc5906940ad8255e991106c42409acd009b2b153db7c6d4e82c2e47a2a78b01f5e6f82b2a36ef784d3dcbd8b72bf62024171afb5a4505c1eb25034f3aa92547c8c3002eed1ba7a5a63fe6428d4f79d81f9b1fc4a235cf719302443c61486a620485020ec2369b9f5350fc5abea71c8e8bb64330202939eb9e96b7ba111089ea5d73d69d30a6a40c4857d230cdd940348a7f0f51888313edb9dcecfa6e73bc9a18aab6c14bfc8312dc47d1db4f1ab963dfab5f9bc249469a24e233626d73e3906ea5421e05cb17314a2910f8dfcf6932c23be443ba6de949345776e73c4affb224a24715b2d2a7d020b78102a189ff4c32a0843e2ca77fc1b3bb3bb63f1db780147487f73b71b93661969564a7e8985a278ec36048bd599c6276102560b4d56cd0f34d523d7b09bb4d9bf012cc12362d85ec8a6d052cf6f16407852273ff20e12abf5b9c4fd0b69ef1eac01957ac0b42ca01477fa9439c6a0fb40b38c6e0cd7aa6251cdf1b7c6f4a409ecdeba7fed415e1c88cc3ac394addc732ad9abd8c610bf7e874347e34d752c83c170351dc354fdb742d806ece599659a055567ed6fe341f3cad1f25cf6c2fb9e600d3d71cd3f45d941387a244c872d8f3c14606c0a51143d208ba4c1acb4999bb01ed81f39bc0e657b1b8364a81e750449db1c0c2c4301a115a682dc3bf8fbdeb601435e03e05d756992d88a7866ede74ca713affb5f3c99f8ff8e2a637fac680592df0ce9953a997ef4216ff6225de16b725a1ecde78e291d42eb7a288e432161e2bee78b8b239c29f28d84b1af692ff8e9da17d6f6301fa8411ca684bc31bbd9ed745a899261bc5650159041a7bbd71cab9f61d66f6085b6a872c2c9986fb1f204d7960adcd16d23b5996e25058766fe56f9332ffcafbd9f3b6f99bb1971b930a64c6b4ad852212e3cf7984f6c277cb8c51ac7624fd12dca31b9b1674ffd53fe2e3a5f8ae1ecf3f015055f5410031fe22621c417fd87a60a2d5be3ee41cc3d44e80ee224f30c7870328e3850569e0507613fe0bdef833bdf5e25edb56c93e23756b8a01f64fb02a63e2eb40b1786ba9e6cf87f27b56af8d17e52a0cb962b5af4f1a8cf463959f293b524128405bdcf9e3c7a1d45e08f8ebb5f40e2e30ad4fef0e96f50b1fa1b3c6d58f9ca0ecbc3ba8fd5a75ed2bdd5581d751fa801c3aad13023027a0c9a1038539b1b84a2aff7f5674def4fc29ae9aa2bca072123a7b1153d671a28e788d85cbbbb34585c8fcfc0c4480024ecd7ec0632578d59f9e9ef36682b281ca6085b68547f8e2f08c169fa1b67e63e696d8457daf339f3022e8ad38e5e3feb8b8eefe5a5b4d5f378083b4e077a8c472725544ec1e1dccc43f829effeaca61f15660a006234e0e081bac4e706f0c0c4f2e47193cbb815dbad8cda6f754c7ef335aba6d603d64b0b772af6a9479f3418935168c5e4988b258706b5f6c7dbdeb5ae6d8eac214ba2af37e925677f656db3105a667a7e3876c0d71d917dde764bb3c944560aaa4ec3e901681f1eca0cf58ba3c39b20d2f02535b30a9a89cbc333bb4f20233efaf60f880effaaf78853c2fdc949240937d1b57ef44f080d98465ac8e4fd2458ae5d39fd5381992c879775d80065a1f5afa7255cd69fa121b3732f9bb010740608cfdc4f096309d8204232ff12d61803b9712612eb4a7d43e78fb26fd0db19daa7f0838baabe05977f1db0164afc04968e28779f8bd7ca2d52ef009714088277f46b4ff1d1cb6f1836e7dfc61bb523a93bc1ceac0a0373f58d535c1b9d5515afd0b3505547d50993349013d14306d96117bd97a24b747ef4d781eebf0a805558dae9e7ef458a26982cf99fe6a3360398d98d2f80e0f4266a4f7e4792b62cd2d6ad0c60c7177512a8df1e66f9935c703558c02c7955955a467582ad14f09ec6315f01b4304d49c528f6b4325b70aa28f4bd4da6cb2e3a4aafe921131927133bc7ce5be43984b20ea63a025390b9648befb7ff302d0838708a05f6e827d22ba21f5e99613428aa5a21076ad202498578918b2877de02b4344a0b22cc4f99231e6b9ec4f5c8b2d33fe481c6df74faba854594af11b7336bd332fe8946979f2348c051b270d42f4ba88e756313fd7f001ec4df81c549dbb101c7335f0475ce671d8818b9f0c77d73fd8f5d6391c57911ace0931ab66283c2a887e1648b9f6022ec7f15eda10fba86c2866f63c915d45ecf174aa7a63be76f6a2534c308a55cbd3665cdca6db14ba5db2d6b10333a7727b09e9eb2d81e53f1d497e54e119ca53a22840b93dba3a45c4e91e5a99b30665954aad9ea373b46f3409d04d579e0c90f564a405fecdeb443a1ca1556e433639d9db9f0351ccb57262fed2c85b62ce51f7f263e7be8418517574a870b829beb7d5c850f73cf244eb33415f44b2611226cc463878aa076cdbdabccadde208588cd3c464d4443fa07bae0c82adc9fb4722f133392deac7548cc886aca7461470d3128e867771f5763d07d5c01a4fec41df3061784abc0ceace5993219765e175be67ad6f93eccdc01fab7d50f1fd372a082ec44e126966120895a17a5a17ac69b74c97aa79d8d3ce784b415756ffaed1e66d6b3828a9988074677a11d1499246a705662379c6677b4bfab6880c72bd09f8cd79151ff181fe35d951938092f54a37eab3a419346272813411623d458a5b0bbb23f94b1d97cc57d9b7d9694bc2d16dc982fc77fd0ddc2dabdf1485ce99a5036643ab6610c243079deff0b838f59795544c7f65af53dd6ef6dcccd2410733ab1bebb96c3b40c6e13ec2ada36a696bb4b6171a12e45deb1186d94fdb0e747a8c484fa92317dd8ac16511ada8e7d5928fe1ecb22d2fba4adc9569e51b29c3362bf407771c8bb3801ce0184b6d3a748598684813ffc79d382e12f9454d5c5f74a6a4209abef078fbf41ef39abee94ce3d25c880f402edc9ccf3bc58a0ec3909f9d4351b2d1861bc7890032978896d79ed2d3bb64557d47539090dbb00119a578b87f87f2c2853e3eba23ef8dc228c94e23c7d6aac08519bd29bd5767db3988f779ffdc127f2a300adeaa9b079fcea3d047fd2fcd74aedb0dc2f92d030af4a18da5d4265ea35211c73ae0829018b9760b210d4f2fd9e7f50261511b44d1d202493abe9506bc1fe999a25814366686486dc9f5c8895de0f0b0fbeb0e0f044276fa61195a1c19e0cfa2252d272ebd1f45ae5367e753fbefcd4fedc038da080bb5268a8244d370b1480cc0513eda9e44e87a0bf445ffb40ecf9fb35d3f5cfdce4d9b51dfa1c1be07347912ebdcd62756b4eb486a08f4defe91f3a901a1a163ba306fd40596b5f90782696455e86cd0233464b12cc9c924c7fd58ce5ec14de775d7b6cf344b0521616815ac23b27316e38e64e065ee1bdf90465dea3874e18afa52d17ce815e91326972253cb37b27f88a2404410a955ea52f9a8561f02f1074da08a3db33658770c2e4f753d0afe4c9c3a48920bf79f250acd5dc1f0688e02d5c26fd99a226f215ae62adbb2e49bd6c61c3a33ed62af3b1f916bceb3ba517cf0e15428ecee13a7f5ac4789b2c4785bc614e4c3e316d11a26bdfc4e0542adfd56c5481497134e63be32d4ecdcb0f112fea24b7ad601aa82c48fb6029c1d111ca6779396f7adb23af4d5b1dd760ae3c6673a025269fab3a51bf346ffeb3ab8e49cd0413398142b0cbb885359bbaf4988394dc050c0b8c3e5b4525effce3b039693595f58b8a3e654d7481938e7aa2e875cfa701e17474bcdbe999727a66900cf7558350800ffad0b578c3b7bddd232cad7dd252e05f75517f0c3675e195546750f28408396c37bdc051982a988b78b87dfec735df8188bd5bf5fbfe051ee0c18f215f2c81afeba2464498881b17d2bb6cc24e637b045e3f43b180fe83319c0d55fbe963a0f00e1da6b29701669bb591f20c0295157b962c282026f40b6b6cf6cfc53b9b9e942b9232ceef7ddd0955a677462e75664c7ec3559c09325082182c31447dc0910ddbec96c5e310e16d38497641340895e810b922ba5d19cec860f253d619b1bac85139475be1973271af7d7294b24a91beb0f1bda0b75139195b7553d5fd742959428752dc012af3da8d9477e0e65549eb758f52476fb777843a8fcd4f84c4fc0d906530138ac82047c91568460a0a011f5deab9c4b353c1c7f36ecfb46b22bc4baf15d995a28bd46852569aa74d96c4d5fe743da5ee8e16ad6", @generic="95bba7a9fe39ed3dd40ce392c404efa756f557b635de4a6bc133c1f5920825099da0ce4d99590a8c5d6cdb1fe59949789f02a6e365eb33d313808f185bc3a7c0aafedd88af306ff1d278ad4bb5036ba645e6c5b08868c4f189afe8455e982f", @generic="8178d4e8471c839b450aa4f848e04f7aca6bbf18dd5bd72ce5c8674f7578b83b2c787228003f722f836164e1d53922257f317ea03951720c1eb6d5"]}, @typed={0xd4, 0x35, @binary="4daef852c482a7b5f888daad443f17ed04e4c2afcd4ec57fbf12a45c0250f24dcbd55472825b0a0f37d74ab549737f2147473898bcbc612e27c59439b43d029a34f0a4f1ec66076f39bb9773e488a0a6b0f859f6f94a1bb9c30acc921034b4bf8bf496cf8c985dfbfbcfb4d3eff5cbf787d4fcb24c93937948dc5ff557644035d7a63d1194285ddf032fcca6c6a3b049cdf4bc8530665ba971b82398695f42f14d56bc0847a3e3a2933308f7f51385f0ceb0b2c99b57cdf580990d00c46badcc0d7a0b616571156453101aebc7"}, @generic="5f2c6bcf5fca7a570676898aca4d998307cced95a122877036a20a93e6db35aa03aeb3e6", @generic="de29f3db0fc1eba2cc28484fddb4103c8caf83c8c483a99fa88ee1d400744646bcfdd592ea8b0209834b36f2d88252e62993ff9b03de0de21df29c7240f891804871d2f2f63a5c08f4e060bb5fb2b3938b794b6fb024c458dca5aa043686a3bc45cf10fe2d070dfdcd66c3a8969fd3929ac7295e6a4a6829d835876c0f13349532f3471e74acf548cd2f3357012fdee917dae97c71eb350fdd800ce35a90ca155826b65b9161b8004aa4f6b2030a55cf051d4b2570f851a21c4f363726dfe6a442384edbb1f62e00c3c4db94458d9f4775", @nested={0xbc, 0x12, [@typed={0x4, 0x8f}, @generic="81cb078bb4f814f2f7091c6df0b5816c96875b06f064c9471b347f9343174a267c7b5cfe9b3c9c77240fb88c9829af9356d831953b4c40666fea0541986cf0bc2c2926dea56c8f260b789ffea9a3e0655b771cbb40", @generic="e2cf2c1475060d21902220d3a5d966ba6a97512474db965967ec7f7234ca0030fed9072c1a7391a68a9efdc8b92e59b4cda9be426c1efa02b2297276e5645351ad6c8560ba3cb5f5ae8af9ee6a1d44cc093dfc67e82b17901567cb13bd900c"]}]}, 0x1554}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) preadv(r0, &(0x7f0000002a00)=[{&(0x7f00000016c0)=""/19, 0x13}, {&(0x7f0000001700)=""/41, 0x29}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000002740)=""/94, 0x5e}, {&(0x7f00000027c0)=""/67, 0x43}, {&(0x7f0000002840)=""/237, 0xed}, {&(0x7f0000002940)=""/77, 0x4d}, {&(0x7f00000029c0)=""/14, 0xe}], 0x8, 0x59) ioctl$BLKROGET(r0, 0x125e, &(0x7f0000000000)) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000002a80)='/dev/qat_adf_ctl\x00', 0x8040, 0x0) [ 3060.923930] ? __lock_acquire+0x7fc/0x5020 [ 3060.928179] ? vmx_vcpu_reset+0x1040/0x1040 [ 3060.932521] ? graph_lock+0x170/0x170 [ 3060.936336] ? __lock_acquire+0x7fc/0x5020 [ 3060.940597] ? __lock_is_held+0xb5/0x140 [ 3060.944676] ? lock_acquire+0x1e4/0x540 [ 3060.948665] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3060.953701] ? lock_release+0xa30/0xa30 [ 3060.957686] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3060.962974] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3060.967481] ? preempt_notifier_dec+0x20/0x20 [ 3060.972000] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3060.976855] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3060.981914] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3060.985989] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3060.991712] ? find_held_lock+0x36/0x1c0 [ 3060.995789] ? find_held_lock+0x36/0x1c0 [ 3060.999901] ? lock_downgrade+0x8f0/0x8f0 [ 3061.004066] ? kasan_check_read+0x11/0x20 [ 3061.008216] ? rcu_is_watching+0x8c/0x150 [ 3061.012368] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3061.016818] ? __fget+0x414/0x670 [ 3061.020279] ? find_held_lock+0x11/0x1c0 [ 3061.024447] ? expand_files.part.8+0x9c0/0x9c0 [ 3061.029044] ? kasan_check_write+0x14/0x20 [ 3061.033289] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3061.038237] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3061.043955] do_vfs_ioctl+0x1de/0x1720 [ 3061.047862] ? __lock_is_held+0xb5/0x140 [ 3061.051940] ? ioctl_preallocate+0x300/0x300 [ 3061.052864] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3061.056353] ? __fget_light+0x2f7/0x440 [ 3061.056369] ? fget_raw+0x20/0x20 [ 3061.056388] ? __sb_end_write+0xac/0xe0 [ 3061.056405] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3061.056420] ? fput+0x130/0x1a0 [ 3061.063895] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3061.067911] ? ksys_write+0x1ae/0x260 [ 3061.067929] ? security_file_ioctl+0x94/0xc0 [ 3061.067946] ksys_ioctl+0xa9/0xd0 [ 3061.110260] __x64_sys_ioctl+0x73/0xb0 [ 3061.114168] do_syscall_64+0x1b9/0x820 [ 3061.118066] ? syscall_slow_exit_work+0x500/0x500 [ 3061.122924] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3061.127868] ? syscall_return_slowpath+0x31d/0x5e0 [ 3061.132811] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3061.138192] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3061.143052] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3061.148257] RIP: 0033:0x455ab9 [ 3061.151440] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3061.170807] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3061.178533] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3061.185819] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3061.193100] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3061.200378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3061.207658] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000003f 14:36:21 executing program 2 (fault-call:7 fault-nth:64): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:21 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:21 executing program 5: r0 = getpgrp(0xffffffffffffffff) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='memory.current\x00', 0x0, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f00000000c0)={0x3ff, {{0xa, 0x4e23, 0x4, @loopback={0x0, 0x1}, 0x2}}}, 0x88) r2 = syz_open_procfs(r0, &(0x7f0000000080)='net/wireless\x00') ioctl$RTC_AIE_ON(r2, 0x7001) preadv(r2, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x1, 0x0) 14:36:21 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x5000000) 14:36:21 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000fd00", 0xfff}) 14:36:21 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8dffffff], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:21 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:21 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x80d, &(0x7f0000000200)) 14:36:21 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xffffffff00000000) 14:36:21 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000000000ffffff", 0xfff}) 14:36:21 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') getpeername$inet6(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, @ipv4={[], [], @remote}}, &(0x7f0000000040)=0x1c) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) [ 3061.452242] FAULT_INJECTION: forcing a failure. [ 3061.452242] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3061.464382] CPU: 0 PID: 9412 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3061.466612] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3061.471761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3061.471768] Call Trace: [ 3061.471795] dump_stack+0x1c9/0x2b4 [ 3061.471815] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3061.471836] ? lock_downgrade+0x8f0/0x8f0 [ 3061.471861] should_fail.cold.4+0xa/0x1a [ 3061.471880] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3061.479307] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3061.488705] ? graph_lock+0x170/0x170 [ 3061.488724] ? is_bpf_text_address+0xd7/0x170 [ 3061.488744] ? find_held_lock+0x36/0x1c0 [ 3061.488763] ? __lock_is_held+0xb5/0x140 [ 3061.488788] ? check_same_owner+0x340/0x340 [ 3061.548642] ? rcu_note_context_switch+0x730/0x730 [ 3061.553591] __alloc_pages_nodemask+0x36e/0xdb0 [ 3061.558272] ? lock_downgrade+0x8f0/0x8f0 [ 3061.562440] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3061.567472] ? graph_lock+0x170/0x170 [ 3061.571282] ? __lock_is_held+0xb5/0x140 [ 3061.575345] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3061.579772] ? __lock_is_held+0xb5/0x140 [ 3061.583858] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3061.589499] alloc_pages_current+0x10c/0x210 [ 3061.593929] __get_free_pages+0xf/0x40 [ 3061.597838] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3061.602610] kvm_mmu_load+0x21/0x10e0 [ 3061.606418] ? vcpu_enter_guest+0x298c/0x6090 [ 3061.610930] vcpu_enter_guest+0x3aa6/0x6090 [ 3061.615277] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3061.619961] ? vmx_vcpu_load+0xadf/0xff0 [ 3061.624038] ? __lock_acquire+0x7fc/0x5020 [ 3061.628282] ? vmx_vcpu_reset+0x1040/0x1040 [ 3061.632611] ? graph_lock+0x170/0x170 [ 3061.636422] ? __lock_acquire+0x7fc/0x5020 [ 3061.640677] ? __lock_is_held+0xb5/0x140 [ 3061.644753] ? lock_acquire+0x1e4/0x540 [ 3061.648726] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3061.653745] ? lock_release+0xa30/0xa30 [ 3061.657725] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3061.663010] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3061.667516] ? preempt_notifier_dec+0x20/0x20 [ 3061.672028] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3061.676880] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3061.681917] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3061.685998] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3061.691723] ? find_held_lock+0x36/0x1c0 [ 3061.695802] ? find_held_lock+0x36/0x1c0 [ 3061.699883] ? lock_downgrade+0x8f0/0x8f0 [ 3061.704050] ? kasan_check_read+0x11/0x20 [ 3061.708205] ? rcu_is_watching+0x8c/0x150 [ 3061.712536] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3061.716979] ? __fget+0x414/0x670 [ 3061.720449] ? find_held_lock+0x11/0x1c0 [ 3061.724521] ? expand_files.part.8+0x9c0/0x9c0 [ 3061.729116] ? kasan_check_write+0x14/0x20 [ 3061.733365] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3061.738990] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3061.744715] do_vfs_ioctl+0x1de/0x1720 [ 3061.748624] ? __lock_is_held+0xb5/0x140 14:36:22 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xa8aaaafffeaaaaaa) 14:36:22 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:22 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000400"}}}]}, 0x138}, 0x1}, 0x0) 14:36:22 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') setsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000000)="c4959d95026a4b4227e731490dbddec743fd01ed6312efaab110d044085904", 0x1f) preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) [ 3061.752698] ? ioctl_preallocate+0x300/0x300 [ 3061.757115] ? __fget_light+0x2f7/0x440 [ 3061.761181] ? fget_raw+0x20/0x20 [ 3061.764643] ? __sb_end_write+0xac/0xe0 [ 3061.768629] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3061.774171] ? fput+0x130/0x1a0 [ 3061.777461] ? ksys_write+0x1ae/0x260 [ 3061.781272] ? security_file_ioctl+0x94/0xc0 [ 3061.785691] ksys_ioctl+0xa9/0xd0 [ 3061.789157] __x64_sys_ioctl+0x73/0xb0 [ 3061.793056] do_syscall_64+0x1b9/0x820 [ 3061.796956] ? syscall_slow_exit_work+0x500/0x500 [ 3061.799225] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3061.801808] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3061.801827] ? syscall_return_slowpath+0x31d/0x5e0 [ 3061.801849] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3061.801868] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3061.801889] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3061.841548] RIP: 0033:0x455ab9 [ 3061.844736] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3061.864103] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3061.871825] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3061.879101] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3061.886378] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3061.893654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3061.900935] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000040 14:36:22 executing program 2 (fault-call:7 fault-nth:65): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:22 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x300, &(0x7f0000000200)) 14:36:22 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)=0xffffffff80000004) r1 = add_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$invalidate(0x15, r1) 14:36:22 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:22 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:22 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9effffff00000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:22 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x3000000) 14:36:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000000000fffffffc00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:22 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xb405) 14:36:22 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f000000c000)=[{&(0x7f000000bec0)=""/189, 0xbd}, {&(0x7f000000bf80)=""/66, 0x42}], 0x309, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r0, 0x4010ae94, &(0x7f0000000000)={0xfff, 0x4f6, 0xffffffff}) 14:36:22 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:22 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2904000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:22 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xa) [ 3062.197469] FAULT_INJECTION: forcing a failure. [ 3062.197469] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3062.209412] CPU: 1 PID: 9467 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3062.216702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3062.226162] Call Trace: [ 3062.228769] dump_stack+0x1c9/0x2b4 [ 3062.232426] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3062.237631] ? lock_downgrade+0x8f0/0x8f0 [ 3062.241807] should_fail.cold.4+0xa/0x1a [ 3062.245890] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3062.251013] ? graph_lock+0x170/0x170 [ 3062.254830] ? is_bpf_text_address+0xd7/0x170 [ 3062.259357] ? find_held_lock+0x36/0x1c0 [ 3062.263451] ? __lock_is_held+0xb5/0x140 [ 3062.267538] ? check_same_owner+0x340/0x340 [ 3062.271961] ? rcu_note_context_switch+0x730/0x730 [ 3062.276912] __alloc_pages_nodemask+0x36e/0xdb0 [ 3062.281587] ? lock_downgrade+0x8f0/0x8f0 [ 3062.285748] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3062.290783] ? graph_lock+0x170/0x170 [ 3062.294596] ? __lock_is_held+0xb5/0x140 [ 3062.298668] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3062.303099] ? __lock_is_held+0xb5/0x140 [ 3062.307180] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3062.312737] alloc_pages_current+0x10c/0x210 [ 3062.317163] __get_free_pages+0xf/0x40 [ 3062.321067] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3062.325873] kvm_mmu_load+0x21/0x10e0 [ 3062.329696] vcpu_enter_guest+0x3aa6/0x6090 [ 3062.334032] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3062.338300] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3062.342987] ? vmx_vcpu_load+0xadf/0xff0 [ 3062.347063] ? __lock_acquire+0x7fc/0x5020 [ 3062.351307] ? vmx_vcpu_reset+0x1040/0x1040 [ 3062.355640] ? graph_lock+0x170/0x170 [ 3062.359458] ? __lock_acquire+0x7fc/0x5020 [ 3062.363716] ? __lock_is_held+0xb5/0x140 [ 3062.367791] ? lock_acquire+0x1e4/0x540 [ 3062.371774] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3062.376809] ? lock_release+0xa30/0xa30 [ 3062.380791] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3062.386084] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3062.390587] ? preempt_notifier_dec+0x20/0x20 [ 3062.395106] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3062.400025] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3062.405063] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3062.409151] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3062.414880] ? find_held_lock+0x36/0x1c0 [ 3062.418961] ? find_held_lock+0x36/0x1c0 [ 3062.423045] ? lock_downgrade+0x8f0/0x8f0 [ 3062.427213] ? kasan_check_read+0x11/0x20 [ 3062.431365] ? rcu_is_watching+0x8c/0x150 [ 3062.435524] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3062.439947] ? __fget+0x414/0x670 [ 3062.443417] ? find_held_lock+0x11/0x1c0 14:36:22 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000fffffffe00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:22 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xf5ffffff00000000) 14:36:22 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3062.447488] ? expand_files.part.8+0x9c0/0x9c0 [ 3062.452085] ? kasan_check_write+0x14/0x20 [ 3062.456334] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3062.461291] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3062.467012] do_vfs_ioctl+0x1de/0x1720 [ 3062.470917] ? __lock_is_held+0xb5/0x140 [ 3062.474997] ? ioctl_preallocate+0x300/0x300 [ 3062.479417] ? __fget_light+0x2f7/0x440 [ 3062.483413] ? fget_raw+0x20/0x20 [ 3062.486884] ? __sb_end_write+0xac/0xe0 [ 3062.490878] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3062.496448] ? fput+0x130/0x1a0 [ 3062.499741] ? ksys_write+0x1ae/0x260 [ 3062.503550] ? security_file_ioctl+0x94/0xc0 [ 3062.507969] ksys_ioctl+0xa9/0xd0 [ 3062.511435] __x64_sys_ioctl+0x73/0xb0 [ 3062.515334] do_syscall_64+0x1b9/0x820 [ 3062.519238] ? syscall_slow_exit_work+0x500/0x500 [ 3062.524097] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3062.529044] ? syscall_return_slowpath+0x31d/0x5e0 [ 3062.533993] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3062.539367] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3062.544220] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3062.549418] RIP: 0033:0x455ab9 [ 3062.552632] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3062.572448] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3062.580149] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3062.587407] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:23 executing program 2 (fault-call:7 fault-nth:66): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:23 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000300"}}}]}, 0x138}, 0x1}, 0x0) 14:36:23 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x9000000) 14:36:23 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:23 executing program 5: 14:36:23 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:23 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000000fd00", 0xfff}) 14:36:23 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x7e10, &(0x7f0000000200)) [ 3062.594666] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3062.601945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3062.609201] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000041 14:36:23 executing program 5: 14:36:23 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x600) 14:36:23 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3062.789635] validate_nla: 3 callbacks suppressed [ 3062.789645] netlink: 'syz-executor0': attribute type 39 has an invalid length. 14:36:23 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00?\x00', 0xfff}) 14:36:23 executing program 5: 14:36:23 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:23 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x8) [ 3062.880449] netlink: 'syz-executor0': attribute type 39 has an invalid length. 14:36:23 executing program 5: [ 3062.973844] FAULT_INJECTION: forcing a failure. [ 3062.973844] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3062.986066] CPU: 0 PID: 9517 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3062.993354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3063.002805] Call Trace: [ 3063.005419] dump_stack+0x1c9/0x2b4 [ 3063.009064] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3063.014274] ? lock_downgrade+0x8f0/0x8f0 [ 3063.018558] should_fail.cold.4+0xa/0x1a [ 3063.022645] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3063.027772] ? graph_lock+0x170/0x170 [ 3063.031590] ? is_bpf_text_address+0xd7/0x170 [ 3063.036107] ? find_held_lock+0x36/0x1c0 [ 3063.040188] ? __lock_is_held+0xb5/0x140 [ 3063.044385] ? check_same_owner+0x340/0x340 [ 3063.048723] ? rcu_note_context_switch+0x730/0x730 [ 3063.053677] __alloc_pages_nodemask+0x36e/0xdb0 [ 3063.058365] ? lock_downgrade+0x8f0/0x8f0 [ 3063.062618] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3063.067652] ? graph_lock+0x170/0x170 [ 3063.071640] ? __lock_is_held+0xb5/0x140 [ 3063.075720] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3063.080236] ? __lock_is_held+0xb5/0x140 [ 3063.084335] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3063.089895] alloc_pages_current+0x10c/0x210 [ 3063.094327] __get_free_pages+0xf/0x40 [ 3063.098233] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3063.103010] kvm_mmu_load+0x21/0x10e0 [ 3063.106839] vcpu_enter_guest+0x3aa6/0x6090 [ 3063.111179] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3063.115449] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3063.120139] ? vmx_vcpu_load+0xadf/0xff0 [ 3063.124243] ? __lock_acquire+0x7fc/0x5020 [ 3063.128501] ? vmx_vcpu_reset+0x1040/0x1040 [ 3063.132849] ? graph_lock+0x170/0x170 [ 3063.136662] ? __lock_acquire+0x7fc/0x5020 [ 3063.141273] ? __lock_is_held+0xb5/0x140 [ 3063.145352] ? lock_acquire+0x1e4/0x540 [ 3063.149341] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3063.154375] ? lock_release+0xa30/0xa30 [ 3063.158360] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3063.163658] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3063.168180] ? preempt_notifier_dec+0x20/0x20 [ 3063.172715] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3063.177574] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3063.183396] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3063.187483] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3063.193216] ? find_held_lock+0x36/0x1c0 [ 3063.197653] ? find_held_lock+0x36/0x1c0 [ 3063.201740] ? lock_downgrade+0x8f0/0x8f0 [ 3063.205907] ? kasan_check_read+0x11/0x20 [ 3063.210067] ? rcu_is_watching+0x8c/0x150 [ 3063.214223] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3063.218648] ? __fget+0x414/0x670 [ 3063.222116] ? find_held_lock+0x11/0x1c0 [ 3063.226192] ? expand_files.part.8+0x9c0/0x9c0 [ 3063.230788] ? kasan_check_write+0x14/0x20 [ 3063.235043] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3063.239993] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3063.245719] do_vfs_ioctl+0x1de/0x1720 [ 3063.249598] ? __lock_is_held+0xb5/0x140 [ 3063.253664] ? ioctl_preallocate+0x300/0x300 [ 3063.258073] ? __fget_light+0x2f7/0x440 [ 3063.262048] ? fget_raw+0x20/0x20 [ 3063.265494] ? __sb_end_write+0xac/0xe0 [ 3063.269543] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3063.275068] ? fput+0x130/0x1a0 [ 3063.278334] ? ksys_write+0x1ae/0x260 [ 3063.282122] ? security_file_ioctl+0x94/0xc0 [ 3063.286532] ksys_ioctl+0xa9/0xd0 [ 3063.289983] __x64_sys_ioctl+0x73/0xb0 [ 3063.293872] do_syscall_64+0x1b9/0x820 [ 3063.297765] ? syscall_slow_exit_work+0x500/0x500 [ 3063.302599] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3063.307542] ? syscall_return_slowpath+0x31d/0x5e0 [ 3063.312474] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3063.317833] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3063.322667] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3063.327843] RIP: 0033:0x455ab9 [ 3063.331017] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3063.350229] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3063.357940] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3063.365211] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:23 executing program 2 (fault-call:7 fault-nth:67): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:23 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4c000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:23 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000000100"}}}]}, 0x138}, 0x1}, 0x0) 14:36:23 executing program 5: 14:36:23 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff5], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:23 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000600", 0xfff}) 14:36:23 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x6) [ 3063.372478] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3063.379739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3063.386995] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000042 14:36:23 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x813, &(0x7f0000000200)) 14:36:23 executing program 5: 14:36:23 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x500) [ 3063.521682] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3063.529221] net_ratelimit: 4 callbacks suppressed [ 3063.529229] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:23 executing program 5: 14:36:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000031600"}}}]}, 0x138}, 0x1}, 0x0) 14:36:24 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000fffffffe00", 0xfff}) 14:36:24 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:24 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x4000000000000) [ 3063.656582] FAULT_INJECTION: forcing a failure. [ 3063.656582] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3063.668672] CPU: 0 PID: 9567 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3063.675961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3063.685330] Call Trace: [ 3063.687945] dump_stack+0x1c9/0x2b4 [ 3063.691596] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3063.696907] ? lock_downgrade+0x8f0/0x8f0 [ 3063.701090] should_fail.cold.4+0xa/0x1a [ 3063.705180] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3063.710305] ? graph_lock+0x170/0x170 [ 3063.714130] ? is_bpf_text_address+0xd7/0x170 [ 3063.718665] ? find_held_lock+0x36/0x1c0 [ 3063.722780] ? __lock_is_held+0xb5/0x140 [ 3063.726872] ? check_same_owner+0x340/0x340 [ 3063.731228] ? rcu_note_context_switch+0x730/0x730 [ 3063.736208] __alloc_pages_nodemask+0x36e/0xdb0 [ 3063.741575] ? lock_downgrade+0x8f0/0x8f0 [ 3063.745834] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3063.750960] ? graph_lock+0x170/0x170 14:36:24 executing program 5: [ 3063.754786] ? __lock_is_held+0xb5/0x140 [ 3063.758867] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3063.763316] ? __lock_is_held+0xb5/0x140 [ 3063.767407] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3063.772967] alloc_pages_current+0x10c/0x210 [ 3063.777402] __get_free_pages+0xf/0x40 [ 3063.781320] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3063.786095] kvm_mmu_load+0x21/0x10e0 [ 3063.789933] vcpu_enter_guest+0x3aa6/0x6090 [ 3063.794293] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3063.798547] ? __lock_is_held+0xb5/0x140 [ 3063.802724] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3063.807431] ? vmx_vcpu_load+0xadf/0xff0 [ 3063.811541] ? __lock_is_held+0xb5/0x140 [ 3063.815624] ? __account_cfs_rq_runtime+0x770/0x770 [ 3063.821276] ? vmx_vcpu_reset+0x1040/0x1040 [ 3063.825818] ? graph_lock+0x170/0x170 [ 3063.829644] ? __lock_acquire+0x7fc/0x5020 [ 3063.833924] ? __lock_is_held+0xb5/0x140 [ 3063.838043] ? lock_acquire+0x1e4/0x540 [ 3063.842045] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3063.847091] ? lock_release+0xa30/0xa30 [ 3063.851078] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3063.856374] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3063.860890] ? preempt_notifier_dec+0x20/0x20 [ 3063.865420] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3063.870284] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3063.875331] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3063.879441] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3063.885204] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 3063.890261] ? trace_hardirqs_on+0xd/0x10 [ 3063.894442] ? find_held_lock+0x36/0x1c0 [ 3063.898551] ? lock_downgrade+0x8f0/0x8f0 [ 3063.902722] ? kasan_check_read+0x11/0x20 [ 3063.906984] ? rcu_is_watching+0x8c/0x150 [ 3063.911160] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3063.915770] ? __fget+0x414/0x670 [ 3063.919243] ? __mutex_unlock_slowpath+0x101/0x8c0 [ 3063.924208] ? expand_files.part.8+0x9c0/0x9c0 [ 3063.928809] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3063.933807] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3063.939553] do_vfs_ioctl+0x1de/0x1720 [ 3063.943472] ? ioctl_preallocate+0x300/0x300 [ 3063.947894] ? __fget_light+0x2f7/0x440 [ 3063.951883] ? __schedule+0x1ed0/0x1ed0 [ 3063.955868] ? fget_raw+0x20/0x20 [ 3063.959638] ? __sb_end_write+0xac/0xe0 [ 3063.963659] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3063.969211] ? exit_to_usermode_loop+0x8c/0x370 [ 3063.973911] ? security_file_ioctl+0x94/0xc0 [ 3063.978342] ksys_ioctl+0xa9/0xd0 [ 3063.981836] __x64_sys_ioctl+0x73/0xb0 [ 3063.985754] do_syscall_64+0x1b9/0x820 [ 3063.989657] ? syscall_slow_exit_work+0x500/0x500 [ 3063.994518] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3063.999467] ? syscall_return_slowpath+0x31d/0x5e0 [ 3064.004420] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3064.009866] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3064.014735] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3064.019955] RIP: 0033:0x455ab9 [ 3064.023147] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3064.042534] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3064.050261] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 14:36:24 executing program 2 (fault-call:7 fault-nth:68): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:24 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6c}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:24 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)="6264040000", 0x100000, &(0x7f0000000000)) mount(&(0x7f0000fb6000)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1003, 0x0) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000)) unshare(0x20000) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000)) preadv(r0, &(0x7f00000023c0)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1, 0x0) 14:36:24 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xa00000000000000) 14:36:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:24 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\a\x00', 0xfff}) 14:36:24 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:24 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x1400, &(0x7f0000000200)) [ 3064.057544] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3064.064915] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3064.072220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3064.079538] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000043 14:36:24 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x600000000000000) 14:36:24 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000000007fffff", 0xfff}) 14:36:24 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3064.241401] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3064.249174] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:24 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x700) 14:36:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000000001000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:24 executing program 5: r0 = syz_open_dev$binder(&(0x7f0000232ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x400, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x3c, 0x0, &(0x7f0000004fbc)=ANY=[@ANYBLOB="00634040000000000000000000000000000000000000000002000000000000000000000028000000000000000800000000000000", @ANYPTR=&(0x7f000000afd0)=ANY=[@ANYBLOB="00008000000000ca"]], 0x0, 0x10000000, &(0x7f0000009000)}) getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000080)=""/167, &(0x7f0000000140)=0xa7) [ 3064.402656] FAULT_INJECTION: forcing a failure. [ 3064.402656] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3064.414682] CPU: 0 PID: 9616 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3064.421984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3064.431350] Call Trace: [ 3064.433960] dump_stack+0x1c9/0x2b4 [ 3064.437608] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3064.442819] ? lock_downgrade+0x8f0/0x8f0 [ 3064.446994] should_fail.cold.4+0xa/0x1a 14:36:24 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0xe00, &(0x7f0000000200)) 14:36:24 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00`\x00', 0xfff}) [ 3064.451090] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3064.456209] ? graph_lock+0x170/0x170 [ 3064.460026] ? is_bpf_text_address+0xd7/0x170 [ 3064.464543] ? find_held_lock+0x36/0x1c0 [ 3064.468624] ? __lock_is_held+0xb5/0x140 [ 3064.472738] ? check_same_owner+0x340/0x340 [ 3064.477688] ? rcu_note_context_switch+0x730/0x730 [ 3064.482666] __alloc_pages_nodemask+0x36e/0xdb0 [ 3064.487361] ? lock_downgrade+0x8f0/0x8f0 [ 3064.491533] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3064.496579] ? graph_lock+0x170/0x170 [ 3064.500397] ? __lock_is_held+0xb5/0x140 [ 3064.504469] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3064.508910] ? __lock_is_held+0xb5/0x140 [ 3064.513004] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3064.518564] alloc_pages_current+0x10c/0x210 [ 3064.522993] __get_free_pages+0xf/0x40 [ 3064.526897] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3064.531676] kvm_mmu_load+0x21/0x10e0 [ 3064.535509] vcpu_enter_guest+0x3aa6/0x6090 [ 3064.539848] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3064.544107] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3064.548824] ? vmx_vcpu_load+0xadf/0xff0 [ 3064.552911] ? __lock_acquire+0x7fc/0x5020 [ 3064.557168] ? vmx_vcpu_reset+0x1040/0x1040 [ 3064.561512] ? graph_lock+0x170/0x170 [ 3064.565339] ? __lock_acquire+0x7fc/0x5020 [ 3064.569609] ? __lock_is_held+0xb5/0x140 [ 3064.573706] ? lock_acquire+0x1e4/0x540 [ 3064.577705] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3064.582747] ? lock_release+0xa30/0xa30 [ 3064.586736] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3064.592038] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3064.596554] ? preempt_notifier_dec+0x20/0x20 [ 3064.601076] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3064.605939] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3064.611087] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3064.615179] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3064.620908] ? find_held_lock+0x36/0x1c0 [ 3064.624992] ? find_held_lock+0x36/0x1c0 [ 3064.629077] ? lock_downgrade+0x8f0/0x8f0 [ 3064.633250] ? kasan_check_read+0x11/0x20 [ 3064.637408] ? rcu_is_watching+0x8c/0x150 [ 3064.641570] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3064.645999] ? __fget+0x414/0x670 [ 3064.649469] ? find_held_lock+0x11/0x1c0 [ 3064.653545] ? expand_files.part.8+0x9c0/0x9c0 [ 3064.658143] ? kasan_check_write+0x14/0x20 [ 3064.662390] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3064.667346] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3064.673073] do_vfs_ioctl+0x1de/0x1720 [ 3064.676983] ? __lock_is_held+0xb5/0x140 [ 3064.681060] ? ioctl_preallocate+0x300/0x300 [ 3064.685478] ? __fget_light+0x2f7/0x440 [ 3064.689473] ? fget_raw+0x20/0x20 [ 3064.692945] ? __sb_end_write+0xac/0xe0 [ 3064.696938] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3064.702491] ? fput+0x130/0x1a0 [ 3064.705788] ? ksys_write+0x1ae/0x260 [ 3064.709608] ? security_file_ioctl+0x94/0xc0 [ 3064.714034] ksys_ioctl+0xa9/0xd0 [ 3064.717622] __x64_sys_ioctl+0x73/0xb0 [ 3064.721531] do_syscall_64+0x1b9/0x820 [ 3064.725437] ? syscall_slow_exit_work+0x500/0x500 [ 3064.730391] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3064.735338] ? syscall_return_slowpath+0x31d/0x5e0 [ 3064.740278] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3064.745638] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3064.750476] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3064.755657] RIP: 0033:0x455ab9 [ 3064.758834] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3064.778047] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3064.785773] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3064.793045] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:25 executing program 2 (fault-call:7 fault-nth:69): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:25 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:25 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:25 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00?\x00', 0xfff}) 14:36:25 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000fffffffc00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:25 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x11) [ 3064.800307] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3064.807574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3064.814838] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000044 14:36:25 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x80e, &(0x7f0000000200)) 14:36:25 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000300", 0xfff}) 14:36:25 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xffffff8d) [ 3064.922695] binder: 9664:9665 transaction failed 29189/-22, size 40-8 line 2852 [ 3064.948723] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3064.956311] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3064.990228] binder: 9664:9665 transaction failed 29189/-22, size 40-8 line 2852 14:36:25 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0060000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:25 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000f000"}}}]}, 0x138}, 0x1}, 0x0) [ 3065.034503] binder: undelivered TRANSACTION_ERROR: 29189 [ 3065.040780] binder: undelivered TRANSACTION_ERROR: 29189 14:36:25 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x2) 14:36:25 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getrlimit(0x0, &(0x7f00000000c0)) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000040)={0x4, 0x0, 0x0, 0xfffffffffffffffd}) [ 3065.094931] FAULT_INJECTION: forcing a failure. [ 3065.094931] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3065.106877] CPU: 0 PID: 9667 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3065.114167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3065.123535] Call Trace: [ 3065.126143] dump_stack+0x1c9/0x2b4 [ 3065.129788] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3065.134992] ? lock_downgrade+0x8f0/0x8f0 [ 3065.139165] should_fail.cold.4+0xa/0x1a [ 3065.143341] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3065.148468] ? graph_lock+0x170/0x170 [ 3065.152293] ? is_bpf_text_address+0xd7/0x170 [ 3065.156845] ? find_held_lock+0x36/0x1c0 [ 3065.160929] ? __lock_is_held+0xb5/0x140 [ 3065.165017] ? check_same_owner+0x340/0x340 [ 3065.169363] ? rcu_note_context_switch+0x730/0x730 [ 3065.174324] __alloc_pages_nodemask+0x36e/0xdb0 [ 3065.179020] ? lock_downgrade+0x8f0/0x8f0 [ 3065.183193] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3065.190158] ? graph_lock+0x170/0x170 [ 3065.193983] ? __lock_is_held+0xb5/0x140 [ 3065.198057] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3065.202507] ? __lock_is_held+0xb5/0x140 [ 3065.206587] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3065.212140] alloc_pages_current+0x10c/0x210 [ 3065.216550] __get_free_pages+0xf/0x40 [ 3065.220436] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3065.225194] kvm_mmu_load+0x21/0x10e0 [ 3065.229019] vcpu_enter_guest+0x3aa6/0x6090 [ 3065.233426] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3065.237679] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3065.242350] ? vmx_vcpu_load+0xadf/0xff0 [ 3065.246406] ? __lock_acquire+0x7fc/0x5020 [ 3065.250644] ? vmx_vcpu_reset+0x1040/0x1040 [ 3065.254957] ? graph_lock+0x170/0x170 [ 3065.258757] ? __lock_acquire+0x7fc/0x5020 [ 3065.262996] ? __lock_is_held+0xb5/0x140 [ 3065.267063] ? lock_acquire+0x1e4/0x540 [ 3065.271036] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3065.276051] ? lock_release+0xa30/0xa30 [ 3065.280018] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3065.285293] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3065.289780] ? preempt_notifier_dec+0x20/0x20 [ 3065.294276] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3065.299110] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3065.304129] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3065.308185] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3065.313888] ? find_held_lock+0x36/0x1c0 [ 3065.317951] ? find_held_lock+0x36/0x1c0 [ 3065.322030] ? lock_downgrade+0x8f0/0x8f0 [ 3065.326179] ? kasan_check_read+0x11/0x20 [ 3065.330319] ? rcu_is_watching+0x8c/0x150 [ 3065.334457] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3065.338953] ? __fget+0x414/0x670 [ 3065.342402] ? find_held_lock+0x11/0x1c0 [ 3065.346456] ? expand_files.part.8+0x9c0/0x9c0 [ 3065.351044] ? kasan_check_write+0x14/0x20 [ 3065.355272] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3065.360202] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3065.365906] do_vfs_ioctl+0x1de/0x1720 [ 3065.369785] ? __lock_is_held+0xb5/0x140 [ 3065.373842] ? ioctl_preallocate+0x300/0x300 [ 3065.378240] ? __fget_light+0x2f7/0x440 [ 3065.382209] ? fget_raw+0x20/0x20 [ 3065.385659] ? __sb_end_write+0xac/0xe0 [ 3065.389631] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3065.395166] ? fput+0x130/0x1a0 [ 3065.398437] ? ksys_write+0x1ae/0x260 [ 3065.402231] ? security_file_ioctl+0x94/0xc0 [ 3065.406637] ksys_ioctl+0xa9/0xd0 [ 3065.410084] __x64_sys_ioctl+0x73/0xb0 [ 3065.413968] do_syscall_64+0x1b9/0x820 [ 3065.417846] ? syscall_slow_exit_work+0x500/0x500 [ 3065.422693] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3065.427615] ? syscall_return_slowpath+0x31d/0x5e0 [ 3065.432561] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3065.437923] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3065.442775] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3065.447954] RIP: 0033:0x455ab9 [ 3065.451141] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3065.470737] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3065.478448] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3065.485708] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:25 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000100", 0xfff}) 14:36:25 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x80fe) [ 3065.492968] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3065.500227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3065.507486] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000045 14:36:25 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3065.658817] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3065.666467] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:26 executing program 2 (fault-call:7 fault-nth:70): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:26 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000000000100"}}}]}, 0x138}, 0x1}, 0x0) 14:36:26 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000db9c27000100", 0xfff}) 14:36:26 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x11000000) 14:36:26 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x811, &(0x7f0000000200)) 14:36:26 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0010000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:26 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:26 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) r1 = epoll_create(0x5) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a}) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000040)={0x6, 0x0, 'client1\x00', 0x1, "c69aba0837f7c576", "3d44dd9e26f6cf285d3ded25dbfdbd556042c7902a70b67c5de46a7bbfebcab2", 0x6, 0xffffffffffffffe1}) 14:36:26 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x8000000) [ 3065.868136] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3065.875652] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:26 executing program 5: r0 = socket$inet6(0xa, 0x1000000000001, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x3, &(0x7f0000000000)=0x100000001, 0x1b, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x2c2b74, 0x101000) ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000300)=[0xfff, 0x3d48]) ioctl$KVM_GET_DEBUGREGS(r1, 0x8080aea1, &(0x7f0000000080)) get_mempolicy(&(0x7f000029a000), &(0x7f00003e8000), 0x401, &(0x7f0000377000/0x1000)=nil, 0x2) ioctl$sock_inet6_udp_SIOCOUTQ(r1, 0x5411, &(0x7f00000002c0)) llistxattr(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)=""/4096, 0x1000) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000100)={{{@in, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@mcast1}}, &(0x7f0000000200)=0xe8) setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000000240)={r2, 0x1, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x10) 14:36:26 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3065.991234] FAULT_INJECTION: forcing a failure. [ 3065.991234] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3066.003323] CPU: 0 PID: 9727 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3066.010612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3066.019974] Call Trace: [ 3066.022588] dump_stack+0x1c9/0x2b4 [ 3066.026239] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3066.031451] ? lock_downgrade+0x8f0/0x8f0 [ 3066.035625] should_fail.cold.4+0xa/0x1a [ 3066.039709] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3066.044832] ? graph_lock+0x170/0x170 [ 3066.048650] ? is_bpf_text_address+0xd7/0x170 [ 3066.053167] ? find_held_lock+0x36/0x1c0 [ 3066.057244] ? __lock_is_held+0xb5/0x140 [ 3066.061337] ? check_same_owner+0x340/0x340 [ 3066.065680] ? rcu_note_context_switch+0x730/0x730 [ 3066.070638] __alloc_pages_nodemask+0x36e/0xdb0 [ 3066.075326] ? lock_downgrade+0x8f0/0x8f0 [ 3066.079494] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3066.084530] ? graph_lock+0x170/0x170 [ 3066.088351] ? __lock_is_held+0xb5/0x140 [ 3066.092432] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3066.096871] ? __lock_is_held+0xb5/0x140 [ 3066.100960] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3066.106527] alloc_pages_current+0x10c/0x210 [ 3066.110969] __get_free_pages+0xf/0x40 [ 3066.114874] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3066.119655] kvm_mmu_load+0x21/0x10e0 [ 3066.123483] vcpu_enter_guest+0x3aa6/0x6090 [ 3066.127830] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3066.132091] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3066.136779] ? vmx_vcpu_load+0xadf/0xff0 14:36:26 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x8000, 0x5) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e20, 0x1, @empty, 0x3ff}}}, &(0x7f0000000040)=0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={r1, 0x10, &(0x7f0000000180)=[@in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}]}, &(0x7f0000000280)=0x10) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000300)={'veth1_to_bond\x00', 0x400}) ioctl$RTC_WIE_ON(r0, 0x700f) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x200000000003e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) write$P9_RLERRORu(r0, &(0x7f0000000340)={0x16, 0x7, 0x1, {{0x9, '/dev/kvm\x00'}, 0x9}}, 0x16) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_X86_SET_MCE(r3, 0x4008ae89, &(0x7f0000000080)={0x2, 0x40000000}) 14:36:26 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff0}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:26 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000500", 0xfff}) 14:36:26 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc006], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:26 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x300) [ 3066.140857] ? __lock_acquire+0x7fc/0x5020 [ 3066.145105] ? vmx_vcpu_reset+0x1040/0x1040 [ 3066.149442] ? graph_lock+0x170/0x170 [ 3066.153259] ? __lock_acquire+0x7fc/0x5020 [ 3066.157519] ? __lock_is_held+0xb5/0x140 [ 3066.161604] ? lock_acquire+0x1e4/0x540 [ 3066.165600] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3066.170638] ? lock_release+0xa30/0xa30 [ 3066.174623] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3066.179917] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3066.184426] ? preempt_notifier_dec+0x20/0x20 [ 3066.188949] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3066.193806] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3066.198848] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3066.202927] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3066.208656] ? find_held_lock+0x36/0x1c0 [ 3066.212739] ? find_held_lock+0x36/0x1c0 [ 3066.216824] ? lock_downgrade+0x8f0/0x8f0 [ 3066.220994] ? kasan_check_read+0x11/0x20 [ 3066.225154] ? rcu_is_watching+0x8c/0x150 [ 3066.229317] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3066.233751] ? __fget+0x414/0x670 [ 3066.237226] ? find_held_lock+0x11/0x1c0 [ 3066.241302] ? expand_files.part.8+0x9c0/0x9c0 [ 3066.245902] ? kasan_check_write+0x14/0x20 [ 3066.250149] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3066.255135] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3066.260863] do_vfs_ioctl+0x1de/0x1720 [ 3066.264767] ? __lock_is_held+0xb5/0x140 [ 3066.268839] ? ioctl_preallocate+0x300/0x300 [ 3066.273246] ? __fget_light+0x2f7/0x440 [ 3066.277219] ? fget_raw+0x20/0x20 [ 3066.280669] ? __sb_end_write+0xac/0xe0 [ 3066.284645] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3066.290185] ? fput+0x130/0x1a0 [ 3066.293468] ? ksys_write+0x1ae/0x260 [ 3066.297265] ? security_file_ioctl+0x94/0xc0 [ 3066.301669] ksys_ioctl+0xa9/0xd0 [ 3066.305120] __x64_sys_ioctl+0x73/0xb0 [ 3066.309001] do_syscall_64+0x1b9/0x820 [ 3066.312886] ? syscall_slow_exit_work+0x500/0x500 [ 3066.317731] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3066.322664] ? syscall_return_slowpath+0x31d/0x5e0 [ 3066.327593] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3066.332954] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3066.337796] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3066.342975] RIP: 0033:0x455ab9 [ 3066.346248] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3066.365591] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3066.373297] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3066.380566] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3066.387914] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3066.395194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3066.402465] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000046 [ 3066.480124] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3066.487789] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:26 executing program 2 (fault-call:7 fault-nth:71): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:26 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000000000fffffffe00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:26 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x900) 14:36:26 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x808, &(0x7f0000000200)) 14:36:26 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:26 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:26 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc3}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:27 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x40, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f00000002c0)={r0, r1, 0x200, 0x2, &(0x7f0000000040)="b881b7b1a53cadbffc56539ca0eb4b9df3c075451a5d3a19cf70768505c8d16a502e6483e2f6d30ec26cf4da1ce66658ddedcf1faa3592cc8231af9fa4266e43710e93fdd5a5fecb2f51ddd126b88e1b3fd5588e9ae26b731eeb12503f0b0e2ca5a6ff4856c759114fd5c27732b2ca29c88a69e1205a080f6665fd92c7b5d7", 0x81, 0x89, 0x1, 0x8, 0x401, 0x3, 0x100000000, "e4b87901c1fe70f1c8e3e0a643ca75ab509a305005f0b3a5745dd37e8ec4b47630d37c9996c836e61869c0acdebfb785614918bc7276a299d56016bbe73341f06ab7b1c089b42289466712f0ea34e7146b20f1e2f1f63a493d93f3e3698557bea9ef4aa98634a4bb6ff06efd14960fb86caac608480c6b"}) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r3 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x167, &(0x7f0000000100)=[@op={0x18, 0x117, 0x3}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x80, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x11, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400}) dup2(r0, r3) inotify_init() 14:36:27 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xfffffff5) 14:36:27 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:27 executing program 5: r0 = socket(0x15, 0x80005, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)=0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0x3, 0x90800) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x8, 0x0, 0x4, 0x0, 0x1b, 0x20000, 0x1, 0x2, 0x1, 0x9, 0x401, 0x5, 0x2, 0x80000000, 0x0, 0x800, 0x8, 0x6, 0x5, 0x0, 0x4, 0xbb, 0x0, 0x9, 0x800, 0x5, 0x10000, 0xc00000, 0x5, 0x7ff, 0x9, 0x80000000, 0x3, 0x34, 0x80000000, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x5}, 0x8002, 0x5, 0x0, 0x5, 0x3f, 0x3f, 0x7f}, r1, 0x2, r2, 0x8) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt(r0, 0x114, 0x2716, &(0x7f0000af0fe7)=""/13, &(0x7f0000000240)=0xd) accept4(r0, &(0x7f0000000180)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast1}}}, &(0x7f0000000280)=0x80, 0x80000) sendto(r0, &(0x7f0000000000)="d6588ff0cfb49704900c2477f97cac4d7218111996f89eb2b44f620d39f8c2fe000048315ef5b09351b8f0d893baea19dc7214d08ed6e0430842ff159b14d634ce6e355fac8657e7fc04525b1d17c5d3727da42149512af788c194902202dbd49aae2d", 0x63, 0x40, 0x0, 0x0) 14:36:27 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3066.767382] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3066.774889] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:27 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x700000000000000) 14:36:27 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x818, &(0x7f0000000200)) 14:36:27 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000500", 0xfff}) [ 3066.811638] FAULT_INJECTION: forcing a failure. [ 3066.811638] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3066.823746] CPU: 0 PID: 9774 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3066.831034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3066.840401] Call Trace: [ 3066.843007] dump_stack+0x1c9/0x2b4 [ 3066.846653] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3066.851859] ? lock_downgrade+0x8f0/0x8f0 [ 3066.856033] should_fail.cold.4+0xa/0x1a [ 3066.860107] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3066.865202] ? graph_lock+0x170/0x170 [ 3066.868994] ? is_bpf_text_address+0xd7/0x170 [ 3066.873487] ? find_held_lock+0x36/0x1c0 [ 3066.877541] ? __lock_is_held+0xb5/0x140 [ 3066.881713] ? check_same_owner+0x340/0x340 [ 3066.886031] ? rcu_note_context_switch+0x730/0x730 [ 3066.890954] __alloc_pages_nodemask+0x36e/0xdb0 [ 3066.895957] ? lock_downgrade+0x8f0/0x8f0 [ 3066.900098] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3066.905101] ? graph_lock+0x170/0x170 [ 3066.908887] ? __lock_is_held+0xb5/0x140 [ 3066.912933] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3066.917333] ? __lock_is_held+0xb5/0x140 [ 3066.921390] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3066.926920] alloc_pages_current+0x10c/0x210 [ 3066.931326] __get_free_pages+0xf/0x40 [ 3066.935204] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3066.939953] kvm_mmu_load+0x21/0x10e0 [ 3066.943743] ? vcpu_enter_guest+0x298c/0x6090 [ 3066.948233] vcpu_enter_guest+0x3aa6/0x6090 [ 3066.952551] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3066.957221] ? vmx_vcpu_load+0xadf/0xff0 [ 3066.961281] ? mark_held_locks+0xc9/0x160 [ 3066.965538] ? vmx_vcpu_reset+0x1040/0x1040 [ 3066.969846] ? graph_lock+0x170/0x170 [ 3066.973636] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3066.978402] ? __lock_is_held+0xb5/0x140 [ 3066.982452] ? lock_acquire+0x1e4/0x540 [ 3066.986413] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3066.991431] ? lock_release+0xa30/0xa30 [ 3066.995393] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3067.000663] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3067.005143] ? preempt_notifier_dec+0x20/0x20 [ 3067.009629] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3067.014456] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3067.019466] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3067.023520] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3067.029218] ? find_held_lock+0x36/0x1c0 [ 3067.033271] ? find_held_lock+0x36/0x1c0 [ 3067.037337] ? lock_downgrade+0x8f0/0x8f0 [ 3067.041476] ? kasan_check_read+0x11/0x20 [ 3067.045613] ? rcu_is_watching+0x8c/0x150 [ 3067.049764] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3067.054162] ? __fget+0x414/0x670 [ 3067.057605] ? find_held_lock+0x11/0x1c0 [ 3067.061654] ? expand_files.part.8+0x9c0/0x9c0 [ 3067.066227] ? kasan_check_write+0x14/0x20 [ 3067.070450] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3067.075372] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3067.081068] do_vfs_ioctl+0x1de/0x1720 [ 3067.084943] ? __lock_is_held+0xb5/0x140 [ 3067.088993] ? ioctl_preallocate+0x300/0x300 [ 3067.093403] ? __fget_light+0x2f7/0x440 [ 3067.097363] ? fget_raw+0x20/0x20 [ 3067.100803] ? __sb_end_write+0xac/0xe0 [ 3067.104767] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3067.110290] ? fput+0x130/0x1a0 [ 3067.113558] ? ksys_write+0x1ae/0x260 [ 3067.117360] ? security_file_ioctl+0x94/0xc0 [ 3067.121766] ksys_ioctl+0xa9/0xd0 [ 3067.125207] __x64_sys_ioctl+0x73/0xb0 [ 3067.129086] do_syscall_64+0x1b9/0x820 [ 3067.132958] ? syscall_slow_exit_work+0x500/0x500 [ 3067.137794] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3067.142714] ? syscall_return_slowpath+0x31d/0x5e0 [ 3067.147633] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3067.152988] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3067.157824] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3067.163003] RIP: 0033:0x455ab9 [ 3067.166199] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3067.185427] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3067.193130] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3067.200386] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:27 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3067.207647] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3067.214903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3067.222171] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000047 14:36:27 executing program 2 (fault-call:7 fault-nth:72): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:27 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:27 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x1000000000000000) [ 3067.382366] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3067.389933] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:27 executing program 5: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = dup2(r0, r0) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00') getpeername$packet(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f00000001c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000200)={'team0\x00', 0x0}) getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000280)={@remote, @local, 0x0}, &(0x7f0000000240)=0xc) getsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000300)={@multicast2, @multicast1, 0x0}, &(0x7f0000000340)=0xc) getsockname$packet(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000003c0)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'bcsh0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000440)={'team0\x00', 0x0}) getpeername$packet(r1, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000004c0)=0x14) accept$packet(r1, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000540)=0x14) accept4$packet(r1, &(0x7f0000000580)={0x0, 0x0, 0x0}, &(0x7f00000005c0)=0x14, 0x80800) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@broadcast}}, &(0x7f0000000700)=0xe8) uname(&(0x7f0000000740)=""/229) accept$packet(r1, &(0x7f0000004b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000004b40)=0x14) getsockopt$inet6_mreq(r1, 0x29, 0x15, &(0x7f0000004c40)={@loopback, 0x0}, &(0x7f0000004c80)=0x14) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000051c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2004}, 0xc, &(0x7f0000005180)={&(0x7f0000004cc0)=ANY=[@ANYBLOB="8c040000", @ANYRES16=r2, @ANYBLOB="000327bd7000fedbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="7401020038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000040000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000500000008000600", @ANYRES32=r4, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000100000040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000100004006c6f616462616c616e636500400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000100000008000600", @ANYRES32=r5, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000900000008000600", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="4400020040000100240001006c625f706f72745f73746174730000000000000000000000f2ffff0003020b000800060000000000000000000000000000000000", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="2002020040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040003000000080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400090000007c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000004c00040009001f03070000000900090005000000030008011a00000000000700030000000400060400000000010000010800000000010807010100000100019c80000000040000fa030600003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r10, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="3c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000000c000400686173680000000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000080003000300000008000400010000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="08000100", @ANYRES32=r13, @ANYBLOB="800002003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r14, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000900000008000600", @ANYRES32=r15], 0x48c}, 0x1, 0x0, 0x0, 0x40}, 0x20040000) setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xca, &(0x7f0000000080)={{0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x8}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, 0x5c) 14:36:27 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000f000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:27 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00\a\x00', 0xfff}) 14:36:27 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:27 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x10, &(0x7f0000000200)) 14:36:27 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x7000000) 14:36:27 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8100000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:28 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x5) 14:36:28 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:28 executing program 5: r0 = socket(0x10, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000080), 0x4) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00') accept4$packet(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000100)=0x14, 0x80000) getpeername$packet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000180)=0x14) accept$packet(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000200)=0x14) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000240)={0x0, @remote}, &(0x7f0000000280)=0xc) getpeername$packet(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000300)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000340)={{{@in=@rand_addr, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@dev}}, &(0x7f0000000440)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000580)={{{@in6=@dev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6}}, &(0x7f0000000680)=0xe8) getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f00000006c0)={@rand_addr, @dev, 0x0}, &(0x7f0000000700)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000780)={{{@in=@loopback, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f0000000880)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000980)={{{@in=@remote, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000000a80)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000ac0)={'team0\x00', 0x0}) getsockname$packet(r0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000b40)=0x14) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000c40)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f0000000d40)=0xe8) recvmmsg(r0, &(0x7f00000051c0)=[{{&(0x7f0000000d80)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000001240)=[{&(0x7f0000000e00)=""/53, 0x35}, {&(0x7f0000000e40)=""/181, 0xb5}, {&(0x7f0000000f00)=""/242, 0xf2}, {&(0x7f0000001000)=""/231, 0xe7}, {&(0x7f0000001100)=""/101, 0x65}, {&(0x7f0000001180)=""/161, 0xa1}], 0x6, 0x0, 0x0, 0xfffffffffffffff8}, 0xffffffffffffff7f}, {{&(0x7f00000012c0)=@vsock={0x0, 0x0, 0x0, @hyper}, 0x80, &(0x7f00000014c0)=[{&(0x7f0000001340)=""/76, 0x4c}, {&(0x7f00000013c0)=""/158, 0x9e}, {&(0x7f0000001480)=""/21, 0x15}], 0x3, &(0x7f0000001500)=""/230, 0xe6, 0xfffffffffffffc00}, 0x3}, {{&(0x7f0000001600)=@nfc_llcp, 0x80, &(0x7f00000028c0)=[{&(0x7f0000001680)=""/130, 0x82}, {&(0x7f0000001740)=""/113, 0x71}, {&(0x7f00000017c0)=""/249, 0xf9}, {&(0x7f00000018c0)=""/4096, 0x1000}], 0x4, &(0x7f0000002900)=""/4096, 0x1000, 0x7fffffff}, 0x7}, {{&(0x7f0000003900)=@in={0x0, 0x0, @multicast1}, 0x80, &(0x7f0000004bc0)=[{&(0x7f0000003980)=""/178, 0xb2}, {&(0x7f0000003a40)=""/234, 0xea}, {&(0x7f0000003b40)=""/4096, 0x1000}, {&(0x7f0000004b40)=""/117, 0x75}], 0x4, &(0x7f0000004c00)=""/180, 0xb4, 0x6}, 0x200}, {{&(0x7f0000004cc0)=@hci={0x0, 0x0}, 0x80, &(0x7f00000050c0)=[{&(0x7f0000004d40)=""/147, 0x93}, {&(0x7f0000004e00)=""/82, 0x52}, {&(0x7f0000004e80)=""/43, 0x2b}, {&(0x7f0000004ec0)=""/74, 0x4a}, {&(0x7f0000004f40)}, {&(0x7f0000004f80)=""/59, 0x3b}, {&(0x7f0000004fc0)=""/57, 0x39}, {&(0x7f0000005000)=""/134, 0x86}], 0x8, &(0x7f0000005140)=""/66, 0x42, 0xe4}, 0x15}], 0x5, 0x40000040, &(0x7f0000005300)={0x77359400}) getsockname$packet(r0, &(0x7f0000005340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000005380)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000053c0)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@local}}, &(0x7f00000054c0)=0xe8) getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000005500)={@loopback, 0x0}, &(0x7f0000005540)=0x14) recvmmsg(r0, &(0x7f0000009880)=[{{&(0x7f0000005580)=@l2, 0x80, &(0x7f0000005a80)=[{&(0x7f0000005600)=""/225, 0xe1}, {&(0x7f0000005700)=""/191, 0xbf}, {&(0x7f00000057c0)=""/77, 0x4d}, {&(0x7f0000005840)=""/67, 0x43}, {&(0x7f00000058c0)=""/234, 0xea}, {&(0x7f00000059c0)=""/122, 0x7a}, {&(0x7f0000005a40)=""/54, 0x36}], 0x7, &(0x7f0000005b00)=""/196, 0xc4, 0x7}, 0x80}, {{&(0x7f0000005c00)=@nfc, 0x80, &(0x7f0000005d80)=[{&(0x7f0000005c80)=""/206, 0xce}], 0x1, 0x0, 0x0, 0x1}, 0x7ff}, {{&(0x7f0000005dc0)=@can={0x0, 0x0}, 0x80, &(0x7f00000070c0)=[{&(0x7f0000005e40)=""/81, 0x51}, {&(0x7f0000005ec0)=""/159, 0x9f}, {&(0x7f0000005f80)=""/20, 0x14}, {&(0x7f0000005fc0)=""/4096, 0x1000}, {&(0x7f0000006fc0)=""/251, 0xfb}], 0x5, &(0x7f0000007140)=""/33, 0x21, 0x6}, 0x1ff}, {{0x0, 0x0, &(0x7f0000007180), 0x0, &(0x7f00000071c0)=""/197, 0xc5, 0xfffffffffffff000}, 0x7ff}, {{&(0x7f00000072c0)=@pptp, 0x80, &(0x7f00000073c0)=[{&(0x7f0000007340)=""/111, 0x6f}], 0x1, &(0x7f0000007400)=""/4096, 0x1000, 0x1}, 0x20}, {{&(0x7f0000008400)=@hci, 0x80, &(0x7f0000009600)=[{&(0x7f0000008480)=""/143, 0x8f}, {&(0x7f0000008540)=""/4096, 0x1000}, {&(0x7f0000009540)=""/149, 0x95}], 0x3, &(0x7f0000009640)=""/122, 0x7a, 0x1b5}, 0xdaff}, {{&(0x7f00000096c0)=@alg, 0x80, &(0x7f0000009780)=[{&(0x7f0000009740)=""/28, 0x1c}], 0x1, &(0x7f00000097c0)=""/181, 0xb5, 0x7}, 0x401}], 0x7, 0x20, &(0x7f0000009a40)={0x77359400}) accept4$packet(r0, &(0x7f0000009a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000009ac0)=0x14, 0x80000) accept4$packet(r0, &(0x7f000000b180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f000000b1c0)=0x14, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f000000b200)={@mcast2, 0x0}, &(0x7f000000b240)=0x14) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000b2c0)={@loopback, @multicast1, 0x0}, &(0x7f000000b300)=0xc) getsockname$packet(r0, &(0x7f000000b440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f000000b480)=0x14) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f000000be40)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x21000}, 0xc, &(0x7f000000be00)={&(0x7f000000b4c0)={0x920, r1, 0x0, 0x70bd2a, 0x25dfdbfc, {0x1}, [{{0x8, 0x1, r2}, {0x3c, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x400}}}]}}, {{0x8, 0x1, r3}, {0x28c, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x20}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x10000}}}, {0x6c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x3c, 0x4, [{0x100, 0xffffffffffffffff, 0x8, 0x20}, {0x3, 0x4, 0x3f, 0x6}, {0x8, 0x3, 0x6, 0x3}, {0xb3, 0x84e2, 0x2, 0x50}, {0x6, 0x4, 0x6, 0x64c}, {0xdd, 0x0, 0x1020000000000000, 0x1}, {0x788, 0x9, 0x3, 0x6}]}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7fffffff}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r6}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r8}}, {0x8, 0x7}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}]}}, {{0x8, 0x1, r9}, {0x16c, 0x2, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r10}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x20}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}}]}}, {{0x8, 0x1, r11}, {0x1c0, 0x2, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r12}}, {0x8, 0x7}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r13}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r14}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r15}}}]}}, {{0x8, 0x1, r16}, {0x58, 0x2, [{0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x24, 0x4, [{0x3, 0x2, 0x700, 0x9}, {0x6, 0x8000, 0x9, 0x3}, {0x7, 0x93, 0x2, 0x40}, {0x200, 0x44ba, 0x2, 0x4}]}}}]}}, {{0x8, 0x1, r17}, {0xcc, 0x2, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'roundrobin\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r18}, {0x134, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x6}}, {0x8, 0x7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r19}}, {0x8, 0x7}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3f}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r20}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r21}}}]}}, {{0x8, 0x1, r22}, {0x80, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r23}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r24}}}]}}]}, 0x920}, 0x1, 0x0, 0x0, 0xc000}, 0x40) [ 3067.655666] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:28 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000600", 0xfff}) 14:36:28 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x3f00, &(0x7f0000000200)) 14:36:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000160300"}}}]}, 0x138}, 0x1}, 0x0) [ 3067.889209] FAULT_INJECTION: forcing a failure. [ 3067.889209] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3067.901189] CPU: 1 PID: 9845 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3067.908471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3067.917835] Call Trace: [ 3067.920442] dump_stack+0x1c9/0x2b4 [ 3067.924091] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3067.929304] ? lock_downgrade+0x8f0/0x8f0 [ 3067.933480] should_fail.cold.4+0xa/0x1a [ 3067.937656] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3067.942781] ? graph_lock+0x170/0x170 [ 3067.946603] ? is_bpf_text_address+0xd7/0x170 [ 3067.951120] ? find_held_lock+0x36/0x1c0 [ 3067.955200] ? __lock_is_held+0xb5/0x140 [ 3067.959283] ? check_same_owner+0x340/0x340 [ 3067.963624] ? rcu_note_context_switch+0x730/0x730 [ 3067.968583] __alloc_pages_nodemask+0x36e/0xdb0 [ 3067.973268] ? lock_downgrade+0x8f0/0x8f0 [ 3067.977439] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3067.982471] ? graph_lock+0x170/0x170 [ 3067.986287] ? __lock_is_held+0xb5/0x140 [ 3067.990361] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3067.994783] ? __lock_is_held+0xb5/0x140 [ 3067.998840] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3068.004384] alloc_pages_current+0x10c/0x210 [ 3068.008796] __get_free_pages+0xf/0x40 [ 3068.012672] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3068.017437] kvm_mmu_load+0x21/0x10e0 [ 3068.021241] vcpu_enter_guest+0x3aa6/0x6090 [ 3068.025552] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3068.029793] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3068.034481] ? vmx_vcpu_load+0xadf/0xff0 [ 3068.038540] ? __lock_acquire+0x7fc/0x5020 [ 3068.042768] ? vmx_vcpu_reset+0x1040/0x1040 [ 3068.047100] ? graph_lock+0x170/0x170 [ 3068.050892] ? __lock_acquire+0x7fc/0x5020 [ 3068.055124] ? __lock_is_held+0xb5/0x140 [ 3068.059182] ? lock_acquire+0x1e4/0x540 [ 3068.063161] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3068.068184] ? lock_release+0xa30/0xa30 [ 3068.072164] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3068.077441] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3068.081928] ? preempt_notifier_dec+0x20/0x20 [ 3068.086600] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3068.091435] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3068.096455] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3068.100528] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3068.106231] ? find_held_lock+0x36/0x1c0 [ 3068.110321] ? find_held_lock+0x36/0x1c0 [ 3068.114398] ? lock_downgrade+0x8f0/0x8f0 [ 3068.118550] ? kasan_check_read+0x11/0x20 [ 3068.122698] ? rcu_is_watching+0x8c/0x150 [ 3068.126832] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3068.131231] ? __fget+0x414/0x670 [ 3068.134675] ? find_held_lock+0x11/0x1c0 [ 3068.138735] ? expand_files.part.8+0x9c0/0x9c0 [ 3068.143335] ? kasan_check_write+0x14/0x20 [ 3068.147584] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3068.152531] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3068.158270] do_vfs_ioctl+0x1de/0x1720 [ 3068.162162] ? __lock_is_held+0xb5/0x140 [ 3068.166243] ? ioctl_preallocate+0x300/0x300 [ 3068.170911] ? __fget_light+0x2f7/0x440 [ 3068.174873] ? fget_raw+0x20/0x20 [ 3068.178342] ? __sb_end_write+0xac/0xe0 [ 3068.182322] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3068.187847] ? fput+0x130/0x1a0 [ 3068.191123] ? ksys_write+0x1ae/0x260 [ 3068.194925] ? security_file_ioctl+0x94/0xc0 [ 3068.199326] ksys_ioctl+0xa9/0xd0 [ 3068.202767] __x64_sys_ioctl+0x73/0xb0 [ 3068.206646] do_syscall_64+0x1b9/0x820 [ 3068.210520] ? syscall_slow_exit_work+0x500/0x500 [ 3068.215360] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3068.220289] ? syscall_return_slowpath+0x31d/0x5e0 [ 3068.225210] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3068.230564] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3068.235404] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3068.240579] RIP: 0033:0x455ab9 [ 3068.243748] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3068.262965] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3068.270664] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3068.277928] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:28 executing program 2 (fault-call:7 fault-nth:73): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:28 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x3) 14:36:28 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6c000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:28 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:28 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00`\x00', 0xfff}) 14:36:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:28 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x816, &(0x7f0000000200)) [ 3068.285196] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3068.292453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3068.299822] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000048 14:36:28 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xf5ffffff) [ 3068.386287] validate_nla: 1 callbacks suppressed [ 3068.386296] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3068.398871] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:28 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000f5ffffff00", 0xfff}) 14:36:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000000000fffffff000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:28 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3068.524182] FAULT_INJECTION: forcing a failure. [ 3068.524182] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3068.536112] CPU: 0 PID: 9887 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3068.543572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3068.552937] Call Trace: [ 3068.555546] dump_stack+0x1c9/0x2b4 [ 3068.559195] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3068.564410] ? lock_downgrade+0x8f0/0x8f0 [ 3068.568594] should_fail.cold.4+0xa/0x1a 14:36:28 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0xaaaaaafeffaaaaa8) [ 3068.572686] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3068.577811] ? graph_lock+0x170/0x170 [ 3068.581800] ? is_bpf_text_address+0xd7/0x170 [ 3068.586316] ? find_held_lock+0x36/0x1c0 [ 3068.590403] ? __lock_is_held+0xb5/0x140 [ 3068.594521] ? check_same_owner+0x340/0x340 [ 3068.599033] ? rcu_note_context_switch+0x730/0x730 [ 3068.603983] __alloc_pages_nodemask+0x36e/0xdb0 [ 3068.608666] ? lock_downgrade+0x8f0/0x8f0 [ 3068.612926] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3068.617963] ? graph_lock+0x170/0x170 [ 3068.621786] ? __lock_is_held+0xb5/0x140 [ 3068.625860] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3068.630297] ? __lock_is_held+0xb5/0x140 [ 3068.634471] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3068.640041] alloc_pages_current+0x10c/0x210 [ 3068.644484] __get_free_pages+0xf/0x40 [ 3068.648397] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3068.653173] kvm_mmu_load+0x21/0x10e0 [ 3068.657082] vcpu_enter_guest+0x3aa6/0x6090 [ 3068.661449] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3068.665709] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3068.670406] ? vmx_vcpu_load+0xadf/0xff0 [ 3068.674487] ? __lock_acquire+0x7fc/0x5020 [ 3068.678736] ? vmx_vcpu_reset+0x1040/0x1040 [ 3068.683075] ? graph_lock+0x170/0x170 [ 3068.686902] ? __lock_acquire+0x7fc/0x5020 [ 3068.691167] ? __lock_is_held+0xb5/0x140 [ 3068.695249] ? lock_acquire+0x1e4/0x540 [ 3068.699252] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3068.704293] ? lock_release+0xa30/0xa30 [ 3068.708286] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3068.713580] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3068.718089] ? preempt_notifier_dec+0x20/0x20 [ 3068.722623] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3068.727485] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3068.732530] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3068.736610] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3068.742337] ? find_held_lock+0x36/0x1c0 [ 3068.746426] ? find_held_lock+0x36/0x1c0 [ 3068.750524] ? lock_downgrade+0x8f0/0x8f0 [ 3068.754698] ? kasan_check_read+0x11/0x20 [ 3068.758857] ? rcu_is_watching+0x8c/0x150 [ 3068.763027] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3068.767476] ? __fget+0x414/0x670 [ 3068.770945] ? find_held_lock+0x11/0x1c0 [ 3068.775047] ? expand_files.part.8+0x9c0/0x9c0 [ 3068.779651] ? kasan_check_write+0x14/0x20 [ 3068.783922] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3068.788869] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3068.794856] do_vfs_ioctl+0x1de/0x1720 [ 3068.798759] ? __lock_is_held+0xb5/0x140 [ 3068.802839] ? ioctl_preallocate+0x300/0x300 [ 3068.807257] ? __fget_light+0x2f7/0x440 [ 3068.811242] ? fget_raw+0x20/0x20 [ 3068.814705] ? __sb_end_write+0xac/0xe0 [ 3068.818698] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3068.824245] ? fput+0x130/0x1a0 [ 3068.827536] ? ksys_write+0x1ae/0x260 [ 3068.831361] ? security_file_ioctl+0x94/0xc0 [ 3068.835786] ksys_ioctl+0xa9/0xd0 [ 3068.839291] __x64_sys_ioctl+0x73/0xb0 [ 3068.843212] do_syscall_64+0x1b9/0x820 [ 3068.847143] ? syscall_slow_exit_work+0x500/0x500 [ 3068.852001] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3068.856951] ? syscall_return_slowpath+0x31d/0x5e0 [ 3068.861896] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3068.867280] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3068.872142] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3068.877346] RIP: 0033:0x455ab9 [ 3068.880533] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3068.899891] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3068.907600] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3068.914870] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3068.922132] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3068.929400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3068.936670] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000049 14:36:29 executing program 5: setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000008000)={0x0, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x3f) r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000004000)=0x90) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f00000000c0)={0x1d, @multicast1=0xe0000001, 0x4e23, 0x1, 'sh\x00', 0x2, 0x24, 0x5f}, 0x2c) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) getsockopt$inet6_int(r1, 0x29, 0x3f, &(0x7f0000000040), &(0x7f0000000080)=0x4) 14:36:29 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9effffff}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:29 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x300000000000000) 14:36:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000500"}}}]}, 0x138}, 0x1}, 0x0) 14:36:29 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc006000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:29 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000fe00", 0xfff}) 14:36:29 executing program 2 (fault-call:7 fault-nth:74): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:29 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x80f, &(0x7f0000000200)) 14:36:29 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x2000000) 14:36:29 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3069.078888] IPVS: set_ctl: invalid protocol: 29 224.0.0.1:20003 [ 3069.100843] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3069.108404] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3069.144735] FAULT_INJECTION: forcing a failure. [ 3069.144735] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3069.156715] CPU: 0 PID: 9931 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3069.159990] IPVS: set_ctl: invalid protocol: 29 224.0.0.1:20003 [ 3069.164007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3069.164014] Call Trace: [ 3069.164041] dump_stack+0x1c9/0x2b4 [ 3069.164061] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3069.164084] ? lock_downgrade+0x8f0/0x8f0 [ 3069.195460] should_fail.cold.4+0xa/0x1a [ 3069.199544] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3069.204662] ? graph_lock+0x170/0x170 [ 3069.208483] ? is_bpf_text_address+0xd7/0x170 [ 3069.212994] ? find_held_lock+0x36/0x1c0 [ 3069.217080] ? __lock_is_held+0xb5/0x140 [ 3069.224647] ? check_same_owner+0x340/0x340 [ 3069.228990] ? rcu_note_context_switch+0x730/0x730 [ 3069.233951] __alloc_pages_nodemask+0x36e/0xdb0 [ 3069.238642] ? lock_downgrade+0x8f0/0x8f0 [ 3069.242817] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3069.247937] ? graph_lock+0x170/0x170 [ 3069.252191] ? __lock_is_held+0xb5/0x140 [ 3069.256275] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3069.260738] ? __lock_is_held+0xb5/0x140 [ 3069.264823] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3069.270381] alloc_pages_current+0x10c/0x210 [ 3069.274806] __get_free_pages+0xf/0x40 [ 3069.278804] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3069.283577] kvm_mmu_load+0x21/0x10e0 [ 3069.287399] vcpu_enter_guest+0x3aa6/0x6090 [ 3069.291735] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3069.295986] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3069.300675] ? vmx_vcpu_load+0xadf/0xff0 [ 3069.304750] ? __lock_acquire+0x7fc/0x5020 [ 3069.308999] ? vmx_vcpu_reset+0x1040/0x1040 [ 3069.313340] ? graph_lock+0x170/0x170 [ 3069.317160] ? __lock_acquire+0x7fc/0x5020 [ 3069.321419] ? __lock_is_held+0xb5/0x140 [ 3069.325500] ? lock_acquire+0x1e4/0x540 [ 3069.329487] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3069.334521] ? lock_release+0xa30/0xa30 [ 3069.338509] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 14:36:29 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c0], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3069.343802] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3069.348317] ? preempt_notifier_dec+0x20/0x20 [ 3069.352838] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3069.357697] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3069.362742] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3069.366821] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3069.372562] ? find_held_lock+0x36/0x1c0 [ 3069.376645] ? find_held_lock+0x36/0x1c0 [ 3069.380730] ? lock_downgrade+0x8f0/0x8f0 [ 3069.384901] ? kasan_check_read+0x11/0x20 [ 3069.389071] ? rcu_is_watching+0x8c/0x150 [ 3069.393230] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3069.397657] ? __fget+0x414/0x670 [ 3069.401128] ? find_held_lock+0x11/0x1c0 [ 3069.405200] ? expand_files.part.8+0x9c0/0x9c0 [ 3069.409795] ? kasan_check_write+0x14/0x20 [ 3069.414043] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3069.418991] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3069.424715] do_vfs_ioctl+0x1de/0x1720 [ 3069.428616] ? __lock_is_held+0xb5/0x140 [ 3069.432693] ? ioctl_preallocate+0x300/0x300 [ 3069.437109] ? __fget_light+0x2f7/0x440 [ 3069.441092] ? fget_raw+0x20/0x20 [ 3069.444557] ? __sb_end_write+0xac/0xe0 [ 3069.448552] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3069.454099] ? fput+0x130/0x1a0 [ 3069.457402] ? ksys_write+0x1ae/0x260 [ 3069.461214] ? security_file_ioctl+0x94/0xc0 [ 3069.465632] ksys_ioctl+0xa9/0xd0 [ 3069.469098] __x64_sys_ioctl+0x73/0xb0 [ 3069.473000] do_syscall_64+0x1b9/0x820 [ 3069.476898] ? syscall_slow_exit_work+0x500/0x500 [ 3069.481757] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3069.486702] ? syscall_return_slowpath+0x31d/0x5e0 [ 3069.491651] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3069.497029] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3069.501881] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3069.507073] RIP: 0033:0x455ab9 [ 3069.510256] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3069.529613] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3069.537340] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 14:36:29 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x80b, &(0x7f0000000200)) 14:36:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000002d9cddfd0b00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:29 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000100279c", 0xfff}) 14:36:29 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:29 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockname(r0, &(0x7f0000001440)=@rc, &(0x7f0000000100)=0x80) r1 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f0000000000)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000002640)=[{&(0x7f0000000080)="a381a1db604932d9583de9671de6ee9ad0a3e4e370a45c45bce82b0bb46a97f3f19212537fdf20ea6cc5fe39f841b927cb158d", 0x33}, {&(0x7f0000000240)="a9002041fabc15b21703cc4ee678da4bfb4c0d442a51a903d52f37c143207ed51f8f2e3ad39b18be50c690d1cb3273eb81ae1577d5da850b6b7ec796868a0d5373e2af6a447b84b075b8e775d2f6a6dd4b5e7ae88e7e0b36f8e4b0fa8d0a321776abdada8f4dd4a145b9506974b685e07dc76b7d12345d5ed33f760c6ea357af73d57224cc09ed16bc83a58eb846d5cb9daec110937e1f841ad888dad51983fcb5586f734f2847f4cc11783764a039956ea320f8fa3a4da966fdae3ee337dc2e6c94534a194b92ae39bf38457f4430456936ad0d3ee2a8da32b6cb9d836244ab9b4338bdb5cb07", 0xe7}, {&(0x7f00000000c0)="c6b18c85b6a1e74b0a8d04", 0xb}, {&(0x7f0000000340)="0a6d209e8f06d5c0dd075913398b5183178c8cdf3d3a93cd90ed02fb06ba61f991c9fde86134414a95a2f4baf1ce1370c8eb2941166a3140d99cd57246270927c01ba2ba716cd8fcfcb13ed3901cb516e9bfb674be5e5d0a14ce6a457017a6a355c070ca2d91afca8467110a8bd3df756fe0cabd83d12fe81d2868c7fb3a2f14399d22209a838aff95de555af9345b8c0cf05c8de8c204e70d438846337ae4639e85b1a499c02febe8f8196b20e4167dfb11afe6f27ce480f9ed2aaa37a977a3badefbf518ed562ffcfda14aa848855bc35ae34c13d21d89363a2e3c003e32595bbd6cfe7835aa4a151d96e36553374ef5243ba60ae9e4555d05f6c3785383c5ffe4827e42a33907b58d0ee9682194731f442fddebb33ccb3fe0e7993c0de802e0968ddc935dd54a576a875fb097ee28ebf822308ce2d61caadfd4ce132eb87b8daed9c312ba4f15b17ef91a2e2e5215db2ab295ac047e2b7cdcd2293f551aee0e2b79de3fd4ecaff1bdce8b876bd3bc566cc33d1914098a167fb41f4fb5248879440f017fc7f1adbd3db79701ced647d38964b3f266b6feeb178c6ad1cf0fe197776e23246e4d123a812637b077f66814143e981a6cb7d6c833579354af6321b4f4f65fe0808716976f980584c7f64b44ff984c5e8da3dc0f79c40dc7ba7ce2b9979a595982767439a90fa160cd47206f1840118c307b8016b3cb58f4f8d256d210fdc381df026751125e6537c77ccbb9ccf5fab6a644729c24302fe2635be21d8642dd1bcfeb18faab753be455597ab11a56c52213a10690c0a0346cee7a96021daeedcd0f451bc746220c8cc9fabf5299748b4f9870f0fcfd89871faaed5d82fcc9419c81c45c33d5ef0bb590d8317b9a0bb618d2a27c9df3b8d445e8646585535524715a5e9f2c0b3aa5ee6226ec74a286266cb008cb4a92affdbe0af696637544d520ca62b3b029eb1c8687e6f9a04eec2d81817861e0a5c6974f571b4b2984de6c29c9373c3dda3de2673324d2017fb17a310f68a43e00379440b3db2fe8672033cfe98d39ba64d3be42234689d21525821c5e6a84b8c1ef431b4531e6a620bddad2bb1c63782f1fec3c0a76cd6881f6f0406660fb547cbc950fae6b37aab4c10ee70cd5406f3e6ed87767be1e3d00d256b03959215328e7767917afb5371d18cefbcc5db72326a40688a43d70bb3dc4b8d6b264a220bd0a9a60108ef9a4d518b62e889f267e0be6f1a8b41d0da2b2d9b5f5d94c043d1b6e2c199d93b9c808779e13ee1df9e62453696b34104f5da884e1074876097e00d94ed4a6deb39b4d6599e1bbc5b94944adde2c111fd2c1160bf0da9ff6de9082532b72a175f424192c2b026d306a1fae314e02221371b8edc1f78033534dbbf2fa8c978bbc9d171180304122bd26e2f697386216fbaeb94c1b129985e7785147cfa58e5104de01413849f16970a405def9a0ba11ae45fae4b8d7468a91e597d0c3739b9f2b2bc25fe1d770c77cf86bed82405c06fab0374300209b8be9e5ba344c3693f44a77b6d75a2cd826ad93ca63ca4844c0371ecd782fa4ff774c746aef7e98ff5afa0f80b9014598d91ab6b47e234162dddb47c699cfce5d72fb3c4aae3ac85504963a93e490f585e0f246b0b2565382721745d31ece99b2b5f4adba8658c057e6cb126d0b9552f14c633e4fa00d6617cf66304d10d8b53152acc2b7d2cccc881a6ea2ce8a58a7729ffb29b47f8e08bc4ad2f08f2fcf44fea4eacd5dd7827736668799c50d123351dfd28058f597e9efbe78303f9e38ede149ee08b891f3564359ac5e24fd223cdcfb3997a23c64562c744aa52ced6ebaca69cb504acc7548f8d65dd8cad951e2a17ec6cfbfd5b22ba7bf722daa73d913e6d96cbbf8a381c2f43836e2175776d00928c4a34a8ef28f59da7d1c8cdb5a768a42aa6654baa6e68e75a6de3e8b5201601bdbc5a489dbbba27628639177a941acf9d56f33711432f0cd1486fc87a7b7db33b36b7bb887b1301423d33a663a402ede02466f9829cf6a31284e62ecedca66106c18d35e8de0649456875031c46c0455ef84fc593b6e76a5c80a0665c6073ed0782acd9dc47580a6281055a7404d80bfa3394423aca7a64f049af907cee3321b9dd0f1b140eeab47b5e44149ef197bc8e8518032446c90cd72147ea43719a9a703374d66702067632b6d742feefcdbd2dac919f567d7f8a2696fbe59197128fbd3eaff7c1a786b0c4715c58bd1d115f5cb81c1ba614ab7645c893e2ba41b36a4ff4eb190dce4d9f0e7ef2f336a0f56f0a116eb1a3380e05eb87e5ec5244ce0fbe7af454e5b61f83cbba1c3f762998bf100729567fd765bcea1eac2734e1a0928f1415cb6b27139ea7d4cc9fda84342c4186e9fc7ee1ba57a8bd9ab95931366dc71cca939e16d90a250f6c79291ed41b384d70752f68c3b5fa4d74051775d461e0ca3031f9b9d4b52ed8fa4d634247a390dc3d908661a7917e0bcf4e59dc52d730554eb9b762f1abd94d7b9c8a0819926c957574a7298d4775a22f0d69be066df0737f28e985b3bf6febf245759686c5569ba0a1932f93bd606f9f8ccd7609bd7fc8f49a8fe2321ca92f89f8e9d171512c831c281f351def2a50d23d7bf23b0e875247759a351082f959c277718866424acb8e0a5e61f3d864e0bec516f470b8f8843534f7160f52b03e56ccd80efb5ab4b327cbb9754375515857a14d9031751c0c0474793a536cdfb4c5e9b8635f376e4e9e4dd78a6aa6fcd95a440cdb16c076863fc925648f5239718b4060b1d561142c68750206fe237808e811993f1091c782861e30d990363c3364ee99323561c8d401418528b6a60d9ea164c8e10572da4887c60b9962e9ceb1b232f25cba42fb975ec146ae160420cf7c4a7920791063e9db6e42bd72d2bfeaa54b543a036556403912dfc0f0104010425ea5e9739e57f3758ce8eb39f63e65ba1381a571f3f1041b2f550a47326658c006e72d033b2e3bae3026f9f9894d7e65613f13beb9839f657bbc5331e7a4313405e90c22d685bfa1e51c64e8369f4c33bdb4e4a19e658a239ba2669025e9bc13e853ea9ea89954baf963302607f6bda114be5eff9e3d3827ba9924a0992563a7803b6bcdaf3c59679c0c25296915efcc80e5023a20d1d537d301337a6aea1f5ded952ec183ec18815e3b218ac9dd84386e3b31fe30a8f0e905f5a6867a44d85a99d039d4c485deaf6c78a8b75e7ada2e7be90d0d4709c44506b7b5f10b97697b0b6428ca716fc63afcd82fb83b038d38a5594d4ba15dd46efac706636d2033ffccb128abe43f968232cca4861ef93a6db590fd9d146a8583fbee808cb801fdb413ffe47cb2593fcdc29256a6208fe1e55a0ef0bf6fd0a3a04569b4416f2b7c8bdf2f4571bf2d02c84ef17012a1d39686b9ac7fd1797226513514a01248963ec8f123bea221675a24a38de483395573b50dc9d53bcb2bb57cca2e711f5068c8fb2d16e96d76e084adb1efa9a7a9e2f7eb190891be186aca53c60e0ffd8e59d4b4e37555cb32a5170a3ee900863a9940dc25ec8089764703d43ac37ea6dc12353575fe7ca71a4cbd6562304903663f1ab212fd2f713303242c86f6d34fa427c51e3b570fcd83dd398d6a6b37182a8d22a9ebcd3999deadd84b4cf3d6432033fb9ed1d479df1333d3f2afd4673c9f908512890ee69a64c840e8075b735a83ad9aaf36969660775ce25b9f95516a5b79c420b670aa277849b7f11470a85ad6f00c2c6e8a78011359ac01e2f2dc970159d0b7d01922bad7ff6615980ff18052c225f53ca3200e297ce7a34a205ea650ae50525a96a5b29335728979adc526f992257a9c2acd1069f6c9f5a3c4280a6ccece3a3a40c5a2e11645f06a1521915beb26fdc4253b7833c81cbf702ae6369cca8d8269c826f420ccd8a2bca579366ff6bd2930108b2922daf1fd376af986ad99c359f3d4ee0ae4426467fe86d0d238d9d69afd8ecacead8c7ac038ac104c5593f455f33d81209f69050c8e9de5a1f239db004f1a9ecd75e72f26866e7ea020b47c59da03d2aa78041ce9e8566ad18177fb1ef2c2d3bb104367ad50a012d1d55ddc169833a3ed6a3b91e90345866d01b4f4cf94ef3b1b974e74a4d93428d36e5428a185abc6296ef7c8a6d8f96649b73549ad7908b516fa6e7198e24c8610799d3fdb862a304468bef0e391daad16a84e6264423f13580bd2f3351bc053f5b6db777f899cea3ce11d971f5f68159735d95aad697fc274dff3de84f1da27d364e261d0aa33f6a4ea6a2941d4104d2ecccb938ea6287a485b8ae17c30a138b29be3abbaf3055c4654e857cc2bb88a49ef6684f060ed3264fb68f02657a83e8ac520b4ffa38f4cd33977e030ce38a9aea63a48d7cb58f8c3d5b67343f59f24203b331600fccfa4051489cb59f9f5155ac265f9f25856baecf725697f1a2169d110ac3a1e1c223416be346feea433ffc709aa7c176d97f127ba93b90c543a6da0ea346ed09cde7919c96f99b1a8bf87491769f30a85ff8ae95d32ea788b403605ea4c57d2ac5f9329ef3b4688e4559719be143c66622c8aa7a15b0a9078e34508807c7f18d4ec669b91b3d417a5b42b2ae5b2f7d5fa019e0d968d2f7a023c0f16e116912ab68c3a9a7436196694e36a8aa59ae79e73da422011d20d736232c69ddd2d1dfe254bdb1d7dde046b2a05d82244c15e47e5b015b63d2eee0b9043c2e718bda0bf312690237b31696a4b79398a65ec2e8914def780ab4627506ba47f367923bca2aff25d2980ae593fe97ed59426f86c561177f8c6e01676f2c4e38bb2e485bffdc74661af2f6b8d6805fb03a2aae737279ce6f0e19338f4a89ac480555afdf07f54fec89090cfa0479a49dc5feac534adeb2b9bef00e8861020175fb80d93c3dd0e58a9f2ed7a2cd2cee611c77de55b4a95800ab36d56e8973907377c779a2ad49a0619f4e343340dd60f5046bd854c03f81007fdea1668ad5bde97998f1e648d81c02afcf55f33f8636875b65c3ab40a237ba32508f5cefbb32af3e427d5666db8b41ebadf12b5af4e1f497eec3f81503d3893e6e07103103b7dfb8efdcc40e7d4cfed06d3c43e3d73a5db08c0635b0a3ef3ab601759c65b34635cae7cc7ccd8cd1b83e1ead4980b70a8d34bf20cb252cb1a4aa8a4622a99e122217177d2b35f6b6dce5dbf47e2a2bb4f3d7b29698610db09ab6d182f81e5003485c8d35fd6eab6e9ca3a598369c2e13463268f93d5cbc84db29e47040395d6ce7a179300c6317d8f30b068cc4280153572121df7861c33c935912856f9470428b72263b7f3776cd996c8f7dd458cdb28ce3116e3b1886c9b3dd4989c4f984843a03a7b2c55d8d26139c16d73c8016cd317bf038218ea8d0ca9883fefd7bf38a96e6002a41d6069c69582604f7eb3515a34b1f8644bc89a435bc005d9a33e928317d9eb6b58664c93d435aab498b8d45698d141f5a23ae972cd8383f34e407972cccc1f519e1196699e1fa620c05b4eaefdf239545630b30f3b95b3f8480a3e3746b0691ffad7aea627c886b8cd449fb9446632d61a991f8123fb7c9d4372f67e264628ca28b7376b2d269e7189cd5e49beebb501d8fbc9ae6a657080e3c577506aec4a3c4675be1577434ca043fd04ac5291100f56e7b9765620d6efcf076390e856a7cde55d62a568650cb5beff4207db6219aadf806e5dbb39f1fc75d0415b7e193f17630677252bce9438d3e9e224a39b0fbfda41047e504ab9f393f828bc8b2542d76f1733270f97025cc296a55a60ec456dfeb", 0x1000}, {&(0x7f0000002700)="48a02d948e6a7ca88c6bc5c1338d5deb4383f0349e7893de2d9d55f277f50864491ce4c0361e4876bf027efa683240b047fc2e2c7fbb1b8ef391906d35bb18d399e9715651c7386428325c7afc21ee4d1ba1ab87997862977b632fffa603810428d083989c8f8c28b48423273bdff690c8807cfbadab718d186f6b983d457bae2db448064dcce30baf82ba371daa6074d80454a188c547e4a9c6cf8fc9f118ff8ce2ba5673a252f361dca73c36eb25577c41568b9928a46911c01b03ddec0570e0270848e9acf33c7c0aeb1f095866a288814bd6bbf6704b471fdbd04d32b4439c362c2a7debaa85c4c369bc5f157d0353ec906fc73a92d9ade992cd8f392d078c827edfba3c6cf6c8cd49438d56b9c773d71d01ec5b1d088c9eda00dab95710c88c0db42d23fccee2d5501b4f051c1b0160f421414ceb7af1b03aa08810030b49cbfb2ba77345b275f3bcd2433b58822cbfee684286dcdcaf47b8a13685c524091cff45bb82a193151919e4850accbe47837ccd242ad5f6b6c8a47d4be977236801bfb0dfb4439d59d964847957ac15902716540c01b6d3ead317009a29da542e3443d8222ba9bc50b057cf3d43db7b7b144d472bbc9ee73ac50a08e6c7e43897340a2bc2c89087ce734dbe8f5163b7434a0e20e5bf918e2a375a09aec5f34d49e08a5913126b77f90cc29f38a9140cb7d101306a4e366fafd5c45f2bdbace265605b8d5f3e74a15e186671226563838ddc4edacfae5ce9acea67f73c933c947a13f6e55ef171d4ea208f5030422ca9ccb2d09bf3cb45460792d14dbf604d0120acff2d61c4d8b42d46ddb091fc437304b9f1c75512c9ebc039499bbe7142a0225a547cd3be2f69477509ec2e937109a8f9509dbe4e61ce316b0b90d98e6f16db2c44b2eb6da095f835c20cb08c9abf1f962d3f6bfa43362fea469940922a45fe017d681c4465de05474d13228976f6f5d9bbdd5184c3241f7faffed2be47044cffadead7b7e5526b5ded45e8dc58acb8132fb8d73455a8f6390c8b030b00906b8b505bedc8ca4111e56f77b30f39cc519d82121f5bf7153ec89c8c9051a9a0ee722874d3bc42984c5612fa4b50322823bcecf4b504a785627a1b435d27d644ab96253787c2ead9f398097050a335c516c6eab2dbcf3cb8f4c6f1dd83e585c9e0f9dc4e869d510a0a714f30623c63a0eeb01cc668f49d869ebf136ceabf03cff68299ab03c20891b80a7cd7f17739b678405b40d8f1c7bb072275e4a586a33995b6ae7ec1ba1d44a481865b96f5a97176cf4e85ffd7e8924533d54a1db397e48a1ac2d5b2b0acb829ebbd89d599145705ed6ac0eff9201526bee88499e8ae7f12f51f7660f218d93d386335099e7d8f87c8ccd214adad9c1a10db382f60ffc0ad78c40e6c1ad2af815bbe86e2af2090b782e05d5da39bb51429e50aa18e6367019576a43ec81747c69597d9cf6ccc24b53bba533171a37c5d565ff8c22f88ca5d2ee8afbd458b76f9b038aa95c1df198eb9b70af7195114114ea1b73544f07fa6a020fdc4474736c4b766298697f23d9ae12a479dbd0d00dfced07a0b0f1fc901493e7c04dd95fc9e043135d14e4390ac445d685960abb57c2001b96a2e0cb3ca6e25ba3249c5b2dc9772a626d22f70ec6651a14a060125d675cf45bce3f7ca1d76fcaf49d78b15d823e3674760279b9d7be117e77b9c6df173877bfb183936b159693e7e1e62688a2faa17170bf157796293ddc5c1c0494449c93dc379b558bccb7bb83fb543a6d2dd1d8cc5c91f1f57dab72f08af51029ac8f4ff180df51f9135eafca1c382a1fd613d089317855941bd72c72801ed36c675946997177019246225910b17c30fda4b9c47d51adb40de8ce6bfe312ee82b0053b3cb595514aa5df15a4d2c25a62f980c655c76f10421c28b34058bc5d85fe6143f67a2f38e0afc256fd03df555a57f1c91bca3e374386ed3df480ac62f877ba488f5da792ee26d17ce52b43399f4d8591515ca0f3227ab420018a6e02ba78cd74f58cac9b1069c8b4d83f9b100b9626a631821f83e57a3a3d65a3e75d2ad5ec8fce274a2f1d1e3726e5d9f00d55776e4a79f234ceb1760d9a422f45da6a8a0014509dbb44870d27e05498e30565cbcaa55f336dea2b270a517b8f284788d9a8283a405caea93a1aaf6ae0b5687aee5751ca982c64fa0cfcf6daf6c2d8a85fe5e5d7f04296974e6033d2b941da2a6f2aab9e0815a6f8e2f1343a3fb9b3de1fb584cba8d5db88b8a29a53dab6c26fdd6e8b1decd62509cd853c73476e776e8bdf8a67e42bd612d792cdf1087003231b963a12634754ed1b6916886ea65bb3b1b6e98c4a530895716e9cfb3a0b225ca8b065dd503cc120a8dddb73fe7c584aedef3dc7954d2099c39bb2e549d1a4c771def7fa8d7ee936f2930f51954d9cf0da66a0b140a1e9852eb9b6424239e3fc2e0621611c6bdadc627ca0804585a58a757827b5a7ffe899209cc7cc8cf5f8b601fda73a22cd2b30ed5fc92b5b9908dcda9a1061432a3708a224ba9a521b3d20abbd0f6f9b67f74c251c3297e67c225aee75d34de3d1631654763a74f8582a63d809fdfde2e2990ffae13df9947a8b1e7439676e17bd6d63c35ea974ef826085bb3d424995c7f4326370d1a3032bb85c38d26da42ae1f5b73fb882de36ca0f75d0c9e81e7e698418cf4959f6f2f5a7ca98afffd229d361785041fb229f32b635fe4dfebfa62593e721582d800d288dd362e3ec1a72a2876600be82ae3658df52cbb3450536a68f3cc176db0ba1a656a328b4d5712ac55e99f949901331eba7f3e2a4816bf078e56f726cad36eea5315bb676957e08ae5a01adde61cbc47e25f31006ca84559a21624d419e513b8eaf708475f333e7bede94f9a23708c66ba59e0280cc9381c710b242df895e82b045130c3b8b37b9cb8516834c010b87f4d19ac838eec581b183da23eeb869bad3c3b564ec599bb92769a737db36d6dd99df56e91a999adc01e9946d14d9399c370b392de37882a543712e4d13dbb2596ba6a6b48a9c06d08fdc01b3369278a00f726f5bb5a0d8611500d378031c1337cd2016f4444d08e7d0cb436a857b3adc5211d6eb8219a69482ae4c89bbab0837cf986a41ee00d9f198ac54ec3c32ca1dadc66b31551a29300db866cf8f67e47ba5c9713963c638b97eb37a020fd1ffba8c9e59a9cc30cbbef90d57de0f67e8421102d90b1b53e5bbcacf03df89525f481cc913e34dcd5fd27533e5feff26e723e056204e7b7080b2d0f5d12809f4cd55635c8004a3320c356b4c3f6cf821cc9865ac74192d9ca7a294a7e79223cc47912d7e4612f0ed96c4694ba376eabb455fb28ac4b20b277c68e45857060006916fe576b9f0f97cdcc514098bb928af2c54da57b7f63d5313e99d8f964b7faac12e7bc5941c87d77fd733a53077edab8bd1cb724b7958b382bafa24fbb5b6fdb08dc2ec954f5cb364c655338fa213fa6bbc3cd8cc132dcbaf6d88b512bd5b5faf33ef2cd03daf922bbae650ec0c6e1b68942d22963419749993b42588b029855ada226f62213935f00b1bf703bcfd32703270c29ca6a78bd7f152e02eaf0b907510cfe464bdf836c6884230cfc1623888b7276e94c72952040661b2f55bd90ac88d79837ed423ed9a451169ee1ab91c26b8fd563e24860f22851adbbfab192f0f71c9c162eaafaca555fd9655c6f3ef91c5b7208e4ddd754330e6cc98e4153cf6d40e230e3aa53f0e3b477951fa3d08cdfd1584793abc8cfea3d5c64b6b428731dc9aed63f282750cde6fb313e34c8b31b500158ecd0b4d58315b0ec81e3057665e9480d637d3f36ca924a25cd6eb8cda4a6d18d5b0e9f68f66b0eaa1a47b4d97a2c87506b08caf70f3dfb70225980db81ad996e05ad9b563ba96e803229ee7bb77079c7d4cd4f2d5ae94889d8bcd3dbc28fa3964a66e411dc0d75f618837380ec34346ae1ec04e1f59a09f69ea5b13c745a83a2652bed1275f34971d0cf32c55367e93a0eae2528311bfc88284c3bd866d56ebbde19b5ca718f98c6cfeebb9d7b25656000a5552cd1b9271b9ce1302712173a3cc7e3e94686f250076df185338ad8fca04dc1b3d47b864cccb980bfc5fd72a2f728aab25f2df3018a15bef0a5e305995881c6cc9c16af01432448c0f1f97880f07918e2917a186564537b0941c5e3447287ebaa112c27cff84b3d975b619e95933e25e4f5c50017ba85cdd7cfcbfc12709cf2dc5bba36f3ca3ca54a7a271f97f6c43039f990d83760281cf593c34e06eb36731598d9760c65ff1cd2ab887ea5215d6ff56add0d38f3d54887ecb7e149089c059d30872f467017583a3f54a9b1059dbea6fbca70eb25cc5490a47b7727977d6e5e98c0eaf20a38c275cc0835914c7ba5e7be637374779ac0a1e97a8ddb80cf7178c67c210fc4869305ceb4775f3fda7952c4320fcc121c55e89124106d860c5b4051daaa0f4c2d818a00a601c24912d2f1f43a96b5a28a4a2d38ad95ba8049677456b03481e325b7815c35c8697ba0f2b8f4edc45afc04c749c80e958ebfab63e337f1537db1c39264159d37fc39406f4fdd2f88f15e39af0d049c53cf894d8216d8ba4ca5375e665aa7911433a61c65c2b69906abba7e65186833d5f5d71efb8107e09c096594f0c010f3c496e3bbeb58a8be9a528e5904933884c08c189e8ca6c00d1722f6628e062c93897ea4172b7e939b85c950b7cc21a45bdc0a1c1e58b5b639b5f10d8f4d30225214d52d3518b48a422f6b3434273e3d4c81fd7619bad34297abfd5d347e9c64692e2425e7a39354c3f21718580a23f1f2f8d2312bef5b486e4bf65ac7dd926cfbb7b2c2a1e96dc655142bd01b6046dd788f3bc0e7380b2310371eddfeb622941e1c4188a9ff21e5e658fb51d1e144fc719b386a20f61f9aae14efe7ed34fe5bdf48d256a384ba6a3a515adbb358c5fefe99e84a0af433bb637c55aadee9750a874f5ae823ffe134cbbbc6cae64f1c3dad2a7cc56ce901e965aa59d0033f5711d0c4c67ef0018d0b1046006cd0ae32960448472edf65fc74d08e82adcbf06ff4c72a63ba3e83827bd014d1a8b43a4dd228a5fa1b96e38738ca9f4005f5f24648c3f3c2de5c5852568e6116291a84e0f36068f00ba05ab19df04e956a4106d2b6abf1a35ad61f25a04fd0afc295bc5b4455a236b02b84e41a741a623e708239789bb40e7fffc2eb15c94971b2bf68820dd4135f302100822ea1472e64a2812c5f0309dbb776dee66ea684aeb99e90afad11e99d00fa22b5ae16e61d71f4d7a00963d0cb02e383ca519a6a36fc3dd5d6126c4cceeea1f3e6851439ad885d3d696bf0b0d2fb1cfcf86e42292edff50c22129031cf944f9846a1795daefc7277ab420606a61db825ddffadb0965ea74cf765a76f8461e2d3498e6e8e07c3ff44b3dfde0071878e1f432bfdc1dcbc4cc904fc5896a3a14c555c3cb8754c200f0ed1dee65c4c168169aa104f7649be6b1e5a8a1ec9dad1c9ed5042e297c6bb29ea95e4c8074cbbf6f8f3602842dcfe6ed44f6787380a41e78cdf22b762c70250abe8eecdd4564ddbaa188f904d6b2a0a9236954495c02cd8b57914dbca56f10fef8ae412a9308458e58ad45e0c8b529bd0ce78d1007fe5624a118e0aa3d1d3283b0508db361f84b48d7789903e0e757c18c9a3024611f6e24edc289d90c4fed9d032c1da2f0f70d81fba3b993019b8e8a41ad1fb2c81ca231820089561071d862790302ee1ca7993618e3cfa64af70ddb7642ced3e70d713d7b08c148da8839", 0x1000}, {&(0x7f0000002340)="8d6ae89b637f69d4d73dfb969cb2cb533b279b64a7c8bb1dab6a8537caba5b1d38c3ba37ec7913d9a27f87f30327f1b4c7f096321a90f83430fca99565cfdc2203b5ed538cae346f87088e304a7595c709a2d0f362c11f36dd", 0x59}, {&(0x7f00000023c0)="ae098eeced91681fae248c569f8af47891b8b3c9e7e0184c7efed3162d2e31ee053611c40eafa8907642c752b0c0775e1e37175f0d2eb4d12b4e0ef0a838b12f366cc696e976a6a745b55f497ea615eba76779f737f6abb11f63b09a8a7fb94026c7f07b581655700b601b9cd64a5720f5384675bde06e5296f30715a4e6b82c7a4bc4a14f32ddbd6d3f8a91986d69d442a95be25c4b229cbe2c49c591fa51317e694488db0d7fdb831645ade295af64b89d66969b805137d68682bdd2261ad7d31b6f8862134634ca1577984202cdfc72371b7d7d463be0b47ce6fe7df0375976ba2aa2a6d4285bf70e", 0xea}, {&(0x7f00000024c0)="d72f0b050e80d99e527d79ae3471bae2cd5570e90b6f3fc1d3c4eaa9e96b43b551f6ba5bb673d61e3cb31ad259c3eae21a6a11493b92a8a1e7d645dc0ee7156eb73125968aece7f76caf9b453e93e09d56dfeaf4cad0d5c1bd5aae289ceabd9e26abbcdffe1d5a0b8c62ea274b642d2d3caa1d415bcc71378623d3f016fc1e5222848390f2c67013e4ac60b172d8ec722d2306fd9006363e23ff0b025bdb8260c2e9c680e1a309d088dc42e4bcc4632ca97917a6f2742c0b33eafe83950a75203d2afd3118d62ad1220c31e0faf23a32706c6ebcb4a53a6ac3b922422ee3077d618cba1c7362a6b03581c50f51", 0xed}, {&(0x7f00000025c0)="f998cc58dd6d4a999480803558884db3fee14c9782508496a0e474a81068694b18f69878e58e47ba332cbc651511b3db8eb90b500685bd3b92fcfa5f4e50b2276161bb7bf12671", 0x47}], 0x9}, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mixer\x00', 0x15000, 0x0) getsockname$inet6(r2, &(0x7f0000000180)={0x0, 0x0, 0x0, @dev}, &(0x7f00000001c0)=0x1c) recvfrom$unix(r2, &(0x7f0000001540)=""/247, 0xf7, 0x2000, &(0x7f00000014c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) 14:36:29 executing program 5: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0xbcda34450b800b7a, 0x40000000000a132, 0xffffffffffffffff, 0x0) r0 = perf_event_open$cgroup(&(0x7f0000002fc0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) sendfile(r0, r0, &(0x7f0000000000), 0x2) 14:36:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000f0ffff00"}}}]}, 0x138}, 0x1}, 0x0) [ 3069.544624] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3069.551921] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3069.559194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3069.566475] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000004a 14:36:30 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x803, &(0x7f0000000200)) 14:36:30 executing program 5: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0xbcda34450b800b7a, 0x40000000000a132, 0xffffffffffffffff, 0x0) r0 = perf_event_open$cgroup(&(0x7f0000002fc0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) sendfile(r0, r0, &(0x7f0000000000), 0x2) [ 3069.655959] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3069.663486] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:30 executing program 4: socket$bt_rfcomm(0x1f, 0x0, 0x3) r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:30 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8dffffff00000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:30 executing program 2 (fault-call:7 fault-nth:75): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:30 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:30 executing program 5: r0 = syz_open_dev$binder(&(0x7f0000008ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000007000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000002000)}) r2 = dup2(r0, r0) setsockopt$inet6_tcp_int(r2, 0x6, 0x0, &(0x7f0000000140)=0xeef, 0x4) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000040)={0x8, 0x0, &(0x7f0000000000)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000000300)}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000c6dfd0)={0x8, 0x0, &(0x7f0000dd0000)=[@acquire={0x40046306}], 0x0, 0x0, &(0x7f0000008f37)}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000000080)={{0x3, 0x5}, 'port1\x00', 0x1, 0x100020, 0xffff, 0x5, 0x2, 0x0, 0x1, 0x0, 0x1, 0x100000001}) 14:36:30 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:30 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000fffffff000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:30 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x81b, &(0x7f0000000200)) 14:36:30 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) ftruncate(r0, 0x6) r1 = memfd_create(&(0x7f0000000000)='em0wlan1\x00', 0x0) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000240)={{{@in=@loopback, @in6=@ipv4={[], [], @loopback}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@multicast1}}, &(0x7f0000000100)=0xe8) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)=@deltfilter={0x44, 0x2d, 0x3, 0x70bd28, 0x25dfdbfd, {0x0, r2, {0xfff3}, {0xfff7, 0x4}, {0x0, 0xffff}}, [@TCA_RATE={0x8, 0x5, {0x0, 0x2}}, @TCA_RATE={0x8, 0x5, {0x9, 0x7}}, @TCA_RATE={0x8, 0x5, {0xff, 0x599d5772}}, @TCA_RATE={0x8, 0x5, {0x4, 0x2}}]}, 0x44}, 0x1, 0x0, 0x0, 0x5}, 0x4) ioctl$SG_GET_SCSI_ID(r1, 0x2276, &(0x7f0000000080)) fdatasync(r1) ioctl$SG_SET_COMMAND_Q(r1, 0x2271, &(0x7f0000000040)=0x1) 14:36:30 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3069.917221] binder: 9998:10000 ioctl c0a85320 20000080 returned -22 [ 3069.970980] binder: BINDER_SET_CONTEXT_MGR already set 14:36:30 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:30 executing program 4: r0 = socket$kcm(0xa, 0x80000002, 0x11) clock_gettime(0x7, &(0x7f0000000180)) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000000)="d8817c1d994df50a68239e1c016d220e07f2d65453171a47b3c5553156d0ecc7494a8df001bf8b80a2f288d5cfb11a0598c68323885deb691d352f4829ef142e88bd3483c51d6a2b393ff756336794b996bb952a9b9ad770088cd225f7fbf8b208a7587ea8930fb4d561e0de27b1fef9f24f6ff66596ec16672f7ede44491e61e0879a1d61b2d6be5fa10fd6bf221ea311d33a6ff15687c8a57b1f6b538196aac1e336bc0c2538c2d66fcc6fea696e82a3b3a04c3f44ed5617e99fdaa19bcdd1ad8150f2904831f50824d7ec8ae1853d1b89a0f5", 0xd4}, {&(0x7f0000000240)="37c511fe34c1035ac6352f74176627e8beadb40146680a85ae32fa416f2acdc6c3c60019559dd5721c194ef67e5961e4573db8f61acc4ea4683223fde1eb37d88c5ca73383c9be8cca2b0383586cc03da4248f50bad6caa2a9a794007bb09ffbce21d9b991f828be9b2d511819f6ac4f6176e8e0c26c201d2a3fcbbb62b7a8f9c4cf6fa617c88e84d160e42e30ae27884211634fbb57ad91170695db67bc3cb7fe7b18d63f7cfc0ef8a2f99147da1b5ea03e994fa6fb1b865fae725d4f278156acf2b7aad31b8ff558184f74edf2a4", 0xcf}], 0x2, 0x0, 0x0, 0x805}, 0x4) [ 3070.009417] binder: 9998:10000 ioctl 40046207 0 returned -16 [ 3070.034128] binder: 9998:10013 ioctl c0a85320 20000080 returned -22 14:36:30 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000fffffffe00"}}}]}, 0x138}, 0x1}, 0x0) [ 3070.070307] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3070.077905] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:30 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400300], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:30 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:30 executing program 4: r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x80000001, 0x14000) r1 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xf, 0xb, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x59, 0x0, 0x0, 0x0, 0x2627}, [@alu={0x4, 0x2, 0x2, 0x5, 0xe, 0xffffffffffffffe0}, @generic={0x7, 0x9, 0x5, 0x3}, @alu={0x7, 0x7, 0xb, 0x5, 0x0, 0xfffffffffffffff0, 0x1}, @generic={0x3, 0x283e7ff8, 0x10001, 0x1}], {0x95}}, &(0x7f00000000c0)='syzkaller\x00', 0x989f, 0x2, &(0x7f0000000100)=""/2, 0x41100, 0x1, [], 0x0, 0x8}, 0x48) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000180)={r1, r2}) r3 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:30 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)) pipe(&(0x7f0000000940)={0xffffffffffffffff}) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x20, &(0x7f0000000a40)={@loopback, @local, 0x0}, &(0x7f0000000a80)=0xc) bind$xdp(r0, &(0x7f0000000ac0)={0x2c, 0x0, r1, 0x2d, 0xffffffffffffff9c}, 0x10) r2 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000780)=@nat={'nat\x00', 0x19, 0x4, 0x590, [0x200001c0, 0x0, 0x0, 0x20000500, 0x20000530], 0x0, &(0x7f0000000180), &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000190000000a00000000156e723000000000000000000000000000626f6e643000000000000000000000007465616d5f736c6176655f310000000062637366300000000000000000000000ffffffffffffffff00ffffff0180c2000000ffffffffffff0000e000000050010000880100007374700000000000000000000000000000000000000000000000000000000000480000000000000002000000020000000000ffffffffffffffffffbc00000000000000003b0a000002000900efb5b7059b3fffffffff00004e234e21040071ac0600ff7f382803000500070000080100736e6174000000000000000000000000000000000000000000000000000000001000000000000000d1f9c15dee9e0000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0f0000feffffff00000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa1a0000feffffff00000000030000004000000000117465616d3000000000000000000000006772657461703000000000000000000076657468315f746f5f626f6e64000000626f6e6430000000000000000000000052a1927247eaffff470000006a72dd4b319d0000ffffffff0000e8000000500100008801000069703600000000000000000000000000000000000000000000000000000000005000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000ff00000000ffffffff00000000ffffffffff000000ffffffff00000000093b14044e204e234e214e24000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c20000010000feffffff0000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fcffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff02000000090000004a00000000020000000000000000000000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000069705f767469300000000000000000009f7f83bddffa0000ffffffffffffffffffffff0000ffffff0000c0000000c00000000801000068656c70657200000000000000000000000000000000000000000000000000002800000000000000010000006674702d32303030300000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000c3331f141f48b36a6e8a93c4f2796fab65c75e2fdab6f98342ae6b68a6b900000500000002000000e90d69705f76746930000000000000000000627269646765300000000000000000006966623000000000000000000000000076657468305f746f5f626f6e64000000aaaaaaaaaa11ff0000ffffffffffffffffffffff00ffffff0000b0000000b0000000e800000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000010000000000000007000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000adcc"]}, 0x608) r3 = getpgid(0xffffffffffffffff) getresuid(&(0x7f0000000040), &(0x7f0000000080)=0x0, &(0x7f00000000c0)) fstat(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000800)={r3, r4, r5}, 0xc) r6 = dup(r2) ioctl$LOOP_GET_STATUS64(r6, 0x4c05, &(0x7f0000000840)) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000000)=0xc569, 0x4) 14:36:30 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00@\x00', 0xfff}) [ 3070.276776] FAULT_INJECTION: forcing a failure. [ 3070.276776] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3070.281509] x_tables: eb_tables: snat target: used from hooks PREROUTING, but only usable from POSTROUTING [ 3070.288740] CPU: 1 PID: 10015 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3070.288755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3070.315258] Call Trace: [ 3070.317859] dump_stack+0x1c9/0x2b4 [ 3070.321505] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3070.326770] ? lock_downgrade+0x8f0/0x8f0 [ 3070.330946] should_fail.cold.4+0xa/0x1a [ 3070.335036] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3070.335680] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3070.340149] ? graph_lock+0x170/0x170 [ 3070.340169] ? is_bpf_text_address+0xd7/0x170 [ 3070.340190] ? find_held_lock+0x36/0x1c0 [ 3070.340211] ? __lock_is_held+0xb5/0x140 [ 3070.347608] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3070.351372] ? check_same_owner+0x340/0x340 [ 3070.351390] ? rcu_note_context_switch+0x730/0x730 [ 3070.375805] x_tables: eb_tables: snat target: used from hooks PREROUTING, but only usable from POSTROUTING [ 3070.378368] __alloc_pages_nodemask+0x36e/0xdb0 [ 3070.378385] ? lock_downgrade+0x8f0/0x8f0 [ 3070.378403] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3070.411783] ? graph_lock+0x170/0x170 [ 3070.415601] ? __lock_is_held+0xb5/0x140 [ 3070.419673] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3070.424217] ? __lock_is_held+0xb5/0x140 [ 3070.428308] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3070.433864] alloc_pages_current+0x10c/0x210 [ 3070.438297] __get_free_pages+0xf/0x40 [ 3070.442208] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3070.446983] kvm_mmu_load+0x21/0x10e0 [ 3070.450810] vcpu_enter_guest+0x3aa6/0x6090 [ 3070.455139] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3070.459393] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3070.464253] ? vmx_vcpu_load+0xadf/0xff0 [ 3070.468337] ? __lock_acquire+0x7fc/0x5020 [ 3070.472582] ? vmx_vcpu_reset+0x1040/0x1040 [ 3070.476917] ? graph_lock+0x170/0x170 [ 3070.480746] ? __lock_acquire+0x7fc/0x5020 [ 3070.485000] ? __lock_is_held+0xb5/0x140 [ 3070.489072] ? lock_acquire+0x1e4/0x540 [ 3070.493062] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3070.498094] ? lock_release+0xa30/0xa30 [ 3070.502077] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3070.507402] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3070.511912] ? preempt_notifier_dec+0x20/0x20 [ 3070.516607] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3070.521462] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3070.526528] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3070.530611] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3070.536336] ? find_held_lock+0x36/0x1c0 [ 3070.540420] ? find_held_lock+0x36/0x1c0 [ 3070.544505] ? lock_downgrade+0x8f0/0x8f0 [ 3070.548672] ? kasan_check_read+0x11/0x20 [ 3070.552839] ? rcu_is_watching+0x8c/0x150 [ 3070.557000] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3070.561426] ? __fget+0x414/0x670 [ 3070.564882] ? find_held_lock+0x11/0x1c0 [ 3070.568934] ? expand_files.part.8+0x9c0/0x9c0 [ 3070.573933] ? kasan_check_write+0x14/0x20 [ 3070.578168] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3070.583090] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3070.588794] do_vfs_ioctl+0x1de/0x1720 [ 3070.592669] ? __lock_is_held+0xb5/0x140 [ 3070.596721] ? ioctl_preallocate+0x300/0x300 [ 3070.601113] ? __fget_light+0x2f7/0x440 [ 3070.605071] ? fget_raw+0x20/0x20 [ 3070.608523] ? __sb_end_write+0xac/0xe0 [ 3070.612485] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3070.618030] ? fput+0x130/0x1a0 [ 3070.621313] ? ksys_write+0x1ae/0x260 [ 3070.625104] ? security_file_ioctl+0x94/0xc0 [ 3070.629499] ksys_ioctl+0xa9/0xd0 [ 3070.632937] __x64_sys_ioctl+0x73/0xb0 [ 3070.636810] do_syscall_64+0x1b9/0x820 [ 3070.640679] ? syscall_slow_exit_work+0x500/0x500 [ 3070.645526] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3070.650442] ? syscall_return_slowpath+0x31d/0x5e0 [ 3070.655361] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3070.660717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3070.665559] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3070.670732] RIP: 0033:0x455ab9 [ 3070.673901] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3070.693102] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3070.700797] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3070.708051] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3070.715312] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 14:36:31 executing program 2 (fault-call:7 fault-nth:76): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:31 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0xf00, &(0x7f0000000200)) 14:36:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:31 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:31 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\b\x00', 0xfff}) 14:36:31 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev={0xac, 0x14}}], 0x10) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) unshare(0x800) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000000)={r2, @in={{0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x8, 0x6, 0x3, 0x180000000, 0x35}, &(0x7f00000000c0)=0x98) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x800, 0x0) ioctl$BLKROGET(r3, 0x125e, &(0x7f0000000180)) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x70, &(0x7f0000000300)={r2}, &(0x7f0000000100)=0x8) 14:36:31 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:31 executing program 4: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x40, 0x0) truncate(&(0x7f0000000080)='./file0\x00', 0x6) fcntl$getownex(r0, 0x10, &(0x7f0000000040)) r1 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3070.722572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3070.729825] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000004b 14:36:31 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) getsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000000), &(0x7f0000000040)=0x4) 14:36:31 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000feffffff00", 0xfff}) [ 3070.858402] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3070.865909] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:31 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:31 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3070.979923] FAULT_INJECTION: forcing a failure. [ 3070.979923] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3070.992090] CPU: 1 PID: 10075 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3070.999467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3071.008840] Call Trace: [ 3071.011444] dump_stack+0x1c9/0x2b4 [ 3071.015093] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3071.020302] ? lock_downgrade+0x8f0/0x8f0 [ 3071.024478] should_fail.cold.4+0xa/0x1a [ 3071.028560] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3071.033690] ? graph_lock+0x170/0x170 [ 3071.037613] ? is_bpf_text_address+0xd7/0x170 [ 3071.042139] ? find_held_lock+0x36/0x1c0 [ 3071.046222] ? __lock_is_held+0xb5/0x140 [ 3071.050312] ? check_same_owner+0x340/0x340 [ 3071.054662] ? rcu_note_context_switch+0x730/0x730 [ 3071.059628] __alloc_pages_nodemask+0x36e/0xdb0 [ 3071.064348] ? lock_downgrade+0x8f0/0x8f0 [ 3071.067389] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3071.068514] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3071.068534] ? graph_lock+0x170/0x170 [ 3071.068553] ? __lock_is_held+0xb5/0x140 [ 3071.075950] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3071.080918] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3071.080948] ? __lock_is_held+0xb5/0x140 [ 3071.080976] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3071.117202] alloc_pages_current+0x10c/0x210 [ 3071.121628] __get_free_pages+0xf/0x40 [ 3071.125534] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3071.130308] kvm_mmu_load+0x21/0x10e0 [ 3071.134137] vcpu_enter_guest+0x3aa6/0x6090 [ 3071.138479] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3071.142766] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3071.147455] ? vmx_vcpu_load+0xadf/0xff0 [ 3071.151532] ? __lock_acquire+0x7fc/0x5020 [ 3071.155782] ? vmx_vcpu_reset+0x1040/0x1040 [ 3071.160117] ? graph_lock+0x170/0x170 [ 3071.163938] ? __lock_acquire+0x7fc/0x5020 [ 3071.168202] ? __lock_is_held+0xb5/0x140 [ 3071.172357] ? recover_data+0x17d0/0x62a0 [ 3071.176524] ? lock_acquire+0x1e4/0x540 14:36:31 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffff000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:31 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000000000fffffd", 0xfff}) 14:36:31 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7a00000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:31 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000000e40)) sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000040)=@sco={0x1f, {0x2b6, 0x6, 0x1, 0x9, 0x59a860f9, 0x9}}, 0x80, &(0x7f0000000700)=[{&(0x7f00000000c0)="692dd136934cb54f42412947a4923825292a6c997889fff9d39cb15b9261ed47ca85ca24404fd9a18769f9822294e58111e4f5d64faff58d12011cc65e7e90f95cce3327fb3da781e455b2900d4c24d02cb42a20ba31817493c1742e2cf5cc24ec4b", 0x62}, {&(0x7f0000000240)="bd2ef99c88688ccbc9ebe7a4018a539e55df01764db151b0f212066159d3a6edf696bad3a79e98f4a7ec80937a12e9762921e84a5fb65389e48d3951bd15ffa23311d591faab6176d680a400dc965cac2743c16b665f46908f4bb4d141ed60ccd36b634ae9115b00", 0x68}, {&(0x7f00000002c0)="cdc94566a98373621f9a7db19e3636b8ee15707fa3ce5f880f09baf08c49778f8c5585931d0493c712cf8c2ce5d3e85a18709eea40a39ee34569e2619b07159248930562be1811afaa568edb91d042c01898d49c87bcc0f9dfaceb8a4684762257455f1afab817e4a7672c46f188e1c23642169b0cdaaea643e4f3cbb72fb0c2edcb7a236b1a465e69817bad1a008014156eb52b0f516edd45be83df7d16f9541c411bd71c1eecd7edbd1beb1fce30b45209b5a11ef66da92f2b2347a0e5d77cec31e1e082a4518924f89c99d1427da947873c4b", 0xd4}, {&(0x7f00000003c0)="af6cbea19ab7f5be74823d6a8885de91cd98d32c1f91b34902b44bffdf638414c5e0e3bfbbd0e94f1141728d36bfb929c1e34c01c9881b720d113691bb3d36688667841cf7ecc8ddcb1f43e01731c77dca63261337adfe4e62ad3f1f2ed94ea1895a09e2c563e566e510f470d0f00d0c0c1aab7c0b5102471643aa5d236edf74e84ab5731302a529a0", 0x89}, {&(0x7f0000000480)="cd803f4367d105e461921d39478cfa46063433ff9941a46071fd43d79e0e3a5a8ba7537eb3691a0d8ca8bb644d694b2457f84b5aff67fcaeabc2a4f5bf93b83a3e9821c587da6dd7185a343a1077e79be7c6e5fc5c6dc6787527146e4162153664eeab776da66237422c400eff63687649ff15087ee2f80a094d4f2adf8fa27a743b666b95ba30e051630ee622b340a62ab649ee9bc0c7355b94ac5d7d35ea584d8a3201daf4c65630700c80db6218a2cc60ddadafc07cb7f4a0617cc35e8da5b1a3a5b45f896fb2e3d34a75ad6a057001f616d4fb8e9ff521be9823d5ce06ad1bb58b8575e44ac670410cf474b29ae2", 0xf0}, {&(0x7f0000000580)="31bde0776f65948e66519c1ce40cefc3ccf253d607e43224b138dce28e43604d240da3f0e00e9f521f66b1d61850cc99523793615373ed9de316c0f926abf976e8f71d96ae84efee43c279e0b2de29b9b7646cae11523c875375387fac51", 0x5e}, {&(0x7f0000000600)="1fdd8681ba1ac3a2a1b9b032cf2cfa02c19d1341152ea4bb199d4f0499584d00fa852614ea462b0de46fbec15134f06d6b304edc4b7985b76850aaf3a4102fa04bb7d97300ef6330e124e076d081c101d267da73ad845047b37a8d3188f40eeea8296e8424f27a7711f158584e4984ade381fe38e574548e71a4fa6da615e1fc7e2e64cb47104c9bc909ea2fa86ff886d4a8a19361cc15b272e2268a1a068d7e3aa04a55c80a81402b5b06b6252719f5175a7ec4c4712f1caad95eae5275c82df93479bb5b24db1eed8f04fb266f5a9115a1d80716f3454d516dc8", 0xdb}], 0x7, &(0x7f0000000180), 0x0, 0xc004}, 0x4000000) bind$netlink(r0, &(0x7f00000007c0)={0x10, 0x0, 0x25dfdbfe, 0x20}, 0xc) ioctl$int_out(r0, 0x2, &(0x7f0000000180)) r1 = socket$kcm(0xa, 0x122000000003, 0x11) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000800)={0x0}, &(0x7f0000000840)=0xc) sendmsg$netlink(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000880)={0x3b0, 0x2a, 0x300, 0x70bd29, 0x25dfdbff, "", [@nested={0x17c, 0x69, [@typed={0x8, 0x7a, @pid=r2}, @typed={0x8, 0x76, @u32=0x8}, @typed={0x8, 0x29, @fd=r1}, @typed={0x8, 0x37, @ipv4=@loopback=0x7f000001}, @typed={0x8, 0x42, @ipv4=@local={0xac, 0x14, 0x14, 0xaa}}, @generic="c1ce98499ab56164f643eec1a3b850339ce71a51476714e994ab99745b81ebbd2bd5d2254274706869c8bd60c110ef1810e26791bf80149411acf87b8dc106bd1e58f188f6a2c61afb7cb81191996d37ec5303186d", @typed={0x14, 0x65, @ipv6=@loopback={0x0, 0x1}}, @generic="6b27657166102f77fc", @generic="71263ccf0c31ed0a2a5cd80bb4da774545f7fb96b324f6ada6646c739dd6b9f5928da7bdc97ad3ce8aed03549b96a918770860a4a9d0c7f55bc2778f9a056fcc478ebf5efb446fb46595bc332b8f240eff53b1d336579be8999c449dc5106533a9eb128ce81062e4a03419a99dc87e909fe5a78fb43cbec82dec544d620ebbeb521c236cf40dba0a451170ebcf90dec50205f976fbb5eedd3f8c2aba18e674032a44d2a6f6bf05b4ca033eaf70c9a62af36244d8ac16bb9cff4187e9830fca558061628dad97d4f8aa4fe316ed1804133c9d20a004f1563ae9ef98b90426"]}, @generic="1a5f0c67dd9e6b78a1ffff70d046833693dbde0234ff969c452505f9b9dac0307ec9a27964ad391a08a3914412eb24c097b056d699b027aa75b2a016351ba2a04bad20bdcc1a0d08252930e5cdf363cff13cfa3391a8cd0303a85e7877b596a77c0486130362dc9633c98e83e052c03a0fedd6967aea56a72683276864df", @generic="249f6bb3411fdd9dd486c9545156bf83a89d9beaa8fc11edea7d2e0306ab0db54b1708868ade50dc77ba6a0fef98d498c79c41553bbb6524c91272fb79727dae90579bfb566d8b2ecd4b3107cde535034fb84f23fbcc1f624ec9a6adf35351d7c672bb556721709288d202cea735471d287445f53ed2277ff0cf399a7dba091940888ee7abbc50b9c0531f23e1f69dd4dc2ea4b17754cddc9742ee3174ffd36930c2f9537c67aa85dad09f6d155babeda99f749ea622a983716c4ea4d3fb13d8a893be6759303c3f865e9891c2dda95e69061246c2bdd32321a5e9f65e8cd106dd8ffd4bfe8926c1ec159d709e4931a2866fad7875c8ecc6abc6c6", @typed={0x88, 0xe, @binary="14b37f323702e0a9259f5491d7c46161e8834910725d824ae3e4664171186eb933e914418514d71c7eb46d59f4e8cf7be5a0c76c12c0d9dc362694f7c3e1b009a0512257f5a1970a78c52e82c6af37e4ef09cfcc925c963b76d1489037c8b2089c00390beb91243d9338f9667aae7a1e950dc4e0eae1bdb9fa516a891c81ff0084e4986b"}, @generic="5f80c0028f3c3e7cc4eb487a74d83a93260b3b6f7ad2eda9", @typed={0x8, 0x92, @ipv4=@rand_addr=0x5cb9}]}, 0x3b0}], 0x1, &(0x7f0000000c80)=[@rights={0x20, 0x1, 0x1, [r1, r1, r0, r1]}], 0x20, 0x4}, 0xc000) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f0000000d40)={{0x3, 0x3, 0x80, 0x3}, 0x5a1, 0x9, 'id0\x00', 'timer1\x00', 0x0, 0x7fffffff, 0x8, 0x2, 0x7}) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000e80)={{0xa, 0x4e22, 0xffff00000, @ipv4={[], [0xff, 0xff]}, 0x55fe}, {0xa, 0x4e21, 0x1000, @empty, 0x5}, 0x3, [0x8, 0x9297, 0x5, 0x56c, 0x40, 0x4, 0x4, 0x8]}, 0x5c) [ 3071.180599] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3071.183544] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3071.185724] ? lock_release+0xa30/0xa30 [ 3071.185741] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3071.185756] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3071.185774] ? preempt_notifier_dec+0x20/0x20 [ 3071.193267] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3071.197224] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3071.197239] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3071.197263] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3071.240289] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3071.246023] ? find_held_lock+0x36/0x1c0 [ 3071.250110] ? find_held_lock+0x36/0x1c0 [ 3071.254199] ? lock_downgrade+0x8f0/0x8f0 [ 3071.258375] ? kasan_check_read+0x11/0x20 [ 3071.262535] ? rcu_is_watching+0x8c/0x150 [ 3071.266696] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3071.271126] ? __fget+0x414/0x670 [ 3071.274596] ? find_held_lock+0x11/0x1c0 [ 3071.278679] ? expand_files.part.8+0x9c0/0x9c0 [ 3071.283281] ? kasan_check_write+0x14/0x20 [ 3071.287534] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3071.292484] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3071.298208] do_vfs_ioctl+0x1de/0x1720 [ 3071.302113] ? __lock_is_held+0xb5/0x140 [ 3071.306195] ? ioctl_preallocate+0x300/0x300 [ 3071.310616] ? __fget_light+0x2f7/0x440 [ 3071.314651] ? fget_raw+0x20/0x20 [ 3071.318121] ? __sb_end_write+0xac/0xe0 [ 3071.322125] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3071.327678] ? fput+0x130/0x1a0 [ 3071.330978] ? ksys_write+0x1ae/0x260 [ 3071.334791] ? security_file_ioctl+0x94/0xc0 [ 3071.339215] ksys_ioctl+0xa9/0xd0 [ 3071.342718] __x64_sys_ioctl+0x73/0xb0 [ 3071.346629] do_syscall_64+0x1b9/0x820 [ 3071.350531] ? syscall_slow_exit_work+0x500/0x500 [ 3071.355430] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3071.360383] ? syscall_return_slowpath+0x31d/0x5e0 [ 3071.365333] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3071.370756] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3071.375629] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3071.380828] RIP: 0033:0x455ab9 [ 3071.384019] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3071.403403] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3071.411129] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3071.418452] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:31 executing program 2 (fault-call:7 fault-nth:77): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:31 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000000fe00", 0xfff}) 14:36:31 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x81d, &(0x7f0000000200)) 14:36:31 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4c00000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:31 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3071.425737] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3071.433022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3071.440310] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000004c [ 3071.596646] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3071.604192] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3071.692229] FAULT_INJECTION: forcing a failure. [ 3071.692229] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3071.704322] CPU: 1 PID: 10125 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3071.711703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3071.721088] Call Trace: [ 3071.723703] dump_stack+0x1c9/0x2b4 [ 3071.727361] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3071.732582] ? lock_downgrade+0x8f0/0x8f0 [ 3071.736775] should_fail.cold.4+0xa/0x1a 14:36:32 executing program 5: perf_event_open(&(0x7f0000000140)={0x800002, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000040)={0xffffffffffffffff}) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000080)=0x2, 0x4) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/dev_mcast\x00') sendfile(r0, r2, &(0x7f00004db000)=0x48000000, 0xff) 14:36:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000031600"}}}]}, 0x138}, 0x1}, 0x0) 14:36:32 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x1c0, 0x0) setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000040)={0x4, 0x57, 0x0, 0x4ab}, 0x8) 14:36:32 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:32 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:32 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x80c, &(0x7f0000000200)) 14:36:32 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000fdffffff00", 0xfff}) [ 3071.740858] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3071.745978] ? graph_lock+0x170/0x170 [ 3071.749794] ? is_bpf_text_address+0xd7/0x170 [ 3071.754305] ? find_held_lock+0x36/0x1c0 [ 3071.758382] ? __lock_is_held+0xb5/0x140 [ 3071.762465] ? check_same_owner+0x340/0x340 [ 3071.766984] ? rcu_note_context_switch+0x730/0x730 [ 3071.771940] __alloc_pages_nodemask+0x36e/0xdb0 [ 3071.776632] ? lock_downgrade+0x8f0/0x8f0 [ 3071.780802] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3071.785864] ? graph_lock+0x170/0x170 [ 3071.789688] ? __lock_is_held+0xb5/0x140 [ 3071.793770] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3071.798215] ? __lock_is_held+0xb5/0x140 [ 3071.802310] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3071.807876] alloc_pages_current+0x10c/0x210 [ 3071.812308] __get_free_pages+0xf/0x40 [ 3071.816219] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3071.821175] kvm_mmu_load+0x21/0x10e0 [ 3071.824998] vcpu_enter_guest+0x3aa6/0x6090 [ 3071.829337] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3071.833616] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3071.838332] ? vmx_vcpu_load+0xadf/0xff0 [ 3071.842414] ? __lock_acquire+0x7fc/0x5020 [ 3071.846667] ? vmx_vcpu_reset+0x1040/0x1040 [ 3071.851005] ? graph_lock+0x170/0x170 [ 3071.854825] ? __lock_acquire+0x7fc/0x5020 [ 3071.859089] ? __lock_is_held+0xb5/0x140 [ 3071.863170] ? lock_acquire+0x1e4/0x540 [ 3071.867181] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3071.872225] ? lock_release+0xa30/0xa30 [ 3071.876210] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3071.881505] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3071.886015] ? preempt_notifier_dec+0x20/0x20 14:36:32 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000eed000)={0x2, 0x1}, 0x10) syz_emit_ethernet(0x423, &(0x7f00000002c0)=ANY=[@ANYBLOB="0180c2000000000014000000080045000415000000000011907800000000e0000001000000010401907800d7050200f53475b441d632cdbbcb211363807aec73d3883762a61dc02d349bfa3ac974b987aa7fb97eb324d594fbbb77bab759418aa8d451d921e8f5d2cf2bc9edfd6369f817ec3104b9c864ac08292111701192e97cac366dd3eb2e0fb039e58314ef4709c5f3556db6a1ab6b4fb2bdd83cdc26e8395ec4984ec3faf71a611d1569545d654cded93be827a85188b803c19c1b56aab522862a718b81e512b49690994d3425e33bd93f0e744c66a083c1f9f1bd7bb8f9e123c08f3f041e34657fd3fdc058136cf0071a47cc0e38720a12e11e842a7b5b26dff07f578fdb9a7b14662a625c1ee76c41ccb2b1fc6376aa718e1067b9e4af511ef5b360dbfad326108bb033db193dab27974eb8c462739eaee51d87f31c516e7e391073770da3202e02c41a7277c847df24bd5b0a7ab6e252f3c8ebf00688cc55311d887e8bfd95a7f4c6a126af3fe26714ddb869c66d18f870631bbd497e8a06881b754ecdcdd0dcffc51cd52a6b560f8d64b63a1674745edc5f53b18a8ffcc5c2fbc4d2bbcc2faf3c189d9b36c0655d1394f5c127ec86b8a764a87b546c2b6ac37d0a8ec3edd7cda6f930570763dbdc0640d219749bd57c7c89eaadfdae41d654a46b17be069a32a7d94d29b612fbe61b8bd11a2d10ba5d4ac7014fc0465c3f144598bd1f913343e7293711040eee0ae8df1e49f04ed1037d4b742aed0e932116060aaf6b985238d2e10fb5b11d19d7801befed4833287d96a85a7cdd9e211a672760335655576fc0fa0336621c2b2b1018ef71bb5077c67ee5fa8d479d6776013363e98b1f1213712be7e47549b6035459008c509f0f983130a451531381ee3c1ab9e1cbb8e558b56ca1a70939389addc5f9632b37ff3f634abb504bb0be0a51649683f6e29588c15cda40255e173328681884ffef6729e9058c5623e1401fdcc7b8cb5623a8fd725fbeea05fc417c44e46500619218dff7c70aa068994c58883cada505a2aa85b6620dfe9c45b707c9aa1222b86972eae564b28a05ddfa3545df231fde2707d4bf67dc6ba41daba91dee8081e5c7e2bcfbebebd42d5ab8a32d6e098fd57233e3b813dc0d772134775def451823b7fef2bc93da01722cd613b9a3db7e2d4c51fb7b56006ee9cea53b62343599a56167388d45247f9289fb1cab67a7cb0c3665ddf1e1411875b4de3428b32fc6603691a023d8e4cb93c667acb7b535fb5f77af9a49640cbe8ffe3a193cf4df1b556a67cb753c60bdf978b871aa513c07074c6602037ebc32199290e3c7ac6f103ad9358951ad4de0c8f1b34951b0e6a48295975cf08b2c3c95064855fc95317e386f1c18608d1d08699003c998b93332cd316f17a5139d350cbfa9dabc3f77c4197a0186e50913978e980a7a028e7ccdeee718af028200e94a6b3a0ec93ba14b0c64dfaf3967e230d8cf876f26287d"], 0x0) 14:36:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000000300"}}}]}, 0x138}, 0x1}, 0x0) [ 3071.890537] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3071.895409] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3071.900629] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3071.904712] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3071.910442] ? find_held_lock+0x36/0x1c0 [ 3071.914526] ? find_held_lock+0x36/0x1c0 [ 3071.918620] ? lock_downgrade+0x8f0/0x8f0 [ 3071.922800] ? kasan_check_read+0x11/0x20 [ 3071.927016] ? rcu_is_watching+0x8c/0x150 [ 3071.931175] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3071.935610] ? __fget+0x414/0x670 [ 3071.939082] ? find_held_lock+0x11/0x1c0 14:36:32 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3071.943164] ? expand_files.part.8+0x9c0/0x9c0 [ 3071.947764] ? kasan_check_write+0x14/0x20 [ 3071.952017] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3071.956971] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3071.962701] do_vfs_ioctl+0x1de/0x1720 [ 3071.966618] ? __lock_is_held+0xb5/0x140 [ 3071.970701] ? ioctl_preallocate+0x300/0x300 [ 3071.975133] ? __fget_light+0x2f7/0x440 [ 3071.979125] ? fget_raw+0x20/0x20 [ 3071.982612] ? __sb_end_write+0xac/0xe0 [ 3071.986613] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3071.992166] ? fput+0x130/0x1a0 [ 3071.995458] ? ksys_write+0x1ae/0x260 [ 3071.999274] ? security_file_ioctl+0x94/0xc0 [ 3072.003697] ksys_ioctl+0xa9/0xd0 [ 3072.007169] __x64_sys_ioctl+0x73/0xb0 [ 3072.011075] do_syscall_64+0x1b9/0x820 [ 3072.014977] ? syscall_slow_exit_work+0x500/0x500 [ 3072.019834] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3072.024775] ? syscall_return_slowpath+0x31d/0x5e0 [ 3072.029722] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3072.035137] ? trace_hardirqs_off_thunk+0x1a/0x1c 14:36:32 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000300", 0xfff}) [ 3072.040027] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3072.045226] RIP: 0033:0x455ab9 [ 3072.048417] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3072.067796] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3072.075549] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3072.082858] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3072.090166] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3072.097541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3072.104831] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000004d 14:36:32 executing program 2 (fault-call:7 fault-nth:78): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:32 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x2) setsockopt$inet6_int(r0, 0x29, 0x13, &(0x7f0000000080)=0x87, 0x2d) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'veth1\x00', {0x2, 0x4e21, @rand_addr=0x7fffffff}}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x400000, 0x0) ioctl$KVM_GET_FPU(r1, 0x81a0ae8c, &(0x7f0000000280)) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f00000001c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1100}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x20, 0x70bd2b, 0x25dfdbff, {0x3}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e24}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0xff}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_AF={0x8, 0x2, 0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x24000040) syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') 14:36:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:32 executing program 4: r0 = socket$kcm(0xa, 0x5, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nfc_llcp={0x27, 0x0, 0x2, 0x6, 0x100, 0x400, "e86f10c3b9d92ffa2da8d9538795669c428d2f5262ec9eddb820b2af5ec0024a627d23a70f2a9a13a0668128a1e66d1399d8c4301c25b1d7808c250e7212c2", 0xa}, 0x80, &(0x7f0000000240)}, 0x0) 14:36:32 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00100], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3072.168332] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3072.176091] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:32 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\a\x00', 0xfff}) 14:36:32 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:32 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x804, &(0x7f0000000200)) 14:36:32 executing program 5: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x7fffffff, 0x400000) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000000c0)={{{@in=@multicast1, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@remote}}, &(0x7f00000001c0)=0xe8) ioctl$sock_inet6_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f0000000400)={@dev={0xfe, 0x80, [], 0x1a}, 0x3f, r2}) sendmsg$nl_route(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)=@dellink={0xc4, 0x11, 0x8, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, 0x800, 0x4}, [@IFLA_LINKINFO={0x68, 0x12, @ip6ip6={{0xc, 0x1, 'ip6tnl\x00'}, {0x58, 0x2, [@IFLA_IPTUN_PROTO={0x8, 0x9, 0x29}, @tunl6_policy=[@IFLA_IPTUN_FLAGS={0x8, 0x8, 0x40}, @IFLA_IPTUN_ENCAP_LIMIT={0x8, 0x6, 0x3}, @IFLA_IPTUN_ENCAP_LIMIT={0x8, 0x6, 0x9}], @IFLA_IPTUN_PROTO={0x8, 0x9, 0x29}, @tunl6_policy=[@IFLA_IPTUN_LOCAL={0x14, 0x2, @mcast2={0xff, 0x2, [], 0x1}}, @IFLA_IPTUN_ENCAP_LIMIT={0x8, 0x6, 0x7}, @IFLA_IPTUN_ENCAP_LIMIT={0x8, 0x6, 0xfffffffffffffff9}, @IFLA_IPTUN_ENCAP_LIMIT={0x8, 0x6, 0xf97d}]]}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x10}, @IFLA_AF_SPEC={0x2c, 0x1a, [{0x4, 0x7}, {0x4, 0xf}, {0x4, 0x2}, {0x4, 0x2}, {0x4, 0xa}, {0x4, 0xa}, {0x4, 0xa}, {0x4, 0xa}, {0x4, 0x7}, {0x4, 0xa}]}, @IFLA_CARRIER_CHANGES={0x8, 0x23, 0x7ff}]}, 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x8000) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000040)={'lo\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) close(r0) 14:36:32 executing program 4: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x7f, 0x80202) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x106, 0x9}}, 0x20) ioctl$KVM_XEN_HVM_CONFIG(r0, 0x4038ae7a, &(0x7f00000000c0)={0x3ff, 0x1e0, &(0x7f0000000380)="91fbb9de12d0757c90d12a1578c58bcbe4622b180f6376ea81ff263edca5b714a471d1c04769a53a15b78674140b7d0675c07cb3a3ad0219de967735b21f1ee44e916ca736303317996a253081c4535a9d0e306e420360d5b4208fcc90baef3f62886984cb3cc602348571212c766bf715491df39c5246809a84070de41f60d746e271af2ce9e57f48aec1b386c66d232e923ec7b8f12ac283b2c2b3314f", &(0x7f0000000440)="c6b4bf30bec3caab5b5b5a37244d36641e777af50f2626d547b47bee883744e5f69014a6617ae30a1ca86352f5f17eb4e8cc0dffd217d9e7802de1b86c19a1206ff10a3816fed2afb108a9213693644df6df568567fc94a9f33c293e7a71a00029dc943c5e1fed1d63ff7593e0c9fb6ced6cd493e9b0202895c263fb76b3b08a65c006c345dbd442fc8d16aaf67e1eb0532190cbf72500e45fecbe03979ee86681f21d893ca4504e8ea5e7c740633728476a165fc61dd95654b4e970d5218645d79b94a72df295c62ca8b3af73365e28b8b45d4daabb57ad321a07639767796fb862441d", 0x9e, 0xe4}) write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f0000000240)={0x9, 0x108, 0xfa00, {r1, 0xd5, "8800a3", "51500bb1170a631c85f21ee6a9233d1b7e4ba59fc2f17cfe8677bfb0926656f39320a6a5a3387851d5e325ef1be72fe582f2753b0303c04dfaff573b23bcec5883cec4b816fc83581c196c70b963abd4713a2b90a625b9e89d5d8aa2ff20a61f519165402e489324bc0cc09008fcd0167990e936c8d20235cbefe9aca181f94cbb45a2d0b2b1a0bd3009bd679a48c2f870f23613ab373947a1fa15b0c0c8926632fe640592735ba29d19ad450877865b69db9baa80fcfc98fde42a2fb308ce8030321859daa22bbef2691f51427869254d172b2c536571bd44e78684938f03ff4b66f1c1afefbfd698db2a9f866d9580d0123cac107143eb8f37638cce8b52be"}}, 0x110) r2 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:32 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:32 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:32 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000007fffffff00", 0xfff}) 14:36:32 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) 14:36:32 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000000600", 0xfff}) 14:36:32 executing program 5: r0 = socket$inet6(0xa, 0x1000000000004, 0xfffffffffffffffc) ioctl(r0, 0x8912, &(0x7f0000000040)="025cc83d6d345f8f762070") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x0) ioctl$TCXONC(r2, 0x540a, 0x3) [ 3072.619133] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3072.705463] FAULT_INJECTION: forcing a failure. [ 3072.705463] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3072.717444] CPU: 1 PID: 10197 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3072.724822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3072.734187] Call Trace: [ 3072.736802] dump_stack+0x1c9/0x2b4 [ 3072.740453] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3072.745669] ? lock_downgrade+0x8f0/0x8f0 [ 3072.749848] should_fail.cold.4+0xa/0x1a [ 3072.753940] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3072.759074] ? graph_lock+0x170/0x170 [ 3072.762886] ? is_bpf_text_address+0xd7/0x170 [ 3072.767401] ? find_held_lock+0x36/0x1c0 [ 3072.771478] ? __lock_is_held+0xb5/0x140 [ 3072.775570] ? check_same_owner+0x340/0x340 [ 3072.779900] ? rcu_note_context_switch+0x730/0x730 [ 3072.784852] __alloc_pages_nodemask+0x36e/0xdb0 [ 3072.789572] ? lock_downgrade+0x8f0/0x8f0 [ 3072.793742] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3072.798864] ? graph_lock+0x170/0x170 [ 3072.802679] ? __lock_is_held+0xb5/0x140 [ 3072.806784] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3072.811222] ? __lock_is_held+0xb5/0x140 [ 3072.815310] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3072.820881] alloc_pages_current+0x10c/0x210 [ 3072.825312] __get_free_pages+0xf/0x40 [ 3072.829220] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3072.834004] kvm_mmu_load+0x21/0x10e0 [ 3072.837838] vcpu_enter_guest+0x3aa6/0x6090 [ 3072.842182] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3072.846451] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3072.851147] ? vmx_vcpu_load+0xadf/0xff0 [ 3072.855235] ? __lock_acquire+0x7fc/0x5020 [ 3072.859490] ? vmx_vcpu_reset+0x1040/0x1040 [ 3072.863857] ? graph_lock+0x170/0x170 [ 3072.867680] ? __lock_acquire+0x7fc/0x5020 [ 3072.871928] ? __lock_is_held+0xb5/0x140 [ 3072.875985] ? lock_acquire+0x1e4/0x540 [ 3072.879960] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3072.884974] ? lock_release+0xa30/0xa30 [ 3072.888948] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3072.894225] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3072.898730] ? preempt_notifier_dec+0x20/0x20 [ 3072.903219] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3072.908055] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3072.913075] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3072.917152] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3072.922860] ? find_held_lock+0x36/0x1c0 [ 3072.926914] ? find_held_lock+0x36/0x1c0 [ 3072.930967] ? lock_downgrade+0x8f0/0x8f0 [ 3072.935108] ? kasan_check_read+0x11/0x20 [ 3072.939245] ? rcu_is_watching+0x8c/0x150 [ 3072.943405] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3072.947808] ? __fget+0x414/0x670 [ 3072.951262] ? find_held_lock+0x11/0x1c0 [ 3072.955309] ? expand_files.part.8+0x9c0/0x9c0 [ 3072.959875] ? kasan_check_write+0x14/0x20 [ 3072.964097] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3072.969030] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3072.974742] do_vfs_ioctl+0x1de/0x1720 [ 3072.978622] ? __lock_is_held+0xb5/0x140 [ 3072.982672] ? ioctl_preallocate+0x300/0x300 [ 3072.987079] ? __fget_light+0x2f7/0x440 [ 3072.991050] ? fget_raw+0x20/0x20 [ 3072.994519] ? __sb_end_write+0xac/0xe0 [ 3072.998509] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3073.004050] ? fput+0x130/0x1a0 [ 3073.007319] ? ksys_write+0x1ae/0x260 [ 3073.011113] ? security_file_ioctl+0x94/0xc0 [ 3073.015514] ksys_ioctl+0xa9/0xd0 [ 3073.018955] __x64_sys_ioctl+0x73/0xb0 [ 3073.022830] do_syscall_64+0x1b9/0x820 [ 3073.026706] ? syscall_slow_exit_work+0x500/0x500 [ 3073.031537] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3073.036458] ? syscall_return_slowpath+0x31d/0x5e0 [ 3073.041388] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3073.046742] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3073.051579] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3073.056762] RIP: 0033:0x455ab9 [ 3073.059932] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3073.079142] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3073.086850] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3073.094108] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:33 executing program 2 (fault-call:7 fault-nth:79): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:33 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:33 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:33 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000180)="025cc80a2b345f8f762070") r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000640)='/dev/net/tun\x00', 0x0, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x280000, 0x0) sendmsg$nl_crypto(r2, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20050010}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=@del={0xf8, 0x11, 0x800, 0x70bd28, 0x25dfdbfc, {{'morus1280-sse2\x00'}, [], [], 0x2400, 0x2400}, [{0x8, 0x1, 0x10001}, {0x8, 0x1, 0x400}, {0x8, 0x1, 0xffffffffffff8000}]}, 0xf8}, 0x1}, 0x1) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000600)={"00ac730000000000ec973f820f7c4000", 0xc201}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x339) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'team_slave_1\x00', 0x30}) close(r1) 14:36:33 executing program 4: r0 = socket$kcm(0xa, 0x7, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000)) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x0, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f00000000c0)) openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x440000, 0x0) 14:36:33 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6c00}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:33 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000200", 0xfff}) [ 3073.101379] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3073.108642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3073.115912] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000004e 14:36:33 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x821, &(0x7f0000000200)) [ 3073.261622] FAULT_INJECTION: forcing a failure. [ 3073.261622] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3073.273699] CPU: 1 PID: 10241 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3073.281079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3073.290446] Call Trace: [ 3073.293082] dump_stack+0x1c9/0x2b4 [ 3073.296732] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3073.301944] ? lock_downgrade+0x8f0/0x8f0 [ 3073.306128] should_fail.cold.4+0xa/0x1a 14:36:33 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3073.310218] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3073.315345] ? graph_lock+0x170/0x170 [ 3073.319162] ? is_bpf_text_address+0xd7/0x170 [ 3073.323683] ? find_held_lock+0x36/0x1c0 [ 3073.327796] ? __lock_is_held+0xb5/0x140 [ 3073.331998] ? check_same_owner+0x340/0x340 [ 3073.336346] ? rcu_note_context_switch+0x730/0x730 [ 3073.341833] __alloc_pages_nodemask+0x36e/0xdb0 [ 3073.346548] ? lock_downgrade+0x8f0/0x8f0 [ 3073.350751] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3073.355789] ? graph_lock+0x170/0x170 14:36:33 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf903000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3073.359874] ? __lock_is_held+0xb5/0x140 [ 3073.363955] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3073.368414] ? __lock_is_held+0xb5/0x140 [ 3073.372508] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3073.378070] alloc_pages_current+0x10c/0x210 [ 3073.382506] __get_free_pages+0xf/0x40 [ 3073.386415] mmu_topup_memory_caches+0x1f8/0x3a0 [ 3073.391206] kvm_mmu_load+0x21/0x10e0 [ 3073.395036] vcpu_enter_guest+0x3aa6/0x6090 [ 3073.399378] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3073.403637] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3073.408335] ? vmx_vcpu_load+0xadf/0xff0 14:36:33 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0xfffffffffffffc79, &(0x7f0000000240)}, 0x0) [ 3073.412414] ? __lock_acquire+0x7fc/0x5020 [ 3073.416683] ? vmx_vcpu_reset+0x1040/0x1040 [ 3073.421022] ? graph_lock+0x170/0x170 [ 3073.424846] ? __lock_acquire+0x7fc/0x5020 [ 3073.429108] ? __lock_is_held+0xb5/0x140 [ 3073.433192] ? lock_acquire+0x1e4/0x540 [ 3073.437184] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3073.442223] ? lock_release+0xa30/0xa30 [ 3073.446206] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3073.451501] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3073.456017] ? preempt_notifier_dec+0x20/0x20 14:36:33 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f00000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3073.460538] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3073.465395] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3073.470434] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3073.474524] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3073.480252] ? find_held_lock+0x36/0x1c0 [ 3073.484337] ? find_held_lock+0x36/0x1c0 [ 3073.488424] ? lock_downgrade+0x8f0/0x8f0 [ 3073.492598] ? kasan_check_read+0x11/0x20 [ 3073.496761] ? rcu_is_watching+0x8c/0x150 [ 3073.500924] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3073.505353] ? __fget+0x414/0x670 [ 3073.508826] ? find_held_lock+0x11/0x1c0 14:36:33 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x10000, 0x0) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000040)={'filter\x00'}, &(0x7f00000000c0)=0x44) r1 = socket$kcm(0xa, 0x8, 0x11) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000240)={0x3, 0x0, 0x4, 0x2, [], [], [], 0x3, 0x5, 0xffffffff, 0x0, "0a9524b6021a031f426a0e664d1d43ce"}) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x4, 0x3, [0xb1fd, 0x400, 0x7f]}, &(0x7f0000000180)=0xe) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000380)={r2, 0x4}, &(0x7f00000003c0)=0x8) [ 3073.512900] ? expand_files.part.8+0x9c0/0x9c0 [ 3073.517495] ? kasan_check_write+0x14/0x20 [ 3073.521740] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3073.526691] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3073.532415] do_vfs_ioctl+0x1de/0x1720 [ 3073.536335] ? __lock_is_held+0xb5/0x140 [ 3073.540420] ? ioctl_preallocate+0x300/0x300 [ 3073.544846] ? __fget_light+0x2f7/0x440 [ 3073.548835] ? fget_raw+0x20/0x20 [ 3073.552304] ? __sb_end_write+0xac/0xe0 [ 3073.556302] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 14:36:33 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3073.561851] ? fput+0x130/0x1a0 [ 3073.565146] ? ksys_write+0x1ae/0x260 [ 3073.568956] ? security_file_ioctl+0x94/0xc0 [ 3073.573375] ksys_ioctl+0xa9/0xd0 [ 3073.576844] __x64_sys_ioctl+0x73/0xb0 [ 3073.580749] do_syscall_64+0x1b9/0x820 [ 3073.584654] ? syscall_slow_exit_work+0x500/0x500 [ 3073.589519] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3073.594477] ? syscall_return_slowpath+0x31d/0x5e0 [ 3073.599443] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3073.604846] ? trace_hardirqs_off_thunk+0x1a/0x1c 14:36:34 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2904], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3073.609722] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3073.614919] RIP: 0033:0x455ab9 [ 3073.618109] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3073.637452] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3073.645176] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3073.652461] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 14:36:34 executing program 4: r0 = socket$kcm(0xa, 0x122000000005, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000080)=@get={0x1, &(0x7f0000000000)=""/81, 0x4}) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f00000000c0)={'nr0\x00', {0x2, 0x4e23, @multicast1=0xe0000001}}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x80, 0x0) ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000240)={0x4, 0x0, [{}, {}, {}, {}]}) [ 3073.659743] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3073.667025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3073.674307] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000004f [ 3073.687210] validate_nla: 1 callbacks suppressed [ 3073.687219] netlink: 'syz-executor0': attribute type 39 has an invalid length. 14:36:34 executing program 2 (fault-call:7 fault-nth:80): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:34 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0xe609c9dc45763040, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b3fdc)) r1 = syz_open_pts(r0, 0x2000000) msgget(0x1, 0x108) syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x100000001, 0x2) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000000)={0xff, 0x0, 0x0, 0x40, 0x81, 0xfffffffffffffffc, 0x400000, 0x0, 0x3, 0x6, 0x10100}) 14:36:34 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000fffffff500", 0xfff}) 14:36:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000feffffff00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:34 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f00000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:34 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x812, &(0x7f0000000200)) 14:36:34 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff00000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:34 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) connect(r0, &(0x7f0000000080)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx2\x00'}, 0x80) modify_ldt$write2(0x11, &(0x7f0000000040)={0x6, 0x101000, 0x2000, 0x11, 0x6fb5a8d8, 0x8, 0x1f, 0x1, 0xfffffffffffff24d}, 0xff83) 14:36:34 executing program 5: perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0xffffffffefffffff, 0x84) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x72, &(0x7f0000000080)={0x0, @in={{0x2, 0x0, @rand_addr}}}, &(0x7f0000000000)=0x84) 14:36:34 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000200"}}}]}, 0x138}, 0x1}, 0x0) 14:36:34 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000fffffffe00", 0xfff}) 14:36:34 executing program 4: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x10080, 0x0) r1 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f0000000040)=0xc7) 14:36:34 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40030000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:34 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@remote={0xfe, 0x80, [], 0xbb}, @in6=@loopback={0x0, 0x1}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in=@multicast2=0xe0000002}}, 0xe8) sendto$inet6(r0, &(0x7f00000001c0), 0x0, 0x0, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @local={0xfe, 0x80, [], 0xaa}}, 0x1c) [ 3074.147713] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3074.155224] net_ratelimit: 1 callbacks suppressed [ 3074.155233] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:34 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000ffffffc300", 0xfff}) 14:36:34 executing program 4: r0 = socket$kcm(0xa, 0x80000001007, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3074.255878] FAULT_INJECTION: forcing a failure. [ 3074.255878] name failslab, interval 1, probability 0, space 0, times 0 [ 3074.267395] CPU: 1 PID: 10331 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3074.274769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3074.284133] Call Trace: [ 3074.286752] dump_stack+0x1c9/0x2b4 [ 3074.290402] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3074.295610] ? graph_lock+0x170/0x170 [ 3074.299430] ? __lock_is_held+0xb5/0x140 [ 3074.303609] should_fail.cold.4+0xa/0x1a [ 3074.307697] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3074.312819] ? __lock_is_held+0xb5/0x140 [ 3074.316904] ? graph_lock+0x170/0x170 [ 3074.320732] ? find_held_lock+0x36/0x1c0 [ 3074.324818] ? __lock_is_held+0xb5/0x140 [ 3074.328911] ? check_same_owner+0x340/0x340 [ 3074.333243] ? rcu_note_context_switch+0x730/0x730 [ 3074.338191] __should_failslab+0x124/0x180 [ 3074.342445] should_failslab+0x9/0x14 [ 3074.346262] kmem_cache_alloc+0x2af/0x760 [ 3074.350431] ? alloc_pages_current+0x114/0x210 [ 3074.355037] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3074.359814] kvm_mmu_load+0x21/0x10e0 [ 3074.363644] vcpu_enter_guest+0x3aa6/0x6090 [ 3074.367981] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3074.372241] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3074.376932] ? vmx_vcpu_load+0xadf/0xff0 [ 3074.381014] ? __lock_acquire+0x7fc/0x5020 [ 3074.385267] ? vmx_vcpu_reset+0x1040/0x1040 [ 3074.389606] ? graph_lock+0x170/0x170 [ 3074.393429] ? __lock_acquire+0x7fc/0x5020 [ 3074.397695] ? __lock_is_held+0xb5/0x140 [ 3074.401782] ? lock_acquire+0x1e4/0x540 [ 3074.405773] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3074.410809] ? lock_release+0xa30/0xa30 [ 3074.414794] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3074.420091] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3074.424606] ? preempt_notifier_dec+0x20/0x20 [ 3074.429163] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3074.434023] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3074.439065] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3074.443156] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3074.448881] ? find_held_lock+0x36/0x1c0 [ 3074.452962] ? find_held_lock+0x36/0x1c0 [ 3074.457044] ? lock_downgrade+0x8f0/0x8f0 [ 3074.461209] ? kasan_check_read+0x11/0x20 [ 3074.465374] ? rcu_is_watching+0x8c/0x150 [ 3074.469531] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3074.473961] ? __fget+0x414/0x670 [ 3074.477430] ? find_held_lock+0x11/0x1c0 [ 3074.481526] ? expand_files.part.8+0x9c0/0x9c0 [ 3074.486128] ? kasan_check_write+0x14/0x20 [ 3074.490384] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3074.495385] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3074.501114] do_vfs_ioctl+0x1de/0x1720 [ 3074.505021] ? __lock_is_held+0xb5/0x140 [ 3074.509088] ? ioctl_preallocate+0x300/0x300 [ 3074.513497] ? __fget_light+0x2f7/0x440 [ 3074.517467] ? fget_raw+0x20/0x20 [ 3074.520907] ? __sb_end_write+0xac/0xe0 [ 3074.524876] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3074.530416] ? fput+0x130/0x1a0 [ 3074.533701] ? ksys_write+0x1ae/0x260 [ 3074.537498] ? security_file_ioctl+0x94/0xc0 [ 3074.541903] ksys_ioctl+0xa9/0xd0 [ 3074.545395] __x64_sys_ioctl+0x73/0xb0 [ 3074.549273] do_syscall_64+0x1b9/0x820 [ 3074.553146] ? syscall_slow_exit_work+0x500/0x500 [ 3074.557985] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3074.562915] ? syscall_return_slowpath+0x31d/0x5e0 [ 3074.567835] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3074.573710] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3074.578555] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3074.583747] RIP: 0033:0x455ab9 [ 3074.586917] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:36:35 executing program 2 (fault-call:7 fault-nth:81): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:35 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x806, &(0x7f0000000200)) 14:36:35 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:35 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000002c0)="71e67a48f9a92c040000000000000000", 0xfffffffffffffeff) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x0) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005800)=[{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f00000006c0)="104a2d9e3da15b605e2e56c00c59cac366", 0x11}], 0x1, &(0x7f0000002800)}], 0x1, 0x0) recvmmsg(r1, &(0x7f0000000200)=[{{&(0x7f0000000000)=@ipx, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/36, 0x24}, {&(0x7f00000017c0)=""/4096, 0x1000}], 0x2, &(0x7f0000000600)=""/154, 0x9a, 0x4}}], 0x1, 0x0, 0x0) 14:36:35 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29040000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000001000"}}}]}, 0x138}, 0x1}, 0x0) 14:36:35 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x10881) ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f0000000040)) 14:36:35 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) [ 3074.606440] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3074.614149] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3074.621421] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3074.628686] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3074.635946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3074.643202] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000050 14:36:35 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x9, 0x80) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0x7, 0x4, 0x4a8, 0x0, 0x0, 0x140, 0x3c0, 0x3c0, 0x3c0, 0x4, &(0x7f0000000040), {[{{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast1=0xe0000001, @empty, 0x2}}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={0xac, 0x14, 0x14, 0x1d}, @local={0xac, 0x14, 0x14, 0xaa}, 0x2}}}, {{@arp={@empty, @dev={0xac, 0x14, 0x14, 0x16}, 0x0, 0xffffff00, @mac=@random="f2e9fcac861b", {[0xff, 0x0, 0xff, 0x0, 0x0, 0xff]}, @empty, {[0xff, 0x0, 0x0, 0xff, 0xff, 0xff]}, 0xffffffffffff7fff, 0xfff, 0xf30, 0xff, 0x400, 0x1877fece, 'ip6tnl0\x00', 'bond0\x00', {}, {0xff}}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast1=0xe0000001, @remote={0xac, 0x14, 0x14, 0xbb}, 0xf, 0xffffffff}}}], {{[], 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x4f8) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:35 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3074.742306] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3074.749858] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r4 = memfd_create(&(0x7f0000033ff3)='\x00', 0x0) r5 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x20005) r6 = dup2(r5, r4) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000037000)={0x0, 0x0, 0x0, "9ede7a8c5ae95e48008000000000007f4f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa0500000074dbcfa6dc4d"}) write$sndseq(r4, &(0x7f000000a000)=[{0x21, 0x0, 0x0, 0x0, @time={0x77359400}, {}, {}, @ext={0x0, &(0x7f0000038ffe)}}], 0xfe23) ioctl$KVM_SET_LAPIC(r2, 0x5000aea5, &(0x7f0000000180)={"c00cd19c26a73310e02d9c4097b800ad801f709bc843d8ee8fec7aba88129afb5b0a4fae1a83e98c5921769e7f09eff795b56364483a36edded34a3811eb1180069fa2743af0985b77fe6a427cd33dfad9eb709d712e5c1cbfac5759319705f0bd8fa9b03bde324ea79dbb0bb7f0c64100fba5f0562a4dcab0cf46f94bec96435e7550825219b08bf5f04ccbcde7b6a92227a84adbf7219719bf8e48eca65b029a8d0b8e09641ea4834c9f2b7ff13f0a987b38190def43e71fcc329575bdc35d09c18ab922b75f7858dd9f4e95b189601940c4e8c068e1e64b85f8e8de4dff536fb54b73ff9d284a46192d8b3f5c2bed49b26a2b1ebeba90d1a0aea73a40204f52f31c1c154bf32a040c6dc55513cb4c711b7ccf8517cb82c230ff0bf6206d7191da63931fca617e482ee54fdc6c9e0cc342dcdd570bf058cb20fb544bc8df0b3f9582549504bd0bba93a6fa7f934102d84dc7f421097c9b1fe058dc08d98b063652e2dc08a551d2a8439b1ade94b7aa96aa659171b1fa48dcb15ef76b9c4c93457092af1280dee66454ac73b477e2ffb6aa671fa50c9cf4870fd1a8b4cb952071c0ac520454dfee704912f1bdb15d1c65f7d5d1a10385fa4f62e7b42f1c1e177d8fdd0380890e4cd37d3ba0e4b17061025e194621785598b328f0e89be20508254878d222a95e9877eaac7088a7e3344ddfcee5aca0590c90c1c8a92417d94bd34f3cf1780a12d27389f79b38a693ea5cd6c49dc81ceaadf6d45aebdef804cdb90eb6827ea4279db9111c484cc783ca396ebcb697c903170d0256e8d62d6d044a61d0fc450f3a28b13eea41b0626ea314def36a9f2db0a7729656223a5261020ea9eaee9c541a5cc8bc20f09508860c25a6edaa20e094e1bf22fe232d799012b5e55880145a3e5469524fde005a94e249a9d4dae9496ebdbaae8dbd5ec6f7e99f581fa2103d6713f2f2514e7cf2c56f0ce25e1e8161709f9bc7a34489c3a21bab0fa710afd3512c980a6e9fa5f65e1e12237f342ece53be1b1976878c7af4cfd752e16b5fd1044b88fff3bed0528c2730ce9253c94340775805339817e3a97ec2596dd749ca45dd592fed479a632171c60b684ae1bbf1329fa51e6c59fc039dabe790e7542795438a9622ef9c67581d0d7df676ea5f8b7222b2f9fa964b1af28085e2bb54c0134a303b8d9645021ab6b6b58ceebaffa00cc860e62481d0b2c09630fb09b69358b4b4df5cab36069ed31d8a796f0568d6dd8dc8c71710037917e6883a0c75815fdd0fa471da90cc85545591c2b08b05b3097464a79aa6e066d377ccfd6adfa755285060a80c51a0c8d036664d40ab8cd887f34bcf592707f8fcc1efbf66c4d23319e236e282d9416d38c511a019c2aa1b2edef602d93cf289a48fa5d292b50db4b712c78c2bfe6f7aab793e728678fcc58b5a5aa8a8896572fd"}) 14:36:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000000000000000001000"}}}]}, 0x138}, 0x1}, 0x0) [ 3074.877738] FAULT_INJECTION: forcing a failure. [ 3074.877738] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3074.889683] CPU: 1 PID: 10389 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3074.897138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3074.906605] Call Trace: [ 3074.909208] dump_stack+0x1c9/0x2b4 [ 3074.912858] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3074.918078] should_fail.cold.4+0xa/0x1a [ 3074.922154] ? find_held_lock+0x36/0x1c0 14:36:35 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x814, &(0x7f0000000200)) [ 3074.926237] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3074.931368] ? lock_downgrade+0x8f0/0x8f0 [ 3074.935534] ? find_held_lock+0x36/0x1c0 [ 3074.939614] ? graph_lock+0x170/0x170 [ 3074.943433] ? lock_acquire+0x1e4/0x540 [ 3074.947429] ? lock_downgrade+0x8f0/0x8f0 [ 3074.951623] __alloc_pages_nodemask+0x36e/0xdb0 [ 3074.956305] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3074.961343] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3074.965870] ? __lock_is_held+0xb5/0x140 [ 3074.969955] ? check_same_owner+0x340/0x340 [ 3074.974290] cache_grow_begin+0x91/0x710 14:36:35 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4c}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3074.978388] kmem_cache_alloc+0x689/0x760 [ 3074.982556] ? alloc_pages_current+0x114/0x210 [ 3074.987157] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3074.991937] kvm_mmu_load+0x21/0x10e0 [ 3074.995763] vcpu_enter_guest+0x3aa6/0x6090 [ 3075.000204] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3075.004465] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3075.009153] ? vmx_vcpu_load+0xadf/0xff0 [ 3075.013227] ? __lock_acquire+0x7fc/0x5020 [ 3075.017483] ? vmx_vcpu_reset+0x1040/0x1040 [ 3075.021911] ? graph_lock+0x170/0x170 [ 3075.025811] ? __lock_acquire+0x7fc/0x5020 [ 3075.030074] ? __lock_is_held+0xb5/0x140 [ 3075.034164] ? lock_acquire+0x1e4/0x540 [ 3075.038154] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3075.043189] ? lock_release+0xa30/0xa30 [ 3075.047174] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3075.052468] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3075.056977] ? preempt_notifier_dec+0x20/0x20 [ 3075.061494] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3075.065204] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3075.066363] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3075.066392] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3075.066411] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3075.066429] ? find_held_lock+0x36/0x1c0 [ 3075.066447] ? find_held_lock+0x36/0x1c0 [ 3075.073891] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3075.078819] ? lock_downgrade+0x8f0/0x8f0 [ 3075.078841] ? kasan_check_read+0x11/0x20 [ 3075.078852] ? rcu_is_watching+0x8c/0x150 [ 3075.078868] ? rcu_report_qs_rnp+0x7a0/0x7a0 14:36:35 executing program 4: symlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00') r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xc, 0x2) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000100)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}, 0x1}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, &(0x7f0000000040)={0x5, 0x5, 0x0, 0x5, '\x00', 0x80}) 14:36:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000000000000000000500"}}}]}, 0x138}, 0x1}, 0x0) [ 3075.127933] ? __fget+0x414/0x670 [ 3075.131401] ? find_held_lock+0x11/0x1c0 [ 3075.135467] ? expand_files.part.8+0x9c0/0x9c0 [ 3075.140066] ? kasan_check_write+0x14/0x20 [ 3075.144329] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3075.149278] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3075.155006] do_vfs_ioctl+0x1de/0x1720 [ 3075.158906] ? __lock_is_held+0xb5/0x140 [ 3075.162979] ? ioctl_preallocate+0x300/0x300 [ 3075.167397] ? __fget_light+0x2f7/0x440 [ 3075.171380] ? fget_raw+0x20/0x20 [ 3075.174850] ? __sb_end_write+0xac/0xe0 [ 3075.178841] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3075.184388] ? fput+0x130/0x1a0 [ 3075.187683] ? ksys_write+0x1ae/0x260 [ 3075.191496] ? security_file_ioctl+0x94/0xc0 [ 3075.195918] ksys_ioctl+0xa9/0xd0 [ 3075.199386] __x64_sys_ioctl+0x73/0xb0 [ 3075.203286] do_syscall_64+0x1b9/0x820 [ 3075.207187] ? syscall_slow_exit_work+0x500/0x500 [ 3075.212047] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3075.216989] ? syscall_return_slowpath+0x31d/0x5e0 [ 3075.221938] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3075.227330] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3075.232193] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3075.237392] RIP: 0033:0x455ab9 [ 3075.240584] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3075.259951] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3075.267673] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3075.274946] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3075.282229] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3075.289512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3075.296795] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000051 14:36:35 executing program 2 (fault-call:7 fault-nth:82): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:35 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f9], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:35 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x60}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:35 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:35 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0xa, @local={0xfe, 0x80, [], 0xaa}, 0xb}, 0xffffffc1) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x80, 0x0) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000000)={0x5, [0x100, 0x1, 0x4, 0x8000, 0x1]}, &(0x7f0000000100)=0xe) write$P9_RCLUNK(r1, &(0x7f0000000080)={0x7, 0x79, 0x1}, 0x7) 14:36:35 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000300"}}}]}, 0x138}, 0x1}, 0x0) 14:36:35 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x802, &(0x7f0000000200)) 14:36:35 executing program 4: r0 = dup2(0xffffffffffffffff, 0xffffffffffffff9c) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f00000024c0)={0x0, 0x1}, &(0x7f0000002500)=0x8) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="2c00cd0f67670000130000000000009b8d50000400100000004fe30a5e9057dc26dde9fbe7ffff80001f0000000000a50ccdcf88a986705237453380f17f8cbbb44b9877a5ab09112c345f6a05a9ad1c2d5802fc14dd7102dece12535b9f3e1cf11cac10bc71e9b593f74876729d9d4427ebf7cf2c16bbc5ac79fff50a867b27824337e60dd17c3c88407b255dd27649d5e386ec5f9251703c"], 0x2c) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000002540)=@assoc_id=r1, &(0x7f0000002580)=0x4) r2 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:35 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$unix(0x1, 0x5, 0x0) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={&(0x7f0000de2ff4)={0x10}, 0xc, &(0x7f00007a8000)={&(0x7f0000000040)={0x14, 0xa, 0x6, 0xffffffffffffffff}, 0x14}, 0x1}, 0x0) setsockopt$sock_void(r0, 0x1, 0x3f, 0x0, 0x0) 14:36:35 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x12) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000040)=@assoc_value={0x0, 0x7fffffff}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={r2}, 0x8) 14:36:35 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000000ffff", 0xfff}) [ 3075.530919] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3075.538452] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:36 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3075.657712] FAULT_INJECTION: forcing a failure. [ 3075.657712] name failslab, interval 1, probability 0, space 0, times 0 [ 3075.669111] CPU: 1 PID: 10445 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3075.676481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3075.685848] Call Trace: [ 3075.688456] dump_stack+0x1c9/0x2b4 [ 3075.693842] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3075.699067] should_fail.cold.4+0xa/0x1a [ 3075.703155] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3075.708281] ? kasan_kmalloc+0xc4/0xe0 [ 3075.712184] ? kasan_slab_alloc+0x12/0x20 [ 3075.716346] ? kmem_cache_alloc+0x12e/0x760 [ 3075.720699] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3075.725646] ? kvm_mmu_load+0x21/0x10e0 [ 3075.729637] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3075.734143] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3075.739353] ? graph_lock+0x170/0x170 [ 3075.743173] ? do_syscall_64+0x1b9/0x820 [ 3075.747256] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3075.752643] ? find_held_lock+0x36/0x1c0 14:36:36 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7a}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:36 executing program 5: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) chdir(&(0x7f0000000000)='./file0/file0\x00') r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x40000, 0x0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000100)=0xaf40, 0x4) tee(r0, r0, 0x1, 0x8) r1 = creat(&(0x7f0000000140)='./file0/file0\x00', 0x26) r2 = creat(&(0x7f0000000040)='./file0/file0\x00', 0x0) execveat(r2, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000380)=[&(0x7f0000000180)='/dev/hwrng\x00', &(0x7f00000003c0)="2f6465762f6877726e6a4ef31d949840db0e75beb304e1670054213dfbbce996c51f90ee5d924e78436ade6dce60fbc970304477883ced6306ca9c900d00c3d848cb58eb0db96bb7d4cacbacc5e83d72fc2958fcbc8a8aa6ff10535aa08dd981eb0f835c528370c1adae21c93fa2ce22434aafd62eee0660a47fc3fa04ed11316935c6a6cf62e14ac8a1afb1904a61e0f7c3ecb7274c7292d3554ec978d8620d17c26b860d24fae9fafa5a881243fad657aa35b86e0b458819fee77654a0b8f6e94d5a8dd1c038d21d0d790523227c919f1081e5eaa987c7d04d0b8bcc29b3cbe2ea7abdd49d79e5", &(0x7f0000000200)='/dev/hwrng\x00', &(0x7f0000000280)='/dev/hwrng\x00', &(0x7f00000002c0)='\x00', &(0x7f0000000300)='/dev/hwrng\x00', &(0x7f0000000340)='\x00'], &(0x7f00000003c0), 0x100) r3 = getpgrp(0x0) getresuid(&(0x7f0000001800)=0x0, &(0x7f0000001840), &(0x7f0000001880)) stat(&(0x7f00000018c0)='\x00', &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000001980)=0x0) mkdir(&(0x7f00000001c0)='./file0/file0\x00', 0xc) getresuid(&(0x7f00000019c0), &(0x7f0000001a00), &(0x7f0000001a40)=0x0) r8 = getegid() sendmsg$unix(r1, &(0x7f0000001ac0)={&(0x7f00000004c0)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f0000001780)=[{&(0x7f00000001c0)}, {&(0x7f0000000540)="b023389a6beb3dde5d09d483e9bfb47562b3f26f9dfbe1597b292f13594a91b24917c84d76084db3422fa13fb72d84d908e41affde9d76019ef0447064b7c41b299d6c4484416da165172f1732db12d1bbe9f7ca656eb174ab22459010a2de9dbc5140d2529b247ee0d110bd163de5ed9e832fc1631498a5e327bb205512e960373b3013c502fa4a0f00e21e89c63de88fc8680dfe2a40b5fbaa17c74ded8b75f658", 0xa2}, {&(0x7f0000000600)="523c96908df43005433ac8c9a126ff13f55394f5c0017e85d7aa36d0741505e1d802e20e048327e3d06b4ee7c9dcbf772ce3159ce9d89fa1781d17e0f89b26be042b659103a3e3c956182a88d44c01a46a326b92fc1adb3a5de1a553eee81625182aaa5994aa67ee24b5869877ddbf58fd39e1070b2e6a1bf2b707dd27d35dd07dd0654136efbcee5e2b25a16aad58d33ae3a738591705e082f2285e0b1cc7dcc4634a40c800a1034eb6abb93226c5303bef41adcff12400f99f697c20af068c63a54ac0e969d64971b599170710737ece0f84", 0xd3}, {&(0x7f0000000700)="0061ff1aa88b5d3108619c90c30f6215146c32a991004c6602d7c021c6c6d292db58cd2b4232f4bc599415d2e668b2b125021483d778327506abeb73e016177b9d788d58c7ab89765047c8539721b6390bb155b3c6b19675f3d900e5c51314773a49ceb2334c98b06b8b70077744f693adc556c9c590aab34eeaef37dd8e73a8c60e6ad67b121382cea68ab7ad2d42e9a74f94a969272d6dedd08d7ab8e3a143e205f5bfe5ee58b68557c57c1fb673a71baf4f059c3fcfad75dee89ca7843023216a7ac3fba50b8587e27b34b1921de40eae40b09bcd628ebacc166e220ef0276f4a9303f5595bdd6ac1301c79cd9eb6a4750dbfae14cb2f121ea48844ffc6e9197d2f930368e22fcf5dea861bc2c6eae63f182c9f8294414b08403906c4ad525a84d1e96dad29ead3475c028e672beac2f28aa83e14edddb424f983845b14d5f6b612b661743484b5d9fe86975ff6e88c5a8fca3db5490ca611aadcec3d05def42c06679c26e8d1a5079e03df0f23145959d394f01bdb6118788a9a482c40a0ab741244553b860244213c2bcd6d1c68d9cc52a49e44b43982e29bdd4ba3ed43682c273ee0399b4372cea8905dc6e8246ac5d6600dcdb73575fc84a891bba04b46bd286d1d7c376bd334e314023888d407eac092ed847957872c4daea0448f38c0490b2255efbc4aa5e0e440197ba29b8f5d6f49898dd1399cc3be6afe81d9cc21c067c5c78b3c9e8de39c75ed8535b6a608db5bb9a4d29087a398cd2d541cdef0c6c20a55fd8eb00927cca483478caef45ed2889527df50af03824c433b371d0ec2eb2911bb349ce441879fce44457eac3f28c84f797c45f833a70d0a52a4f6498b7538569be6516e43a16dec4f53194a26d59867e98ceba9662865c9b2a2fe6d268516c6e5d834f52d4b7103fbdd65a2c0f8eabc87b08dae2f951c41e4e9bae06725195028bb04814b3633ff02ddf9f4bde0edf076ae8f1c73b46ea3713d226e397809aca67d22c0e504fbec874f4d119d86edfdc7308655c36bc0a375e14fe271c03ba5010748fd11e4fbdbe22e368854f37449835ca91b335a9d24babf85a0841d5537e2435690613fde207128f47c71c604049739b27c758043f91ea9562020cbd700c42a5a7303d849604b382b8c30775dd8b78b497c1f96eeb2746efcf98761c8e1f0054a11df20fb1ae1f2db921c82993eddea47bb88c9cb9e942e5efbdbd32b3032a84ca3e2b9c3d0d13c8a3662b714bbeadc315aaf7ca8329aa2ad9d1c10424590d35f320668b7ccf59c65f1f8cfc32bb4c28d58efb1cfcc17d1d41bb576595ef00c6566acb52c7c38cc7514703263ce993561162c27227004e0d125fa257d13d9485497bb76947ec785967b41cd69248708969b4b804c282c27fac223e1db2983ca74a791ef382dbfddba1b34165f805a3b892a99ee2f9fc8259662af93d3aee5c7cf78c4c3b7630cdf294b76e42b22ef17b952150ad099c0bd6fb1a4dee3803c020de6608a827b82f2b041e0b3b95b7a1bb186c0b1788eef84f9759852cc4c950231296160af6a550ffe5a69d1eb56b22aa10ed04a1e7df3ae149bf9e14a257b7c782a57fdb651d44ad466d7368cd003c230ef3bb0e717edaf2c51f86c0d114a9be659265400efbe49960c70a4a66925e08263b553abf30312ab27dc22e17e6051a7cee08e7f1412957d14437ec6d3db3604980dbac07e202e160189a989feb4eba4a4b8991471c31d2bf8fa938c66a0c4f1bac020404721c5f2bd0158944efdbcfdc3e6bc83480592c9baba0d9e63d91078a43dae311c1779be22404e66883b5fbcd460cced327cc21a54439c844a5d75e4422c326728a12f4d63c37f90d2a012d89e5610f658e90ece0c3892dbabb1c357d152202df75dd1d422021c59ba62c219c26abc8c5bbc250c4e680d9c50a93e1d6483fe846929dbb08377be08cd9a08bb034eae6a8fa5e82a8561fee6e15f2df9edab9af7d5fb2b6af432ae3751fa5d3633c785103350193c5dc85645c49d931805ef1507755ebb421e6d3985976e70f26283b16d8de5dfa4c7a97660bf69a70c2f97ac2c1342719158e76eaff87c27d9e652d08b92bbaa6578b99e6474dbe646532160ccae1471bb47093dd91c3900f6f82277ed36e386b7eb8dc48348118a15ed75b6899b19d9ad7f31146c8f6f3f772459692b69e98c8e2f54a31c00bd9c75e8fc833df2134ee71579c0b05d92b10ca0b9c1b12eae38ab8f312da418da36ae231fa338237fe4d0f2ee13bb5f75266be9c08a4eedd517ed0938629cb3f5ecedb3b19a5b55815388bce23cbc811878b7e1273b61904853262668a3e0f8e5535bd00e1f472b4d1499ce64457f23e36c1459782d167ac7ac6c4ba8eb0ab16cace4f6e5401300b7498ed5af95a3dac6cebc79659e805c845c15abef598f38c1107fc2aca22e613bfa7b9ea8f49bdc3be1d2632d4efd005e16d7688f743fb2bbac1714973ae87842e8fb5de5c6afae0fc13f6ca822508af7aa7d2cecafa7fffdbc64ac4bce6af1488ead930d6f42e39ab858f57bf5ca9b3196eef0fdf7e848c573d785df1ae84b98ff8e18d8dda2d1ec62402e8210f500103e46e1a805265121836cccc0fa08d2f4a1f6ace7c57ba1d4d8fa94dfa2eb3eb6499f8b008c779570eecaa898f1a76567933a2e579fead712b1c04e7f9fccd7179ba7cc59668619f7fcbbe3148e6403c096b6eaa6f975810abdf1b2e1047731391b21d26140f130e63a3d6679a525734c9bce6e6801a56d74866f4eb3719bcf26c497f7e24ce54c19e4323f77e908a93734e08d6af72729417c14cd701732d3496580dc9c8fd5fb0934cf7dfd2423f82bc80b0a17c7c53a10f1e0de99a86d38927e45c4b42a8b4c4127c72f82af97ae463ac8eb657146156ff01fe85db95b50d0ed56570a6d2eac8ba6e7f0a1a8090c0cc2efd55facf0646f9e5a2a566aaca4f5fd7847b63c517eb732b6628e4ebf0972cb86501f82226052187c8f44ae31eb58ab8c83706b0e8c2be9c56f4b683e041863c8d0a06d1be6d4e7122411c35b90f2f6c28ed273a0a874879abdd2bc91e025ffb0218c09c318cb039c75a4c6bc123b6b25e7174b114fb7b8e110551a28f7150a0d0fe61c9f67565123fef1c892fb8b39a407d005b49a59623920e90ec71c22af807a349fcefdc5d0c65a7bd97a50fc5e5b48304bef0c7c9c4c22edb8427fe8e334e4221bb2b8671e8d47ab139feba59814b3f5217932e6f4e8c61eada824812054f5595705511afea12ccd020c1b0b5be6b744f5aa0826efb2cc8a8b1a974b4b8bff4ba649698e5e09153f9fa96722e42b7f499f5fab1187b2f1643ee3ee8cf15b5d0e66eb613ff79f5e84dfd9b7b4f0f87200c681201db6c4c75daf9f797a063f99f2b34fa84484df416515046f9b0654c6c888b5e15aac6df23efa0ef390800e9b6c75458c0ab5b61ccec7bda21f6ce15926b25be59c38d05d70ac98b1b431170dad92ece628b24dc1b34158de40b4950e9c5db20f5520f9bcef982df98ec568fba7bbddc64c1ab0b9c0b6e5dfb7ca7bd9e0bab8c5fa81b4dbe8dfdc3ae7b3480141a5ccfaca6e4f2e2764e97b9a09b59524134b98f3a58506edd186eb8673067cb59b8eeeb855439b38ba7dcfe9191836413fa41e364d3d1816d5ac4450ebe850af6c1eeb843bbc23e4bc5e64fdcb28288e21a1539d5ddb073a6398d4302eee42470ed96f9cf2654c9ad176756dd1b5108799b32d890726210d1b8d1ff27cdb5ee447dcf1103c9e2181b9ff7067d15e49072060db4f2c7481e96e2110318bdcb473b8ec257fb4d6c35ceb9e04f108c8c5d7bdf3fdbec017456b8ed1306da5bc00db4913adfe18c7150ba198f15c40b58879bc1f18d0ed21982af24671420984357bb84386f768440b7f4b291fef51533a6f4763514ee6d7827652960bde68eb07e3a4d384c997f758a1a5f217a60c9b5f4c53f583b2ac7fa448505bfe85a8199bb2c47aa2ea17a376cf7fcc12242b7bd7816936e850f2762ca9ffd6a07e6a934cd60f3c6aeffca7b9f19126a9a2ab34189b9f789b88d15ea9db263b464831af4a4341d909722aa5871bd94e3d6d44e1e464c041bf6484b884f943f6f896c1c60f678deacd2b2a33f4241937987bd83420548f4f03e0c30928ad9c504abbf3d0aaf0518aee395841b42092d544f55c0b2653d364feac31a63b013fda2af54d65d62cc31e33f45e1e9b24444585206618bdc65c6a3063c2e024c4ab1b13f79cd9a73cc865639caf2f87ae2e61e17797d04dbe30999e32645a83058e3eb9a0feecbfafb5d36d060503a64a34f4b577bfc112ba3e8970bc9af467053a57a649bd1a49f239391d36006d32e5a02f9cb31bb6b5f864d4cfc2e3d3930efc795bd78c2722925e30820200ab36e38fde8e6afa4374078ed537eba3d79098cecc0e5ceaad76be67994309d700860ec5a2d650fdc6d45e8fd9cdaef7319259a2c4d5b174c09680f3aef914a71ff03f7612e012aef8084e0cac211b69424acad05d87846329e38c737bd43e9ce6ede50c014d16e41b5ecb92a4274b15607b17b8670672e49f52352d4300f0127e400c78b548fcab5ded6fdff1a83a1b7f2cb6b1643802fcc5fd04a24d7b6d02e462dec31b83e456e6e1c89ca3b490113018f5cf3f936d534c4405aa5518520927b66ea49230c268c4c47da2b2922d1d4a6e341b64625b34c09d5ccdeb878983af00099e2bb3e6fe4693061152090b579897242b1172a63751326e3ceacb3807ee53de371c69ad2ac79769f6af7f69da822288799abdf756012718db139fcee2fb79368be6721bf849fac9b4eb4cef887c48d66ac4287f69997998d832c4e4526d001226b4e9012c4b4200b6dbfeec8ad4c9ef1616914aa6fbce178b769b1dc22234dcf1790033b97cc483050e03a69d46c1142153497fc62f5fa0a59b1652f19c7b5565f6d54a54c9031276eca785a896788303704b09c2bac57b5aad1cd26e10a446ee4adf10361c198c53a52e3e762b91fe2f0ed776b400d632528bdc0dd1c551abcb1435f07879a01769a9024af84429f649cf887d283ef0889cd5a7f04cb96eb37aa185c874f286fac7fe4f4a6aa873ab25b1234fc0a6825c6b74eeb93adf46c6860d890976840f6208da1d30928af4e11df1bd689aea764c3d63b6846d81cc567c2f127db969bc65a14bcf39c24a01b38d312f3035413c3403d1214c5cbb62e806077743361f92dd6da8f5a7b8e57cfd8c818b76284edea03139deff97c1b758cea4818b8d1a025dedc2613ef553bb02a8ffd6eae12f3b2c1d4818dba6235587b6f8a346469b8def7a724a0e8483f51d193ba7490beb49f7c16f014fa598d6ee95e383f902ca08d1277bc88614b8da75a376cf433a1aa98c0728e4ca2464109eff7d25bb9213cb68d77ad6f16d4ddc0913d187198fcaafcd5a6a9914c93951a1ab91cb33db16aed0794410c27078701f18b2a3818e71f62947426b512fcc8737c6a8967936a16e1fff200400e953d416061a7add55ba8abab8212d265849f999734db3252c5e6819fecf91d4cedcb5e8bbdf8a473d56c58a5129d453e8c2539fdf41182e76c8474d860ddd79e5f4e08efa78adae94688ecec838e0fc960bc4b319f52fb63dc0b7d450b0a2b982ba4931f38b9cd78db532dd718c90443a6f8947e81b1ace34dcf9ef186937a158eefabf4bde770ddfbf3366213e569c7b85961cd1023cd3954decffd2c05c8c246e88ec05262d29f4d1e29348c2998ba94895cbefa4a988bffe9dae9a0bce8111e67831f149fcebebf1", 0x1000}, {&(0x7f0000001700)="04edccc88ee9a24200e81bdce293dd25b902ef42ab41bc5412f69b8eeea191087d96167ed315be5e6af8c3da9ea7fe4acf7580e27cc0cbb6469d1e4a790cd4c1aadc2ed6c53affa02b3b0af357f5d2f463ba6c266b813f4368fbcbdc641de705efa6c0dd8d3c90308940a8fe39c3508c", 0x70}], 0x5, &(0x7f0000001a80)=[@cred={0x20, 0x1, 0x2, r3, r4, r5}, @cred={0x20, 0x1, 0x2, r6, r7, r8}], 0x40}, 0x80) [ 3075.756739] ? __lock_is_held+0xb5/0x140 [ 3075.760828] ? check_same_owner+0x340/0x340 [ 3075.765171] ? rcu_note_context_switch+0x730/0x730 [ 3075.770120] __should_failslab+0x124/0x180 [ 3075.774378] should_failslab+0x9/0x14 [ 3075.778197] kmem_cache_alloc+0x2af/0x760 [ 3075.782370] ? alloc_pages_current+0x114/0x210 [ 3075.786971] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3075.791924] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3075.796705] kvm_mmu_load+0x21/0x10e0 [ 3075.800537] vcpu_enter_guest+0x3aa6/0x6090 14:36:36 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf903], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3075.804875] ? print_usage_bug+0xc0/0xc0 [ 3075.808961] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3075.813651] ? vmx_vcpu_load+0xadf/0xff0 [ 3075.817730] ? vmx_vcpu_reset+0x1040/0x1040 [ 3075.822072] ? graph_lock+0x170/0x170 [ 3075.825892] ? retint_kernel+0x10/0x10 [ 3075.829802] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 3075.834870] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3075.839663] ? __lock_is_held+0xb5/0x140 [ 3075.843749] ? lock_acquire+0x1e4/0x540 [ 3075.847772] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3075.852807] ? lock_release+0xa30/0xa30 [ 3075.856795] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3075.862121] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3075.866627] ? preempt_notifier_dec+0x20/0x20 [ 3075.871141] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3075.875992] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3075.881031] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3075.884935] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3075.885192] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3075.885209] ? find_held_lock+0x36/0x1c0 [ 3075.885229] ? find_held_lock+0x36/0x1c0 [ 3075.892644] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3075.898293] ? lock_downgrade+0x8f0/0x8f0 [ 3075.898315] ? kasan_check_read+0x11/0x20 [ 3075.898326] ? rcu_is_watching+0x8c/0x150 [ 3075.898341] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3075.937675] ? __fget+0x414/0x670 [ 3075.941151] ? find_held_lock+0x11/0x1c0 [ 3075.945334] ? expand_files.part.8+0x9c0/0x9c0 [ 3075.949938] ? kasan_check_write+0x14/0x20 [ 3075.954190] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3075.959143] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3075.964875] do_vfs_ioctl+0x1de/0x1720 [ 3075.968784] ? __lock_is_held+0xb5/0x140 [ 3075.972861] ? ioctl_preallocate+0x300/0x300 [ 3075.977284] ? __fget_light+0x2f7/0x440 [ 3075.981283] ? fget_raw+0x20/0x20 [ 3075.984749] ? __sb_end_write+0xac/0xe0 [ 3075.988754] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3075.994305] ? fput+0x130/0x1a0 [ 3075.997601] ? ksys_write+0x1ae/0x260 [ 3076.001421] ? security_file_ioctl+0x94/0xc0 [ 3076.005849] ksys_ioctl+0xa9/0xd0 [ 3076.009324] __x64_sys_ioctl+0x73/0xb0 [ 3076.013238] do_syscall_64+0x1b9/0x820 [ 3076.017141] ? syscall_slow_exit_work+0x500/0x500 [ 3076.022045] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3076.026995] ? syscall_return_slowpath+0x31d/0x5e0 [ 3076.031953] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3076.037329] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3076.042190] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3076.047392] RIP: 0033:0x455ab9 [ 3076.050594] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3076.069954] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3076.077682] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3076.084963] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3076.092252] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3076.099532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 14:36:36 executing program 2 (fault-call:7 fault-nth:83): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:36 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0xfff}) 14:36:36 executing program 5: socketpair(0x3, 0x800, 0x0, &(0x7f0000000740)) faccessat(0xffffffffffffffff, &(0x7f0000000a00)='./file0\x00', 0x150, 0x0) socketpair$inet(0x2, 0x80000, 0xfffffffffffffffd, &(0x7f0000000980)={0xffffffffffffffff}) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x100000006, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$binfmt_script(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="2321202e2f66696c65302f66696c6530202073797374656d2e706f7369785f61636c5f616363657373002073797374656d2e706f7369785f61636c5f616363657373002065727370616e30002073797374656d2e706f7369785f61636c5f616363657373000ac90582d3d44ec5685092cc025bdc58c68d7cb2d29940d80a19879647ab3afde082f14221972b82ab3b2bf8043605967c6ced26a5b8a6736fa59c590ceaf013b4ea7109c4f41654f3bbf4f4f2e40181f81da8ecb2da5ce71ab6d7b69d7b042eb8a8ee64f888673f1b6eb098600d4101f06be672af79bb3416059a868ce570af227153b69b7efc251e07b185c480a60c7a397ff435b5c44cefb169f16814f3447f0000631ade5b0ff0927ad1baccd9a493067d88"], 0x119) dup3(r1, r1, 0x80000) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80200000000002, &(0x7f0000000540)=0x82, 0xf519165e3f111c2d) setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f00000004c0)={0x10001, 0x2, 0xe66a}, 0xc) setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e22, @loopback=0x7f000001}}, 0x0, 0x2, 0x0, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000380)={0x0, {0x2, 0x0, @rand_addr}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xd}}, {0x2, 0x0, @dev={0xac, 0x14, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='erspan0\x00'}) sendto$inet(r2, &(0x7f0000a88f88), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) getegid() setgroups(0x0, &(0x7f00000000c0)) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f00000007c0)=ANY=[], &(0x7f00000000c0)) ftruncate(0xffffffffffffffff, 0x0) fremovexattr(0xffffffffffffffff, &(0x7f0000000140)=@known='system.posix_acl_access\x00') getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000400)=""/89, &(0x7f0000000180)=0x59) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000100), 0x921b527a62bfd8af) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) write$binfmt_elf64(r0, &(0x7f00000008c0)=ANY=[], 0x445) recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) getpeername$inet(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, @loopback}, &(0x7f0000000580)=0x10) syz_open_dev$sndtimer(&(0x7f00000005c0)='/dev/snd/timer\x00', 0x0, 0x0) sysinfo(&(0x7f0000000780)=""/215) write$binfmt_elf64(r2, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 14:36:36 executing program 4: r0 = socket$kcm(0xa, 0x2, 0x11) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000240)}, 0x0) 14:36:36 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400300}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:36 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3076.106820] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000052 14:36:36 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x1d00, &(0x7f0000000200)) 14:36:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000f0ffffff00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:36 executing program 4: r0 = socket$kcm(0xa, 0x7, 0x11) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000100)=0x0) sched_getaffinity(r1, 0x8, &(0x7f0000000240)) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80000, 0x0) getpeername$unix(r2, &(0x7f0000000040)=@abs, &(0x7f00000000c0)=0x6e) 14:36:36 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0xfff}) 14:36:36 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c0], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3076.283892] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3076.291448] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3076.297439] FAULT_INJECTION: forcing a failure. [ 3076.297439] name failslab, interval 1, probability 0, space 0, times 0 [ 3076.318463] CPU: 1 PID: 10499 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3076.325845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3076.335210] Call Trace: [ 3076.337823] dump_stack+0x1c9/0x2b4 [ 3076.341476] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3076.346699] should_fail.cold.4+0xa/0x1a [ 3076.350788] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3076.356013] ? kasan_kmalloc+0xc4/0xe0 [ 3076.359971] ? kasan_slab_alloc+0x12/0x20 [ 3076.364227] ? kmem_cache_alloc+0x12e/0x760 [ 3076.368577] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3076.373521] ? kvm_mmu_load+0x21/0x10e0 [ 3076.377512] ? vcpu_enter_guest+0x3aa6/0x6090 14:36:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000400"}}}]}, 0x138}, 0x1}, 0x0) [ 3076.382021] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3076.387055] ? graph_lock+0x170/0x170 [ 3076.390870] ? do_syscall_64+0x1b9/0x820 [ 3076.394945] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3076.400332] ? find_held_lock+0x36/0x1c0 [ 3076.404413] ? __lock_is_held+0xb5/0x140 [ 3076.408498] ? check_same_owner+0x340/0x340 [ 3076.412832] ? rcu_note_context_switch+0x730/0x730 [ 3076.417788] __should_failslab+0x124/0x180 [ 3076.422036] should_failslab+0x9/0x14 [ 3076.425849] kmem_cache_alloc+0x2af/0x760 [ 3076.430012] ? alloc_pages_current+0x114/0x210 [ 3076.434612] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3076.439562] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3076.444342] kvm_mmu_load+0x21/0x10e0 [ 3076.448164] vcpu_enter_guest+0x3aa6/0x6090 [ 3076.452502] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3076.456759] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3076.461844] ? vmx_vcpu_load+0xadf/0xff0 [ 3076.465923] ? __lock_acquire+0x7fc/0x5020 [ 3076.470190] ? vmx_vcpu_reset+0x1040/0x1040 [ 3076.474522] ? graph_lock+0x170/0x170 [ 3076.478769] ? __lock_acquire+0x7fc/0x5020 [ 3076.483018] ? __lock_is_held+0xb5/0x140 [ 3076.487098] ? lock_acquire+0x1e4/0x540 [ 3076.491167] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3076.496218] ? lock_release+0xa30/0xa30 [ 3076.500208] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3076.505499] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3076.510004] ? preempt_notifier_dec+0x20/0x20 [ 3076.514518] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3076.519375] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3076.524418] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3076.528569] ? kvm_uevent_notify_change.part.31+0x440/0x440 14:36:36 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000500", 0xfff}) 14:36:36 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:36 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3076.534307] ? find_held_lock+0x36/0x1c0 [ 3076.538389] ? find_held_lock+0x36/0x1c0 [ 3076.542481] ? lock_downgrade+0x8f0/0x8f0 [ 3076.546920] ? kasan_check_read+0x11/0x20 [ 3076.551080] ? rcu_is_watching+0x8c/0x150 [ 3076.555238] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3076.559662] ? __fget+0x414/0x670 [ 3076.563134] ? find_held_lock+0x11/0x1c0 [ 3076.567215] ? expand_files.part.8+0x9c0/0x9c0 [ 3076.572603] ? kasan_check_write+0x14/0x20 [ 3076.576849] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3076.582177] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3076.587995] do_vfs_ioctl+0x1de/0x1720 [ 3076.591898] ? __lock_is_held+0xb5/0x140 [ 3076.596001] ? ioctl_preallocate+0x300/0x300 [ 3076.600422] ? __fget_light+0x2f7/0x440 [ 3076.604426] ? fget_raw+0x20/0x20 [ 3076.607899] ? __sb_end_write+0xac/0xe0 [ 3076.611887] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3076.617433] ? fput+0x130/0x1a0 [ 3076.620723] ? ksys_write+0x1ae/0x260 [ 3076.624533] ? security_file_ioctl+0x94/0xc0 [ 3076.628959] ksys_ioctl+0xa9/0xd0 [ 3076.632879] __x64_sys_ioctl+0x73/0xb0 [ 3076.636820] do_syscall_64+0x1b9/0x820 [ 3076.640892] ? syscall_slow_exit_work+0x500/0x500 [ 3076.645755] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3076.650707] ? syscall_return_slowpath+0x31d/0x5e0 [ 3076.655656] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3076.661035] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3076.665899] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3076.671095] RIP: 0033:0x455ab9 14:36:37 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf903000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3076.674289] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3076.693784] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3076.701535] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3076.708816] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3076.714793] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3076.716088] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3076.716097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3076.716106] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000053 [ 3076.745576] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:37 executing program 2 (fault-call:7 fault-nth:84): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:37 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000fd00", 0xfff}) [ 3076.960971] FAULT_INJECTION: forcing a failure. [ 3076.960971] name failslab, interval 1, probability 0, space 0, times 0 [ 3076.972486] CPU: 0 PID: 10549 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3076.979977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3076.989344] Call Trace: [ 3076.991957] dump_stack+0x1c9/0x2b4 [ 3076.995768] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3077.000966] should_fail.cold.4+0xa/0x1a [ 3077.005040] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3077.010139] ? kasan_kmalloc+0xc4/0xe0 [ 3077.014044] ? kasan_slab_alloc+0x12/0x20 [ 3077.018213] ? kmem_cache_alloc+0x12e/0x760 [ 3077.022530] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3077.027550] ? kvm_mmu_load+0x21/0x10e0 [ 3077.031533] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3077.036040] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3077.041225] ? graph_lock+0x170/0x170 [ 3077.045040] ? do_syscall_64+0x1b9/0x820 [ 3077.049180] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3077.054539] ? find_held_lock+0x36/0x1c0 [ 3077.058603] ? __lock_is_held+0xb5/0x140 [ 3077.062674] ? check_same_owner+0x340/0x340 [ 3077.067102] ? rcu_note_context_switch+0x730/0x730 [ 3077.072043] __should_failslab+0x124/0x180 [ 3077.076270] should_failslab+0x9/0x14 [ 3077.080081] kmem_cache_alloc+0x2af/0x760 [ 3077.084225] ? alloc_pages_current+0x114/0x210 [ 3077.088803] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3077.093912] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3077.098683] kvm_mmu_load+0x21/0x10e0 [ 3077.102476] vcpu_enter_guest+0x3aa6/0x6090 [ 3077.106807] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3077.111065] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3077.115731] ? vmx_vcpu_load+0xadf/0xff0 [ 3077.119794] ? __lock_acquire+0x7fc/0x5020 [ 3077.124023] ? vmx_vcpu_reset+0x1040/0x1040 [ 3077.128354] ? graph_lock+0x170/0x170 [ 3077.132145] ? __lock_acquire+0x7fc/0x5020 [ 3077.136371] ? __lock_is_held+0xb5/0x140 [ 3077.140420] ? lock_acquire+0x1e4/0x540 [ 3077.144381] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3077.150266] ? lock_release+0xa30/0xa30 [ 3077.154240] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3077.159535] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3077.164033] ? preempt_notifier_dec+0x20/0x20 [ 3077.168536] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3077.173395] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3077.178424] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3077.182474] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3077.188189] ? find_held_lock+0x36/0x1c0 [ 3077.192255] ? find_held_lock+0x36/0x1c0 [ 3077.196680] ? lock_downgrade+0x8f0/0x8f0 [ 3077.200833] ? kasan_check_read+0x11/0x20 [ 3077.204977] ? rcu_is_watching+0x8c/0x150 [ 3077.209124] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3077.213525] ? __fget+0x414/0x670 [ 3077.216966] ? find_held_lock+0x11/0x1c0 [ 3077.221028] ? expand_files.part.8+0x9c0/0x9c0 [ 3077.225606] ? kasan_check_write+0x14/0x20 [ 3077.229835] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3077.234757] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3077.240466] do_vfs_ioctl+0x1de/0x1720 [ 3077.244458] ? __lock_is_held+0xb5/0x140 [ 3077.248507] ? ioctl_preallocate+0x300/0x300 [ 3077.252899] ? __fget_light+0x2f7/0x440 [ 3077.256858] ? fget_raw+0x20/0x20 [ 3077.260299] ? __sb_end_write+0xac/0xe0 [ 3077.264266] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3077.269800] ? fput+0x130/0x1a0 [ 3077.273079] ? ksys_write+0x1ae/0x260 [ 3077.276867] ? security_file_ioctl+0x94/0xc0 [ 3077.281260] ksys_ioctl+0xa9/0xd0 [ 3077.284700] __x64_sys_ioctl+0x73/0xb0 [ 3077.288576] do_syscall_64+0x1b9/0x820 [ 3077.292449] ? finish_task_switch+0x1d3/0x870 [ 3077.296946] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3077.301862] ? syscall_return_slowpath+0x31d/0x5e0 [ 3077.306783] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3077.312141] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3077.316987] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3077.322165] RIP: 0033:0x455ab9 [ 3077.325347] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3077.344589] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3077.352300] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 14:36:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$pppoe(0x18, 0x1, 0x0) dup2(r4, r1) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000003c0)=[@textreal={0x8, &(0x7f00000000c0)="baf80c66b808cbb78066efbafc0cb80b00ef3e0f2148df390f01c9bad004b097ee0f200166b9800000c00f326635001000000f30baf80c66b8f0812b8366efbafc0c66ed0fc79d627566b99509000066b81c00000066ba000000000f30", 0x5d}], 0x1, 0x0, &(0x7f00000001c0), 0x0) socket$key(0xf, 0x3, 0x2) 14:36:37 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x805, &(0x7f0000000200)) 14:36:37 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:37 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) sendmsg$kcm(r0, &(0x7f0000000180)={&(0x7f0000000000)=@pppoe={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, 'bridge_slave_1\x00'}}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000080)="91625fc7323dc0fd73f42291905a75b79369e9cd6630e109b75b19481a9e6f51b8ae092755fdee34e94a72e5682ec7b906c06dd46e49d243d190e17c710f4571bc963d897495e7b5be10c34e5ed07cbc112d5bc74f5f3b18ab788a82d5ba821c9346643f4059a976175ed066047a436f609749f6ac4ef115792edcebdba37f11952fa30b75f7677fa270303fb5875919c42c202348f5c94ac589a4b3bb8bd69999579c1e88c299", 0xa7}, {&(0x7f0000000240)="238ae094fc804a5a5e635085159e8f8730b73dec9e9a020d00ec3303bd3821d6cfeba7d8e7c809b459a3646c8ca22d9b787c1e9fc79562abd2f58261bd945b5dbd6fded3957c4c5171c119af98f707dd3a2a0500b3d599bdf27e71b3010189daf421e46147d87a329554d03ca6332d3c", 0x70}, {&(0x7f00000002c0)="e5c1007de7d037579f1684d5edd787e4c2cf8af0a796ec2efba6e2b9a38082c11891713ff3ed662a727d1c66ff9cd38df559e311243fcee99829b2b2d8d26b2080bf478510b35aa4cd65eda36303a248b79891802e95923c6ec6bc802bba4f44dd3781b6ccafdcbca6c82298c6f8ff1b3b7e2c13bc745f4af6a7ea064494f3c0e94ca4a57dcda51391929765", 0x8c}, {&(0x7f0000000380)="881e886aaadd797f6cb74d3f3c4d7a5733c4918ac7080088133a715d55ca04cf28323327d21f61b9b279300b8cb83c6375c7be7140fa28b2c9b6ac79f1e1c1567340c1e0ea2f1e03dcd0d4912b198bcfaa6debafb4b87f2d3ebb97ccf80accf8bccb51", 0x63}, {&(0x7f0000000400)="e3a8c202f7f0a4ebc98ca66571c4abfced09b136f51028bbe6485681bb99779eabb5a56d4ef6c9bf49d530630b9634cf4b0b8c88beddb1e321c7f1e9b0f5539ddfec07d776359328594869493d0382bc8aa3869e961bd6e9af26ccf5fcb1da34ff19799d280afd46f75bbe1deb625608e239dd9fb9916cb5f06a752c35ad0cff3abd8c1cb02bf09b666957da7c8d4ac39dd052b1e9bf8c8ea0c45458411ebac960b7ab286d63f0ceb01011ee0af442edc770c0e3acf8a7e8b265d8279ac90cce366997d209e7", 0xc6}, {&(0x7f0000000500)="6a4333ac130dd6a7e4b4905cbeef27730c5bad93b57c45cb59be55d3ecffa1433ba74afa26fb4db684c875a0fa59962aa08aaf5a8b01e730ff12dd918f40ac6b8892fdb0fab8f056c9f0a8af35fa", 0x4e}], 0x6, &(0x7f0000000900)=ANY=[@ANYBLOB="b0000000000000000d010000ff7f0000629dcae882c0d39f5a610c0157879befb0b35e1ba6939f42df2bb11b9c7c4ea16d76a9eafe011befb0a929369cde8548293795b1343c8a2d9f4a5b37bd39db6ed2c20917ec9059dabeb1571ccf51d03d3e8fd334cee2a3dfbaec46af78260b9b6074255870ed3745c71f4bf22823b78e2e48579a023de4d0d5705ce8dd9e3c4a12713e66722f75d8016640d914124ff6d3509331b4b359a6a386c30000000000280000000000000011000000000000006cb51d05d24ac29be5455479d209581463424ee70000000078000000000000001901000006000000d92db8a14e6e7d0221eb48276469657e9606db9f2f698291a62a3003352dee3a96e3a5f7bd74eb16c9f03088251803ec96777058ba2fe3218a0fb882a222df4087661a711523507e89a69db96a1a0115537f8b3ff500947f44902a0533586f81dccde9eb5000000048000000000000000501000004000000e56e658176e3bbcd6dab778dd1f99ed575ed150021589aae4fd89b3864e8f42fec968da8526e6d4bf2525d5d0cc23ca0c706fdd8a864320060000000000000000a010000ffff00004395ec4a5a9d2d9864fe37f9ff9aec2256a19f044c7ae75392fb006f7c355821fc216533672c26b236655a53b13a59f31a48eef0d19fbbfcac68fcf9fcbb8ebe28a5928999ebca11d18480270000000010000000000000000a010000008200008e395ec57e6d9af0e7e125952249497d1f573df8e4ff59c85a2fffc33a00baa304cd6ec449df611107b494c1c704caa09549e365f28d5719a2588f26d6391bfce136c9599fa52eb105ab7c579945db02732292f60edb697892daee137393b5855d02407d7aa8cb23a07deaa7f8fc4da2d9c83e8f918a60762a12410da5535e5eb4935d2c517b65187f3b0374cc66c5a5d4ce5ff52e94ee664a4ed6c19b9b157f48c323b707d6dc8f791932aecab8394beb071a2b140df58c42ead70a5234ab23ee78e9c64e16d193b059a8435be02204971c02e4811580"], 0x208, 0x20000040}, 0x20000004) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000840)={r0}) 14:36:37 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:37 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000ffffff9e00"}}}]}, 0x138}, 0x1}, 0x0) 14:36:37 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000000ffff", 0xfff}) 14:36:37 executing program 2 (fault-call:7 fault-nth:85): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 3077.359554] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3077.366808] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3077.374063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3077.381321] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000054 14:36:37 executing program 4: r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'veth1_to_team\x00', 0x1001}) r1 = socket$kcm(0xa, 0x0, 0x11) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:38 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400300], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:38 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}}}]}, 0x138}, 0x1}, 0x0) [ 3077.612234] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3077.619805] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:38 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0xfff}) 14:36:38 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x807, &(0x7f0000000200)) [ 3077.760736] FAULT_INJECTION: forcing a failure. [ 3077.760736] name failslab, interval 1, probability 0, space 0, times 0 [ 3077.772102] CPU: 1 PID: 10577 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3077.779472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3077.788833] Call Trace: [ 3077.791438] dump_stack+0x1c9/0x2b4 [ 3077.795090] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3077.800311] should_fail.cold.4+0xa/0x1a [ 3077.804387] ? fault_create_debugfs_attr+0x1f0/0x1f0 14:36:38 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000200"}}}]}, 0x138}, 0x1}, 0x0) [ 3077.809508] ? kasan_kmalloc+0xc4/0xe0 [ 3077.813404] ? kasan_slab_alloc+0x12/0x20 [ 3077.817564] ? kmem_cache_alloc+0x12e/0x760 [ 3077.821897] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3077.826840] ? kvm_mmu_load+0x21/0x10e0 [ 3077.830827] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3077.835338] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3077.840373] ? graph_lock+0x170/0x170 [ 3077.844196] ? do_syscall_64+0x1b9/0x820 [ 3077.848274] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3077.853664] ? find_held_lock+0x36/0x1c0 14:36:38 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000000300", 0xfff}) 14:36:38 executing program 4: r0 = socket$kcm(0xa, 0x7, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) keyctl$join(0x1, &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x1}) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000040)={r1, r2/1000+30000}, 0x10) socket$vsock_dgram(0x28, 0x2, 0x0) [ 3077.857749] ? __lock_is_held+0xb5/0x140 [ 3077.861837] ? check_same_owner+0x340/0x340 [ 3077.866175] ? rcu_note_context_switch+0x730/0x730 [ 3077.871126] __should_failslab+0x124/0x180 [ 3077.875377] should_failslab+0x9/0x14 [ 3077.879197] kmem_cache_alloc+0x2af/0x760 [ 3077.883367] ? alloc_pages_current+0x114/0x210 [ 3077.887968] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3077.892923] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3077.897705] kvm_mmu_load+0x21/0x10e0 [ 3077.901534] vcpu_enter_guest+0x3aa6/0x6090 [ 3077.905872] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3077.910128] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3077.914819] ? vmx_vcpu_load+0xadf/0xff0 [ 3077.918899] ? __lock_acquire+0x7fc/0x5020 [ 3077.923153] ? vmx_vcpu_reset+0x1040/0x1040 [ 3077.927493] ? graph_lock+0x170/0x170 [ 3077.931407] ? __lock_acquire+0x7fc/0x5020 [ 3077.935667] ? __lock_is_held+0xb5/0x140 [ 3077.939748] ? lock_acquire+0x1e4/0x540 [ 3077.943735] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3077.948771] ? lock_release+0xa30/0xa30 [ 3077.952759] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3077.958048] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3077.962557] ? preempt_notifier_dec+0x20/0x20 [ 3077.967077] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3077.971931] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3077.976968] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3077.981045] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3077.986778] ? find_held_lock+0x36/0x1c0 [ 3077.990858] ? find_held_lock+0x36/0x1c0 [ 3077.994943] ? lock_downgrade+0x8f0/0x8f0 [ 3077.999111] ? kasan_check_read+0x11/0x20 [ 3078.003267] ? rcu_is_watching+0x8c/0x150 [ 3078.007427] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3078.011856] ? __fget+0x414/0x670 [ 3078.015324] ? find_held_lock+0x11/0x1c0 [ 3078.019394] ? expand_files.part.8+0x9c0/0x9c0 [ 3078.023987] ? kasan_check_write+0x14/0x20 [ 3078.028233] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3078.033184] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3078.038909] do_vfs_ioctl+0x1de/0x1720 [ 3078.042814] ? __lock_is_held+0xb5/0x140 [ 3078.046917] ? ioctl_preallocate+0x300/0x300 [ 3078.051336] ? __fget_light+0x2f7/0x440 [ 3078.055314] ? fget_raw+0x20/0x20 [ 3078.058781] ? __sb_end_write+0xac/0xe0 [ 3078.062771] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3078.068317] ? fput+0x130/0x1a0 [ 3078.071614] ? ksys_write+0x1ae/0x260 [ 3078.075432] ? security_file_ioctl+0x94/0xc0 [ 3078.079852] ksys_ioctl+0xa9/0xd0 [ 3078.083315] __x64_sys_ioctl+0x73/0xb0 [ 3078.087217] do_syscall_64+0x1b9/0x820 [ 3078.091114] ? syscall_slow_exit_work+0x500/0x500 [ 3078.095971] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3078.100915] ? syscall_return_slowpath+0x31d/0x5e0 [ 3078.105866] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3078.111245] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3078.116109] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3078.121301] RIP: 0033:0x455ab9 [ 3078.124488] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3078.143788] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3078.151513] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 14:36:38 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x1, 0x0) writev(r1, &(0x7f00000027c0)=[{&(0x7f0000000440)="306cea2272db9b4281da20b47ce6826e08a18018f6995ed57d6b4fc12052650f239890a499d1d113ae9b02cb57b3c0bf6caa766734771e046297366f71a1422783c455eddd9e06dcc5df5c43c4968d0fc4b7a43eea890601a5f0a3e8c7c08a29ceddb6f717d54407493c83b9449a6d6e93fbaef37f891745b5816702eb3444d4062c7ffbb5ff1e8377ae85e6790a368536cddc1fb6464f457cf2e88383ddcf7502dcbdb5d5336fc25c6dd07eab7819cd8ab16370d744745f86a5419b8a442aa25c0d2173cf2d733755aed82426f9118549bd51efabdd38124db0a90399f9e3b467a61be88ee5eceb93bd5d233c1aefc84463e3d88fe442e03cb8833b47ddcc4572edf8fbaae3f6bfe4288597e4ed0fdec464940238763e510b6e7b2f6a54e91b48856fd323f94f5aafc4ce940ab7b445f59d07b2f983c9225380546babe652d1b23c6a4c595fcadcf41a57cd5997e2dee2a86f1e6e058b7fdef468660252711fdf84153e604082b252bbbc3722705bd839bb001e6dc8f938a7c5d060ca96866536997e85a202918feed7c8b79b7900cdbe229b94a0870e16be23cfe3af4f92c5e087e19de90f5a150e3d7df6adadbd83712bb5a8f771386ad15706699f2efd6399456d6920584c6c9fecfa53fa1db6605843e3c9e0e3d706e80ca01ce0c5b39743761f9105a585699f8339f4e4e203c3fd967772a47f60c7b43de65ed038f10b7f1db380f78226396bd194a731a75eccb00453b4854acfb3b4a1cc5fa5148bbaeed752521378d4dd59a81846dd174c6b5d31629fbc9752e4a00ee48bcd3a32745873c382b8c1f585883c81350a06d1c43dc371d263f49c11185a9f73e4f57a124acdcae2f90a480c59fea9e44c85c079c1609c0cd7bf15001da27cdd8a88807e71ca5f99f03edca8d4a99128138b56f20fad01b2fdc107f42624473959dda0839114107933a663d3f51b6694793d5e577c85c6cc27ef110006b12544b637d78c602723cc7e3c7882a654114b030d9d915e4839edf2389e02ed06efe5883ff1bc8cd73f99c9ff674fb56ef31926174ae9641f95d5d855ea025c8706bdd2b45705a0bb4b4da51341bc3584bc92d6ea057bbde38e8ac46ce1addeac6d1feb5b4abbd9d17822e1f88224618cc6f259b799d57840c7fd304c8a218d02abb23fc0ccb311781af085a982e5a1fe3121a5bc0376d73c4c5366fba1323d0b77c912d64c43b136be1cb55ab381399df18460f4d33f77ded00259385b537bd52e143936a009ff3034c0052719c5c4ec3687943fcd761c797d591cba612f2828143c0f665c082f7af95a11c89efc0e7ef2a0d13bbb832b01327f7fbf2641c85d8169e7eb5d3edb91c3260caaa263bbc3e848b5121011486046909578751f4877b4dce28972d32adccddbf084c78cd9b6be8a5e880cb0df286cdf20d71526728551a369b9dc2b7146bd7ee5326bf83fd97eb36b9037c831556343bfdd7d13143cee5cc0d44d9fc12a4dafe310d8819ad8ff683da2bba3febc9b5906b9ff6a3101a9a7b80c4edc4c97d2cda2b5b529a4c7f790944284c94a89eabe6fe5703723885c015997c882948abd44d58c350c03d2b2a97171a2fc4805ea4367850d682206fd9799ecafc217c931e37b2d15b5fc931b0b2b85a1fe3a61d0f057580bbad3a97703c1c6b326e9e0fb361a123fe96caa5d1e43e02a99cba14c5d4faddab656aef2d7954c4e0650f6e42c8ac7cb7f407142ceeea8641e9e779d9be622abc00638a073d0369082dba8fa37cf712049c8d99fc867387c82802b8ecb9df778edb120f01768ff0c9ec5efa1a08683aa0b41d91acbe1c81058b03712e56ef63371a9641e34eb431d97ef5422e27f375f24682587f2695d65abe7fa1840e78113c58789be87a72f5e487b3d5664586d08b5d9241bd0be02f6b3fce16daa228cb811b1ab85c944eb48248496d790d2b1a1a6bce01a33eb5f138565231581b0b73a13b970f29e04bc2c7ccec128cc3ce9aa6ef4e9f9564e32c22803dec6612f064ea2b7a7455accf739b3765452559ada3eadb804ca1dc0c43d8a6336336131bc447df5e37470f58f24dcd08abd02b7032f1454483353cc698bc5e520f93d65e61b47556f857c048fb1634ed338a3c2ffe76fac3cbf35b29eacadfb580117f130a14971dd16ae2fc441acfc7a85a0933bf3876ca4c1c153248238a0f76e205facc57268c34301b63e06ebea745e1e8f115aee3492acd446fb5465f835e5b75af457a79c1c01697bdc318f88b4d608c4ae0eec7c45141d10b3e03d70e71d763b6e937b3a2ac884899a2e67f9b96052dd8d85f7eb2f5ff05a7cb3797ae8d9966d50c4b6e2ab3cda0838fed5b0b3d3f9928838d4ecb8d82f40c05f2b38691a2e853b54dc709e90b1639d0f0ec0d5ac6917e530f26aaf37d99d51c0843d6113c13b0b126135150624b48847d215207a08ee66c94750a88ce5e1978c6de1bacd2587c46b511a51dfcc3f7c2ca38f1704746a7a9b17da707ab001a68debc51fc390fbceb9bb19234081fc65c4968df78e1b29311a0df3cffb5a8f595e0c4d49d7d54e6df14a365e7b570da12bd32e8424f8e82b2c06e4ab9232a91b5ca563881044413ad16026d5067d0ad77d300df26cb4297b3d1f813ce568a1f85fb2bb178073003c9cc00d6c5d7c1c1d52a52d1188a3fae679d55455f6a94c9af3df9f0b9ecf4810ff2f5c0a644a347714a2ce9ccb58cecd752cdb6a9da6376de4e5d0c8f3ba7ba54ebf5daa407f5e9f08da698fce739c8df12d018b6e4eb45a500bef2e80cef6d0f7e29def797cc4e575451a14f1e673ddb1cf424f48f183c80dadf52ba12bc0297a82b8424791a20e135a2e0a870a0e3232603b13a82eff01a430825678347bb81d53bf20cb47a73b5a044017755d6a397b72c0e34000453af028ccc058c0d76eaf0ff1683ff0eab3362e970b4b8fd87d82459369b147c1996710f427c189de03728175692796c15a7eab789c2cd34429aa7d9ce60ab81bb68579890f095ee5cbc5affc98ea142ce3a45c2c41b813aff4c40864ce2db1a19f55f39d9b32e74fc059e2989856ace75386de53fe2a2ee0a2ff33c209deab4688dd0cd8b354264d25751149dcd3198269fd6d9aa6d0b7698991ca0572c751333edc78c286050ae12f082b58c910f8e9e2c249c550805d5c7bc7e312fde0d3f8785fef2ef3ab5f363893947a7e29512a829dbd60c82434b3f8fd663b91728751013a4cc348390c46630ea2fecbc50ccb0e1065052ebf9019acab8702f7f9689868bf976653d9b0687d9bb087c607f5888d0c064847c94727a1b600b87e4d2188762018e96430d35344cf9c977236f1c3ed3cf727f89c2b047a1b4df2f01a293d4f4644ca3c2c28a1fee4c3a1dd67071ee04c1270182a3390ffd8b97ef8f27a6e8bf0f2a504160681a03efa67df253b53cc728477c1941a137cc63d8e2bca00c744f9ea6664436c68b2032609c886e883c3b9ebff45687ea18b45f64d2f457511e21bb8841a1ad0f406499f3763eee46f86e409894a2a00f05b055d804f725c92dcc16155641fc96e5bab24ed7647144b0c1b2d8cfa4c792cab646efe172461be0f676d8553839fd902b85b117c11d02759dca3db92bbd59a3791102e6c1a79661b1a009385fdb660118e49777c74be4e0eaed9ac58394d8d1a4cdd00d0b88bbd953a0131ea728970a1236e42ff0ff02f9cd04f22706f3f0686a40ab040a135f3681dbf4da02d17e421cddb6dbd38c1649754865c409a96611d70a4a7e2ddad410f0818d3c9d802a13f0fc921bde9dc2ea4b987fef193ef8403e6d1641827e6d4badd67ab384b731e86fd3ca6b5c28c5b46ef71869337889513309f0c1480a29e083d42fa09a44e49673a428e38447259b63e48f93c2ec9c4b90fae6d64149083c47981a5bb327ac0493e9ef5d7fb5ab019bb15608092006c6d8f6d2dcb228d9d2819f3e1e1209a9fa1bdae4ad231a7cbbc7c0214560bed296bcdbecdd9cd450f03d29e2ae19c9d05a362ead93e65045c2865df5013e3593128f4a04657506c37adfeddcd57b7708520aec65c2a21e30d5b539bca561f26826e085e00b58761f169e994975b7db5a31529a3d6754c6c4403cd23ee0c3147c38fa9d0d26725d02a242fbbda36f00314fdcef86baed7653a4d1551609d10ffa3573fc8476fdf71524fbca2ec2fc5e73354a07d449b09ead411b1046048644fed39d3ef2dc1deffdca28bbaaeb2bbd98679d7d27c741b9f82eb1bad5a243c344e2120b93a81b3b2fd49a9e44d1043b06a03b3768d939f675cf549f04339d646f68786ccc9c0d8c39eaa032279a3ecfbb36f939835b4b4a551561318394a5fc225e4980bdd90484289e675011d2f2600f3730a0421bcbe3dcbf40d5ce955e18cf90a00e3394c9bf7e11e8abb4470dd51b5dc4ce1178d6c9b7952db8ad71ad1e41cea8fadde808be0f275c8d8ee4ef5f8283ac91ada1186aebbcd0dc526533117ec35255710f1efb3885f0360a9ebc2915852d8214c472674dfd9fedb1313837e1d60dbcec9243a95fb754f473cd22781a1c7c682c7575f0e0e239edf135b6fcb6dd85e50bde6d1fc53f2d0ffa58d5f4971ba1541ad658243973128e7fa48491df6f71e7eb45a215cae8a04ee763327de745deb4176245ee157b6d0a7d5e0ffc8b450d5188fb47974223a5df4298fadf4ccf4c42d818b4c330a8e1b8ab5b12c810ee30fa0acb65653ae8e980d22dd98a829602627432102a1f9c72f6f3e4bf8ebba02217769364c41014575b3181bcfa2d637a8f6bb35a64c119c33eb3bd67149bf444a7aad391b09c49346bd6bf7b47086d998da800f28579d6f77dd2ffa3b1f63f6f997f3a85696b28d6c37a6c2f136ba4f20fe9575f54bdced3e53748d45f4ba4cf21e789cb45d21ddb6cc33cb83089fcc2737f8ea0747f04e10199e5bf8a9efa926c6374eb85078f7b7353b901012e0967c35c60a5215002016be0bd6d423d81b8ae8a9d336ad68c6ec021eeb4c5d1ac5ef8a2d8cbf5ba9c4dc648c8733cb35b42633b05595b1311359bcd69ac7331c54cd19b3999f4e85d43ebd3c8edf9a2ea0e3f1ee608a29d69549ca3c708ab2fbe5b58c14c855d93ec93bf3325e12e7ca491960a8f7d4ffeaa2ab7c7f81fc62ee6e79ae0b089ea9374a36b8ecee62c5295c0472b693f945f614bead8e28d124b953dd7f2f62df6c60d7ac7f08cab9d9541fe4766ac852b13d1270940c56fb2f926efa1a53b2e5228abfe9558c884fea41bb33594b316dd66966a883c451dffad1072e0aace5372daffd678de604b09ff22e7a05b884cbf9bcb927ff68945321e3b9c301d7bdfd731e85bdde896ca7fc4805ee8d27b5bdda740380bfaace682c76b13cd72fcf47158666a10016a1696abef693b8ae6722bbd0f90c1836b308d493fb36ed8a0f64a4d4cff36c174566350c7ba58a008495f24156d3e34a9cd7505443e1905671a4225afe7d4413868d81a91a636ae63524046342b8b2265a3d8644b58a908507d82bb6bb49815c7e49b0b2c4860863847cc1e4943f60479ae22eb9ee8a86fd03c703d4129f735ebba9e007c8f38a3685b58dfbf8e5ce5da173e23a7a4628986c694b796c81aee00541b532b3e66351a0f3e767ff7201715c2a2522eab1ee8ff17d7f729d52e459359b9e3e1b82dc44c7effcc1f5bbd3849a7436798b08fa15e0db6869349756f9a3b3b717dc50b7aa2e53af018abd64a17aa2624c680484021c0099c8b357f44defc3227968cfb573e32d69f23c32d4cb9aaa0837e52d8ca3b5ae1209e113aa", 0x1000}], 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000000)={0x0, 0xffffffffffffff72, 0xfa00, {0x0, &(0x7f0000000080), 0x8000000000000000}}, 0x20) 14:36:38 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8dffffff], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:38 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5f38000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:38 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e6430000000000000000000ffff", 0xfff}) 14:36:38 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) r1 = memfd_create(&(0x7f0000000000)='-\x00', 0x1) ioctl$ASHMEM_GET_NAME(r1, 0x81007702, &(0x7f0000000040)=""/103) 14:36:38 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d64350000000000000000000000000000000000000000000000000000000000000000000000000600"}}}]}, 0x138}, 0x1}, 0x0) [ 3078.158805] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3078.166079] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3078.173362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3078.180620] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000055 14:36:38 executing program 2 (fault-call:7 fault-nth:86): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:38 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x100, 0x200) ioctl$KVM_GET_FPU(r1, 0x81a0ae8c, &(0x7f0000000400)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:38 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x100000001, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:38 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000000000500", 0xfff}) 14:36:38 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:38 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000f00"}}}]}, 0x138}, 0x1}, 0x0) [ 3078.329317] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3078.336888] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3078.393477] Unrecognized hibernate image header format! [ 3078.399391] PM: Image mismatch: architecture specific data [ 3078.435536] FAULT_INJECTION: forcing a failure. [ 3078.435536] name failslab, interval 1, probability 0, space 0, times 0 [ 3078.447651] CPU: 0 PID: 10643 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3078.455113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3078.462094] Unrecognized hibernate image header format! [ 3078.470278] Call Trace: [ 3078.470306] dump_stack+0x1c9/0x2b4 [ 3078.470325] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3078.470354] should_fail.cold.4+0xa/0x1a [ 3078.470374] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3078.470395] ? kasan_kmalloc+0xc4/0xe0 [ 3078.475788] PM: Image mismatch: architecture specific data [ 3078.478343] ? kasan_slab_alloc+0x12/0x20 [ 3078.478360] ? kmem_cache_alloc+0x12e/0x760 [ 3078.478375] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3078.478394] ? kvm_mmu_load+0x21/0x10e0 [ 3078.523515] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3078.528050] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 14:36:38 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7a000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:38 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\x00@\x00', 0xfff}) [ 3078.533092] ? graph_lock+0x170/0x170 [ 3078.536925] ? do_syscall_64+0x1b9/0x820 [ 3078.540999] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3078.546387] ? find_held_lock+0x36/0x1c0 [ 3078.550474] ? __lock_is_held+0xb5/0x140 [ 3078.553836] Unrecognized hibernate image header format! [ 3078.554557] ? check_same_owner+0x340/0x340 [ 3078.554578] ? rcu_note_context_switch+0x730/0x730 [ 3078.560030] PM: Image mismatch: architecture specific data [ 3078.564256] __should_failslab+0x124/0x180 [ 3078.564277] should_failslab+0x9/0x14 14:36:39 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/netstat\x00') getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000240)={0x0, 0x8, 0x5c9e, 0x213, 0x7, 0x1, 0x3, 0xd3d, {0x0, @in={{0x2, 0x4e20, @multicast1=0xe0000001}}, 0x8, 0x800, 0x0, 0xe38, 0x6}}, &(0x7f0000000300)=0xb0) setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000340)={r2, 0x401, 0x0, 0x20}, 0x10) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x8200, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000040)={0x0, 0xd765, 0x30, 0x6, 0xbc}, &(0x7f0000000080)=0x18) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f00000000c0)={0x1, 0x2, 0x8, 0xff, 0x8, 0x8, 0x0, 0x80, r4}, &(0x7f0000000100)=0x20) [ 3078.583371] kmem_cache_alloc+0x2af/0x760 [ 3078.587556] ? alloc_pages_current+0x114/0x210 [ 3078.592153] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3078.597091] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3078.597111] kvm_mmu_load+0x21/0x10e0 [ 3078.605656] vcpu_enter_guest+0x3aa6/0x6090 [ 3078.609993] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3078.614247] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3078.618927] ? vmx_vcpu_load+0xadf/0xff0 [ 3078.622990] ? __lock_acquire+0x7fc/0x5020 [ 3078.627236] ? vmx_vcpu_reset+0x1040/0x1040 [ 3078.631570] ? graph_lock+0x170/0x170 14:36:39 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x1, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000000c0)={0x0, 0x100000001, 0x2, &(0x7f0000000080)=0x7}) ioctl$BLKTRACESTART(r0, 0x1274, 0x0) [ 3078.635424] ? __lock_acquire+0x7fc/0x5020 [ 3078.639691] ? __lock_is_held+0xb5/0x140 [ 3078.643776] ? lock_acquire+0x1e4/0x540 [ 3078.647763] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3078.652797] ? lock_release+0xa30/0xa30 [ 3078.659043] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3078.664337] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3078.668843] ? preempt_notifier_dec+0x20/0x20 [ 3078.673360] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3078.678215] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 14:36:39 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000009effffff00"}}}]}, 0x138}, 0x1}, 0x0) [ 3078.683251] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3078.687332] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3078.693056] ? find_held_lock+0x36/0x1c0 [ 3078.697140] ? find_held_lock+0x36/0x1c0 [ 3078.701223] ? lock_downgrade+0x8f0/0x8f0 [ 3078.705389] ? kasan_check_read+0x11/0x20 [ 3078.709555] ? rcu_is_watching+0x8c/0x150 [ 3078.713707] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3078.718129] ? __fget+0x414/0x670 [ 3078.721597] ? find_held_lock+0x11/0x1c0 [ 3078.725669] ? expand_files.part.8+0x9c0/0x9c0 [ 3078.730264] ? kasan_check_write+0x14/0x20 14:36:39 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3078.734516] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3078.739464] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3078.745187] do_vfs_ioctl+0x1de/0x1720 [ 3078.749092] ? __lock_is_held+0xb5/0x140 [ 3078.753179] ? ioctl_preallocate+0x300/0x300 [ 3078.757600] ? __fget_light+0x2f7/0x440 [ 3078.761584] ? fget_raw+0x20/0x20 [ 3078.765049] ? __sb_end_write+0xac/0xe0 [ 3078.769036] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3078.774586] ? fput+0x130/0x1a0 [ 3078.777880] ? ksys_write+0x1ae/0x260 [ 3078.781692] ? security_file_ioctl+0x94/0xc0 [ 3078.786111] ksys_ioctl+0xa9/0xd0 [ 3078.789575] __x64_sys_ioctl+0x73/0xb0 [ 3078.793475] do_syscall_64+0x1b9/0x820 [ 3078.797379] ? syscall_slow_exit_work+0x500/0x500 [ 3078.802245] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3078.807194] ? syscall_return_slowpath+0x31d/0x5e0 [ 3078.812145] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3078.817518] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3078.822369] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3078.827582] RIP: 0033:0x455ab9 14:36:39 executing program 5: r0 = socket$inet6(0xa, 0xa, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$unix(0x1, 0x801, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8) listen(r2, 0x0) connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8) write$binfmt_aout(r1, &(0x7f0000000000), 0xfffffdef) [ 3078.830773] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3078.850239] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3078.857959] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3078.865241] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3078.872532] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3078.879812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3078.887087] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000056 14:36:39 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) getsockname(r0, &(0x7f00000007c0)=@can={0x0, 0x0}, &(0x7f0000000840)=0x80) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@xdp={0x2c, 0x3, r1, 0x37}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000000)="bd8f9e812b11a757b471f2298b9132cf946c4a29d6cbbd1b754c26a1900fc4ed4a", 0xd}, {&(0x7f0000000040)="32a07f3104a281ae90c9ec4bac998041cf6f6508dde99bfbe1fe752fc2ef3b0fb7c3b33e2909169dd259aa9fe849ac3e0289f34105c9197f01eca5f4dea5044131f806e10c3e0ebb1801fcc556491783db9f5844daf13cfac2e20bed8fc388e6d3f2a6e9aa739e9d655a8f41abb6bd8c348b88b4642285584dd98e2cbf31bb6cc439b384aa3df601ef6a82403d9c39936a10f2ffc8f81c9664a1223c78199638808f198d7e1c366885000d7ca9027dc3aa74e52da8985f757dddfe95d1822f9c4f93c0badf8679ba65ff78eddb0bb15119adf103b8d425e9cc2f135249fc", 0xde}, {&(0x7f00000001c0)="b5373ed9d9c7a1414730a1f27b68f26c8209c5dc4444efc6cce6c247316ab996d2e456b15d38494e30bcdf74c2e036fa5529b2133cb81498dbfd37f102133ec641e10905c6b71f845298ff8513ae3b873797750000d0c703a0a6ef823bccb614145336ac532d5909241f4e4e6cb0a9543696d5bc54812436d99fafc62405b5accdbf1fe36db81287cb868130cef98405de1191046c59b5264917dae140cbf31c23224a7445493aa5adda59a07a", 0x137}, {&(0x7f00000005c0)="450a29d4479ac536225ce11b4d02510170d239dc71ac8a32a48402abe8b2c32a80cdf69c7fe6bbaa1fb4f57a9d0966dd0e5e2ca86f8e0b36ebc2811ddc529eb3c902a9c62313a2e6907af7843d057e89b488bd30e2dfcbcfc10da299159b217c09d196404bcaaeaa9311e74524ed7e8277646a92970f2e45a07b7b05b13228cc48be95332cdb1443e2b1c97c8b49d523a5ac312f9e2b27b812e055fa92b148b151d884f6a5131ea5b7b8982a80b5a62ffeca072cdf4870c0c568d042a68a0a7d0faf8543d516aeca05ef70a6744e92dc", 0xd0}, {&(0x7f0000000340)="603d9e34471e9bf7fbb1a0a797a487f80d063621c964db01ad0810bef46a23f6cf8f59a39ec0e8434b3783971bcff092de1ffe99f3d588beaa9999167ead55afa336ae16e2e9e50100edb051fca3d5e6457586cb6e622394a34a546214a12c13c36a82353fe9c50a77ee79b3213fa374d424f884ab5349ff9d", 0x79}], 0x5, 0x0, 0xff9c, 0x2}, 0x0) 14:36:39 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:39 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x400, 0x0) socketpair(0x8, 0x2, 0xffffffdffffffff9, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) fanotify_mark(r1, 0xa2, 0x0, r3, &(0x7f0000000240)='./file0\x00') io_setup(0x2, &(0x7f00000002c0)) socket$inet6_udplite(0xa, 0x2, 0x88) io_setup(0x80, &(0x7f0000000080)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) r4 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8, 0x119000) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000001c0)=0x0) sched_getattr(r5, &(0x7f00000003c0), 0x30, 0x0) r6 = geteuid() getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, 0x0}, &(0x7f00000004c0)=0xc) write$FUSE_CREATE_OPEN(r4, &(0x7f0000000500)={0xa0, 0x0, 0x8, {{0x2, 0x2, 0x0, 0x3ff, 0x9, 0x4, {0x5, 0x7, 0x2, 0xbce4, 0x9, 0x7fff, 0x0, 0x7, 0xfffffffffffffffe, 0x89b, 0x3, r6, r7, 0x5, 0x7}}, {0x0, 0x7}}}, 0xa0) ioctl$GIO_FONT(r4, 0x4b60, &(0x7f00000000c0)=""/171) fcntl$getownex(r1, 0x10, &(0x7f0000000380)) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r4, 0x84, 0x21, &(0x7f0000000440)=0xffffffff, 0x4) syz_open_dev$mouse(&(0x7f0000000300)='/dev/input/mouse#\x00', 0x0, 0x24000) sysfs$1(0x1, &(0x7f0000000040)='\x00') 14:36:39 executing program 2 (fault-call:7 fault-nth:87): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 3078.977862] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3078.985383] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:39 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00\x00\x00\x00\x00\b\x00', 0xfff}) 14:36:39 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf9030000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:39 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:39 executing program 4: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, 0x0}) r1 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x96, 0x40) ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f0000000180)) futex(&(0x7f0000000580), 0x4, 0x2, &(0x7f00000005c0)={0x77359400}, &(0x7f0000000600)=0x2, 0x1) r2 = fcntl$getown(0xffffffffffffff9c, 0x9) sendmsg$nl_netfilter(0xffffffffffffff9c, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={0x2d0, 0x14, 0x7, 0x20, 0x70bd29, 0x25dfdbfd, {0x5, 0x0, 0x3}, [@nested={0x2bc, 0x1d, [@generic="aa5ac0efe2526850db", @generic="4f5b8411324ccfef1ae37e5f9fa2590de67745e954740ce7f8756d6b58acd1001cd83fe30be8bc44cae8dc4a27403fdb37a1d6c4b2c6b4face51db26670f5b4017b248b2565d4755ca267777f3c533434d870c4801e450573ab35d4bf0a7c91f750656b82e9f782810b2c108585df82dbdca26cdf309d37447181b2f801a34a6c8039e2a08e7675b94368944277f853a0385757291bcc94725", @typed={0x14, 0x4e, @ipv6=@dev={0xfe, 0x80, [], 0xc}}, @generic="8fdba5de65dda7924fc904b3bb5e1cf5c574d9ac61b8e3aa6c01542ff41a3f43591bf58da76ac3df59280456c244d7e821c3c7b0cc2485493fa5381dc767843649ba3cb8d23073c78bb4f79cd59c46a7f563b87040c008293081be86767a0ee436b7c80b80bb6845720fe84c8ede", @typed={0x8, 0x58, @pid=r0}, @generic="8d5e3b1ad69c1c87df29b49501b58745d62c142312dfe9f06e389e76f3380293af98499c24c1800f5a91823b1053f0fd244560c5d28ae2ed551ef2d3e19d89a64e322341def0c6141df1e179c4a9fe4c7a698a813be1464080c774712453a068821378acf3609ebd24af155abf1ec72e4c5e093a224051dcadb4ddd9819b89", @typed={0x8, 0x93, @u32=0x80}, @generic="f7af5bcec10187281cd79903aa6196b7bc6f5ad976bf5a3878069d666932f8dfdbf3c235c4dd3a6d4b36b557b3e2b2638ad10d3c666a6c092bad9cb40c7cca7307843a1f2bcc3b8404789105ce522b3e016ec06e76c139e3592c86f0e220a7ebf6c71feae43d83576c011af16c9c3582eb2ccf054cc45054ca091be308f981", @generic="e83671b037deef7e9ae71849c6937d9d1b1ece6d9fd9d2c0a0ee51b17a9ce30a1d5bce71916f2a3d10e1dab3adfde39c8b4a194796cae5cb8b5d2c8e6f8ac22672074cc7ad0adf05ce2ba104e9d9831c404e330196400ed1a39bd933afe080355b2b0350a7f3874b278c4e85510b7cd36b513c0690a817611129ca2965", @typed={0x8, 0x63, @pid=r2}]}]}, 0x2d0}, 0x1, 0x0, 0x0, 0x4000}, 0x40400c0) r3 = socket$kcm(0xa, 0x122020000004, 0x11) sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x10000}, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000540)={0x200, 0x1, 0x6, 0x100000001}, 0x10) 14:36:39 executing program 5: r0 = socket$inet(0x2, 0x2000002, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e22, @multicast1=0xe0000001}, @in6={0xa, 0x4e24, 0x9, @loopback={0x0, 0x1}, 0x955}, @in={0x2, 0x4e23, @broadcast=0xffffffff}, @in={0x2, 0x4e24, @broadcast=0xffffffff}, @in={0x2, 0x4e23, @broadcast=0xffffffff}, @in6={0xa, 0x4e24, 0xffffffff, @ipv4={[], [0xff, 0xff], @rand_addr=0x9}, 0x10001}], 0x88) sendmmsg(r0, &(0x7f0000001e80)=[{{&(0x7f0000000080)=@in={0x2, 0x4e20}, 0x80, &(0x7f0000000080), 0x0, &(0x7f0000000080)}}, {{&(0x7f00000002c0)=@in={0x1a000, 0x0, @broadcast=0xffffffff}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000340)}}], 0x2, 0x0) [ 3079.238380] FAULT_INJECTION: forcing a failure. [ 3079.238380] name failslab, interval 1, probability 0, space 0, times 0 [ 3079.249717] CPU: 1 PID: 10708 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3079.257106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3079.266560] Call Trace: [ 3079.269176] dump_stack+0x1c9/0x2b4 [ 3079.272824] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3079.278047] should_fail.cold.4+0xa/0x1a [ 3079.282122] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3079.287240] ? kasan_kmalloc+0xc4/0xe0 [ 3079.291138] ? kasan_slab_alloc+0x12/0x20 [ 3079.295300] ? kmem_cache_alloc+0x12e/0x760 [ 3079.299637] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3079.304588] ? kvm_mmu_load+0x21/0x10e0 [ 3079.308577] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3079.313084] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3079.318121] ? graph_lock+0x170/0x170 [ 3079.321983] ? do_syscall_64+0x1b9/0x820 [ 3079.326061] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3079.331452] ? find_held_lock+0x36/0x1c0 14:36:39 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:39 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=0x0) ptrace$pokeuser(0x6, r3, 0xd1e, 0x8) write(r1, &(0x7f0000c34fff), 0xffffff0b) close(r1) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000100)=0x385) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x100}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={r4, 0x1ff}, 0x8) ppoll(&(0x7f0000000180)=[{r2}], 0x1, &(0x7f00000001c0)={0x0, 0x1c9c380}, &(0x7f0000000200), 0x8) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) 14:36:39 executing program 4: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x9, 0x80000) write$cgroup_int(r0, &(0x7f0000000040), 0x12) r1 = socket$kcm(0xa, 0x122000000003, 0x11) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x29fd, 0x2, 0xf6, 0x3, 0xee, 0x1000, 0x2, 0x9, 0x2f55c85, 0x5d, 0x100000001, 0x400}) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:39 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000fdffffff00", 0xfff}) 14:36:39 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d6435000000000000000000000000000000000000000000000000000000000000000000000000000000ffffff9e00"}}}]}, 0x138}, 0x1}, 0x0) [ 3079.335535] ? __lock_is_held+0xb5/0x140 [ 3079.339624] ? check_same_owner+0x340/0x340 [ 3079.343974] ? rcu_note_context_switch+0x730/0x730 [ 3079.347988] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3079.348929] __should_failslab+0x124/0x180 [ 3079.348957] should_failslab+0x9/0x14 [ 3079.348972] kmem_cache_alloc+0x2af/0x760 [ 3079.348993] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3079.356433] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:39 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x48}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3079.360584] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3079.360605] kvm_mmu_load+0x21/0x10e0 [ 3079.360626] vcpu_enter_guest+0x3aa6/0x6090 [ 3079.360645] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3079.404991] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3079.409684] ? vmx_vcpu_load+0xadf/0xff0 [ 3079.413794] ? __lock_acquire+0x7fc/0x5020 [ 3079.418050] ? vmx_vcpu_reset+0x1040/0x1040 [ 3079.422388] ? graph_lock+0x170/0x170 [ 3079.426209] ? __lock_acquire+0x7fc/0x5020 [ 3079.430469] ? __lock_is_held+0xb5/0x140 [ 3079.434556] ? lock_acquire+0x1e4/0x540 [ 3079.438543] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3079.443606] ? lock_release+0xa30/0xa30 [ 3079.447593] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3079.452887] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3079.457414] ? preempt_notifier_dec+0x20/0x20 [ 3079.461937] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3079.466829] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3079.471885] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3079.475978] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3079.481713] ? find_held_lock+0x36/0x1c0 [ 3079.485835] ? find_held_lock+0x36/0x1c0 [ 3079.489922] ? lock_downgrade+0x8f0/0x8f0 [ 3079.494107] ? kasan_check_read+0x11/0x20 [ 3079.498263] ? rcu_is_watching+0x8c/0x150 [ 3079.502501] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3079.506923] ? __fget+0x414/0x670 [ 3079.510398] ? find_held_lock+0x11/0x1c0 [ 3079.514472] ? expand_files.part.8+0x9c0/0x9c0 [ 3079.519067] ? kasan_check_write+0x14/0x20 [ 3079.523335] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3079.528285] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3079.534032] do_vfs_ioctl+0x1de/0x1720 [ 3079.537931] ? __lock_is_held+0xb5/0x140 [ 3079.542299] ? ioctl_preallocate+0x300/0x300 [ 3079.546725] ? __fget_light+0x2f7/0x440 [ 3079.550710] ? fget_raw+0x20/0x20 [ 3079.554178] ? __sb_end_write+0xac/0xe0 [ 3079.558169] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3079.563715] ? fput+0x130/0x1a0 [ 3079.567006] ? ksys_write+0x1ae/0x260 [ 3079.570819] ? security_file_ioctl+0x94/0xc0 [ 3079.575260] ksys_ioctl+0xa9/0xd0 [ 3079.578731] __x64_sys_ioctl+0x73/0xb0 [ 3079.582635] do_syscall_64+0x1b9/0x820 [ 3079.586542] ? syscall_slow_exit_work+0x500/0x500 [ 3079.591966] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3079.596916] ? syscall_return_slowpath+0x31d/0x5e0 [ 3079.601874] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3079.607262] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3079.612134] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3079.617333] RIP: 0033:0x455ab9 [ 3079.620533] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3079.639918] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3079.647656] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3079.654942] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3079.662223] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3079.669507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3079.676792] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000057 14:36:40 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000180)=0x14) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000240)={r2, 0x1, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x10) r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x200) getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000040)=0x3, &(0x7f0000000080)=0x4) 14:36:40 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x1, 0x800) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f0000000040)) io_setup(0x100080004, &(0x7f0000000240)) io_setup(0x800, &(0x7f0000000200)) io_setup(0xfffffffffffffffa, &(0x7f00000000c0)) 14:36:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000100"}}}]}, 0x138}, 0x1}, 0x0) [ 3079.841804] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3079.849351] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:40 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) r1 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x4000000000007ff, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x7}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000240)={r2, @in={{0x2, 0x4e23, @loopback=0x7f000001}}, 0x0, 0x3ff, 0xeaa6, 0x0, 0x90}, &(0x7f0000000180)=0x98) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000080)={@remote={0xac, 0x14, 0x14, 0xbb}, @empty, 0x0, 0x8, [@multicast2=0xe0000002, @local={0xac, 0x14, 0x14, 0xaa}, @multicast2=0xe0000002, @multicast1=0xe0000001, @remote={0xac, 0x14, 0x14, 0xbb}, @multicast2=0xe0000002, @multicast2=0xe0000002, @multicast2=0xe0000002]}, 0x30) ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000040)) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:40 executing program 2 (fault-call:7 fault-nth:88): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:40 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:40 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000400"}}}]}, 0x138}, 0x1}, 0x0) 14:36:40 executing program 4: socketpair(0x0, 0x2, 0x81, &(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r1, 0x28, 0x0, &(0x7f00000007c0)=0x5, 0x8) r2 = socket$kcm(0xa, 0x122000000006, 0x11) sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000880)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000240), 0x0, 0x0, 0xfffffffffffffd9d, 0xfffffffffffffffe}, 0x8002) r3 = socket$kcm(0x29, 0x2000000000002, 0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snapshot\x00', 0x301800, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000680)={@in6={{0xa, 0x4e24, 0x7, @remote={0xfe, 0x80, [], 0xbb}, 0x40}}, 0x400, 0x6, 0x5, "faae0f078a935da4880c1dbed43ccbf326600d132dd3effaeb015561084c112c7ca468a2bbea32a5fd477a87ae98c6ce9174f9cbb18ed9b3f8a795dd55125700e2118bc968db600845a0d2bb93169dc1"}, 0xd8) r5 = mq_open(&(0x7f0000000000)='+vmnet1\x00', 0x40, 0x100, &(0x7f0000000040)={0x401, 0x3b, 0x2, 0x2, 0x1, 0x2b, 0x1d3e3715, 0x7}) r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x20080, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@multicast1}}, &(0x7f0000000380)=0xe8) fcntl$getownex(r5, 0x10, &(0x7f00000003c0)={0x0, 0x0}) ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f0000000600)={0x1, 0x0, [{0x5, 0xfffffffffffffff7, 0x5, 0x388a4794, 0x401}]}) setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f00000005c0)=r5, 0x4) sendmsg$nl_generic(r6, &(0x7f0000000580)={&(0x7f0000000240)={0x10}, 0xc, &(0x7f0000000540)={&(0x7f0000000400)={0x128, 0x32, 0x400, 0x70bd2c, 0x25dfdbff, {0x1d}, [@nested={0x114, 0x70, [@typed={0x8, 0x60, @uid=r7}, @typed={0x8, 0x39, @ipv4=@dev={0xac, 0x14, 0x14, 0x1b}}, @typed={0x8, 0x12, @ipv4=@rand_addr=0xfffffffffffffff7}, @typed={0x8, 0x71, @pid=r8}, @generic="473fba8c4190f4aa3e303480c6a5a7a6b90048afe668672f46eee111faf6f3406b71f809f60624b61efbf17cc12b7447295ea7f6fdc8e49f160667c292dbde6edf446cc3de60c8efaaa3fc819964ebc7c8ee506ab29935713e531ed9b0e381063669a71644a7b4ad159d379501184340006507ad4a453bc0012bcc54d6c466f25b19b034dc38f9cabd63ae125c14262b96a59033c7911c979ab28ca6bf5effdfffd915f7f1a0f221449404a4c2c56efd525b102a7f77202c10f4b28ff9ac1dc64d9657c7b171713b1af885eb877eeb3b600dab3b6a94d476da5701640cdbd34edd0ef5493e3690cf917bc145", @typed={0x4, 0x2}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x4040000}, 0x4000000) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r6, 0x800442d2, &(0x7f0000000180)={0x3, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, @local}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @link_local}]}) 14:36:40 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff9e}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:40 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) [ 3080.178584] FAULT_INJECTION: forcing a failure. [ 3080.178584] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3080.182296] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3080.190440] CPU: 0 PID: 10768 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3080.190451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3080.190457] Call Trace: [ 3080.190481] dump_stack+0x1c9/0x2b4 [ 3080.190503] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3080.190528] should_fail.cold.4+0xa/0x1a [ 3080.190551] ? find_held_lock+0x36/0x1c0 [ 3080.197956] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 3080.205293] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3080.205318] ? lock_downgrade+0x8f0/0x8f0 [ 3080.205339] ? find_held_lock+0x36/0x1c0 [ 3080.205356] ? graph_lock+0x170/0x170 [ 3080.266031] ? lock_acquire+0x1e4/0x540 [ 3080.270028] ? lock_downgrade+0x8f0/0x8f0 [ 3080.274214] __alloc_pages_nodemask+0x36e/0xdb0 [ 3080.278907] ? __alloc_pages_slowpath+0x2d90/0x2d90 [ 3080.283929] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3080.288365] ? __lock_is_held+0xb5/0x140 [ 3080.292450] ? check_same_owner+0x340/0x340 [ 3080.296784] cache_grow_begin+0x91/0x710 [ 3080.300865] kmem_cache_alloc+0x689/0x760 [ 3080.305039] ? alloc_pages_current+0x114/0x210 [ 3080.309638] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3080.314411] kvm_mmu_load+0x21/0x10e0 [ 3080.318245] vcpu_enter_guest+0x3aa6/0x6090 [ 3080.322588] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3080.326832] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3080.331522] ? vmx_vcpu_load+0xadf/0xff0 [ 3080.335599] ? __lock_acquire+0x7fc/0x5020 [ 3080.339847] ? vmx_vcpu_reset+0x1040/0x1040 [ 3080.344525] ? graph_lock+0x170/0x170 [ 3080.348340] ? __lock_acquire+0x7fc/0x5020 [ 3080.352899] ? __lock_is_held+0xb5/0x140 [ 3080.356978] ? lock_acquire+0x1e4/0x540 [ 3080.360958] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3080.365984] ? lock_release+0xa30/0xa30 [ 3080.369962] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3080.375246] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3080.379750] ? preempt_notifier_dec+0x20/0x20 [ 3080.384262] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3080.389117] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3080.394180] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3080.398258] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3080.403982] ? find_held_lock+0x36/0x1c0 [ 3080.408065] ? find_held_lock+0x36/0x1c0 [ 3080.412141] ? lock_downgrade+0x8f0/0x8f0 [ 3080.416296] ? kasan_check_read+0x11/0x20 [ 3080.420443] ? rcu_is_watching+0x8c/0x150 [ 3080.424592] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3080.429010] ? __fget+0x414/0x670 [ 3080.432466] ? find_held_lock+0x11/0x1c0 [ 3080.436533] ? expand_files.part.8+0x9c0/0x9c0 [ 3080.441118] ? kasan_check_write+0x14/0x20 [ 3080.445354] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3080.450296] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3080.456012] do_vfs_ioctl+0x1de/0x1720 [ 3080.459905] ? __lock_is_held+0xb5/0x140 [ 3080.463972] ? ioctl_preallocate+0x300/0x300 [ 3080.468419] ? __fget_light+0x2f7/0x440 [ 3080.472395] ? fget_raw+0x20/0x20 [ 3080.475855] ? __sb_end_write+0xac/0xe0 [ 3080.479841] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3080.485394] ? fput+0x130/0x1a0 [ 3080.488681] ? ksys_write+0x1ae/0x260 [ 3080.492486] ? security_file_ioctl+0x94/0xc0 [ 3080.496903] ksys_ioctl+0xa9/0xd0 [ 3080.500381] __x64_sys_ioctl+0x73/0xb0 [ 3080.504275] do_syscall_64+0x1b9/0x820 [ 3080.508161] ? syscall_slow_exit_work+0x500/0x500 [ 3080.513009] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3080.517941] ? syscall_return_slowpath+0x31d/0x5e0 [ 3080.522879] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3080.528263] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3080.533118] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3080.538306] RIP: 0033:0x455ab9 [ 3080.541491] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3080.560881] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3080.568601] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3080.575876] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3080.583147] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3080.590417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3080.597686] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000058 14:36:41 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x800, 0x0) r1 = accept4(r0, 0x0, &(0x7f0000000840)=0xfffffffffffffef0, 0x0) epoll_create1(0x80000) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820faeb995298992ea54c7beef915d56534c90c2", 0x18) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080)) setsockopt$inet_int(r1, 0x0, 0x31, &(0x7f0000000040)=0x574c, 0x4) sendmsg$nl_xfrm(r1, &(0x7f0000000800)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f00000007c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="50000000210000000000000000000000ff020000000000000000000000000000bb00000000c6000000000000000000000000000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50}, 0x1}, 0x0) 14:36:41 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f9], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:41 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x400041, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f0000000040)=@l2={0x1f, 0x4, {0x20, 0x0, 0x1, 0x0, 0x0, 0x5c9c41e5}, 0x592e214b, 0x2}, 0x80, &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="68000000000000002fed1cb9070000003f1643147dec2bd132feda86032f031b86b8dbe2f98e23a0ee0c41ce3e57c53307a6b2fa944eb22c20e4090522af4eaaae33940f1ca0bdd98409c06d9d19a68de1ac1c606d4d4d1c01cfd60000000000"], 0x68, 0x4014}, 0x0) r1 = socket$kcm(0xa, 0xfffffffffffffffe, 0x11) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:41 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6800000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) 14:36:41 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)=0x0) io_setup(0x800, &(0x7f0000000200)) io_getevents(r1, 0x3, 0x2, &(0x7f0000000000)=[{}, {}], &(0x7f0000000040)={0x77359400}) 14:36:41 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 14:36:41 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000000000500"}}}]}, 0x138}, 0x1}, 0x0) 14:36:41 executing program 2 (fault-call:7 fault-nth:89): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:41 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x40) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000040)={{0x0, 0x9}, 0x1, 0x1, 0x5, {0x9, 0x6}, 0x1, 0x7}) r1 = socket$kcm(0xa, 0x122000000003, 0x11) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000240)}, 0x1) [ 3080.827234] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3080.834782] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:41 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}}}]}, 0x138}, 0x1}, 0x0) 14:36:41 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000000000200", 0xfff}) 14:36:41 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001c00)={{{@in=@multicast1, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000001d00)=0xe8) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000040)=@xdp={0x2c, 0x7, r1, 0x10}, 0x3c, &(0x7f0000000440)=[{&(0x7f00000002c0)="a4021596c379c30df315a5ede9eecb8fe0303866255af67bffe8889cf69e563bf8242e79d9b0677a8bbb1cad2030203f50a46d8b0b2158ccc2fdfff9fe1092ef2f6cf6edc317fc0701d4fbef125a28a66802c36dd5794b9701e199ca0b4c31057bf4a1f30c61fef4ee10a327af3f6201e375f719c2dc16dc84dd20a7e1b3ae1fd34daa94b2c34586139c93ea473f4a3875c651ff43e6dee0a1206ec017a1aac77df3329644394125b70990cca6ec574890f10f19e718"}, {&(0x7f0000000380)="32cd535d0f0d462cda486ce596f45a94c74cac2da01e822c68fb87f7b301bd6b2f231ac44c96fad433a3a27d0eb8dfcae66c7e4de869987b2466f41548bcfbdf1bf75d8776d574fd598cdca63b91f163b38a60f6ce58a47ec57b7fe730bf22fd9647240ed1005d3bd21bf6261e656aef1d08a81d1133e2423330ac55cd18c7aa8f09a8477e532ffac654d471a692da34aebb8b2299ec1cd3be6e"}], 0x0, 0x0, 0x49}, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x800, 0x80) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_GET_DAEMON(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000010}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r3, 0xa01, 0x70bd25, 0x25dfdbfb, {0xb}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4) 14:36:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x3, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x0, 0x5d, &(0x7f0000000580), 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='/dev/kvm\x00', 0xffffffffffffff9c}, 0x10) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="11790000fbff"], &(0x7f0000000100)=0xa) socket(0x0, 0xa, 0x80000000) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000140)={r4, 0xc3f, 0x9, [0x10000, 0x0, 0x1, 0x6, 0x3, 0x4, 0x74, 0x6, 0x5]}, &(0x7f0000000180)=0x1a) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)) 14:36:41 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) 14:36:41 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000400)={{0x6, 0x2, 0x4, 0x2bfdc2ac, 'syz1\x00', 0x3}, 0x1, [0x8f, 0xfffffffffffffff7, 0x3, 0xbdc, 0x1, 0x100000001, 0x759, 0x7ff, 0x7fffffff, 0x3, 0x7ff, 0xfffffffffffffffe, 0x2, 0x3, 0xffffffffffffffc1, 0x0, 0x401, 0x3, 0x6, 0xa953, 0x2, 0xfffffffffffffff7, 0x40, 0x0, 0x8, 0xfffffffffffeffff, 0x7, 0x1, 0x5, 0x9, 0xfff, 0x1, 0x6, 0x800, 0x3, 0x7, 0x6, 0x7fffffff, 0x8, 0x83, 0x6, 0x4, 0x40, 0x0, 0x8, 0x1a0, 0x0, 0x5c6, 0x8001, 0x100000000, 0xaf8, 0x7fffffff, 0x2, 0x8, 0x1, 0x100000000, 0x6b, 0x10001, 0x93, 0xfffffffffffffffb, 0x1a2, 0x3, 0x60, 0x6d, 0x3ff, 0x1, 0x10000, 0x5, 0x81, 0x8f, 0xd6, 0x2, 0x6, 0x100000001, 0x5, 0x7, 0x2a, 0x5, 0x8, 0x5, 0x400, 0xffffffffffffffff, 0x8, 0x3, 0x1, 0x8, 0x6, 0x6, 0xdf, 0x4, 0x196, 0x1, 0xd4, 0x7, 0x7ff, 0x4, 0x8, 0x1ff, 0x4, 0xb95, 0x7, 0x8, 0x687396ff, 0xf, 0x3, 0x800, 0xf0, 0x5, 0xddc3, 0x40, 0x3, 0x2, 0x5, 0x4cb6, 0x4, 0xffffffffffff0001, 0x327, 0xe2, 0xab, 0x6af, 0x3, 0x33f1, 0x0, 0x0, 0x87, 0x7, 0x3ff, 0xf655], {0x77359400}}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f00000003c0)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:41 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4800000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3081.039700] FAULT_INJECTION: forcing a failure. [ 3081.039700] name failslab, interval 1, probability 0, space 0, times 0 [ 3081.051113] CPU: 0 PID: 10824 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3081.058485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3081.067851] Call Trace: [ 3081.070455] dump_stack+0x1c9/0x2b4 [ 3081.074105] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3081.079334] should_fail.cold.4+0xa/0x1a [ 3081.083420] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3081.088534] ? kasan_kmalloc+0xc4/0xe0 [ 3081.092503] ? kasan_slab_alloc+0x12/0x20 [ 3081.096645] ? kmem_cache_alloc+0x12e/0x760 [ 3081.100962] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3081.105881] ? kvm_mmu_load+0x21/0x10e0 [ 3081.109842] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3081.114327] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3081.119360] ? graph_lock+0x170/0x170 [ 3081.123174] ? do_syscall_64+0x1b9/0x820 [ 3081.127224] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3081.132577] ? find_held_lock+0x36/0x1c0 [ 3081.136632] ? __lock_is_held+0xb5/0x140 [ 3081.140688] ? check_same_owner+0x340/0x340 [ 3081.144997] ? rcu_note_context_switch+0x730/0x730 [ 3081.149922] __should_failslab+0x124/0x180 [ 3081.154162] should_failslab+0x9/0x14 [ 3081.157951] kmem_cache_alloc+0x2af/0x760 [ 3081.162100] ? alloc_pages_current+0x114/0x210 [ 3081.166682] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3081.171610] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3081.176358] kvm_mmu_load+0x21/0x10e0 [ 3081.180162] vcpu_enter_guest+0x3aa6/0x6090 [ 3081.184477] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3081.188707] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3081.193367] ? vmx_vcpu_load+0xadf/0xff0 [ 3081.197421] ? __lock_acquire+0x7fc/0x5020 [ 3081.201655] ? vmx_vcpu_reset+0x1040/0x1040 [ 3081.205964] ? graph_lock+0x170/0x170 [ 3081.209755] ? __lock_acquire+0x7fc/0x5020 [ 3081.213996] ? __lock_is_held+0xb5/0x140 [ 3081.218054] ? lock_acquire+0x1e4/0x540 [ 3081.222023] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3081.227034] ? lock_release+0xa30/0xa30 [ 3081.231008] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3081.236276] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3081.240759] ? preempt_notifier_dec+0x20/0x20 [ 3081.245246] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3081.250074] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3081.255085] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3081.259153] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3081.264852] ? find_held_lock+0x36/0x1c0 [ 3081.268906] ? find_held_lock+0x36/0x1c0 [ 3081.272960] ? lock_downgrade+0x8f0/0x8f0 [ 3081.277100] ? kasan_check_read+0x11/0x20 [ 3081.281245] ? rcu_is_watching+0x8c/0x150 [ 3081.285398] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 3081.289795] ? retint_kernel+0x10/0x10 [ 3081.293670] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 3081.298672] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3081.303417] ? retint_kernel+0x10/0x10 [ 3081.307303] ? do_vfs_ioctl+0x123/0x1720 [ 3081.311352] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3081.317052] do_vfs_ioctl+0x1de/0x1720 [ 3081.320925] ? __lock_is_held+0xb5/0x140 [ 3081.324973] ? ioctl_preallocate+0x300/0x300 [ 3081.329366] ? __fget_light+0x2f7/0x440 [ 3081.333329] ? fget_raw+0x20/0x20 [ 3081.336771] ? __sb_end_write+0xac/0xe0 [ 3081.340735] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3081.346256] ? fput+0x130/0x1a0 [ 3081.349522] ? ksys_write+0x1ae/0x260 [ 3081.353316] ? security_file_ioctl+0x94/0xc0 [ 3081.357722] ksys_ioctl+0xa9/0xd0 [ 3081.361163] __x64_sys_ioctl+0x73/0xb0 [ 3081.365039] do_syscall_64+0x1b9/0x820 [ 3081.368913] ? syscall_slow_exit_work+0x500/0x500 [ 3081.373740] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3081.378666] ? syscall_return_slowpath+0x31d/0x5e0 [ 3081.383587] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 3081.388940] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3081.393773] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3081.398948] RIP: 0033:0x455ab9 [ 3081.402159] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3081.421393] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3081.429090] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3081.436345] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3081.443599] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3081.450854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3081.458106] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 0000000000000059 14:36:41 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000600"}}}]}, 0x138}, 0x1}, 0x0) 14:36:41 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x220801, 0x0) sendmmsg$alg(r3, &(0x7f0000002d80)=[{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000080)="f072387c9663e1fc9c3c559c85e43599cf334f9ef4468be77c00571c088529e60c6df253188ed4f2cfeadfb2", 0x2c}, {&(0x7f0000000240)="0628ee38fe722d0d926cbd866a556125d6de532c34f821831e4939a65360e448dc57f85542aca1bb4772016dd2affc69fda4d8a2957d65a7aeea59888fae1cbecd331131da68ed394115efbd591775adc0d1ede9a3dafe718c055493e648c727fa397477cfa133a3c0", 0x69}, {&(0x7f00000002c0)="058735e492db4d68bf370fbba9e10ad96376d090725d3d25c08785ccf578e943116d0e340bf77a7d3a4a7bd5d03b23cfdcce678f906dea7a69c613f9d1189b0a5974d040b09872d8891f8d50626b5177d5eb96feab1a119e3d6c569449e59a61cf30a180d5167f5a7b9ea5b648aafc96f1bc3530015f6d4d9854eb2bb6362fa631ef18e10cf7d12dba7a8ee82dbb52397b443dfbe9274955cd8493fddf0bc824662e18f30c2010b8bbdfeac9759d847bd76d8226fb58a432b13c423f4d5e66b61f3d48bb780f280326f6602ece2443faf820d4", 0xd3}, {&(0x7f00000003c0)="9821bf9dee2b773adb528cd797488de6a53ab15e194400685ea7090406161355c8b72f7460784efccb19e2face783a2adb859a6a462746b2693c55bb354657e22922727790376df67cfd010081db3a808f65e542d2bb680e28a89699df86d5df9a0022c5b89daad0", 0x68}, {&(0x7f0000000440)="f841836041c33f28769d03b32fcd8f8760c57af9b8787469c0f97a398f2b0368a2ed70e1f453483ea286b227d65a5e7d2fc09cc10c3f37a2a9a4302f9035abfbbedb2780e01c7cd03550ff35d45acaa2df5f7698b07fe991de60e2369137e12467552e58562aee99aa5f30c8fca4a0e7eb64e7104063c474ff1e0e27b15014757dd4f1935eb72849166a2ed2a5204afa", 0x90}], 0x5, &(0x7f0000000580)=[@iv={0x40, 0x117, 0x2, 0x2c, "f012df5b52c4eaa6bab5a04351152959964ea58eb1f007ba4c2cab3c6c897db1940f9372afd1465193d41b2e"}, @iv={0x80, 0x117, 0x2, 0x67, "3be9331ce3636d81fc6d4505bf355bb2c01682d3dadc16e8e38d246ba9286b32af558602c507f5f6df1ce1d58690ae9e9a08b3a096bfabbff5a9241766efb0543396b187eac59fb70f37d6ea23df8a4a883cfdb4a0453f3656f0a3638ce7fb5f8b94c5dd28f708"}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x1}], 0xf0, 0x20000000}, {0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000680)="9dcfd1cc03b9b5dcf32005ffcc597bd78d42b7114e07f73afc63f806edf6d4fc542fb74848f1c11bfdee3398fd8958fa53ec2c03703b8dd617b5c511e13f02b61c0568e556e31fef9ec4c4705c4dab663a092195be2475e16a555989dc50f02c93259ccf24c23f99d6e1ad17620cee1b888f101280e0a3721344eee7c61451116b857d8ad2a4c74e529a9abcef1850", 0x8f}, {&(0x7f0000000740)="f68063948d66cd1fa6accf5ad4fc24fc7d162bd03e86fad13d45b607d01e63cafcd89a4876469fb4336c30ba6e6dad1dd93c85404264feb003ab2853512d1c6c05c3aafb4de0fc4a3eeeb3db50b8e4f157c47563c1971ee76d85e9c02cf91fc22e5341b4b73754b92f762d5f6e37dd4df5f881e2b776b0d1e4748d44f7da3a6e23a5b06703db7a9591cad5955c51bc5aed847a51777d943daf93c596", 0x9c}, {&(0x7f0000000800)="9a764de82fbdb2b1ba96367d5e9c662b466a34e0804caedd13893e8b1f6f5f6ec253dd12a71df98cc420cd55fa1b570c868ebaea3e118e5ac5e1a029b3537e3050a22bd51bb8b5a09f7b0c73e4f986744449e0e63b00", 0x56}, {&(0x7f0000000880)="03a3db419288ad00b5f97bc5e04e46a4e65d794cebd0649524e43055378bdda4d0fbf24bcd1a547708dfbfaa073daf9ad9bfbbe3ff6ba7147079f3566ee9ed05f78fbbedb95d65abda369b8bd094d3b514cff7553ffd6e7fa175d341adde1831446acc3a5bf9e010ed3fa418dbf8379c7435cf50120d2bd6218af5dda9c8b67c3f49b00e920e34f5c78cec", 0x8b}, {&(0x7f0000000180)}, {&(0x7f0000000940)="4e355c91d91db15c5dcaebc3563b62efeda1194da102ac7f7f3146a575c1780518c2d474068469fa013d95d6d97cf59adba8c3cc19ee94793244046b873210b9ae0720075ada6311ef0c9124aa1560d2d580e425cd2153962e99c945cc394509c85629d9a716a9277a848059731d0d79d19e8daea5706d5180c73076e456768df1a2b8", 0x83}, {&(0x7f0000000a00)="23d18a631cba61611bc46d3642aa22e9a8387bcbcf2e05c5135c01bf0f26547b271d0b810b2d7c8ecec97c4970ba6cd3450c5ac39c008906d74f8d5f183c7ea3b4cdae77165fb4255d755b2207ae6ab344574d611c98f637d53a44e550ea179c942ff6050c6b56cfe81a7e316db17b8557e32b8fa01e638f251f0e563172b6e0c9017ce212a1c971d0429982ff3907b92c6fdf78cad0af6d528843eb38e008007c52646471880b1ad9821024ff2f595dc6b16219c46be9178e332dee94d83af9785dcb57803afcec6aea866a7feb94949fd13e4c5d2f37d511193c4c6b12aefb627ea55289874ec01db0c29e05", 0xed}, {&(0x7f0000000b00)="9f3e8b00c2f1d1688930cfbe3467d40a0d41d69998ebfb11f6300554a17ae144875d83404db6f9cd087e1450315610ff1c05004402598a1943d7a1b6c7a0b05008cfa64d5b2336039846846a1bc57d2d51cccc819e0d7de6c507f2da9002f47d102b61cd637092249573a419418080fb5684a9ed72464ced2dc3b3df14e14335e4b6e9a7fee5cb155d0d98b458f129957bf0fff79c089475d279122505e6ed606f3e2eac5619ad2c9905a4f7ad52f68f47b69bee80ed9e115c4b6ab987", 0xbd}, {&(0x7f0000000bc0)="1a63fa5d6352a416a0e613101f8559ce7f6c6bf18784a4b94992df45b06c3844e6cc08ad5293e46ccafd20ed38bcc610c5b246fb2f0837218572370007de66b8b3b1a7e2fed6992efc0f3822c884727a0d4109398d3d58c7aae57ecaab67f834eef9a1bb09de9c56834307eab35cc1813c1eea6f724cdfdba3e26951ead1157cdd21709b2eddcc9f565289e0690df07a5767b2f721d2db7daa20a5c05508a874229ebf1e4d48ce83613c3b95e37c486be2a1e2b6c5e91ed1f44059e1db5ceca26aa38e0074bda04b11008ac472ee3b35bf5d02c16bb22c615ae32789e125125efcdb874ac2949c929a4c2106723d426490153deca6c3b5cdd38a0e60c6ff5cbcaad39e04fd0a19e3d5e79790500a716da1af92f0636fbdfae6890091428c36d453d74f978028a307496fb1ee9be1dfef25afce848f6534addd9a40ba7038f6cecaf2212573f9d8e68fd8fa7aec40be6eb930030c46705fa449d5924947c7b4cbd8d3f26c5251a941df3919abb93f40322e66566c1289189943ee2d8e5532475616dbf028bbd07b16b0b5fca69d56e3c477409f16eeb8641a5f73024b7e6f13ad1996f2b2b913a34406daf064f5bdddb381647559b63844df7a924190365d5e8df23f2422037ce3ebda7355aa12326cebbf6fa3d303ce47ba8fe9a2408b139f8b3e8e03501c8ee82ff9a06792a5a7a240b0c9a708e9cf118257a13efb967532bf75bc760a501655da63472f28a2478057122f7d8c7643570611989b76a5314ea75157993aef483bd358f321b5e933b5cc5044d6473389bd18dac282d6f381ce405e63de7adaa8126147e33e3867c22f8516808d10a66197ea42db43b4024245d9d1b48e675eea86ff8a5ce6b1cea096333743c57af0f70af3d3be7eca18f28426ff3613a900f6f6e39664dc664b1c430d095cd72031f2f10188e8b50484040e97751f239dec87e661299896cbd0f1ea21ef22cf7ff011da4e2a84a59bccedf1cbad231f7e37538ec823817cf5ecf8df9aabddae966fe35787ce43c43f7b28ae4a0d300bd2b1cf6e9e0c18c90c4e7c8df6f2f0852422f80c92509e61bd9a4e1bc5df6fe7f451b85373bf93362278dfe1146057723bf46fe84a1abc280a848feaeafba130f249178f69079b5d0e65e0670d04541804ec1ca995b67f7d03dbfc92b2a7d78f98dbd01b5765fbc8f41436e65f559b50843d9076e6ec55440537c47eda59b5858b1bbf456dd2da6b93bf74afe68864a5f1d61ce56d898bed283d0575ea0a87da46a294ff546285ad19acf8e1aad6cdbaa30e34a4d37dd71e4c9e41eb0dff2b824a190ad881da8362a1444372c8c8792c6a0d4b2c2f37bbe2dd9384bcc2f5e28e22d19952b98743305fdb0c1f2031038f320850ecd1b65110d227344ff6759c066a66ebf9073ccbe962965eec268bac46f98a16e9cd120e64487c6229a78de5a23f37c63d126d4102567a78019d2954c99e2c9698cd0501236d7fd76cd454847a76b8d85bc2bd6f663b3cf17aaa5a9e7433c191d11f52a9dce821046ba59b08a43593d54ba2361e1222aa7e3d427b4fe07968ed5273f9a3f75f6a47f55b1bcca6a19b936ad92d1b7ee74db71c9109d641fcce73c656056d5110c50d1b013d229f943a12f03d61aa41d75cf3d1c52fe1ce0ed05facd916e45ca19b7a383f0db547954c2196ebb7bc0f860ecec6018d8d3c29acb1f41b5c1d3865e4891d447c57e08b55944bb78b1d6db07e29b8f406ba5c7f19db8c2578050e485260321e5645ad8f29fe33833593b75bee6a4159534dbc385c58ec82eff1cf6e66a5f56146af4a338171771366a9da3439668319ca5c6492501214679713dcce436c43aec049d301f1bb5ebb4f82f610665f7118b2031be95a0f5f2a0682afe163eb3b88da657125022f2fdd381cb52a64affb5e96212dc72e9f689c4198dbad70c6431cb263443231bb61120630c5703f4b5b56b38e089a1083dd85965526027637a2173239c98b135edccdf2627cb7f02d1a205556268cb0e3a8a7bddeae1dd4eea5799dbe7aaadeebb711d4dfd970d781da8edb5e398526c2078241fbc2464a8da81fb6131858e9f11ec6f6c8b1f7d99370a5a92148b7a73a02d4437946aab5f413c37be101ff13182fefab251fba40330a09eb11e9bbc4cdd2b15a54df569cd9774185d698d64235d9c706529314b2d86dbddb7219587eada0afcf48866db9f62978fb597e352ca3cc9cabc773b8db628c75b24f7bdb51de8d150d60541d45b555e7b5b86d81d454169bf5efe445404f11c734205ffc3cecfc41ec9c64328c8e5789433860658d6bb1d6dd44ee562572636d717b0171c8c98967132a9e4547ac1fb0db2d04c0736c459bf5fc9062f3f1e1fcb6a76d8a1ce57d2e76ce4b9ebc5cd3b629fa8cb961fc86dec5cf01589b123120c87e37e298315fb1b5cc3f44b7ccddf55a81ffd518919b349dbfe20ffe661fb2f6f80fe6cbaf48243447d97705f495aec848b683c99778637f8451a29d87ba42a44aefd15fc0f146d307c7ba34797318be33a635dc5bb8896e69daee2563db05cec1ff4488365136e43eb7779ecf1dea14bbfd6fedca642ccd3cf9059771eb2f3358d99811b9c945a2b90fc5180d81e3ba60dfa4d98562c3a8c4bb4388870fa83472f1cadac1d6068dc55e4aeb36b157767f53e16db4ff63ebc7d19e980fa822e5a8cbb178a2d348eaba1332c3682123b7447cf32d2785d9e90a3b04a5b8c5d1b3f6175fcfd2964c1ea4def44d2f79bb6228cd6fb94bc3b54a2cf8b04eb8ba69d856c1ba58ca98c777a17c721edf2ee3840db1699ef94365e27b3c7e9013239084621c0f58f616318ac3c25847a07e51ecbf832244a77c3a87b1ffcaa41f15eb04eed46766713e35412ea22691420158011ef4cdbd17d2c626ad789e3c0f074e76f8b8cdf7e4ddf98530b0257ccd829118e61ae836a7fd47fe9636910b0e74c60c5d72a4a9ef9fa7a613e6affaab3467113458edb041a8746bc17450f822176df4a41ba471ab36bc17881b581c00c8947ecc4833ffb388dd5920da102358f48cc98fd8d28e0e63cfac71348a95c288a37b64ddf755443e7f105d72ee9450ddd473331fced2ba3c92393e2780bafa9f7a8a2178ebb3e66d8c3b02ea1f435ff6aedcc224095cb68daf51af5e853ea541fda239bb4f260aa0750c65f8a2e4814d9f5f857e79322860579080c1832bb0c3febd89238f7b9e910b2e1b26b549289d34f959499f08c2d6f309d34fbb2677d63ee690a73663ed50040543863d38c263c9d639008dfe1cc8879265f12f6a190462d075cdd05e93187bb96740ae8c9b7f798a28cde5987ecb328fd80e3b85a1bc3d0fc3e03c3c22531e2cf7b68436b4edd8b10006b7ada2887c7c327ca9c96c3bd5a09bd9f8ff2a35a526f27740bcf80597567e10d06a50ea6d1c119878df41430848c6fec59df23a300ba577cbfb80f2bbfb55fcefb11e8ae0391f238bfc1634983452d7f953347ee557f582b007caa3d4ec7ceb53ad8aedfa529a4dd555f5b66c2d30a391bd5c197876224ef795e6c826a56dea33f1fa538b2f1f97bb0a06a504e4dc79aba0b8014a61cc85663cf08177f5d5e8f26112eab0b00d0f74e5c3e4005cc6c902ebcb77212001839d73e1e0ae95a84b0001fcb5c7a582b5a51d67a6e7d787a29f864282ab03cfe482438eaa88c4ed8525c775c5a33f7bc0884f0aed6b380d4b128d15b953e38ea2b25b9b8cc12be42a47ae7b58954cce1d47c7370ceff7a6cdc3cf7f68ae29f4d0b8b8d0bab1cd5968d0dddc24bad5d717f30e3f891e7d716746776898e90452a2a48754075066bb6ba8b53c9ae044f254717630e703f05442ad315993f5a2ad701cae1383283c50f749a58af1966e734e9eb0d05e22a035afea063567461b2caa712e498280fc050332a0202bc6eaabade3b91d8a438b83653f782f7a63e8a20d2c0ce8da183803ab4b66dd4a3b89894c3f61dc6b0c996ec09bd8cf9e26b29a2d52d3db71c1c281d025b9797bc9d17f87c243b4df83e750f7720aa271c12d9e2499276a07056d5501d5c7e799132bc4520f32078c6811e77c01c45981f4be66310ab0ed3fe6c482ad53d46309c226324ac82a31d97252d31b8d34ff805dd8d30c56092a01e329f833cce09807fb141b243bd2bd338b279a2ac764f558dd221686a38e8db814464b5600c5439a28c1128e28454391171347f7a8cb085bc6d8fa778b2664099903f70bf04fb9d50f281e563988e9e824c41649f674da2f1788e5b40a97b667b5a1b1051a3bf1a38357b4a489b27252ca46facba025da51376c6277a864acd986998773165e0210b3830c2d0a4240810f6b0ffcff80e4c2a2310b39540905b0588984c16d25c5caf1c0007082488a489ff266138d81d3f2f2eb1f761ca90bdb85f1d184e86c5d2da1e0c4592fa0cc6febe2e701a28ec931fbdfb02a8f00b47f823dfadade14ae093101cdda16cd95ed9cad8e85981e4b8529c4a9d0bdaa0bdf6f1a9dd31c8ae9c726e08d7929bdaf12d96bcc97ba0f63430acaf89e67c97c45f778acc0f13c29999858e39ed5ad7cf9f121915de3157e977eb763c4e9c3d104bcfb3e8fa524239da895f6413ec332540040d1bbda6fb867ff03f9d70e0a439ab67d2de726d3989505ef9fd9c24a20d4e52608f87d82d4daa7d6fa582bdebac2b985b2a380ddbfbb962ac1d4edd94bafc9dadb35a470f1f8b261f328db1dc669be5f6259a289717b301580aaea256828518d386fc8a38d0ce61d6a719ecbca0a44a5f698b3aead99dd9d99023039334f66085611fd18e7c01644eef166177ae5a7ee8d32687fd805bb842cf08c6c6cc018f0fe95b3aeb2d4bccc2e20aef13f57b01d7db33e129a1456a94b6c1372898ec6bf1110debefbabf4c40427a194c4b5802e6da15fa1a8766ece1d08d06f56e457dff5ae844abe1d57fe89ee4fc2ed62be73cee531471e40bdb1012cef1b9d44569016ccc4a5a481757ca14c4b69c5167df8749e9b7377b47b1b2734a9cb3dcec250a7f44b1c2c75b81c7543685002351b307d08bdc11dfd9cba65229d6f6fd1d6017d5b6e8838869390a14cfa52e2e5b3c1e6cb855d460021d1b82cb1c506eb2dd4a859cd7cb9890316c98b41a08c1ec9029353abb94711649ac2f424111e94513f7097bd8d00e4053f144166dd12bae8ee7c6d7000289a442271f934a6998a50b7eb8cb24c417a37c7be81fa911cc4499cb26cbb7879a495bc3db168383ade4a16300a3511048c00752067151e4d0e7f9844fa7d3beb9d8bb91e33c76e03af9767300f3029d3a3561ff9ad0984eed82151bad4c23253ef1f24d89fbbe5b089104cf867047dcc48056781bfd6fafa0c5ef4633256ad6cca6102f5ca09fb7c9e8149902eadfeb6817e74ba8ffe251135476e10993174b5c4ce9bbb4bf1e449f356ad8d611e3c589bb4ff7f4ee66f742ccc1490237f9225e11b89d2e0102da6e225857cc13b3ec546041aa8c637f45fbc695abbcf2c6612bf78a3ef8cd562757245d1fa11d67f94eee85ef2eed2ded4d71a03e3f1747d49960ec613021ab28ddc94c32320dd61f9dbfc374b4d16fb0f57e9b2118d1624c77290b871a8a662b96e51820b7a0f48855fc1ff2edc7d32427e8340afe3b9e2abe12a997851a1496eb317d6aa421264fc01e17aaa844b4253ab9e249a988e082f8e2882108519754506c91fe76d8275070fbc4e458691fb3d60a78dff37799e9223f250d395315f88c1cc700442f15258608f662a975fcdb0fccdeeebf0d0567525509c7d8afe540a6915", 0x1000}, {&(0x7f0000001bc0)="95e3ef920cc257890a0ede4707672592bfa83d7d164db62c6e6983b3ca", 0x1d}], 0xa, &(0x7f0000001cc0)=[@op={0x18, 0x117, 0x3}, @iv={0x78, 0x117, 0x2, 0x5d, "bcd51d49d54323db9a231734b2f241622c4f519275c3220d114f07eb58dccadbede658dcd79790a2c2dab8d2f37c30a84d81905d41afaad8975e5179ad03dc26b0130e54fd98409d7b8fa87e24621aacb464fc121ce63d2c920bdf0acf"}, @iv={0x1018, 0x117, 0x2, 0x1000, "5943b34833818270e5d6b634565ae9fa84f452ed9bc793bef4d76d71b9c7b1213fdbdf2eb40356a193441a423aff40245373df2be5cca36389b04de5cf836656e6030a1736398fa27b8ba2e6fb199cccf9ffadbeccd98777d79835497d2a939812b7e9b47f6d085a116b817ddcefe41aad9af105637d4763fdfe1b19a3facb454949860eec2d2cbbcf10dfc837dfb1319bf745f0be685754608c963d7586827dce760268649012bf2016370234ee759d5387df18c573c56d6cc8d116ea3471b61cbb4d77a4aa0a901eaa807ca01caa669639d73c25cbee3e3024f8f42a8f3130279c67ffd16e7cbf69badee49f8e1f66f990233bfadfbec5193ccbe7446a6734547b9bf172d94f97e86138451d8f256e77e51915bea5c6546bf6ac36c8454248ed72c630c172e197a1e54beaba4fd6783541f692bb90981ac5b4227c3b16fb776fa08ada3a3cb5557417c671ad41141ec78eaa6dd0a48b12aef69beb6b5bda9cfad57de0014a5dc726bb5117f55f552c11635832223385de04537de67aded15fc531e533580e1b6cfd968c244932224e55cf62fc54f3f74ca33c9354cf479b00762189402d1e0fe454970534cf9878d25163a861f1265c83c46207895b957ddbc8eae6adc9c240b4595c99278c10850e33a6baa2820ec047adb38e700eaddf02f0a147b5832d3213d0efcd367141dce85c9606eab29c2a5fa0bd8202f83aecdc3c16daf97e1ebb58e931717ed986cc9384a60e10b494e660e6ef4c9121e86b1354cfc2f1ad4e48892f24c9a0b3f9ee8fc97dd008df6b4b79f6f25ff9ee9776868b4396f32afc2e13aa6e3346df55c2afdc6cb3a7c1786948615322961e78ca6d627bd7deee531571e8652af24555555e914cc218a79408519e932c0bdfa6819408f0920d3678d419221e95b8e5ba0324d3a45cca00fb71a51d4a7b5ca8b08808525fe69935e39673d846238f6d6c14940024e0551ab496e67d89e1835f62318b8a3b1827cff9806eee46e0e47840af2b76b9ef492a10253eb274763c215855ce57bab5a7d0aeca8f578d7bc54fc0df7afa3692051ddb82929f672c42bcf3beab5e5ffe6a7bc45c4b75d7c0b7f16dd83f641b2fa06c438c2721ba485cb24b3ce84fd21eb3bbbf25050b676bedaecc4e014d2c0ce8bc9b8c78ad2818f430e42a162b307ca2775b2bb433d4d7ff880dfd7017af7f91d3e8c14850755578b0468a172a785d2580100f51a999983f2644e642537b919583b5a88067959cf337889d42d1587c838b892ba937ea7ee65ab51eb6d6ff834d9dce929acd449bd1cee03272c45d7f9707b651e5bce4bb289ebccf5097fdccb73dc1f6446973318eea48090e6a7d04e1a0777cbca1cea1d6e3b58f42eee36d3a5a55d884c16b2c5ac3499f745c5bed4858457d23d43e99bf6f44a7aa9ebab6099ac8fa6dccebe14b0debc0559c8377bf242dc0d62aa59bfcdb35c6100f07c0f090d84720ae7d601b4d6f49a02a4bc8f862adf8e583bae2d56c3759708e0975a0c17b06d3b899d7799b8dcf3fa394e19015efaf5d687b5e8a350dcc87ac311b2f3ea2bbcb72b6d6cf3a74ea3987f1a9fdb08e41ab7ac1f32ffe7dd90fbe398912ba6771f640f62aba2791583b11156c3ee4cc3fd7a531354fed261766c0a1615cefd602219c96e46d7dd13caafa6cf2ad49cce23d08018b7a26918f0fdf7804400f70feb239df7bdaa1682a31cb6fdbbb0a5232dfaa946677e440a79b5a2c95ac76a9c91b50ced9807c6449973380f0a4b22f6efba357241115c66e7219b826ed43caeb9a6d509b426ff84df9098453eced303bd2b3ef7a4fb82180c17a7cd99174ba133d5f0c29fb5f0dc0504b272e90e9104636668e62d95bfc9abf5a1a95f30987ecaa5afaf6042dc106b12a44b1454e8b0b5e60345f273a7a07c975359aff6b97824ec495bd1b7ef4b82be6aa9c96f49bed31a3336ec83d13b44e55b69116413cb56266c31da67a3a6529e1dcec44d2df6d7c5dabe4d8877693a5671efd29da7144ecffbd256634173c43973d43d8b81b8b36f673956c7b7b41535a7afec5960b1532b25e793bc0b1a9ba873d9d85511fc1a84cd21fa11e88aa7ead5c045f70b2d39a7446879dff818378f3d7b02135a1520006cfb534369b1b2096b7ce8e7245ca3c3f3e28f3f1483933d098502ea394b0a87e297939fe3e48e4f6d63b91ade475a546e57e6598c130ea3e7e5e7909f077b50b01e20cb0ee50ae33b96189e6c29507a293e92522fb71f61b4862ed3887abc0e9f3ba6648d46ca46be04e4c0e49f9d749427f6c12fbd0a34decf5be2c2b6eacf4609199504404c832a79a2d6e3cbb9bae034ebb3786b3de991daff3c33a21391c489889ded4aaf433567dadc0d8b3261535257f6656b5363949ae131889ceac685e475a73019fe875b26c827a73e6feeccc43cfe065b4c8440378ae54d7b68ff3a68d77b89ac068f4105057edc315029e778d473276c3bc941a9be92baf8a78cbaa9674c417e8431a5433a0f838c3ef96ea3c32067245168d8965175a5482d23dcbb94f85815719abd5d95f9ea247e987f9041aa229701453d29146e3e0c32039ac5c62a63f5d8a17d42bd422d20bc783e5825f71fa86842f235d14b954bd385fc6a4feec916e8baf4235a6b7232119118435295e95ce7629bfcc3c7d4a1bacc7c492388e93bc4a20267e69794069ceb81d5cf0a6109450ef6138843db572222a10dcaab7d2460ef92e10b97bafe47c33134cc54be585d538e49ccb39cb37135a755c60f96d202b6cd4481aab9ad893422579c54e2b2c85931149611d67a489315a9580e294b40a7fd619baea09391d53114c08b21ec3a245e05422375b3f73ad825014bdc51c2bdb9143765a6f9c8a36f010ca8c005a7f805d2cebbb836eb9632c56b7ae48c6a0908b4ffb2370873530b70679012f3cde56485b2a7e604a94bba69b23a24ca71d71583102f9b77b3767c14a5ce429b85062c7f5617675d211973819b8fb8d1b1d3bfeb2d05a8391fd7787ba964625c43e24ff70d93a68cca0438abe3468a77ac54c65507a20f3ef6191462a2afabe7dfac97fa0875af0f574cf9b2a0ddff7bfc80a51ea1e46d2bc15b51336ffa629c962565b1c49402670cd70ed79959ab78af0b58730aa1432a38156dae16f5bc9116d18629375461947ccf3d3bfc90a53f35f2c2e3eb89dd903538d8016cc0796734d272fcaddf40c435665eb9a2adc5d12f6f8c28d15faea8155a8d302b66b73fc55748aa55cff291c04e87e4b83cb2be9d032ede0a75fa1815b86a6fc371d63100ba30939a3d3da007adbbe2fbf13c19730eea6a048ed9462e90b48eecd9a66093b380c415cb2833047e2fd360e73cd6dd2a59667ed993a6568fcd36b202b40a4a8a6a0160d25dd56cec830d63f189e3e6f14fd5f0f7c8251539a47a5605dd9bccd97deab335be313290eeea9d069574994cff454c35965b8795a51fa9c08657befec6865a473040b1cdb5a11229014b578a58c01d46d62408252a617d82a692db3b082c3adf430de6b46e81270021714329497cb0cb6afe700e950c466da9ea4e3c065b27c6d10fc2d63692bce9e4da56c7c38e8468cd8887769b2b1e61061324bda948ec7e032fedbcb0433fb238b9f6929bda451f7d7bc5e2a624499aff8b07ce17b4efd0f042bb3b61b27dfccd16d90e1bcc324ad0df7538b27c6e1ddd763dc1043c8d8a32d07106c5b5dab92b691e4cd7b839bcb4f0d6638f2c7c20fce4cee30d282237108f4c995538b1a68f1e13534f69c397dac128786cfaad76e557c95b86f27de70c6160dfa356a47ad05f62d25c9e1a4ebd61b7aeb584a8efa22a7ab5cc555cb382c774fb2740af52a2383b6ed9e38bf27040183a396f158475453d97815663c3c3902830c10da8080a52e7a1900fce3a0e49270b170120c2e7f12ddb1341e25fdac24b79b145da35d9967ae34ab83f94f2a25b1409969d1f767b0fbc89882296dfda6f865e3484c9d9a52e8d20b3fa3f984b354b6ac738ec535f8b8cbbc32eb6b3fa4b032ea2c4eeda357ddaa2034ecd71257b933cce82e75401e95c0ab99b731f0635d3e2652a23fefcd5c9f9e58c3c22583afe36e11c81f8e0c056e73d882c5e854f6e4837693eef89e7edb1079e1c5f3637a70918aa87d79fc843e6e9970137d27ed45b58ebe9906856b3b59b81572d2b02256e80205adb6402e3a672593281b1dfe782166be5b67f44c41c4b3ef059e9473231e943636cecc2a5703ac5e9c7dd3cab37ad609f786c467d6d725e2bf8e8d9dcab17038593c72c659c53458c7b40da05e5b407c637814e2d105f8788bb6257e0996b06509d88853179a4ff6fd5b46010c52bcfae6ace05588ca6cef8bad7ff89e7cbb73b5cb4e026a95b933d3d8eff93cc91c76a6d9678d4f96c9e89b533f8e00f75006ed918618435d9ca1fcd340bb235e9a877c1bad9bcda8f1268fba67cc10f00c6203723ba8f12d6539f5c1014eb4176a3553bff735c213c4cf5a81467f58281d258b9f7580fa2a0e88e5f0a6199697705779ea09de410193467d0bd1b3150c976b95fde296ae04315c437ae31c7db39495bb3f9b0daabd03f1e2358256f03fe4768da755241ec3e724f8fa672ac6ae38fc2718040020f43c290aaf0459995d52445e731b7cd7feb695a8d59c87d335f91e3d5069988f3a691f2ee32ff8f8a8e93b9e0b2371a727d031a40205d8f3138cda888c8f76f2505a77faffdeea97fdab044e3a85596bee06a9298e308c0879fd3b18e446670267795a176648a1694ed54bf5b9b618c16dbcc795bf0adba25d9baea0543fbbc3c656eccc218581558c2f92ef2c17753350d25e2436b2ccaf583caafd565b0db430d05fbda815b7fb28a5306a4c77c3f2f5fe2f0efe32796984760ac8e27d1fa12f16e59b3da9d9e67ec5e697987fc98adbb8c436e0680fd967aed65b635a813507c7f481c62ac68b8f7cb424c7440a808240c8d9372c66d966d3d26e2b26313598a5ac185b74d8bb5156b575249c426fb96450a7319c4a0e281beb4ae4df57d58f13296859f7f270d63aa7d47d7fa4ffb4ce923b4ce1a71a5f6744a2935865355a17d6cf397529f68749c3a955b7e6799eaef7f5cdca91646d06a28a12a15c3190d0c637b62bfb3d79b156788aaa9f2c36bf400e2506a7fcaacb39c30a9b881eb9e6487dba3e137253c3a48629a8575513bd5447132291d41186163ecf829f40a03f5d0ca42e51496bcbf1764b58c5a26d64a437ada25180189e4c09d2d9c65abcde99824e8d3370ba8b649b4ffac07d3ed112b9dbf8cc378006420145334d727b01487e9ead78ffe6cab249960b4baf9b41bdb58215dedef5c4cf731cfd071d45529a4a20b6848ff68c5e71e3ac215b43208b9dbe750b6f2ca8d0a07f02dd440200e15b78e4b156a693b1e92d7b8d5b07eb57a34c7575a6046bf6e6708b296102a6b1c8bda2d2e7fed5f4ecf8b877291d7f0fd037633cd72f8471dbad56d7dab6c8b8a6fa2763efb7b26516a68f785ae726799bd33eff303797efa6e2233ad99656ee233d1eff4fe5e56945e77b42b0efeb8b4a83933127ff2d4c31169f9aa7af8ab85425fdb98e7f15d550c428ed8d464a69eb3c3037cb46a7e3d5bcb25a2d1bc77b0a804e0ca056649405c0eb9b34168373598d292f900b682cb8db0abe87d42a9d343e5c4d596712f56f18ba679d44da267f316b5dd03c91c708a4a4c07c80fbfe66ca39110683252f1beadff0fd1c7560997c991f0906015440ef034d507229bbc847985b8a3512406820498d"}], 0x10a8, 0x4}], 0x2, 0x40000) sendmsg$FOU_CMD_GET(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x101, 0x0, 0x0, {0x3}, [@FOU_ATTR_TYPE={0x8, 0x4}]}, 0x1c}, 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) 14:36:41 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e64300000000000c3ffffff00", 0xfff}) 14:36:42 executing program 6: r0 = socket$inet6(0xa, 0x1200000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000140)=0x9, 0x9a) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29040000], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000000000)) [ 3081.569836] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3081.577337] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:42 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6c00000000000000}, [@IFLA_GROUP={0x8, 0x1b}, @IFLA_PROTO_DOWN={0x8, 0x27}]}, 0x30}, 0x1}, 0x0) [ 3081.633193] netlink: 'syz-executor4': attribute type 4 has an invalid length. 14:36:42 executing program 2 (fault-call:7 fault-nth:90): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(0xffffffffffffffff, 0x114, 0xa, &(0x7f0000000000), 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:36:42 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={"626f6e643000000000000600", 0xfff}) 14:36:42 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0x2, &(0x7f00000002c0)) io_setup(0x80, &(0x7f0000000080)) io_setup(0x4a, &(0x7f0000000000)) io_setup(0x2000000003, &(0x7f0000000340)) io_setup(0x800, &(0x7f0000000200)) 14:36:42 executing program 4: r0 = socket$kcm(0xa, 0x122000000003, 0x11) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x40002, 0x0) write$FUSE_BMAP(r1, &(0x7f0000000040)={0x18, 0x0, 0x4, {0x5}}, 0x18) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x234, &(0x7f0000000240)}, 0x0) [ 3081.755690] netlink: 'syz-executor0': attribute type 39 has an invalid length. [ 3081.763296] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 14:36:42 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x63, "eaf86d9a87f8292a1b32ceb52435827a68f4b2c6ba3e467b351af9356eaa43f37274ec88b3a9826f6c97e950900142a9d02127ce3d254d24e98e0e68f5b65bbc3f4b731b82e7b49540d808ef9d9b2eb744d39901b289c92e3f0f58b5e412ffdd4164e4"}, &(0x7f0000000080)=0x6b) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400400) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f0000bd7000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@local={0xfe, 0x80, [], 0xffffffffffffffff}, @in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}}, {@in6, 0x0, 0x33}, @in=@broadcast=0xffffffff, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{"6d643500000000000000000000000000000000000000000000000000000000000000000000000300"}}}]}, 0x138}, 0x1}, 0x0) [ 3081.863338] kasan: CONFIG_KASAN_INLINE enabled [ 3081.868473] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 3081.875874] general protection fault: 0000 [#1] SMP KASAN [ 3081.881422] CPU: 0 PID: 10837 Comm: syz-executor5 Not tainted 4.18.0-rc5+ #154 [ 3081.888785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3081.898148] RIP: 0010:vmx_vcpu_run+0x1328/0x2600 [ 3081.898603] FAULT_INJECTION: forcing a failure. [ 3081.898603] name failslab, interval 1, probability 0, space 0, times 0 [ 3081.902889] Code: 91 00 00 00 e8 89 cd 5c 00 48 8b 54 24 08 48 b8 00 00 00 00 00 [ 3081.914147] CPU: 1 PID: 10878 Comm: syz-executor2 Not tainted 4.18.0-rc5+ #154 [ 3081.914160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3081.921752] fc ff [ 3081.929109] Call Trace: [ 3081.938441] df [ 3081.940590] dump_stack+0x1c9/0x2b4 [ 3081.943137] 48 [ 3081.945013] ? dump_stack_print_info.cold.2+0x52/0x52 [ 3081.948607] c1 [ 3081.950484] should_fail.cold.4+0xa/0x1a [ 3081.955638] ea [ 3081.957515] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 3081.961543] 03 [ 3081.963445] ? kasan_kmalloc+0xc4/0xe0 [ 3081.968521] 80 [ 3081.970397] ? kasan_slab_alloc+0x12/0x20 [ 3081.974257] 3c [ 3081.976129] ? kmem_cache_alloc+0x12e/0x760 [ 3081.980251] 02 [ 3081.982131] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3081.986424] 00 [ 3081.988298] ? kvm_mmu_load+0x21/0x10e0 [ 3081.993185] 0f 85 [ 3081.995068] ? vcpu_enter_guest+0x3aa6/0x6090 [ 3081.999008] 8c [ 3082.001141] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3082.005604] 10 [ 3082.007477] ? do_vfs_ioctl+0x1de/0x1720 [ 3082.012457] 00 [ 3082.014330] ? ksys_ioctl+0xa9/0xd0 [ 3082.018359] 00 [ 3082.020234] ? __x64_sys_ioctl+0x73/0xb0 [ 3082.023832] 48 [ 3082.025706] ? do_syscall_64+0x1b9/0x820 [ 3082.029741] 8b [ 3082.031615] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3082.035640] 04 [ 3082.037515] ? lock_acquire+0x1e4/0x540 [ 3082.042839] 24 [ 3082.044711] ? percpu_ref_put_many+0x119/0x240 [ 3082.048653] <48> [ 3082.050528] ? lock_downgrade+0x8f0/0x8f0 [ 3082.055073] 8b [ 3082.057123] ? lock_acquire+0x1e4/0x540 [ 3082.061261] 98 [ 3082.063137] ? fs_reclaim_acquire+0x20/0x20 [ 3082.067077] 40 [ 3082.068950] ? lock_downgrade+0x8f0/0x8f0 [ 3082.073238] 57 [ 3082.075116] ? check_same_owner+0x340/0x340 [ 3082.079236] 00 [ 3082.081115] ? rcu_note_context_switch+0x730/0x730 [ 3082.085404] 00 [ 3082.087284] ? kasan_unpoison_shadow+0x35/0x50 [ 3082.092174] 48 [ 3082.094046] __should_failslab+0x124/0x180 [ 3082.098594] b8 [ 3082.100469] should_failslab+0x9/0x14 [ 3082.104671] 00 [ 3082.106554] kmem_cache_alloc+0x2af/0x760 [ 3082.110323] 00 [ 3082.112203] ? alloc_pages_current+0x114/0x210 [ 3082.116311] 00 00 [ 3082.118198] ? mmu_topup_memory_caches+0x2fa/0x3a0 [ 3082.122743] 00 [ 3082.124878] mmu_topup_memory_caches+0x2fa/0x3a0 [ 3082.129772] fc [ 3082.131647] kvm_mmu_load+0x21/0x10e0 [ 3082.136366] ff [ 3082.138244] vcpu_enter_guest+0x3aa6/0x6090 [ 3082.142009] df [ 3082.143896] ? kvm_vcpu_ioctl+0x1ea/0x1300 [ 3082.148180] 48 [ 3082.150057] ? kvm_set_msr_common+0x26a0/0x26a0 [ 3082.154255] 8d [ 3082.156132] ? vmx_vcpu_load+0xadf/0xff0 [ 3082.160774] 7b [ 3082.162649] ? lock_acquire+0x1e4/0x540 [ 3082.166673] 40 [ 3082.168547] ? vmx_vcpu_reset+0x1040/0x1040 [ 3082.172488] 48 [ 3082.174363] ? lockref_put_or_lock+0x6f/0x90 [ 3082.180535] ? lock_release+0xa30/0xa30 [ 3082.184914] RSP: 0018:ffff8801a2d27370 EFLAGS: 00010046 [ 3082.188867] ? dput.part.26+0x248/0x7a0 [ 3082.188877] ================================================================== [ 3082.194275] ? trace_hardirqs_on+0x10/0x10 [ 3082.198238] BUG: KASAN: stack-out-of-bounds in __show_regs.cold.7+0x2b/0x54a [ 3082.205580] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 3082.209786] Read of size 8 at addr ffff8801a2d27320 by task syz-executor5/10837 [ 3082.216950] ? lock_acquire+0x1e4/0x540 [ 3082.221504] [ 3082.228934] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 3082.239486] ? lock_release+0xa30/0xa30 [ 3082.243450] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 3082.248725] ? kvm_arch_dev_ioctl+0x610/0x610 [ 3082.253209] ? preempt_notifier_dec+0x20/0x20 [ 3082.257698] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3082.262530] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 3082.267541] kvm_vcpu_ioctl+0x7b8/0x1300 [ 3082.271593] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3082.277318] ? lock_acquire+0x1e4/0x540 [ 3082.281285] ? get_pid_task+0xd8/0x1a0 [ 3082.285161] ? lock_downgrade+0x8f0/0x8f0 [ 3082.289560] ? lock_acquire+0x1e4/0x540 [ 3082.293522] ? __fget+0x3eb/0x670 [ 3082.296969] ? lock_downgrade+0x8f0/0x8f0 [ 3082.301113] ? lock_release+0xa30/0xa30 [ 3082.305075] ? __f_unlock_pos+0x19/0x20 [ 3082.309039] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3082.314568] ? __fget+0x414/0x670 [ 3082.318013] ? expand_files.part.8+0x9c0/0x9c0 [ 3082.322587] ? kasan_check_write+0x14/0x20 [ 3082.326822] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 3082.331741] ? fsnotify+0xbb4/0x14e0 [ 3082.335442] ? vfs_write+0x2ee/0x560 [ 3082.339146] ? kvm_uevent_notify_change.part.31+0x440/0x440 [ 3082.344844] do_vfs_ioctl+0x1de/0x1720 [ 3082.348721] ? fsnotify_first_mark+0x350/0x350 [ 3082.353289] ? __fsnotify_parent+0xcc/0x420 [ 3082.357601] ? ioctl_preallocate+0x300/0x300 [ 3082.361997] ? __fget_light+0x2f7/0x440 [ 3082.365972] ? fget_raw+0x20/0x20 [ 3082.369413] ? __sb_end_write+0xac/0xe0 [ 3082.373381] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3082.378906] ? fput+0x130/0x1a0 [ 3082.382174] ? ksys_write+0x1ae/0x260 [ 3082.385964] ? security_file_ioctl+0x94/0xc0 [ 3082.390379] ksys_ioctl+0xa9/0xd0 [ 3082.393820] __x64_sys_ioctl+0x73/0xb0 [ 3082.397716] do_syscall_64+0x1b9/0x820 [ 3082.401605] ? syscall_slow_exit_work+0x500/0x500 [ 3082.406438] ? syscall_return_slowpath+0x5e0/0x5e0 [ 3082.411357] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3082.416883] ? debug_locks_off+0x40/0xb0 [ 3082.420946] ? prepare_exit_to_usermode+0x291/0x3b0 [ 3082.425953] ? perf_trace_sys_enter+0xb10/0xb10 [ 3082.430612] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 3082.435450] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3082.440626] RIP: 0033:0x455ab9 [ 3082.443798] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3082.463022] RSP: 002b:00007f960e1d5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3082.470721] RAX: ffffffffffffffda RBX: 00007f960e1d66d4 RCX: 0000000000455ab9 [ 3082.477975] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 3082.485231] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 3082.492488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 3082.499745] R13: 00000000004bdc94 R14: 00000000004cc6d0 R15: 000000000000005a [ 3082.507016] CPU: 0 PID: 10837 Comm: syz-executor5 Not tainted 4.18.0-rc5+ #154 [ 3082.514373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3082.523726] Call Trace: [ 3082.526308] [ 3082.527927] The buggy address belongs to the page: [ 3082.532851] page:ffffea00068b49c0 count:0 mapcount:0 mapping:0000000000000000 index:0x0 [ 3082.540990] flags: 0x2fffc0000000000() [ 3082.546487] raw: 02fffc0000000000 0000000000000000 ffffffff06340101 0000000000000000 [ 3082.554379] raw: 0000000000000000 ffff8801b0163dc0 00000000ffffffff 0000000000000000 [ 3082.562259] page dumped because: kasan: bad access detected [ 3082.567962] [ 3082.569577] Memory state around the buggy address: [ 3082.574500] ffff8801a2d27200: 00 00 00 00 00 00 f2 f2 f2 f2 00 f2 f2 f2 f2 f2 [ 3082.581858] ffff8801a2d27280: f2 f2 00 f2 f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f2 f2 [ 3082.589219] >ffff8801a2d27300: f2 f2 f8 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 [ 3082.596573] ^ [ 3082.600980] ffff8801a2d27380: 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2 f2 f2 f2 f2 [ 3082.608339] ffff8801a2d27400: 00 f2 f2 f2 f2 f2 f2 f2 00 f2 f2 f2 00 00 00 00 [ 3082.615692] ================================================================== [ 3082.623064] Kernel panic - not syncing: panic_on_warn set ... [ 3082.623064] [ 3082.630891] Dumping ftrace buffer: [ 3082.634413] (ftrace buffer empty) [ 3082.638101] Kernel Offset: disabled [ 3082.641716] Rebooting in 86400 seconds..