b4335911d4"}], 0x80, 0x10}, 0x200}, {{&(0x7f0000002d80)=@in={0x2, 0x4e24, @multicast1=0xe0000001}, 0x80, &(0x7f0000002fc0)=[{&(0x7f0000002e00)="be0c222e7ec1615c19b582", 0xb}, {&(0x7f0000002e40)="cae85e02c8285996270e81241e62c283245e6246619cf307db4717ca1164f36e143014e8b2a39627a1d9dfafb0225c9d190bfcd1e9", 0x35}, {&(0x7f0000003500)="012373a98d05be2f092ef8f674712c978d662f253143063f1c5f6464f8ec4b25032410ad3348e1b56782c59d5c001462f34a25d42aba6c7d4839fd32d51db22efdf5b24bc4690f8bcf2575db90822eb26bb244d3648186b0d76f4606861c151372cf93e9828bd158ed74629d107079657b13ab998ff3196b655adf8e32fd6906faf2dc1fc440b115151d4f981015a835508260fd3dc869099d4d534662744b1c74edca7f488cba2ddf9e5b61b26d46fee2bf9b99c1ba3d8aa1c7dc0d504cb8e35622817cc883bcc207901cd2b30ff69dacc93954fbb62f57a9ae46ce4aeadaa09fe3890f73db351ee7611e7014f87eb746ccbb508af6551c2e7c334d2b26978a987af08dab6f0ede4a84ad2a4edf6090dfb52265dbbc606dbb98a3966b023bc50ce23c02bea8ab761dd3ef8b5a914444ffa0c1e717262c846c82de691bc21a5cb8c6fff88b602c0ac75b9a8b5a2ab4c7fa16288d4554e3b7a6407db8baf4f734a6d0c46fcfdba2fc9b57339338e8173c78b73c4dc4afb90067275f83317c43d4477f386f9e1e8762052b04910c8f1d2d57ba774cb8ed30d83dbd1387c23efc400081e8be93edc78f83b69e0207ac2f6eacbe3b57dd1b40908bbc06dbffed610bfe6146ba558b6ea0e22941d01fd718ae88bb2b8780eecf69c828e72c9708fd9deb880b6f1ee315321fd207dcf5586cfebf01a60c34d23d7b808354254b5b1048c9abbf2964bb0b3dcfd1125bef0406473abbd68da7b66bdfc772c61b1a7049357346b796c9bf1ca12c668da254d6c5f59d501e46e0f793a7e894f44c863361e709897391739ec16b5b701f46da8aace7b977fef020d28d6f56ee7027169552b5eb6dc0b5930383ece59f36f12ae78c849ad6f6f6b3d51bbe5cffbb2b7f830d1a6089646f96a56521832cc4bb8346de371e6d53632a0b9bd09c025ddaaebfbd1b220a063cb5c779fffeb398a409f1f068f245554d3f1a9d9ffecabc251f1dbfa23e40a8bde2af742e05ed59174b7953dd1eaafbd5ae6ef6d4fbc1b874ce89de12a164dbefc83203e58718c1f7423f3d4e204b85483788ecb27f721869514175e0ec8a80ee99efff1d1adce506939259f208644581e4a245ad05abdf62a7a8e85c6abc379e1064787370e4457a2b100ef5feac9ab24cf916c5507235d88c2f7764d8265f922115167a090604084404eba8b3c5d9fe88c8bbf0e78fbe4b6d71144561a904a9602fb1d7f30419be067625316b0dd39b71f3703f858935a2f465ac9867d7d9b59e5f4c39914b8b16bdc4c80dbb21707b96c22ad1a46296e07e9da397fd1e65dfc35615632b368eb8046387b7314b974c91997f20407b6b539801259739b6b52529e11638f6315ef40d365938597a8d6c6d9cb0db5664708b938f4d9b5c571a9af436d1fcff0052c404ebb636cd19b094ddf90b41a29a9f84363e803ecf09091935ff1770681d75201581af229e27e15e0ada7f8bd921b8e4f4f59d58544e1f9a0d524327d6467cff3ac05670189543b88de0cd419b5811dc8229aef97d0a1cb996612b3698574f2b30f92e36657f3394645f9197fe5d2c5063554db45473ee3eb993068ac1faeaad5073b94f003737ab60cc0f794aba1f332f50ac997722a39d5b8e959da5132b8a78b95b4ae8851db9ac320634cd859811491facd2962fb2e31a582d8541c4a8706a2a855c0efb0f85b251c56c529c5ea44d57197225f2012b4f158665bf776d963a2486c06d30ac69fa449f7238b15dde781a51b9c1beea2312d2be33081a20f4d172c66c08b0ba44a690066efe5ddb0183c106d940d356665b57f809f53a3ea97527a7728425574933d39e163b2443943dd523ed6247e5c40d7e0884783338045d48d2bb035023ce0804273ee98ebb4a8818d3f8d5f3850cea91c554595d50531cbf77cf45035354418213aba9b0c0a06ca6d91ac0e56dcc83647dab74e364c0e2bd47551999f5d2e0fe400b35a05d925538d0230b37d64810d93f7f5d8f344b443d45ab4511d4f0977153e510daebb8b9ef1d347048183fcfc3ac103ad18edc1634c75f976f2d3bacd6481515000f16e27f6fe70612a56fb46329b9716b5a641b7388847ff88d731ec0540beef41961fbe6bded9746e54bc8477d31bec3c81aa241270cdb323a80e53ca462959ffb9e927509c38a6d907e9abcf332a48c15e0640a793824d81fe700db773885618dd7ab9bbee028394a802b4a0c9547991950ca960e7d67efb35260be595ee8e9bfcb93abe32f121deb1804da00263e3b53bf353e4fa11285886205f6d367eff9e186929cfe46d94f1c895359f37cc91ed1d6211bc87841a24477a702ef56cc2cc858b580159ba33934022524261752b19f9752aca9e8b84fef6428dd1adbd86f6cb674f337c2b562cb6a52c3a8ec3c5f061bb1e72682b3a4dc7c9f605bab6d6722f13163e91cd386aee7ceb2600a10ffae5f899bcf6f1f3dbe053bc3dd7373909e8ab4c70cffa62296e801b45efa1f1a7e921b5730a673b500927dcf7b4bb756d411394e13be3b8e1555d813c2e5263e0f66c818d117bf99f342d0602846ce023162377d7d9f2a26036ffc864036b0f2f7c7fc315c2c10d5a344c5cbbd4447a577926b1b50cf3c5112c5251ef1627908de913e5a17ebdfcd6191a80b48ff841a3cd6813b188f7468ece3bafe00c8a12ea357ad390e826b3199505cf16f2ea00cb20eab45092abf276652f5af86688a053025a0873c19ecc7073c064d620fa50dfc28b026a57edc3d5bdaf5ee32743829c28876ebc37cc508b60ced656e519dfd0072c28b01e768207160e11c0ccf8fd12704af79b802b5c8598ee60fbe96ab6d91039859bfdaa6f685cede7a433b03a7dbe2c7fa7252117b132d5a559a6ed50ad23781398ba1ee8bf5cf562adfb61d4533ea4601aeab2d69c9c12b2128d7e63554f2e537ffd72a6408a8a6f91999b129674cd5bf02fc98b799223051922f2bc954f3aeb91ff472f5206b8b43fc7b070fbf1ad393282b0277d2f801c981860174a77006471ea1596f4cfc4d9c3eed8c99faa1e1fa743d68944fecbf313785292f054ef36c1a37bcb5b2c49a6887b7c7ba5d7da5b9c3711a737ac7104f0e6f5149d1c4d084b64e37d7df0c170773a14af9cc3167ffc7b70464a061d0c955216e1ab0552474329dcce2910965e0e237706ed3218e8a03438aad981862d073d9fc582adc85c5155c3ceaca7fb20c2710484a04e4b042427729965aaeacf9561caa6f5e50d6ffbc28b4dce565f00241d7cedb26841fa8bb3e45cb089430b1d64c1d3f37654e2f1d8231db5098748b2b38d69495de8eb4a71e15e869446b836d8c2a50b31c14e1bea81f2ea09ad78e4bb14aa95b704adf5f93a972889e3b078eb3d2dc20f969e75164ba17ccab0bc4afa8c511da6f88d75fdd3b4cb21c5c76e20cefbdfb311f5f9a9e636b034c730068e77821f701804f982a0c5ffa788f58adce5c3f4dc899f589ffc32d389fe601b1887830db0f1ee76f961c996888185f06f7bb87cf4e6d7f8f3c1ff1485b5fd091f74f11725e8e33f69ece6532eefbd50f8343237c7f6697b5c36bf0ff8ec8e939fede2d7dcb63c1de01244326d1cc151ccc1e4473b50b55c11eb58570509cde6d8e456df7d43b997b82306ae8d3cb5e54ded5ce4de80f218f245fb72be9b13c81661e4443e6de0732d34a8b6a36a73322d6a568982d384d8f4d149ab748bfafbe703406327b168733cf24325bfbef71fc20bc1ce1dda9d6814e1e9e42dec81abdabf805c766fb18937fcd83d9f8cc349b95de1903c0a788af894244f4581575109336570ad1f0215b3256fc8d349d062f93b1cd14a5bb9f430b202dca86bb8cd4b5dd1c59215cc1218b7695253a696888b3fc1fa0e1573d89c8066895b524564c9291b528b149e1bdf7d06fdd078c9756bb27556065caa96ab354802acd57828cd73da0a021382a09cf36e5b810ddd6588a48aff14e4f1a1015d804503ed83fb767c6ea76dab4d30dc58356e74019f200dba9f5c21c496d364864c2744eb4ad95c44ca8efdc73126419d1f8cf8eba25167dbe4820c8abf3646ebd150a1d43ce436a21aa4c48707ac5b9e36f49634115cb69df9256097ad3b0e8ab09974bfe3049cbfbe2a001866515c61a2733738f9f67daea306a1596189ac55b1e1b4e84f76d722973f891754ea6c472ab8860dc82023be3e9741fb3afca7a60f79765c2e8b8793d0d3d5f851a32ec7ea8cb058d4a3fa691fd16c209ae25dba3434031fe18104dc4d78f29b9b61ac515b884f22c06633c4f8de74710e3802062d4bb5107f57ecfdc1e57e0b462d477124ef9b9250450e8168a693917c22accfc6f859f118f5fd0bb23bf1035bfb02cae408c689dde3772ee9639e35a430f2db6cbb14711aaea50ed1b53514f400b04ad97b07023c330d9e7c928567328d6cf0ad1869777f323f4aa3b14848a8af488b2e4e7d6335f9b61ae945f589e31997a3f54bfe642aea410d6d76791a2f556e15294dd63a9530f1e9949caaf22158a747d4611e5af1005861e2e16481cc8ece450c655c381a6cd12dac1a130de049cbb5f29f348109bf3374116648aa7e77feeadbcf286d6bf0974961feae7350669518bc08694204bf538ab586411da9c2df35e7d3b0d659aadee67c79836b1683f5d090a119a673c9a99935a5ed7696c15d61df009595837892f9cf1c41280f86ef4a4dcd5b445f9b92d0570abc6fa384da16122a9ee079a435bf05b04164dbf87b69544f6b1beea71c928174782c5173ae09c94d33ede686611a54d811dfabaf35f85d76407f2b09b6e7a88eb60817cf80db5c3e1636ecf7e6ba49c89639f9aa0cd8d0222bf16eac6614c246f142babf61cd12695d8d9428a4e0599f4b0ffd83ebaa3c7e391103f185cc789253dc2872f5c6c4dd4cc0ac58ec3ce3ff7c23c8037aafa5ae39892c510eebd270a11aaa4be802ba88c355ddb04d3c9981fde5e57cf2bf84507f1b7208a04563720704d4acd8379bf3316338825e068166efb2a756189127acbbf04d20cd76260590d84582cb109926bed1d6a777e830779128733e776cdb455cb4210b1c63cda51492cb3e4ec9d70e263fe85a04b2b1b32b4742013f1e4a253a80617e807337f85bdcc68859d6f193622b72126c0560f5f586545389db558e5db335c37432ffc2e3680ce3105ae7e918a0b4399b1f9e3c10223ab49f57c3a62f3f3cda0398f63adbf2250c74e0e196ac09e4e5db5f88508c9573ad9ade8826da683c392776a59ea43f10bddeb525337075540180025efdf996699573a2df2e54bbf2eba39ffe3c4814c3109e98fe13117f82e26bf831c7fa942431efdd4ea8fcee302ecdbaa312ac1d4b43822c0d5a8b144c73f234d21e74286d7bf4bc98aa4e327390e440e7f5e8bc41659b24f673e4d65d2e5e7990390381221148bdbfcdb7b8810a1b894e79221f906219432c03b2c8a4b8548e627c2874f950570ac240403aef4be4ba3902c0d51a114726e20afb842b40650cfcbb637250cc68fa880b49e5e52bbba1bb5e7c8c57b1b558ebeb13d12bc8cd434f30eaf2eeec3d5e28433d784c5719e22a4a9bc3b714cab172528698e36299195937afb7faa075c9304ca28aa0f1785cc4007cee1921b7541bbc04c0fead437c4eb76e5fde46a63c3b65b2ab7f0af9388105061165ea60cfd0f56541b3e9a5ed58946631cecfe96ebb2a14701be9073e4f231aa553960ef2369c368116d50f2749ee2299a126fdbe9a366b8f05c2306ac735faacab6332c989e56afa9b5fddd8406419b0cfbc154c50611a2558fd6614b767bf08dbadd93dccab2eead9d2d3e9d61a28607912e", 0x1000}], 0x3, &(0x7f00000057c0)=[{0x50, 0x102, 0x101, "e0b48b4f8b68b029d83b8f52becf21136dd108d6d03ec294c76efbacf1e90ae489f34ec483c9af863d3b6213da6145c5e7315d24109db95559"}, {0x1010, 0x100, 0x0, "730c5f5322465f024a22bc7829c2834969b3e33b0cb0567240955e7388f9edbc88e52ee648729110472ba3e5ba4b5ee2d33477fec12f21abbcf9095c48f68c0cc64321f0611f7de916dd64effcc048878dcd15e550363e4af8ff393644bf8e4d577efbcd762ac336153b43688d9c7b769ba5b0eaf1ee82ebf5ba8b389dfd67491fe79168e308d5c462729919e3a5c09d4f6ddc667a8e2b8646867036256c4061eb5ca4dd99ccfc8ef6e1aa8e652555b5c0751c4124a94610143fd30c69f0710d8dd1678387854ac895251b6fb42de662abc0f1c1d051fd230fe387c70e28c75277532a94f0f62a6885d4058beb227cf35ee82f6fbe8e7f65a9b1351b61f743a24fe57804cc9d152cc52ddfefc44d20064ee4580a6b486fc990814b4d0ebd3c7ec813ba3fce117b7e1d50ace43fc801bb9d1b00a3280432dd1f31ffdbaaa5c244e0b89fdac2788b4c63aca99ce55947ed2324ea2eee7075d2055577c3c58606aca379cbacd002d7864bb68fac1a37f039a290deebf1dfed2b48838b35dc2c7ea511ae158cd495553bdb52dd92e4115d1113d51abd00815f846e176f769ee9e75ca94b2e3173ad8ffc99bc471346c9817b3ebbfde31101fd35e583c415e019ec462e88a6351b5d5b3a5d298faf8c708980deaaebe5b468c082536afa42d1c6b93ce55eea18ae0a31b1af5f6ff077370002e1c912f9b50364fb705ba5444d80e9ebee0ada197aa31872b36e35ffcae8357e0562c0d94a91844689e93d7ca919a73fe49d478958d6159e4b07c0a85e290e83e2cd5b30b59838fec9ee211a796b616ecfb64cd0714f9b2786665e03109dc7b9f80fa2b9bc17b9f3bab44f51132f6cbbf982780c754e72c0f4c1cda08548cf6f5f87b4d85d2774181baa2a18a608f3791fd077265d82f03457eb6845813b0e52da88add7bcf6401135e5af2688711d235535c67cdc7e6b7561d2076c36e6717429bf307f67b2f787fbd2f38cd3d516d8fa3989740dd538137029eb52b15b9087ecdf7398249d4950f4e9612dadf3baa8687012ceee892c22f5ed83dde8916308aac2c465a7da9177381f96945cb898eb5e86a7abc5b2925add1aea0a6aa236a9600b4bfec2c0b32cb1877a9ff03bf5c2506ce6485f945a1a6ca459f1aa8f7c52ffd65f17db55fa2581d2ceced0267b86d70d614b27e000bed2cf790c3cf65ebf57fe260b5ff0b545d8bc81c0fb5340169f70146f57d1437e209aa3139e3436bba0528de455e4170342400fdc5ec1c7988319c683ead8a69268c88e6ae0a7c390951f749f2a9060106657c713eb4380ef0a7a636f4f4742a4bdde82947fd05e41483f63b4ec525170cad995ccf23d9215eef56c01813f38433e8b7e0dc4c30fb969d8247a54fb018097fc5fc87f3000a136016b472e79d824a3d27c463e0a04ce7e822d134f4d0d9b3a646321c7cfee0d54d8f3381236d62a348033dc5edd34d7a75c69b8adc3e878dda130cb2456e965320741665c1efa11564137060f79bcd46d3b529ab01f17ae8567e62ab863cc62b1eaee0d220c07a985f0c34505d1285d4fe906174f8bdc711a7713c78d26e14dc93117a0ae786269b30dbb4ba830d245795f4a5f01db18cd685d174c2d45731a59e7dce6bb6a82630a02e86e056c45a965de4a7c1b22d66f8089e207d542169247e1f0e5efc6b7e676c45bd7b0b2fd78feac332086083afd580d2f96c3ec8b58c3c14cd8025f124532987a1a14c2acf29ca3cec928f65754ed69a32515b73d2e8ae0ff82fd4430586c0042e0038d83da2ae3d8283d6e8b0e0a52f905b75c2e5a0344ff0a92bbc36f6d41d09a08384317cd85575aeb0abdd2fc270c06b175b52e1031d1778ee6d759a1c9f4e226b4ded544a59f6504a56eeffab76ee5fac92224447f094123dd420c9b0944cebc1c6c7624764f96e8b3843fc91b851ffe9ebd87e3f795cccae2e6b98c05827d6ac4d04158152fda6161a514f02dacab869df322b25fa7a9f45bf68572c14fc1dcaa9873f0b8ffb83bb5900436d8d0b99480f31cb7c72a715d1ce1a93ffa961efd33016d916eec50d5a40b8fa3f885562af0c99ce9131b8af2ca875b97fc20cdcaf9a82bab51a5a1bd1a6254854175d8dcdb5a2f0b6326b8a2ce88c01d7bd384ccd948d24dfe7f2a125d5596af34132d24837d8d558d522870801349ec8ce678d5169d769967f8eb5ce32b8e48030dc3d79b4e310c3986d999234dfc5d7b35d0cac02e1f0635ab25738f666e5501917313275514d7b0edcddfddc912c277fdacf0ff97a0a77293598f31787c71ff2b0b9eaa29c04f18ae61ccbedeb8bffcf7e3fc327564e44daf428fb35ac45bbcd0a6d453290248997c8bf85c73fb562834bc254371605e04fa58c80b097cec59eb0725a80c495ddfc621c4435f15f4f91ed58abdde4306bddf7afd398dfb2152c12445de81cb9ea90e9ac8380dbe9d5f432d87fd3642fc33721c660a97efb8ae484e133e1401128837600c3f7d6d576daf7a452285c00e56e042db793e084aff83a8c6e26b90b43ee36ef0c944cc5b0a0bc4e022fc7b3a88aed931ab7d6b561b22aa65606f6037e53ffb4a6f285e27c21e2285848debd4da03afcff1783a6500a04b8807efb8ff05b8a869a3e8d36e98e19501960280f8b0d82b3c6aebd464bb7cb5081e599be5a67c251552a0e6be42993344e1c2f645a773996b8a90dae0cc02a958b2608695b5c53e28660cfc8d4f9ef75bb2296ea8e8ff8030674b6eb3c40d2e864767b6e068461d350a18a5853128a823911e31bfac75aed54983283179181d744745c13a9b89a95ce3f21a01a3cf2ce91520d9e1cd846ffc6d4dfeec4a0acacb7b20e8a2a4dc66785d900ab0077024f8abb104b9114073169c43b346272644fb383e3c8739c83d5ebc237d02e11e80dcc84ffdfea08eb913fb59e7c4e06136b5aabfe68f5612a0a3b806146777e9eda30e8b1bb2dc87fd15adc4aea09c9afbfde0b3994efb93a67e58b295b638856c24d1da3cb67f2fca06bf3a980781c506197e24570d4ad948ab4fb3d7604b3451cca594f202de91d90941e1e8e9cc0670cf9313ce30cc800dbdb987ee56159dcc6a87d167bc41db38cd8fd462fd1fc3b11eb1c7011e95b5de5dfa7a0de5b170fd2d1de80e2874c1d54eae878aa4b03dc6534d516e4a6e0e426cb3024225295d144fe9ac290eeade195db7a74dd6d14aa380131769735d587ccb6f69a3262006300e3ddc7eec9cfca57282d97d639c0f95cd05f50fe47f3305b675b238ac65fdb101d97b44fa67b4c576ecb845d0c405635f5d93eda60c3b56f120b9f646080ee933ebedbb19017379ab3ba8bec3b0c5fd2cb80f9ea3e93d933c921a1b1c4f16df1d83a0c2f02e3d6e1fbd60fc9439e14b4f90618e7a9aed20944a8b95a31345a62916fa5fe0bc230af428bb09f383f599b23c06ccd842d9dc48329f08ab08ee8bf45d7ee8a9337b50fe36f4eceff66125d4593fd16c74ea45dbb56343fadfb5c4482131bfb2f7c1f24849cedec96166781b87b9ceb5a59ad728ee9446cc3de482a715449715bd087accfd8ee20f28d2b5c7b07042dfd328067f6ab3359d75c9a556a981bf5172de89e417dd1c67344f8c7875f3bde633ba31b08b275eae8b453327eb37b4bc5a2e094e3a9ee3b2c48271f8469ab5e0841110a96906bae89ff0ef78803774bb2a7c37c43f1fa54151d3da6454d38f5ff667ecd63b4559c634d5bea8ddbdc9b0e35d533080466143439411185cbf28fcb86c9c2b433a63ddb3babe139e8d602e0953011bed324f760449fb50e8fc89b5f25cc7c3fa3c2280dc7099a83d57b8a95f3fef8a0ce03fa44603ec6ba8f6cce43cdafaa8b1cbaa25746385f6ae96f6509c3ef004154e6ac4c0e6cf436c793f098b406c42fc202f2afdb3331eb07abbac477ea31809d77e12d2aeb315bbe3746396cbc63454ebe5f8acf53d3c98172c83ba0bf69654cdb0556027e7561daba05507503b835e25c2cdd8317daa60841c31a80809e03715cb0feb519880785a8223ca9c9bbd517cc30c0fd9d25ba470a99fbe9d6ec851b6dd8b3343700290e9aad113a748a72ee346c64781e11740d2c02c5b9bd96eafb9a8f6d6caa2c49deda148e3e814c8e3b9f2c641f496eb93a1ba8fb07de289e4880a28e316191ba78c336d695f4521d5e4785785ee7de63da3168b296c07026bb900d246d99c51b7dcfaa2e6f37c82a528fc8fbb26206f0c6be6fb21abf9b709ad60e407c0b316583c11903ebcd33b8fabf17e0a670fe53dcb59fb2d953494fd0513b32097656f247c52fe8623c6d5b7118286005ea21193a48da8dfe7cafc2840dbdc59d1c9977c6a84a16dffe7acf997c8900b24700987dd5d9716f99985523dee2434504d04632f39c1cb7f30f8747de209f36ef9adc5106f402b4569984c348becdfc5a182cce74f7dc8c51dd87b87535354d89a1a84503a1cb09d8b60854a4a7a16d4fa560bfdb8f3e68d4c64950e67343b09f18efc52a9fb76ed374e67c66bb748b3eddc8649813ea0c1274b909e71aa18d28f99531b475ee9a12485417a25ca2b5f52d2b9cd030cf215424347c47f34a804827a0f808cdeff3923fcc8066c3f23cc3e7c2f34679f67bed63cf26d8b149ec5d352a3b86a1ae43fd8c06dde22f6c805b7f7e2c7814c57f4582ed12086f023b93fa3c7dd25b23d75aed3b6f6b5c889ecca4b076088ca82da8f7bc8d2664f3fdfc8772e72ba20e05e03fdfa645c8876da67dc82c6e7e9d8833c95a58168ecd7686efe7e1fdb803f6f9739cff38fb5b7a783b4913a73060bf179bd84312c38e11d023a99f86a0a89be5c72a52cdcb37b3c2fb7c624a5416cec20ea85471822ac937e5adb272f61fcef6d837a611d5385d48a69e87e76749811aa88cb2bd37b911a0e924d2fe940dc0f8978026d2aa4ee89d51f82fded5b053248526887416d4b0c7693a47af95ea8cc83f2fcf0bb56fe4ac82068b0c970c6140207b6bbccad34b9b8d21deac3171d4a47bbc5fd956e2ab8e17bdfd725d47a2a61ada5e536a7e446ecf59af852aab85ff6c4e7d1f3cccac00bf77fc17f0ca6b9f853fcb28670efaa5cd6b6ee5baa757c91992828b66d0ff3f521b33f03f8ddb39992a9ebe367f085c0a5a8dbc1147e0c173a9bb93488833cd8937ad11d61a406454f4a5279901459b816591fe353edd5eea1fe5f0d860aaab57ea41d9ad80a706a560a6dbce8d8eb46b69523bcbc3b05717228746c4d73fa98e28a15e8fbe02ce8e2015c6a11c17f824f7a58bea1b901aaf6bc5717b340329dda799dacb105f9e704ff56c17f7d88a35a6fbd199df89192cd9db3015741456382915d6de0ecf43119006424f660efd8c47311ac405dfd626acd2172146021963e1b9f2864d94496d75936a8ad41ba51349727350f769fb0a228caaf61063618a6c29d0545c0faa33e8867069bd04c3b1a770b9f7f45cab6c05968f2a93d2d268c0a1d8dc3684cb98406b33c5533e34599da1e5ae838b5730771cbe1ab6da87ca26d2a271909d73ae95a21a95842c3df9f70a0845bd752dafb45001b037ddea4c076e1e9662d7d50b67465af4d65d322e3f15e3e7a370d6e64ba67f632c240c8c87d7c0c943f789b16f3906044b5e2f817026596286a7866b7d5911121b945331489ee5eca9332bf2f27e88ff9d0426c37d3e3a73570616c8d30dc093cbcac40697f15ff8689197c1715b6d6aeebbfa03ea9c0be69d05978ab7a1eb8aacbea59c143e985445207852d95a19c042f6fb3e46d04df057362bc984584db963617d9d4318582"}, {0x60, 0x119, 0xffff, "237bcdd38c8fcb2bc17941d1ff5b198e9ce8a3425dee04533a1ef5be5ee0b57781d863f6b29f8eee3a7649fa341be39e330eefa38761b52a4963215f49f54ba60f6974c33b8ae39c0a79fc"}, {0xf8, 0xff, 0x2b23, "32493c8e3426529acb589962dc400c5779805ba7612de6146c7b9f8d08ab0db125529f041f32d26e1dd36fc9f03748223e82d56cc669b36f93e7f3bf153f72ddf11f8722efcae1519ad012b327117f36edc6b82ca19ba490e9ba2617fc70110b1906e9bf5d61c4c278cc1e71052c262a13a62520a2041e11295026466be89898f842bf055f44f05e91d1ac9549eba245a1d9ad38e20fa91bd8f86c411cedd70cbdfd06084e80a1c93abcd3e0e92348402af26ae6fcdea120c2a4a671ac3ccce590c0807afb347b7acee2512865db65f41b9878f7c6c6201db15016d9c8bc6d6848c6cf"}], 0x11b8, 0x10}}, {{&(0x7f00000031c0)=@generic={0x13, "3103c46ba045c3bb5b9aad4aabe1b3598ccddbf701fee1e2855dda69c26835d22c30cc5da820ee782448eb8231db0d633bd7788e247d96f5bc3c372753422299a3557903d0df2ba8f595072837302a60bcd6a7a201d8682bd2e8e8e05bec44c6c69d4aaf25b5f5a790b694da49f622e0aeb99af35836b6c1c1a367bc8eb6"}, 0x80, &(0x7f0000003340)=[{&(0x7f0000003440)="49876cfd437f85b9a02465eb011823cc7f9e4df6fd8f8a958ea10fc326f684b506e4116f73ea08fc0656bb9bbb28cb3b4f3b8a0cfced0de970012415a8ee409fdca358984adff910573a496a63cdbc599f3db9a626dc0f450ec37ebfa96f0b0e58d8e867c79fb41d36a5f1ecc9b10eb37a72be1f672e8482f7f960b0832da122df70c5ee2f7b2d90cab3b9fa", 0x8c}], 0x1, &(0x7f0000003380)=[{0x28, 0x105, 0x91, "859b7a54f4bd4127d4d605bc557fad56c7896a"}], 0x28, 0x4000}, 0x100000000}], 0x5, 0x400c001) socketpair(0x9, 0xf, 0x401, &(0x7f0000000040)={0xffffffffffffffff}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snapshot\x00', 0x64000, 0x0) getsockopt$inet_opts(r1, 0x0, 0xd, &(0x7f00000001c0)=""/125, &(0x7f0000000100)=0x7d) ioctl$DRM_IOCTL_CONTROL(r3, 0x40086414, &(0x7f00000000c0)={0x0, 0x4}) ioctl$EVIOCGKEYCODE(r3, 0x80084504, &(0x7f0000000080)=""/53) socket$alg(0x26, 0x5, 0x0) 2033/05/18 03:37:56 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x9}, 0x2c) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x0, 0x108000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000080), &(0x7f00000000c0)="14"}, 0x20) fdatasync(r1) close(r0) 2033/05/18 03:37:56 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x4788, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:56 executing program 4: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={0xffffffffffffffff, 0x50, &(0x7f0000000000)={0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)=r1, 0x4) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e24, 0x62ea69f0, @remote={0xfe, 0x80, [], 0xbb}, 0x1}}, 0x1ff, 0xdb63, 0x8, 0x2, 0xfffffffffffff001}, &(0x7f0000000200)=0x98) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000740)={r2, 0x5c, &(0x7f00000006c0)=[@in={0x2, 0x4e22, @multicast1=0xe0000001}, @in={0x2, 0x4e21, @broadcast=0xffffffff}, @in={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e20, 0xffffffffffffffc1, @loopback={0x0, 0x1}, 0xb0}, @in={0x2, 0x4e24, @multicast2=0xe0000002}]}, &(0x7f0000000780)=0x10) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00') syz_mount_image$bfs(&(0x7f0000000140)='bfs\x00', &(0x7f0000000180)='./file0\x00', 0x56d3, 0x5, &(0x7f0000000580)=[{&(0x7f0000000280)="54fb688fe8c6d4d424dea9b7feb70af2edeb2c150547007a6efa042bbe17e322905db98363a709ff9b99a2a50540a5c62f2a6fb9e0191a45a002ea5a63f942a89a82ba40b3ce937a3c5f90a5f3eff694b4ea19547e2aeb3e82b94abff6727f4f5440482b84cda24a7039cd0e345a40ede74a35e7188583deab3b1895c5e495d30b1bf3c7c88a1ca41148c73b22407f138eecbc248f0c5456a06b523410e26c6d0d93", 0xa2, 0x4}, {&(0x7f0000000340)="e3f85c740ccb5aaf0540708e78c87a5b51f68942edc03f4209d348ba94272930a8a60874918cf8aed8d1f56aa7b403febcab96a879ae048ff4764a2c16471bba57032619ae33e730dc5151b22858813a9c00748d6fb527d683362cfb38e918c0659eb9168b57409eb89562bff1c0a0a62bdb3a1625b24c9ff2f47ea447e531b4720678d02e7a", 0x86, 0x4}, {&(0x7f00000001c0)="e14e6da5cdf1ba5e4357f68d70165c6e21a60d5ebf891e311eabc2358398d90d131b32a0ca525d16702070451720", 0x2e, 0x6}, {&(0x7f0000000400)="cebb55b8b32674d1c9c061306b97018c4970825e1e977a2fac8b2cc3a5b858144e88276bd0af61ecb333aefa746cf0c2b7264606a2093c7b2130cf5c2a72fb3146ca2b1bb7d9dc582c5a8803835b660ebd8456186c510ada91c7d6f2af9b4b85c976254d35fbccd0a8eba7d20d0ea3c978f991a8761fdac47c54c7bb510a3e9117bc612939eda3fd9cad26dcc9f494d1a9495463f078a77970e2038a1e570eb9c6399e079e08a2f0bfaf1cab251fcb4cdb0fc0296347e09c7ec90c97441db7a8b8d7524a1bb3c42294e90282dbc1effd7903c352037c4302f90fc0a2973d87b0b58e1b3ab67806860a26344d6b5b69fb55959d6a69894d1630ec28c1", 0xfc, 0x8}, {&(0x7f0000000500)="0a5bce7a125e314436c289f4b830f7d3e714d09748052e8343c4d875969c25eb15889fc45ea95a1b450dddc0fef91739e38b641257fc6e6e7362c907e72c2248cc39f6999ef0663b854e8716b17dea9089228d3729319975850dd126a6d7488b938a73ac3ef225c6aeef78327af6c1e20beb31cb", 0x74, 0x9}], 0x2040c04, 0x0) getdents(r3, &(0x7f0000001100)=""/182, 0xffffffffffffffaf) 2033/05/18 03:37:56 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1026.785947] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1026.802632] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:37:56 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x5865, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:56 executing program 6: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000000)=0x1, 0x4) socket$inet6(0xa, 0x3, 0x1f) r1 = accept4$inet6(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000200)=0x1c, 0x800) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in6={0xa, 0x4e23, 0xff, @local={0xfe, 0x80, [], 0xaa}}, @in6={0xa, 0x4e20, 0x81, @empty, 0x1}, @in={0x2, 0x4e22, @rand_addr=0x8}, @in6={0xa, 0x4e23, 0x9, @loopback={0x0, 0x1}}, @in6={0xa, 0x4e22, 0x4, @mcast1={0xff, 0x1, [], 0x1}, 0x4658}], 0xa0) tee(r0, r0, 0x3, 0x6) 2033/05/18 03:37:57 executing program 3: r0 = socket(0xa, 0x200000000001, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x101005, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f000082ef0a)=""/246) pwritev(r1, &(0x7f0000000100)=[{&(0x7f00000000c0)}, {&(0x7f0000000380)="b42459de4cecc9621892aca32c1ddc82e01b73599193beeeffc2fcb7f17d385b2bf973912c79754a7f8d5d630e705cb3131104bd9ce34024506970978a83d63dbd64615b8d8435f6d22e996454743c2fe32d7432ed016c77e35fb3fcce13ebebfaf071fef56a47ce678d58e862ffeaeb325b9d6c10fe426bd85cfd549cd6825db103c193ad5b668ca7b25f5407e2fbc4c17d230b00fec12930fb02098d3ba77dff6df6d27f1997bbb912c08e764e9adfb1b3637906cff59edbd5bfdc9ed6f2f529b6a2cab2af40027c39182069241c8e7da6afceb40f5b35d402323c48fb9fb2bd9fc4708af26a5b493d74b05a05", 0xee}], 0x2, 0x0) 2033/05/18 03:37:57 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0xfffffffc) 2033/05/18 03:37:57 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x600000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:37:57 executing program 4: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00') ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000000)) getdents(r1, &(0x7f0000001100)=""/182, 0xb6) 2033/05/18 03:37:57 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xa000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:57 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x3f00}, [{}]}, 0xfffffc53) 2033/05/18 03:37:57 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0), 0x8, 0x0) 2033/05/18 03:37:57 executing program 6: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x2, 0x40000) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @local, 0x0}, &(0x7f00000000c0)=0xc) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000100)={{{@in6=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6}}, &(0x7f0000000340)=0xe8) sendmsg$nl_route(r1, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@ipmr_delroute={0x38, 0x19, 0x404, 0x70bd2c, 0x25dfdbfc, {0x80, 0x94, 0x0, 0x67c0000, 0xff, 0x1, 0xfd, 0x6}, [@RTA_DST={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0xa}}, @RTA_IIF={0x8, 0x1, r2}, @RTA_MULTIPATH={0xc, 0x9, {0xfffffffffffffff8, 0x7, 0x12, r3}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x4) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x16, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, &(0x7f0000000300)=0x100) 2033/05/18 03:37:57 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x7400000000000000) 2033/05/18 03:37:57 executing program 6: r0 = socket$inet(0x2, 0x1, 0x0) r1 = dup(r0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00002eaffc)=0x101, 0x4) connect$inet(r0, &(0x7f00002daff0)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000266ffc), 0x4) sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x14, 0x0, 0x0, 0x0, 0x0, {0xb}}, 0x14}, 0x1}, 0x0) 2033/05/18 03:37:57 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xff030000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:57 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x3800000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:37:57 executing program 4: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000ef8cfd)={0xa, 0x404e23}, 0x1c) listen(r1, 0xffffffffffffff7f) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) r3 = accept$inet6(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, @mcast2}, &(0x7f00000000c0)=0x1c) write$binfmt_misc(r3, &(0x7f0000000100)={'syz0'}, 0x34000) dup2(r3, r2) 2033/05/18 03:37:57 executing program 3: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4c, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r1, 0x8200) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) sendfile(r2, r2, &(0x7f0000000040), 0x6) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, &(0x7f0000d83ff8), 0x8000fffffffe) 2033/05/18 03:37:57 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x7a00000000000000) 2033/05/18 03:37:57 executing program 6: r0 = memfd_create(&(0x7f0000000240)="3fbeaeec9b3af1bdd4c9adf22cb5234ab98cecf21f709d7c7e9c410369f3932b2f52008e7110949cf6704bde5ece3e8e02ba60d6851194b6e2a23f877fc79a4ebe7616cdad8bdea2d4d31484a6ad", 0x3) pwritev(r0, &(0x7f0000000080)=[{&(0x7f00000000c0), 0xffffff0a}], 0x1, 0x0) fcntl$addseals(r0, 0x409, 0x8) fchmod(0xffffffffffffffff, 0x80) 2033/05/18 03:37:58 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x100000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:58 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00'}) sendmsg$nl_route(r0, &(0x7f0000000580)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000540)={&(0x7f0000000080)=ANY=[@ANYBLOB="2400000013002100000000000000000007000000", @ANYBLOB="0000a130d200000004000a0000000000000000001000000000000000"], 0x2}, 0x1}, 0x0) 2033/05/18 03:37:58 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0xffffff7f00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:37:58 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x4c00000000000000) 2033/05/18 03:37:58 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x3f00000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:37:58 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cgroup/syz0\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r1, 0x8) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) getresuid(&(0x7f0000000040), &(0x7f0000001f80), &(0x7f0000001fc0)) fdatasync(r1) 2033/05/18 03:37:58 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="c626112c8523bf012cf66f") r1 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x0) fchmod(r1, 0x24) 2033/05/18 03:37:58 executing program 6: r0 = memfd_create(&(0x7f0000000240)="3fbeaeec9b3af1bdd4c9adf22cb5234ab98cecf21f709d7c7e9c410369f3932b2f52008e7110949cf6704bde5ece3e8e02ba60d6851194b6e2a23f877fc79a4ebe7616cdad8bdea2d4d31484a6ad", 0x3) pwritev(r0, &(0x7f0000000080)=[{&(0x7f00000000c0), 0xffffff0a}], 0x1, 0x0) fcntl$addseals(r0, 0x409, 0x8) fchmod(0xffffffffffffffff, 0x80) 2033/05/18 03:37:58 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:37:58 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x7a000000) 2033/05/18 03:37:58 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x4000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:58 executing program 2: 2033/05/18 03:37:58 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cgroup/syz0\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r1, 0x8) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) getresuid(&(0x7f0000000040), &(0x7f0000001f80), &(0x7f0000001fc0)) fdatasync(r1) 2033/05/18 03:37:58 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x11000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:37:58 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x5000000) 2033/05/18 03:37:58 executing program 2: 2033/05/18 03:37:58 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:37:58 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xe000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:58 executing program 2: 2033/05/18 03:37:58 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x600], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:37:58 executing program 4: 2033/05/18 03:37:58 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:37:58 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x8000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:37:58 executing program 6: 2033/05/18 03:37:58 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x500) 2033/05/18 03:37:58 executing program 6: 2033/05/18 03:37:58 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x0, @broadcast=0xffffffff}, {0x0, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x2000000c, {0x2, 0x0, @loopback=0x7f000001}, "000900ffff0000000000000000008004"}) 2033/05/18 03:37:58 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:37:58 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x9) 2033/05/18 03:37:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:37:58 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x89060000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:58 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x62], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:37:58 executing program 6: 2033/05/18 03:37:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x0, @broadcast=0xffffffff}, {0x0, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x2000000c, {0x2, 0x0, @loopback=0x7f000001}, "000900ffff0000000000000000008004"}) 2033/05/18 03:37:59 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x414) 2033/05/18 03:37:59 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:37:59 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x4888, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:59 executing program 6: 2033/05/18 03:37:59 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x11], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:37:59 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x4000}, [{}]}, 0xfffffc53) 2033/05/18 03:37:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:37:59 executing program 6: 2033/05/18 03:37:59 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:37:59 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x3580, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x0, @broadcast=0xffffffff}, {0x0, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x2000000c, {0x2, 0x0, @loopback=0x7f000001}, "000900ffff0000000000000000008004"}) 2033/05/18 03:37:59 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x7400) 2033/05/18 03:37:59 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:37:59 executing program 6: 2033/05/18 03:37:59 executing program 2: 2033/05/18 03:37:59 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0xfcffffff00000000) 2033/05/18 03:37:59 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xc0ffffff00000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1029.837732] nla_parse: 36 callbacks suppressed [ 1029.837741] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:37:59 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x1000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:37:59 executing program 2: 2033/05/18 03:37:59 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x4000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:37:59 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xff03000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:59 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x60000000) 2033/05/18 03:37:59 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:37:59 executing program 6: 2033/05/18 03:37:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1029.897314] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1029.913124] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1029.923354] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:37:59 executing program 6: 2033/05/18 03:37:59 executing program 2: [ 1030.008522] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:37:59 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xa00, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:37:59 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) socket(0x2, 0x6, 0x0) shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:37:59 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x4000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1030.058772] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:37:59 executing program 6: 2033/05/18 03:37:59 executing program 2: [ 1030.130124] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1030.130888] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:37:59 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xff03, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:00 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x10000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:00 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x68) 2033/05/18 03:38:00 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x11000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:00 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000200), 0x0) dup2(r0, r1) perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4b, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) accept$packet(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f00000000c0)=0x6) 2033/05/18 03:38:00 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x6000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:00 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) socket(0x2, 0x6, 0x0) shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:00 executing program 2: 2033/05/18 03:38:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1030.459925] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1030.508321] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:00 executing program 2: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x3a, 0x0, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0xf5ffffff, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:00 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) socket(0x2, 0x6, 0x0) shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:00 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x86ddffff00000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:00 executing program 6: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x332, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) sendmmsg(r0, &(0x7f0000005c00)=[{{&(0x7f0000003a00)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}}}, 0x80, &(0x7f0000003e40), 0x0, &(0x7f0000003ec0)}}, {{&(0x7f0000004180)=@nl=@kern={0x10}, 0x80, &(0x7f0000004540), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000010000002500000085b138cfdd0478001146ce17a35983d36fb323fcc308bb4197727654123ee8a694262892f55df5c4cf2167d6c1818ecb8afcdc2de79524326ad92d19da71b7dd503952b11ad8c1d8854805647d6840da63fd0047aac025fea03e2a9bbdfb52d1977b48d89d1547ed45b346d41ae16fef295ecb015e87ae6c9693db3e27a4ad99a1928c60e2e32c63f8ddd0e6300d6d00f6fc93b02ed49e303e6e92b03800000000000000000000000000"], 0xb6}}], 0x2, 0x0) 2033/05/18 03:38:00 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0xf5ffffff00000000) 2033/05/18 03:38:00 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0xffffff7f], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:00 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x1000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:00 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:00 executing program 6: r0 = memfd_create(&(0x7f0000000240)="3fbeaeec9b3af1bdd4c9adf22cb5234ab98cecf21f709d7c7e9c410369f3932b2f52008e7110949cf6704bde5ece3e8e02ba60d6851194b6e2a23f877fc79a4ebe7616cdad8bdea2d4d31484a6ad", 0x3) pwritev(r0, &(0x7f0000000080)=[{&(0x7f00000000c0), 0xffffff0a}], 0x1, 0x0) fcntl$addseals(r0, 0x409, 0x8) fchmod(r0, 0x0) 2033/05/18 03:38:00 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000100)=ANY=[], 0x0) 2033/05/18 03:38:00 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x6558000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:00 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x4c000000) 2033/05/18 03:38:00 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x300000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:00 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:00 executing program 2: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x4}, 0x1c) 2033/05/18 03:38:00 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x68000000) 2033/05/18 03:38:00 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8906000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:00 executing program 2: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) poll(&(0x7f0000000100)=[{r1}], 0x1, 0xfffffffffffffffa) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x2) dup3(r2, r1, 0x0) r3 = socket(0x2, 0x1, 0x0) ioctl(r3, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") write(r1, &(0x7f0000c34fff), 0xffffff0b) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) ioctl$TCXONC(r1, 0x540a, 0x2) tkill(r0, 0x1000000000016) 2033/05/18 03:38:00 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x1100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:00 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:00 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x20000000) 2033/05/18 03:38:00 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x3f000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:00 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x400300, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:01 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x900) 2033/05/18 03:38:01 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:01 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0xf5ffffff], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:01 executing program 6 (fault-call:2 fault-nth:0): r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:01 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x6488, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:01 executing program 2: r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x7fffffff, 0x80) ioctl$TIOCLINUX7(r0, 0x541c, &(0x7f0000000040)={0x7, 0xcb8}) ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f0000000080)=""/61) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000e11ff0)=[{&(0x7f0000000100)="580000001400192340834b80040d8c560a02000000ff81004e227e00000058000b4824ca944f64009400050028925aa8000000000000008000f0ffffffff09000000fff5dd00000010000100000c0900fcff0000040e05a5", 0x58}], 0x1) 2033/05/18 03:38:01 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x1000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:01 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:01 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x6c00) 2033/05/18 03:38:01 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x5c8, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:01 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x44000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:01 executing program 3: bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r0 = socket(0x2, 0x6, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(0xffffffffffffffff, 0x2) recvfrom$inet(0xffffffffffffffff, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:02 executing program 3: r0 = socket$inet(0x2, 0x0, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:02 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpu.stat\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000180)={r0, 0x200, 0x1, r0}) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net\x00', 0x200002, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e24, @broadcast=0xffffffff}}, [0x80000000, 0xffffffffffff8000, 0x20, 0x8, 0x3, 0x1, 0x3ff, 0x8, 0x4, 0x0, 0x6, 0x9, 0xe255, 0x2, 0x800]}, &(0x7f0000000480)=0x100) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000004c0)={0xbf, 0x8, 0xffffffffffff0001, 0x100000000, r3}, 0x10) fchdir(r2) r4 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x100, 0x800) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000080)={0x0, 0xffffffff00000001, 0x20}, &(0x7f00000000c0)=0xc) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r4, 0xc08c5336, &(0x7f00000002c0)={0x5, 0x2, 0x7, 'queue1\x00', 0x24a}) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={r0, 0x3, 0x1, 0xbb1d, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000100)={r5, 0x2}, 0x8) rmdir(&(0x7f0000000000)='./file0\x00') 2033/05/18 03:38:02 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x806, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:02 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x500], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:02 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:02 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x3f00000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, 0xffffffffffffffff, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:02 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x3) 2033/05/18 03:38:02 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x6c00000000000000) 2033/05/18 03:38:02 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xa, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:02 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x10000000080802, 0xff) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@loopback={0x0, 0x1}, 0x800, 0x0, 0xff, 0x1}, 0x20) r1 = socket$inet6(0xa, 0x2, 0x100400) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000040)={@loopback={0x0, 0x1}, 0x800, 0x2}, 0x20) 2033/05/18 03:38:02 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:02 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x6200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, 0xffffffffffffffff, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:02 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0xa000000) 2033/05/18 03:38:03 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x543, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:03 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:03 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xffffff7f], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:03 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x6000000) 2033/05/18 03:38:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, 0xffffffffffffffff, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:03 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x4000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:03 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x1000000, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:03 executing program 2: r0 = socket$inet6(0xa, 0x1, 0xffffffffffffffff) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000000000)) setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f00000002c0)=0x3ff, 0x4) bind$inet6(r0, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2033/05/18 03:38:03 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:03 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8848000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:03 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x4000000) 2033/05/18 03:38:03 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000040)={&(0x7f0000fee000/0xf000)=nil, 0xf000}) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001240)={{{@in=@multicast1=0xe0000001, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback={0x0, 0x1}, 0x0, 0xff}, 0x0, @in6, 0x0, 0x4, 0x0, 0x9}}, 0xe8) sendto$inet6(r1, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4000000000004e22, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, 0x1c) 2033/05/18 03:38:03 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x5000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:03 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:03 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xffffff7f00000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:04 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0xffffff7f) 2033/05/18 03:38:04 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000040)={0x10006, 0x0, &(0x7f0000ffe000/0x2000)=nil}) ioctl$DRM_IOCTL_RES_CTX(r0, 0x40286608, &(0x7f0000000000)={0x1b675d3b9f949db, &(0x7f0000000040)}) 2033/05/18 03:38:04 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xf5ffffff], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:04 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:04 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x86ddffff, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:04 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x8000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:04 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x2000000, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) [ 1035.000287] nla_parse: 44 callbacks suppressed [ 1035.000295] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1035.018660] EXT4-fs warning (device sda1): ext4_resize_begin:45: There are errors in the filesystem, so online resizing is not allowed 2033/05/18 03:38:04 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x4, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:04 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:04 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x6000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1035.081224] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1035.095779] EXT4-fs warning (device sda1): ext4_resize_begin:45: There are errors in the filesystem, so online resizing is not allowed 2033/05/18 03:38:04 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:04 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x6000) 2033/05/18 03:38:04 executing program 2: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@dev, @in=@remote}}, {{@in=@remote}, 0x0, @in=@multicast2}}, &(0x7f00000001c0)=0xe8) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000240)) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000040)) ioctl$TCSBRKP(r1, 0x5425, 0x6) 2033/05/18 03:38:04 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:04 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xeffdffff00000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1035.277635] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1035.345787] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1035.382802] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1035.400548] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:05 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3800], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:05 executing program 2: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) futex(&(0x7f0000000000)=0x2, 0x0, 0x2, &(0x7f0000000040)={0x77359400}, &(0x7f00000000c0), 0x0) r1 = socket(0xa, 0x1, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) getsockopt$inet6_buf(r2, 0x29, 0x3d, &(0x7f0000000080)=""/56, &(0x7f00000000c0)=0x38) ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000180)=r0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2, 0x32, 0xffffffffffffffff, 0x0) futex(&(0x7f00000001c0)=0x1, 0x4, 0xfffffffffffffffe, &(0x7f0000000100)={0x77359400}, &(0x7f0000000140)=0x2, 0x0) tkill(r0, 0x1000000000016) 2033/05/18 03:38:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:05 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x1000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:05 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x0) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:05 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x40030000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:05 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x2, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:05 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x1000000000000000) [ 1036.128101] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:05 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xcc050000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:05 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x0) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) [ 1036.173063] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:05 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x5], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1036.215197] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:05 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r2 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r2, 0x1000000000000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 1036.267266] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:05 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xfffffdef, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:05 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0xa00000000000000) 2033/05/18 03:38:05 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x0) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:06 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x100000000000000, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:06 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x0, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r2 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r2, 0x1000000000000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2033/05/18 03:38:06 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x1000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:06 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) r2 = gettid() process_vm_writev(r2, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1}], 0x1, &(0x7f0000c22fa0)=[{&(0x7f00007a9000)=""/1, 0x1}], 0x1, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={r1, 0x7, 0x0, 0xfffffffffffffc01, &(0x7f0000000240)=[0x0, 0x0, 0x0], 0x3}, 0x20) r4 = openat(r3, &(0x7f0000000080)='./file0\x00', 0x80000, 0x80) ioctl$TUNSETOFFLOAD(r4, 0x400454d0, 0x8) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r5 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000e96000/0x4000)=nil) prlimit64(r2, 0xb, 0x0, &(0x7f0000000200)) shmat(r5, &(0x7f0000717000/0x1000)=nil, 0x4000) close(r0) ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f00000000c0)={0xa7, 0x8, 0x401, "891374cf5c393910e07c28fbed631367436aa4f13c4cbb8c12c69d4c3c9e3e2b56f2436ef5142252f0793a013471029778e9e6df630ddf52bc6f56ee7d33b2eaf09808f5fb7b02ef5ae736687979c16c83a9e6a9aac03f441656cf61e2d91244c6e7859aa483752f70426b4476e18cec04aac40a8405a0acd426fc48c8f25007ae1ba7a77cfa0687b1dc8c67bd6302fb9a99835cabc6bf79d42607d5ec765f42f46cc22c889952"}) 2033/05/18 03:38:06 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:06 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x5, 0x280000) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f0000000080)={0x1000, 0xc, [0x1f, 0x1, 0x9]}) 2033/05/18 03:38:06 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xcc05000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:06 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x88480000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:06 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:06 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x0, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:07 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x11000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:07 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:07 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:07 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x0, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r2 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r2, 0x1000000000000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2033/05/18 03:38:07 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x500], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:07 executing program 5: socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000040)) r0 = socket$inet(0x10, 0x3, 0x2000000000000c) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000000)=0x8, 0x4) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x101000, 0x0) sendto$inet6(r1, &(0x7f00000000c0)="d5cbb6a23d14f7be4e41847795319808e9aa484b0c95433b0744074fb873ea1a9e47cbc7ffb6cd9f9e2fe0c32e782f4d2087c007bede0c993e9a13bf6ba320b3c03f9dfea06342b5ea4adb6721a21bb722362612fa6e017bcc7109d42a94253b2dd56619cfc76bd8e17955b22a27d54f75473c152e36b0a9ed00d19135092676ce2ccbffd80205065148809c38807e091e4ef2e6c3e4447f95bc0929c075a0d82dc509d3dc76c95965f4ba64f3a1200cda02b4e47de857677296f6645a69a667e787ca0e021c3b61cf", 0xc9, 0x10, &(0x7f00000001c0)={0xa, 0x4e22, 0x2c3, @dev={0xfe, 0x80, [], 0x21}, 0x7}, 0x1c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0xffffffffffffff6b, &(0x7f0000000140), 0x1, 0x0, 0xffffffffffffff72, 0x4}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:07 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8864, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:07 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x4000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:07 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x0, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:07 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r1, 0x1000000000000) ioctl$KVM_RUN(r0, 0xae80, 0x0) 2033/05/18 03:38:07 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x200000000000000, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:07 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f000005efff)='/dev/ptmx\x00', 0x0, 0x0) r1 = epoll_create(0x6) ioctl$VT_ACTIVATE(r0, 0x5606, 0x100000001) ioctl$TCXONC(r0, 0x540a, 0x2) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000fddfff)) r2 = syz_open_pts(r0, 0x0) r3 = fcntl$dupfd(r1, 0x0, r1) openat$cgroup(r3, &(0x7f0000000180)='syz0\x00', 0x200002, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000040)) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x4a0000, 0x0) getsockname$unix(r4, &(0x7f00000000c0)=@abs, &(0x7f0000000140)=0x6e) ioctl$GIO_FONTX(r4, 0x4b6b, &(0x7f00000001c0)=""/205) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000000)) 2033/05/18 03:38:08 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x107) ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f) 2033/05/18 03:38:08 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vga_arbiter\x00', 0x2000, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000240)={{0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x1, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x8, {0x2, 0x4e23, @rand_addr=0x7}, 'ip_vti0\x00'}) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) stat(&(0x7f0000000140)='./file0/:ile0\x00', &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000000)='./file0/:ile0\x00', &(0x7f0000000040)="2e2f66696c6530e53a696c653000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)="2e2f66696c6530e53a696c653000", 0x200002, 0x10) mkdirat(r1, &(0x7f00000000c0)="2e2f66696c6530e53a696c653000", 0x80) 2033/05/18 03:38:08 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xfffffff5], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:08 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8848, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:08 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x0, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:08 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r1, 0x1000000000000) ioctl$KVM_RUN(r0, 0xae80, 0x0) 2033/05/18 03:38:08 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x1fff}, 0x0) syz_read_part_table(0xfff, 0x1, &(0x7f0000000180)=[{&(0x7f0000000040)="87969e972bf6989e80cf2cf28ea4d9c8ee8f4a680ddee7c977e8ebc6b1c08d47c829388658b93289ea66e2f630c1883e226746e2da9685fbd1d89221b7894ceede26086f87c9581bec59b61b2e8d6733bcf9a54d9a9692e57571acfde3ffec5144fef677f2b307f1c577350ab7fb1ce69a5d014e4e55bc62e560d0b765e880c1ab5c88ac1830fa9fbcdaa56104008f1e6e3f3448050a85cb94be8215f83bf1ccca312ad72a4a4b665e1a56bd8d533b8985757ad71960e9833293eadee472b63fb1c4c9d7052e71778a6b744bf9baa58e71e0c2e5ee2dd3f6b22f", 0xda, 0x1f}]) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:08 executing program 2: r0 = creat(&(0x7f0000001380)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f00000000c0)=ANY=[]) mq_timedreceive(r0, &(0x7f0000000080)=""/163, 0xa3, 0x6, &(0x7f0000000140)) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfffffdb9) fallocate(r0, 0x3, 0xc0bffc, 0xffff) [ 1038.647994] Dev loop5: unable to read RDB block 7 [ 1038.653013] loop5: unable to read partition table [ 1038.661647] loop5: partition table beyond EOD, truncated [ 1038.667493] loop_reread_partitions: partition scan of loop5 () failed (rc=-5) [ 1038.725004] Dev loop5: unable to read RDB block 7 [ 1038.730058] loop5: unable to read partition table [ 1038.735740] loop5: partition table beyond EOD, truncated [ 1038.741312] loop_reread_partitions: partition scan of loop5 () failed (rc=-5) 2033/05/18 03:38:09 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:09 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:09 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x0, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:09 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r1, 0x1000000000000) ioctl$KVM_RUN(r0, 0xae80, 0x0) 2033/05/18 03:38:09 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x1000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:09 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x0, 0x400000) ioctl$BLKFLSBUF(r1, 0x1261, &(0x7f0000000080)=0x4) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:09 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x2000000) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:09 executing program 2: r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@in={0x2, 0x0, @loopback=0x7f000001}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000400)="a8", 0x1}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="3000000000000000a40000000100000000000000000200000000000000000000000000001a000000000000007554cc17911d579d6fee4f5a6a4b4ecff3433a159e7a6fc2e8d2c422a938901906a48adfb8ec3b7c5b8f0b317b6f675694e06d6540084d6836d894bd2fb85feb0ea1051060e582d3a77a1a9d6961db65dc4a21c5685e77f300001e0000000000000000", @ANYRES32=0x0], 0x30}, 0x0) 2033/05/18 03:38:09 executing program 2: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='setgroups\x00') close(r1) bind$llc(r0, &(0x7f0000000040)={0x1a, 0xffffffffffffffff, 0x0, 0xfffffffffffffffe, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) sendto$llc(r0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) 2033/05/18 03:38:09 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x80, 0x0) bind$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e) setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f00000000c0)={0x9}, 0x4) chroot(&(0x7f0000000040)='./file0\x00') sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) syz_open_dev$random(&(0x7f0000000100)='/dev/random\x00', 0x0, 0x101000) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:09 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x806000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:09 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:09 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x62], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:09 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x2) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:09 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x3, 0x10800) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000200)=0x8, 0x4) r1 = syz_open_dev$sg(&(0x7f0000797ff7)='/dev/sg#\x00', 0x0, 0x0) ioctl(r1, 0x20000000005385, &(0x7f0000000000)) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000380)={0xf6, &(0x7f0000000280)="76b2816097e39342c4b921163fe3d84bd385c5f7d669a6857a516f9728224f8505a2773c430a40af59ada77a342e80cfca543e02723677d666591c239164042a4da6d9f93099e263c954be2dcfbd75de78453ea3e945e42ac22c525d162a7862d03d5b0600ab59ec98721afc90017c01f87ce1a7153b0295dc06c4eacc5a67aaaa0ea51342bbdc01f529e7b2095e69ff0111d3a0db5646731c40a30c29caf8de15b2105d5f8f112a75d47336b6bea9f46116ac27f52894d02b264bcbe003cb7b06cb66c7dc9a61d5fc985dfb528a1b2548e8530a0a5bb7873e26b37c2909247e6e774f11a6854c991080d43eae68124c2b6ac095d167"}) r2 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x9, 0x200) setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f0000000240)={0x1, 'veth1_to_bond\x00', 0x1}, 0x18) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x9, 0x13, 0x20e, 0x1f, 0x3, 0x6, 0x3a11, 0x1, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000100)=@assoc_value={r3, 0x5}, 0x8) 2033/05/18 03:38:09 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000001c0)={0x0, 0x8}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000300)={r1, @in6={{0xa, 0x4e22, 0x2, @dev={0xfe, 0x80, [], 0x1e}, 0x2}}}, 0x84) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000240)={r1, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1c}}}}, 0x84) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x9, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x20}}, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xf}}, {0x2, 0x4e21, @multicast2=0xe0000002}, 0x100, 0x7ff, 0xffff, 0x4, 0x2, &(0x7f0000000040)='veth0_to_team\x00', 0xfd, 0xd596, 0x400}) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x20201, 0x0) ioctl$sock_netrom_TIOCOUTQ(r2, 0x5411, &(0x7f0000000180)) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:09 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r2 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r2, 0x1000000000000) ioctl$KVM_RUN(r1, 0xae80, 0x0) 2033/05/18 03:38:09 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xa00000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:09 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:09 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x100000000000000) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:09 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x500000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:09 executing program 5: r0 = socket$inet(0x10, 0x7, 0x20000000000009) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000040)=0x7ff, 0x4) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:09 executing program 2: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r0 = socket(0x11, 0x80002, 0x0) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000788000)=0x1, 0x4) bind$packet(r0, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) setsockopt(r0, 0x107, 0x5, &(0x7f0000001000), 0xc5) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) accept$inet6(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, @local}, &(0x7f0000000080)=0x1c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000140)=@req={0x7, 0xfff, 0x4, 0x8}, 0x10) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x10800, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000002c0)=0x0) waitid(0x2, r4, &(0x7f0000000300), 0x4, &(0x7f0000000340)) ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f0000000100)) shutdown(r2, 0x1) timer_create(0x7, &(0x7f0000000180)={0x0, 0x1c, 0x3}, &(0x7f00000001c0)=0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) timer_settime(r5, 0x0, &(0x7f0000000240)={{r6, r7+10000000}, {0x77359400}}, &(0x7f0000000280)) 2033/05/18 03:38:09 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x40000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:09 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xffffff7f, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:09 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r2 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r2, 0x1000000000000) ioctl$KVM_RUN(r1, 0xae80, 0x0) 2033/05/18 03:38:09 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x200000000000000) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:09 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:09 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r2 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r2, 0x1000000000000) ioctl$KVM_RUN(r1, 0xae80, 0x0) 2033/05/18 03:38:09 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x88640000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:09 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) socket$inet(0x2, 0x805, 0x793) 2033/05/18 03:38:09 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1040.165016] nla_parse: 23 callbacks suppressed [ 1040.165026] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:09 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x1000000) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) [ 1040.230843] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1040.260703] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1040.312588] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1040.775482] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 2033/05/18 03:38:10 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x0, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:10 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x65580000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:10 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x44000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:10 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x40, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0x80045500, &(0x7f0000000280)=""/4096) 2033/05/18 03:38:10 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x200, 0x0) ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f00000000c0)="80511da266dad0d4c4035fb7b937564c42") syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x900000000000e000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb64c86d6b66732e66617400020441000500077008f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) setsockopt$inet_group_source_req(r0, 0x0, 0x2f, &(0x7f0000000280)={0xffffffff, {{0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}}, {{0x2, 0x4e20, @multicast2=0xe0000002}}}, 0x108) r1 = socket(0x2, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r2 = open(&(0x7f0000000000)='./file0/file0\x00', 0x3fffa, 0x0) write$cgroup_type(r2, &(0x7f00000001c0)='threaded\x00', 0x762c) fadvise64(r2, 0x0, 0x0, 0x3) 2033/05/18 03:38:10 executing program 5: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000040)={0xffffffffffffff9c}) getsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xb) r1 = getuid() r2 = request_key(&(0x7f0000000100)='pkcs7_test\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000001c0)=']GPL(*\x00', 0xfffffffffffffffc) keyctl$get_persistent(0x16, r1, r2) r3 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r3, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:10 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0xffffffff00000000}, [{}]}, 0xfffffc53) [ 1040.943942] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:10 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f0000000040)={0x3, "853bea5b667f6b49a0e657ecba71c21457c06d170a51790fd85d93bc9df7b363b25bce414733cca925b6dc9d0f468e67c2"}, 0x39, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000340)=0x0) waitid(0x1, r1, &(0x7f00000000c0), 0x40000001, &(0x7f0000000280)) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x42080, 0x0) ioctl$SG_NEXT_CMD_LEN(r2, 0x2283, &(0x7f0000000200)=0xa2) 2033/05/18 03:38:10 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x0, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:10 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0xfffffffffffffffd, 0x0) ioctl$TCXONC(r1, 0x540a, 0x0) ioctl$KDDELIO(r1, 0x4b35, 0x1) ioctl$TCXONC(r0, 0x540a, 0x3) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='security.evm\x00') clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) r4 = msgget$private(0x0, 0x40) msgctl$MSG_STAT(r4, 0xb, &(0x7f0000002dc0)=""/85) recvmmsg(r1, &(0x7f0000000400)=[{{&(0x7f0000000200)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @broadcast}}}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/19, 0x13}, {&(0x7f0000000280)=""/77, 0x4d}, {&(0x7f0000000300)=""/26, 0x1a}, {&(0x7f0000000340)=""/106, 0x6a}], 0x4, 0x0, 0x0, 0x5}, 0x5}], 0x1, 0x2000, &(0x7f0000000480)={r2, r3+10000000}) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r5, 0x84, 0x12, &(0x7f00000004c0)=0x1, 0x4) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000100)={0x10001, 0xffffffff, 0x10001, 0x401, 0xda0, 0x1}) r6 = syz_open_dev$usbmon(&(0x7f0000000500)='/dev/usbmon#\x00', 0x2, 0x40000) getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000580)={{{@in=@multicast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@rand_addr}}, &(0x7f0000000680)=0xe8) r8 = getpgid(0x0) sendmsg$nl_route(r5, &(0x7f0000002d80)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0xb8bc079d9fae937}, 0xc, &(0x7f0000002d40)={&(0x7f00000006c0)=@setlink={0x2660, 0x13, 0x0, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, 0x0, 0x20000}, [@IFLA_BROADCAST={0xc, 0x2, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, @IFLA_EXT_MASK={0x8, 0x1d}, @IFLA_MAP={0x24, 0xe, {0x581d, 0x4, 0x4, 0x81f6, 0x4, 0x20}}, @IFLA_OPERSTATE={0x8, 0x10, 0x4}, @IFLA_IFNAME={0x14, 0x3, 'teql0\x00'}, @IFLA_BROADCAST={0xc, 0x2, @random="98d7e6a74e2d"}, @IFLA_MAP={0x24, 0xe, {0x6e49, 0xffffffffffffffb4, 0x81, 0xffffffffffff6c9c, 0xec1300000000000, 0xfffffffffffffff8}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x1ff}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x5}, @IFLA_XDP={0x25ac, 0x2b, [@nested={0x218c, 0xc, [@generic, @generic="37561edfdd4fb6b9b899b951e505982682f302eaa7b29e8b7347324e3dd0e5f22a9ab3c0cf1111ec590464a7642e27b674cd6b95a9a920dc0782f89d4217c0376ca563c9fcecabb2fb6acc0004a4500d64848e6429e12acafc4757d75a2325b14453eda675d2c22551373a5406c335b60470ddba76a4df711cd49a8579a62a94673587c19073b837fb75757fe728d65d914a5f0595511ac3b1d8aa6d98a6ae82c665f85d6e7b3456a8bd67c9d00e631dbefaa8e10579f3a002654d5560c7a4092a8cd5aa9422b8986fa4eecc83311541d1a5c2ccf4e5253f0a62fcca8b2e79745f06c5575bbf62593a9315095669c7f33f13d73fd2b68cc4886565398fa428727356007a8b1a27d761fbebf8633cdbf083a10dfde9478b7d8e25c9bf2071edc01906375ee3b39520f2200d444c25bb7f31cbd17c9f9a64dcc1d735ea1e9b7cf367dae0954ff695746501d8af3061b3ac918044b1c617d716875f60a4876477436e9c560ba75ba83879cdf4cb1159727c3b1d33a04b52d2f9d33f30d9428d59078740183f51c019b66b43f203ccf1067e7113f2bcc9a902647ed2c002eb3a2e7fe665c4dbba9410f76c0855947ba3ea6d904ec4c2c14f85f86c61ac2d55d925b19e839e142d87ae5a2aee0d0d604404ec263942bb29bbbfb8e7dd56348bbcf21173c7154f3aa822e3c8bfae8d88bde35e1aa0d2dab1e2945bbda5ac69341cda7efe12f222cc942637e946fbed257c3c00591aa52d47101eaf5c750a46dece7ebbcfef87caa75a79a4dfc467f55d4cf9277328aec2a330ca83fd0f53127dfe89cf2194eb76becd755d2ee2ee77f1690f79272a8c1e2ac9d953309d469d8c4544ea03af5f21007cd190af41b045aa208afa377087febd45e61b7fac1b319cf74c9c16eedd03b25c3f2cfd37e795076944cdd4f2d5c2e9719c203964e1341b8d297323d5dcefa9755bfdce4ad2c5a73b48930474caeebce55e0c3ec4dfb0b8a0542ec17df43a948474d62fa6b5b2f18a9029227c3e15b90cf9ca2ec47386b38bd96b21aefbd22ee1f3bb2e5c5d3e5c611a835cd3ccaba1546cd3bb732c4633363faac412fe4055e6393d18256f7d7798399878a6f3f79cc035289d369c5bb5ca85678c2fc5395000a98d544a418e78f30f4f6092bb7bafcd998306db8ef324d7c1592e387f0a82068a04161218aa7c44f1c8e2f8d3bd2d4b91fec2931b7d1c19db83cf28a4173851a13a4f1c95aad96735c78c10ad49698bfa5fb57800d1b797e1a4006fce6bb25266d83c8df0685757767d68e86b7c9d1739000333220630845caba7b48724b97fe6022211141196ce39baf36886a306808be35d2eef5a2a1f7fb6305a7f7249641dd8d93390f00a2a1d8f4bf51e408d667d4816607ff83f4a9217693bbc8fd5d2c3650e20c83f78b9094a7e146ac57b3145728def5e48788be100e920ae873fb24cd8db1107a7e91ea4d0f888d5bf90dadfa59ec453c4579c4ad81c17bb207f4a1b6016ab44fda0b9b6aca1ceebeef50fb9906aab7fcd4b6a05831676e2f623d2b06242b46917b00836dcfa001231ec166147aac27c4dc657c2f0dbd51ba05253827b44be8141fa5819359d7456ec285701feb059627378572205b713da54a4e230d9231d6e5e1eb1bf54cdaf31729b7cd563e88f9f6d66e1269712545e2a4a137567e3f1aa146f40fd84d534d3b2ee92d2179f69afa056dab93d6a538a8620d7103b240e74997ab519b626b8593cb830809d84f5652ce856c7337e29f9d09ccc927a80fef587618418660a3efda50072f3fcc9ef55e3cda22d2d205a03133bd72f13bd60b40583c01fe575b30f6a6c9dbe8b9dbbc1c0483d4d664dedc3694304b10e4c5476444fe7c66c555a2c752d781549248a31f7887924d75a9da11acfe8cae7ecc7eadb2e65ee6156e321834b8fa56cd56ffb9d4ef0b2faeff84167182554796c1a40f4e600f03b97cfccb761887b20b1e01a370b7fc0a56463aea6ecd2e55648f2e7da6788a78397738e8a223e6637b5b2109236df0bed8d4cb9b4782581eb7601391cb257a90990e5128b75dc1137fbff6fc72d4bc3cdac7a4c0c0490cc2133351389078ca2454d179cf4121a36c6b325df2b315b5a1925f5230b8f1e09bc2a755ebc845ed32f1be9a697e7d5cd96ada205250cbe2fc01b9263b624e774160edd01ebb2065c2095a6fe0994c6ba8c42acbadf2502774f40f42658cf8a7698be2dabccea65cd985b6b2d50d0c14dc86ecc4cb68fe1ff2fa711ea0248f1dd236aedcaaab191c4a3ecc5621c4b145a57d64b1062671065d882046b60359768817ddd17e4bbf2c0ab82c4b8d142f7cbf33dbfde979130d90c5352ef4c017ce892cbf6ddbaf0c22b61744f51a3b6a6634f01c7bf32456d0bbdfa7969b25cd2a0a9ec1ecac09a6cbb05ee9f7ea6cbda6d2baef24f0073754785deab8664dff85756f67c41691f4781614103667563058e7d7b96a98ce02a915958286c40d742f35ae32183feddf0b027c85768be886582f14ccae2c49dabf6e6837a13f0ab5c3db08858b77465094205f4ef445248f7fe147fbd7e58c66b43c773202c1ee1a502de9ab64535943eb99d079a31de895028fa8e235a9322b2994cc2553cc91c633bcdc66353ae3aa748096ea4b7ea743beda713c0d1974cdebee4feefd99df47a2817b88b51932386f6da8b916fd7fef422053c3f9d5f2208580e98462dfcd6f3051747b4042e7f579c2e6780c81dc417c60d1cfced6534159986fe1569208c808d4f17eba3ee9834ce61a11cfdb442023f7618e7bb18b14d67aafe2f0796cc1f53da45efe7350163b0de54ab62e8ed5b18093610b34de9dfede5c4f0a95347485cd76f6370101488ae29cde7b38e7e3d79a80df4b4badde8dd3d74810be0e30950f8f386e6941c47b486cc960689ccbc9438aff71fe4bf28d6ef7f40fb48e315183149934686e468b091de0f143e39186cb5047ae27790ef57df922aa6c1fc920c526fecdfdef2f6e2b53668ec249fe9f9e970cb89606c6a67649bd25bdbd2e952fb8415ab839ea9fe548afcf96e64ae066ac4726a76959ad636cfb1ea3e62748ce032e80b88c5efa1b47ac696febd23bb74e3946b93107f8644405182100ea23b30fbe6a79ef7f9b9854c6132b435e7d8639b274e0bfefe0c50660c7d334caa83bc542fcb770b71f8ea6eb600498e9712919924867865db70033144f86464d5ede3ff14cba40f1541613515935ff9aa985e9f2e96b67d1f45a8a3379a0f611fe665c7d7b44f2699edcbddf228d6ba5135ffeb42875a0964cc933152fbe58124128ab4f0613f2c408a18f2e6b65f4e719394c7f31f27b076c209ba4b50eb812c7250d78778bf6741162036fbe92e267e84591d52b17d8ae8dc663049599781dc9a82422740ef69af6f5b53e024a4d3d0fed1b9026d71eee1707274b71bda13668da1200aa7ffb44e38ded10190738f8a6f1b038d7c2e3b5f3b6309b690b261f9f182d73743a63a5988f4e9f73cf74cfc494ff0cc7df37db5ddb77525fe262f5dff90eeecbb7291f4d998e1d5e47b286eb0c0fcf18fed80637f91309cb2d73c93af5a459e5306d0020ad783fa61bc7b2be209e0ec7affbaa99c3f779f351fe087fab049431c2eea4c81e7c4a0ecdc12a095fe4c82f0669d8d43ebfbe489f4f60e2b7aeed27889beba43203f933ae841992d499b683d4b1f19264e089b3afea8aa4802f8380334af5e9f8ff16dd9ce28fad580448c4156a7457e8aa242dbcd37777778e004e7cdc43f6ea8fc36d325541614497a610c0018409eef9c4e2807b9ec024765ff8852da9f734f8288f654f27f1c911b028138ee0c2dcb0977c38d069bdddf07e36c6e241d1571ccf6da2f9c5be3614d6197b010a2bd24c644d30ee19ef8ce649c501b9d7c0968b36e9363d535c7c3035963500d682ba94acc1446f0b54fe3a8077a54dd2118f958c69a70fbf70792eeb131648557464a29060a705fb75cdef0878b71f8732fe8a0aa546a07b8eb96d8984e1a2cf79ce7f442d43887955de92e18f9fbd79577b2a2fc2e178c089fc49f754bde642ebe746437f79fbd2e7d2c5d660d4d61607b5c639cfb34a84108e8308eef8154f50742c68b7c3bee0f609c58f9dc68ef95105b7dca19961e6c7762bb685ef13291d39ffbf71c544967a0c93adba13941a25890d653ae77794c80ca3b852739c89ca92d9ad273778165cff41994c2e879042d64c6f2a5e90c8bf5fa31b860f657018345bb258d5c0b36dd25898e50015f80fd1004ebe8a6dfdf70b1d0d20e3ffd0dee7e20ce48a7ca62d6e7cdab58189f4646fdaada40a3d15fd053702436b5b4198522b0e879fb69ec79dfca32576cbd0e4c2f4165fd566ca8064caa6e7b0827d62aa40e9fd183c70649d983930be00f058f7ebdd8bdfca7375659dbbd067a5f5727a84f55d36aab3b62e563f37b1ce16e06426fc6f473caa0385d19d766c8f6fda0f3fc99bcdbbba3f1522b4dbddaced5ddcce3b2688edb840ead1f485f79f633810b4007bf0fa549e7663533f11cac75b1123336df5dee77b03c327827c05268f0612c11515621c24f78033fb9d698682b9a9a74a19c7256e514805bea6a2df88fd0a7a2bfdc608303d6fe19862535c5aa7f7c8f4ae27220805787968e6841fd709a5e2df3a293e227d5b15924e8de715c700616233b26e6f4f2ea4fe34725cd114f746d68463fae3ed736dc935ad2ca8b51188b1815574c4dc74061e2680e7a3313741574dff564766ae9fa8a1884313fde13a103a6b98fc94d33e6e418483baeda4bd21faeb1f61afe615612e39b7851806ee9c5ce62b3ce51969457017327b82f487936532a267e29e4a5495e3b25e5419d5104c394a639caeb7968e9d16bbdd10eb8ebef24386e3cc51944370f6ee523076e1f4b18450e86db8112554a6aea164a2bd69d8c6ba40ea23fc58821cec453fd2845fa972aaa8007f2c00dcc9fabf22517af8facd2f33e0d5cc3d9ff3e540d9ac039de49d7e6be3e5c0ab8b60865a57699e4944913e9bb3328cfcf0a9a8e47ee0ca46cef13ad625bd893ed84879ef6427a8da4a0f6da0d86ad385d4c5232d842195774d135a8709096d3ea5c550f4676a6e7244c3472d755916241e80c8a38ff5cbc54be6516473df83a872573af5fad5c49cd098f7797f88bfe845e8e3859b58b76f10d82498b23970cc6fc219a0268e7e52fbadc939883ee01140fc057fa9546d0a3fc3173299760ae703566caf4e06fd4cbc9de80bd5df65978ef61ea7ba9ccb492277a9249f9cb93a48f36163578dbd9ca867a2a717a579ef3c351ac59dd3f9ea13dc5c9bde60807bb85c1c1c1ecba04019d887dd5cdc4cd8fe3a96c8ea48ea68a13ba7f12876dd5ba0c814a941559cfde27303d1cf12f79b72d681b98dc55f7d20cf94f1b335ae92137fafbbb583f63c62f3e8cb0a115af2b56b022396be317fffb860b5b6870176656db22d97a01f6b7f7d50ba78916bc08b006d58cd5c1885944cc8bf96de4f9a43f59a7e965f2ff4f36e53bc7a161e019f982e3b675d09770b4fd8261e6dcd2245270deadc71dd1b69f4c598067b6f2de908773b38d81fd3c7c08a4d4f966560f8e42d3cb100a25c507729c5d24217833a17445dd96e3158e5b932bb4a3420fa1b39e3c354dc97a66884279f4a00baf2f1ce1b7841e3ea93c7d54ccc106d158111b7c81f4d21492c9c8bceeae622f6743e06b025f12f07d99a8d752684e35ae9ffaa17a7a468f7dcbc381f6452ccba4e428f2a4520334a4e72335b7199d0384c421187f65", @typed={0xfc, 0x2b, @binary="e20af0fc4ef9e39e39faf0d9be93a362237bcb01a248511a73c3d2eec418b82c4917a4aae9bd9ab3df408fde93490494cf721115ac4b25ba56d26c2e87bf213cb3043ecea095f60a5fee63e348969f344f65a197792630037537678f0b080f1f3a1e76854820c61e91a3eb48bcea163aa04f34a0cee95975a54971eedffa655ca73f1c187ad228cc5ee32b1dbad9555ea99ea650d3f239dfb11f1ed22a2440a2c76e30ecf8f1c0c4ba88e8d2cd9c8cacd2ac50b6e31f6c046d641910ec50b007e568d17277173ba3b78ffa3be5850e109f9ca9aa5fe3cee6bc47772995b05ea7ad9e00e41c2446fb21a54656cbf011bf6f331b3f271d2ddd"}, @generic="4ea731713bf74815ce715ca562533048086deefa63b368cbb2bd3bb3e89fd7836dae8b5871f10625389047d6f7a4877e51014b868de75698ef3ffe176a920770cdfa85797d4bfdda2cae88a11c8c62ccbc4abb190a5eebfe3989f8d459d08e2cef94", @typed={0x8, 0x66, @fd=r0}, @generic="ea7478268590fa995ec322bdd68878f7f04601d2435156092da4abe2cfea16fce74dde5f00e798c301e0c5271b95c967e55b3b3677a220890649c3d04f651da033110012c619de0e99bf0e927a5ad4425235537f8b6334c36971a16940ea6dbee4e6b6061773aba53e87216069be01979909a787444011ee88f5c7e47418daa3dd38f36d49613c3c1969edc162aae7bf4a6cfbc0ee8c14d2c4465bd71a7c7f2f0fad03ca4d12c596c34470372c1bec37b6d01d61a694d4ce11cf2c318148afd6d6fcc10610eca7a0b2d7d654c3680874972d172a720f493d414333bc51b53d28e79888fe416d155992723b94a0cb12d4ada5b3fc144ee74d336d960e53c167ea83384bcfcb2ca7b80b22fe7d0bd55f828ba2a1c23d293be457f97702fd66670c41f4dbd04554660255535e02b53c189ebc098992633eb53858f7ea24157e7911fd858f8a9c183a9aaf374c3808b6f428a842303a313d9e272f60de9f3665a2912c696ff4cebf0302adc3e646b3b1d94cb94a435e45338c26776753804495dcbb70ef685025ea91e5e1c1d5780392ea05c71ddabadc794d352dda2da8494b7db45cd618ce6c3f42f8f2304bc93b338d6c7fbfb5e8331f853caefee727c62657d2bdc5e1bcfe503f34b1e0b6e979f971448734a46ea411d0c4c4f9d2f8f909bed465a8ec865e8e4f715a6f2132e7b403e45a59d47f47563b86b637d48ec4e9d380c2a7086765e000a488e75536e6d72f1676dba93dd5f06437ffe11aa304892760cd11308819d6197be36e6309096e346191ba7127ce1f81148bf66feb6481f86259d614e87d62783e302d51bbb3426e0dfaa9d4f030b2db0c7eb97f4fa9c628de9d2169b5cb2cd7fdeb511db528ae5d92d82e3cb34524c931a759a6b630c9aec19a97a94345def68e063d8f6f160efcc117ab26dff34673982ea49124dd20331e16c830a1d3ba88e7f53c6ca8021e8dcfeaaf55a331a103ac69939a8cb4a8f2725235c6cc5cdec5c4c4d05f50e6c8bef1dc644c25fd0f3ec72a79c52a01539d4f7c7aa2eed0e14eea2eb2bb35a3e1c909406068db13736113b7b6463baf67e313925d2321920cedfeca266f00aab1208a50e009affc39af1273b419d67e95ad051338e1b9297d91160ed635dd0c0dfebe8de53ca39862135abf162bb5bf47961bf91ab8b294e3791487c68b10b77755a6080dd2293664afacabc73ca47d1b2df1454678a01cd86be72e7d378b240848b3813ee4a7df06112ef662531b1b8fbb9e86b3fe8108ab261f84065b5bf249686bca232a0c82fb164f85f162a5ee8f20fa47a736c3f82de123cf7bdd99dad149db61460262de72e2b747d3dba20ea5afba3859a4246335a4b07050da4d3e8df5abbd95940cffe8043d2b1850a4e5c3842ee044b5720f8ff42089fff1c9bdeb58646d57347e671d167cc45b5b0480209625df592ed51b566b53440380826f3cd363d34746564117499cfcb24e36270184dd4f329c07ff3c6d61f3299d92cff0da343ab7a686cafa415510e1cf2fe6cae263667a6b9a31e7d36ec9e0481369c32bf174cd9a0009d06a2f4c5b5450f98bf7184e117438093709389301fd227cad32a4ccef844e9080106bc849213b144b6916c5b2c6fd7df882f49d5a6b5d894ff04c59f8dbcda189c0b215f4f1c0ddeaacc141de0ba86efb39477dd7ad15e75d9d1ba41b976775d33960dd4fca875f03b0e6fdcafccd8fb570cd09658903516b3788e8740de9482d664b0a17060b17ec4e8f4366d9d9eaf6760b7abb8867b2e2859bd90623a8b9832723c41b23ceeaf0096f2c9ef80839f0050bb831045d230ef080d535fc60761e02d5e7de8f342b61af26999a14a23506db0d6c5c0334ffe5f260429c579a163d0497dab9549fe66c4057afdda5776718e46f08cb167310afd422c4cf567f0e92fa8b250f1bf77a4dd7be4e98ef2c0cf7ce3556bb5cff011a1548f857c07171b94a7cedacd77cb729b245dcaea8adcc21971f42fe262d491309f6fb01555e5f9152410ac80f2ba4206bea6612ab6fb01b9e4778a104a8373391b4cf1407420d1ea7e50fb97b2b31154ee3611dbbb33fe1ba68dd14daee8fa8b63225e171dbd4a0e4672f5d80a4930c0abe3be7f615956f4cea516572f9547f5818b36d735cd40146fcfddc6076f6d2dccc4310c91bd69aa7f79ea2b5fda033cc6ab62f00d77b1ca84cdf93d41202d3c828da795960951bcf7325c12ccdc1200c6dbc2da6148b3a430626bd00e9f78314d3a4f70e66290b5e8d96cb82128a3ed1adaee35c0d947d94a9cb63d09793a6d5b37cf3a571d57ae63e8ea5928a344eb1aa0594ef31435693cbe7a4f2840085f8647a955ebfaddf1a3ea68b3ea76c925eedfd833473a70d77a700112d0df82b767071679c874533ff1c2153db79eed011e0b70012b4401b4beaa3cdf1fe332f4bdfc6444c117a16563be60cdcf8d863b91bd2e56b4c344f4c83b1fe4fef3af9be7ce4ebdeefd4569581c19bba0af4835964b716b4989f552162de432550e3004199f7bf15e2570e49c3d3aaf148d394ee80e7da773fef10fb844669291501511ac935b2fd908cece9b1b26997267d3a5bb19de763a28efb66d98a2ccc43ba0fb04fd39607910a0145bec1ae24b3cb7d1feedac8a0c8ea512f23a8ba9a6c0393aefe4ba7ec95fe9a894cdbcfc1f4a58426abe979531c90d750cd1d1ddabdebe4754a441a3624381e63ff27ebd9f16af3e63b00d13075fdb177f4f7fa2a2414ace90dcaa3fa9b8b8c7d807317843dbdcc4e3a40c7e6ab1940be242c3d4a56c7c58e6078a72c1fac0e50a1a600ccf3194977443686b5becac49344e7be8993218aa895ca7b93376ecb6e8e81d82c990244efb97d394a3e802798a04ad0c65f2b606dbf76628665b33d9d9a03e2ec5d8375b510adff012300fff4587d4fd5235d22774f9da38eb621aa79d8982158b9bdb7843faba78ed2317053190f330e2a3388f9969994fdf811dae5b83ffd2521c2122864bc46f2dc9251fe429a22241b86a84962fea3e477629149cec55db83ba0cffe642e4c7e68b2a6e669e0afe1c4c76eac002443d9e8375f4b768f49ea9bdef7513277eb2ec15e7b2589bc28d4d1757ec68a320f385a815b3f0ec0790cb463e65a97f126b18f19203648e444ae18e4937fca2ee539bb25007f4ccabec77fa4787094f468d8707540da38469885cc7911aef1d99545639de50239cf2665f5268078a618feee3b45e6736fa0afe624c479b5612019c08f717f43b9f3264ab5303c4025c08916c681fe274167f5e1208cce547b54f9107c39573adb655948ad86163e4a3509f0c2066d2e2bd7e81092b27b34682b8a966329c6f215b5ca3d02ae8cecb0ad4e2c9c4e333cc3fc654d092103ab1f23d2294aebdc15d2ed8c6af8af7428313d75e3d3875d159037ef72b98dba9933162cdc0b549b5899d277d55fff221f4ae788e567e39e39d6a25b8ca4ab8f4725c87e7c39c3a439e738e1db9f4e956da052d3d723abb17ee8c85be60f4812e5a53fdebcaf29a36d1118a538539c0a3e69438102c99375cd9c6aa47bb3631ac2b5ae2b8c108fd93f0223208aefc05f4caec3090b431515d9fa34f94b7aa20f8e4249129a79c7c266e78625eda3f013b4f52907c5dad030a470f63e7d117bbf9cb9cceda8c3d5d2a0cd4133e8fa6903138b010ab7db40cc9b2199eeed6a382fac08c5c8415e8d75fcb003048113d7a235b1a275c8168ac1673ce57c2969621c4c621234b3dfd9eccd40a6e8c2d17ed614581e25f52949df349222c2afc71b27c4c6d5cb2c047e0036aeb18fa9307111fa44daa5fe0e7ba7b567cce0a208e8f9b9b9dfe480f742c95679d4c87d4fb6d4f3046cbb5a0f8ac2e6d4095cfc614897f76b44364a3ab4f47f4445819686df467613f2bd466e560f0c4dc1fa6a00c1490b63ac1d693929deeb5de654405aabb54c39a0dcedeb8cb462fc2af8f2ff6e86ea7fbefc638c9e54239a7440adaf60fca78069faa1b49afe0b4b2b343ed13670dde2db62c2eada4f7d6f2ebebe2289eb539121a55d1d03af0ae766c600610c17f5ec20476d55c043056b48ffe413eab0d6c507b304874500e49d5fe928468c8c0456cb63043a96ce7a5b6330315aa5a3410ceb29fa35de012d353587094e9fd35269522fa12f8183bb9aec6a7036dd5971f9d0c58d3372ac2b0e96c2225baca57a25ce710827d46ebc6a320ae35095d4a967070b81cf2a7f8c53de22d19e5362f416d7950545eb9f94d3607355acd670c934e1280ad298ca85b633b83a2441787a8d3fcfc99b0aafa9dfc5975a6922e194f3eb91854dd863b58eb973f9ece9f2da14b81c15b18fc69b9bdd06984094db273c53961f0f3d1d3cecf55a50f5c145a2e65f25aacb57070f24f16488dbdc74d92163dd2c5560a8ece714aa71213c4ba002bcadb5ecf643b22e07f0b6c1c158c6b8f62c8b836a993e3964937a862279f31fd7a22dcc4aace86ac24d8d185a40812d5d903ed56b3b3e719ae041ac19425c0ef994edd0077ece6f681e817251b25e54730a0ae2fb1da55489dad4a9668a6237c211241aa86f5d2f1218d5f9fee1571d9a978893e83caaa2e65c73466ce137bc9bbbeb5bbbf8bf333ba0f3507568ba133cccbf4f252031b7960f3b70d39a379eff0d2c89d3cf793746dce9ac353bbd55323edd4443bf1775bf67a04263dc9b73d86c89c7162edc895636c3afc0dcf646cf122ca073769aa5f7da68e0d88c476b739ed0d404bd61826e8ce1303c375994a4a69300db6454d11e5b644a25e8d7863ecd1755344c05d23c54041dd7888541dfa99941a1593fdc27f9ef2547abd885b45ab829d78e34b27a1243da83c9f95c1a7956c7ca55f7139f011fc48937225d8f1f7b1924e8aa6c2f5802ca976dd37db357b1f0801265353569808d8a469f7f9ce15fca260188ed546dedbf593c4f69eac699691b8c0cbc193b5f6285023822809fd21e6163970ed217b619e9aeed23e695f0c95ce92df5ba45ee9323c8d10d42defc40d2e0ba1e21064618ca459308638d419f36ffde0ff968389551b0608cc63b65b2b2ff2a4980a3b735170d43a27f593bb346a382baac27d41611b5f3cddbd558173f084afa194d873e51a1c128937e71699e8974953ba9b022a8b6c599636d419eaf84431a6879c5872cb9dbc318c31befb9e9dabf463541ed10b19d3d5df55a29073df41de3bf3a84006fe82c1bd46af647147b290dcb08042025b05882c545aeceda7ae87828dcfb396359863bbb75dbc111d0be17a17a3e1538708f2b6943a83332416d25ec2a41e651ff96ab2764ca64643bed81cef410384d5c270c1892e31503f7cf0aa753b9a3072f95b3bf743e5a9fd431ee13c4d05b45bce7b7d466f7472b5896133cb84046821c44174dc0f75e783544f8f6afaca32d7c561988a7e90e932ff028cf613676a8cdfb244ece4eee5da210a5f3e924164fc9de5d6ab4f7ac05d6bd5b9f784a7eccc82f9a9a247d3771bfe10a54be5bd88940c136c007443818c0ba712455e65e660cf7d741b2845dc6f9038108bb2863c72db32fa18a311e957330f509e502ca07f76d4f8a95cea0a2e2ecf84b9f121048db5bcaeca86eb4a897eab5eefb443c79ba54fe16c5201323ab9843dd7301e411e997535311a927c7e40c131bbf51c79a794f39c4abe501730f6867141172edbfd7b4f164513c599916b6ffc5a978da32aa77a163df5d390c1797d0296bddf1c564bfb52ed89926050c0489f0de5c3d2ec3703e69c5e60aad608e0093ca4286e601b8", @generic="e7f9e66589b1e6b509e9f297671db3f1c3751b50482b8832", @typed={0x8, 0x56, @u32}]}, @typed={0xc, 0x31, @u64=0x6}, @nested={0x198, 0x7, [@generic="dbf75ef28fe1e7506d89a06c91a34e77603e441627ba23aabaa796bff3d2333cf36584870f79a6393dd335a669ac0d6a54d1d5a0501f58ca20f7b7bdd4d342a8a1d4d6ea9cfb3a7f8af1b4d1716fd93c5547f8283dd3936611a4fb01121ec240b475a4563d131209649fbbbfd4015b6e42cb9302862a415409cf0264d7d74594eeb222f691f227a19912e1d5ebf2885b5b9850d5c22481", @typed={0x8, 0x10, @pid=r8}, @generic, @generic="94adbeeeda8211f9184b1b857a2ad5b194867cade08a417d4b34d4e758a6f7ed574619a37fb09607c66deb5af07f41d5ee69447e0d0f35c8cf86b75a89ed2b68188fec2a85da467b3c38700ecdba89791d2e95f158ce8f396f933688d797fd10b61dc3ab2bf5606ed17307508a84e1304f63ba1720018ae1c22698b56d8f5d5422ff85c716c16201d7ab5eacbfd0149fc47fed6f6d6725d94696cba74ff8da637af492a730e1818e5fb9e2aff8e84c6f0a07f9ea5f74c4113c9e5abf1ccd31c867e87203a2e6a0616106327c342756d3d6fad12761da628e5504e38a3ec7b4a95abd31b6de31ca0f41e8bf78127c4c064458df"]}, @generic="0624", @nested={0x234, 0x57, [@typed={0x14, 0x41, @ipv6=@dev={0xfe, 0x80, [], 0xc}}, @typed={0x8, 0xf, @fd=r6}, @generic="3a6d1131c69b1662ebd3ac021fd11f01bdba065f0dcf14de04bb835b5c329a5328f9ade5a85ccddc8a404a67496996db002a944ac150289dc670a198fd105f1fe7bb6870b58820d51de86e8ca1e7024d85e15e1db9d68a21bc33d8bc6c1adf1bb1550f8e313c672e9cc010", @generic="5995b0f9154ad242dad23d61f5f16c26ef9d8afb06485e84ccd577b3f7bc817bcf0b98e11f901fc5a487740659b28fe2", @generic="2c2652d948994c1800f85aa1676ed195806ef7b77502b1268b46541e0e91abcd13d003af3978f1001d09c8b8697bcb2c0bf23479c2377ebb52de232148085777a2c9f677aa7b0ff75e42d1d269c88a2b3d0f36586733e9b9452c4834585a66e6428da138890afe1ada23339e7f975c5ec3c86dca1770d8866cdb77ccbd5caa2dfaa0180d4582096ec568a8009c7de7f3a423b7805353910030447a5bde1655c9daada643d99b4422409b76499297dbccc846aaed01bdf4bc768f657af82d1cf00591f4258044757cadb21a915a83249abf65445601c21e8825ad", @generic="bf45c035d45bc50f7a4be00b1c7f6a8955848fe2c99582cd17035e4e4bf5cc389993b6c4d680fff139abd8fe8a3ae3df45e915fb2eb1349c6f3201859056aec366f498ac41d0f88e21615de55c5af4e28d7e1a3b7af5dcf5cf44984f16e42c335e0e735cec74c2d87c1a2eb43b2b932c4f0241d6168e08b448d6ce", @typed={0x14, 0x1a, @ipv6=@mcast2={0xff, 0x2, [], 0x1}}, @typed={0x8, 0x3e, @u32=0x1}, @typed={0x8, 0x1, @u32=0x10000000000}]}, @nested={0x40, 0x1f, [@generic="346ffca63ddf28ce42daf816b2b6c65f87e631f7e9e2e256693f959a70eaec134d7c5f14bab0024ec6bdcc3838bafed149def90c450363a8c76978ae"]}]}]}, 0x2660}, 0x1, 0x0, 0x0, 0x10}, 0x20008044) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) [ 1040.994456] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:10 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8100, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:10 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x600], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1041.055552] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:10 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0xffffffffffffffa8, 0x0) 2033/05/18 03:38:10 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x0, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:11 executing program 2: 2033/05/18 03:38:11 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e23, 0xe1b, @empty, 0x8}}, 0x8, 0xad, 0x1, 0x401, 0x2}, &(0x7f0000000100)=0x98) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f0000000400)={0x0, 0xbc, &(0x7f0000000340)=[@in={0x2, 0x4e24, @multicast2=0xe0000002}, @in6={0xa, 0x4e22, 0x1, @mcast2={0xff, 0x2, [], 0x1}, 0x7}, @in6={0xa, 0x4e24, 0xb36, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x1}, @in6={0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, [], 0xe}, 0x6}, @in={0x2, 0x4e24, @broadcast=0xffffffff}, @in6={0xa, 0x4e21, 0x5, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x1e}}, 0x6000000000000000}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in6={0xa, 0x4e21, 0xa09, @remote={0xfe, 0x80, [], 0xbb}, 0x9e}]}, &(0x7f0000000440)=0x10) sendmsg$inet_sctp(r0, &(0x7f0000000540)={&(0x7f0000000040)=@in={0x2, 0x4e22, @loopback=0x7f000001}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000080)="8cf502c1ce6dc0ceb6b038fa29ddc413b5", 0x11}, {&(0x7f0000000180)="418591c834d129dd79f5ebd454610815f94f68a2dcdf9642eb9ea8836706ba4745c379e2f5435151e1834bb6744bc00bdbce6b7a7c0b0586878ab833b27181b3a8f7b91ea0d7f0c43782127f86ba9699a3ea80212e8d3d115afa5b9d90e278f186647a766ee212b93778260974dadd1229a5414cd4565759b2fa137c2d031d81fe9337ca6e7a58f2bc091c1d8dab6d18edbb8bb3242633f2e1554e064568515f63c0a1cead43dd8268e77e97f9181ed171636b0c642cbd807e92f10ca1ba7a833a3f915a8ae9660fa1492d4962683d9e55f1f2373364ce16cdb87b4d536c1457e50cf8dacae5241a", 0xe8}], 0x2, &(0x7f0000000480)=[@init={0x18, 0x84, 0x0, {0x6, 0x2c, 0x1, 0x7fff}}, @init={0x18, 0x84, 0x0, {0x0, 0x2, 0xfffffffffffffff7, 0xffffffff}}, @prinfo={0x18, 0x84, 0x5, {0x20, 0x400}}, @sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0x4, 0x52, 0x20, 0xc0, 0xfffffffffffffffd, 0x800, r1}}, @sndinfo={0x20, 0x84, 0x2, {0x3f, 0x204, 0x9, 0x8001, r2}}], 0x98}, 0x20004001) 2033/05/18 03:38:11 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x44], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:11 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = msgget$private(0x0, 0x4) msgrcv(r1, &(0x7f0000000100)={0x0, ""/140}, 0xffffffffffffff06, 0x0, 0x1) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:11 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x100000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:11 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)) shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:11 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xc805000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={&(0x7f0000018ff4)={0x10}, 0xc, &(0x7f0000013ff1)={&(0x7f0000000080)=ANY=[@ANYBLOB="1d400000280001000000000000000007000000080c00000013d3601fd653d70141000090578913f6deb1baf7e8cb46f8900c985ffc3ef6ef93ec0c396660f0208766ca0dc22a292f682908ab428b91aeb51f3f5e4bcc29a87f8e0a92225a4159c469", @ANYRES32=0x0], 0x20}, 0x1}, 0x0) 2033/05/18 03:38:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1041.430387] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:11 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000280)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:11 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)) shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:11 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x88a8ffff00000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:11 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4400000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1041.525273] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:11 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) ioctl$ASHMEM_PURGE_ALL_CACHES(r0, 0x770a, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x3, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f}}, 0xe) 2033/05/18 03:38:11 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)) shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) [ 1041.619963] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:11 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x40, 0x12000) ioctl$KDSETMODE(r1, 0x4b3a, 0x4) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000040)=0x2, 0x8) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:11 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8035000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:11 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="45965a5c4f0f0000000030e3290fc622c476120f3c182d9d2c987c"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000300)=""/206}, 0x48) r0 = syz_open_dev$vcsn(&(0x7f00000002c0)='/dev/vcs#\x00', 0x1, 0x200100) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'team0\x00', 0x0}) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000580)={r1, @empty, @loopback=0x7f000001}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000028000006a0a00fffffff6006118"], &(0x7f0000000080)='syzkalleP\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) syz_genetlink_get_family_id$team(&(0x7f0000000280)='team\x00') bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xd, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x9, 0x20d, &(0x7f0000000300)=""/187}, 0x48) 2033/05/18 03:38:11 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x1100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:11 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r1 = syz_open_dev$mice(&(0x7f00000005c0)='/dev/input/mice\x00', 0x0, 0x42) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000600), &(0x7f00000026c0)=0x4) 2033/05/18 03:38:11 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:11 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x10000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:11 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) get_thread_area(&(0x7f0000000040)={0x1d2, 0x20001000, 0x400, 0x5, 0x4, 0x40, 0x8000, 0x8000, 0x7, 0x5}) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0xe}], 0x1, 0x0, 0xfffffffffffffff0}, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x2a5b7f88be52aca2, 0x83) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000000c0)={{0x1, 0x3, 0x4, 0x2, 0x8}}) 2033/05/18 03:38:11 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x2}, 0x5, 0x0) 2033/05/18 03:38:11 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:11 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x88470000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:11 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:11 executing program 5: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cuse\x00', 0x40, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000001c0)={0x800, 0x0, 0x10001, 0x6}) ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000200)={0x80000001, r1, 0x3, 0x6}) r2 = socket$inet(0x10, 0x5, 0x2000000000000c) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000080)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f00000000c0)={0x37, 0x0, 0x10003}) ioctl$DRM_IOCTL_AGP_UNBIND(r3, 0x40106437, &(0x7f0000000100)={r4, 0x9}) syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0xffff, 0x80100) sendmsg(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:11 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x20000000003}, 0x6, 0x2) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x400100, 0x0) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00'}, &(0x7f0000000280)=0x44) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000080)={0x8}) 2033/05/18 03:38:11 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x100000001) r1 = socket(0x2, 0x1, 0x0) sendto$ipx(r1, &(0x7f0000000280)="edad27a5760586a14080dc965faa7b3256e609eb7623050907109bff8fa391cb4b51d9e795b6a569df61b0b95431a04ee26e464d1a4cc20abc248d1e406adfd24252d6680ffa43b706a791ac29954386d9d0f98ff5bbc613ebfe731239eeabc249a953ab3f255d195d8d46d401e6671d1c9141fca393fdcebe6a47fcc97a4e05366d1e2dd05bba5428c2f8ed18dd20764e8e9f6738c6c07a3447d1ceb970be5b4f36bf88a963f58c6f289a8fbd3358f74504d1b6cebfc246b542cd8430880819a5d444f7df1a72ca4d242cb13676cbc1ce63f4982a9a8aa5c8d025e72e83feca5e5581d17a97e11e4c510d1484a706b15abf73299a888239e807434a1e1d133ebed3c2cf1c9df932b5737195f88d4e8f31a7abf9ef54ff93e744e4845ec9232a6af1e0f4c36d87a5cd406ee4318eaca11878ff8605dc5bb30a033ffd1827bf98f45bc506bd6fcc57b6aad1cfdac20efa620cfb13a9074ec2d6a849c698f6713062a85517030a9d566a75116af1eaa9a2170ca44beb64aebe08f85951c714e65ba325ea58ea528912e192cba6bf1c5216871aee37a7f2df93ced18d3fe5a8eab8d64acc9657cbb2ccb49aa8c2ef41d688691260e9b8118de6631128fa6684a125d24d0fb872cb859e6c50ae6276dcca93aa538964363d653ff4f6a3babcc898260227285d6c300cf9fa7d5be16a5e40083ae5bd0fb078fe557005402d410853d131d5ff64c731a50c9806d3dfe6b4a5dc308a249525f7bb91d079218ebee27eb94601be088e01a0c3b89e20cf9901aa6896ff3607d93a7cf98a13823af3cb37b54de28ba0d746dc8015feb91d7bbd75a86eb029e5a0db6a8fc6fddda15130bbfba789b271182fa98e43b23fa9701429c8166c94cb3b0913a4660675a00e83b5f5f4f1f3390290cd8e20b8b2ad836862c8cae97204a4ac5c45366fb10c119fef94695d83fe31eaaae53a5f7db7d5282ec388cfd9c2511ede9eca27ade1b19b032032bdbea00e152bea74a9e52ae1cea2beb6144ab34b6f9a4409b34c77ddc4e10001c9805abff0928e01ede3bb98dc3fe7b4a28f60232caa4041cc4c145228ba903ff96e6773a6056d7d0a94fe61990098d6028cce2489775b4f658a0467efce4ab0758104b098c109b5fd2b58048aa44c1d3b9ae8a319a66993dd854e5398cb09bd18d1b09fba59c84b972707e2fa7d9175c00c2629597fc5885949d83a8efb347c308046839a0d20033893d52ea0bfeca25383a1c618c391d227379e73933e94b9f7605738c3afe1e5d5eba62fba24cd6df377f8165d44d8925fb6cbd5420056248fef3073710313f0083e8bcf1f9a52a165712c067fad808e842516ae4759916cdee7ddccef754914dc919fcb5a3d1b2cd708a905bdd433e3cdfbac3fc72945e3a16c3405d5827bd7d45a0c932fdb691af000284c9f84605f8e2cc964839515318138e62bd6f95edbe98f3b5529b124a2a0e32679008c687ea605fa8302bfd3e6e6bafe9aaa27e3abfdc701e03282799e3adab74216d7b60059b7e7219db0a77445980619b013a1e6efbfefad93a106ee7b2781289d10c9ce8bc5681035cbae677525d457ce6517cb5c38308de06b2cbfa1c6a53d3e2bdd9a25c652b8ac5a06ee605c11a367db7b2ff3f6d19f1efcd593efff3a92b5bd39f46710de72667072b0f9944e3ff2de59d64b7d32884beb6e064e75900bde01ca11cda990bc8b1a41dc53d78a5caf0ef132cd2e962ad80f70fd01aa22e7e093db4f897ca0228050310c20110a3ad34bf4ec967a7e15a190f32f56a611e0621bb9ea88e16bac83c345c69eee3213f684bec0dc4602f293461ee50b438a050a75c48689ca40d65949e3e16041f13ca4eb011163d1e6c825c175e7309a066e34ef3097f874a4c5c23384421f949aa8d4a4d8a3e31550c46084654903a5bc33c3f1546e320311186824e0ff5ce39a272e0a8ed4628a260211cea2b0f3434a5dcf29b57d5660a01f5b2b1ba240a5763eff48e0dac57dcbdc5cf877418949002b4ad06f59b54249696b27b9ed65a09ef4ec7e08d01c6ff2d8eff8e632bd1fbda8bfb767b32023b8c08480679f8694f82a18fe0402a4a3d7307c78bc955ff59da21f40e118696ca22a686cc8675e59e3e696c178b13a2fab5b474ebe25841928687eabdd54a36150c115f8b5831e871a82e4760bc12914b08b47d565aa38caf4b2c0771243e6f3f4494b24b3fdcce90f797a5389a01828959b147476bbea0a46ae10d8cfce0c1010aef26aa51753659fdbf0b0c605f20508d4a12b4e744347e1392d340367cfac79d35a76b5e682ead0932c22cc3dfe6e593ac98cc781e2835c9bb4968834d95d0d29c1e4b5896bf2def585b3d5b2455740d2a2d4ca567cf8e78d16b5483a92ad9f688d036dbcda8f62b03eecb75e18a4f0dd0a71163514e6c83c04b64c9495858028a49d605b5891778c0ed783c3eb50b1992bb03f09652cd13755f69929c9f75b848a83661df17199047e9b70d50f3a0bc0263d00b76798eb98a3d0b5e0c119a212cbb9ffb7b9d3591b47d88229d1d5ea9bac84ff03f8ae92f884af87d86ab9d13ba589b2b881c327a4c1b2a9e0717c1dcd58bc22b4a7efd1ef0c56a3131cb84b16ec468197ccf5451afa04c465498b25b23fe699fbbd654602f6a99a4fe75db28b98e7f2ec63755ad8bdebf4e0add29e0d1a795bc1290cefdb08f0a956073f45b284ad6e28c2d4bf0086b6a8ec06bf2632ea37cbe623726012e4b64acd26ea1d02052617e9eb16a0bc32ee582c4fe37200ecf24d706196c326a1925be9622abc5801eb717318af0ef746938aaf1ebc8791f6464e539fa2ef47b5c354d9238c700cc447527fafdc6bd18036d05ea794d3b87d02c4ef67f19ce3d5edf4251859a477e8e02b6557058cd816aca0d250b4f2910ab2ebbcd7777b18d3ae8ba24d8a966e1b14238698f1d9abf788b12c7b42ea4eb3621e11ae1f6546e5a2ca134c13a786392024800d8ad568b18507de42c8139365aa6c06b1f55ec4c5d85868c79a4c3babf469b882d8e82a78026bc46498e9f961fd912ab658281b4fd02fdbd4a21bea31cd7628aa3985692e9291c17f9dda5a27fb6859320983cfd95585b5fd176d199c8f4e1f4bc24e51c2abbc3dd32fbebe2e539b5a30cc50cdf0365628d9c8b6cd76a2d9cf5a322aef496ed05958bb6485e5c96d54f6754ac38dcfc7630d2be54975abd0b9457d9774fa8b759930645e12e18f9ecf77976a8186c870630c46fc61bbeabe9f7fc9a2dbcf8c4c0dca0836afe9fe16404c2042918e63413658d0dc962e6a0d444d4e038aef567177f3fe23c21e5b1d89b36a292ea190b27a23d7c675d11a800f834724e4e25578da4e58d4cec43ad88b18f92379386766c9f7e4dadf4c646126d90a10a59c48012a3db135f9c0aaf7626715d06cd9ffdbd67d36d38f8214b613edddfce9cdf9b1a157f16f73a754811e177c2992bfd1a5ad7acbb4c7a0a992354e77237dd49dbace4023caadff368b0c8491c544fa5dfba39b85bb56a62040ffd08ba40eb9e51603fa77d6d146d26303db4a0d32e0f2c4d8989e6de93253f13029b576d07935bcce22335ecf804192f32ca6907b2b45599c834d676439f87889e618539c70dff5c0467f47e854095a203642f0436e2b76ae378660389a5a712fef5a17882418125ff2e061d3dd7cbeace63c95b94d442f9503630be80971dacd661e3ba96572ef590ff78f4477960ae7011f2bf9d1d77a9034f3d0bcafef9f3091a5d13925d939b67eea76e4913820389d5523e35328ea4eb4d420510de331905340c0c8f58b2c5718688487f1a02664325324e28c980dfeb5ff77a994cbd48fa9ede4da17c7b0e8758e5e19710daf442aac3be9562c0682688d5e75a168ee0ee46cbc3d4766215f3b847e1c53384af657f9a6f4dfe9c0eaa61662089ebdfa0e3c61b33cc571b4447573f894e49bac2339ac854f26ffebb9e5904dfb5fcf60ddb57af75227e7822ccb420c95b8d453a95536e644d2c608ce89fd4dbe8b2dd8b553603239b23e85cf699c0c460108af68a43a1ea558ec7b208bd829d77fad3604297db19044c3dd60fa6275ec77a7405264d09fc272d6d5fca00b584b2e36358ab1a3fbfa851ee445986aa2b9bac530eb50d336609c670f91875b81a54f9f7c6d87a1df123ac5a0dd4dd7963fac2b6de4fa7c6e6259a7064f2edfdd55a272b0a9ac5737073704735c5789cd3ce36c56ed89cc661c417e91a7cd506eaa7dd333894e3a51d831575744339e861f2099ca5523b5d9963d223c9f950f130031094b38d454e274ed908a18dc168a095c20db128a66f3730e6a1f2f0f293a993d77d0fb9b5d2a59ede0ce2bddaf3e4c31eadce56f7bbff2b0228b1db28798b2b5f8d32335fa44a02ae9ca03465fce9390ee31b4ff6193122c77161d6dd7853f99f238d81d1a0b98db14ba9e54eaa8aa1811a062aab9f9dcd59e6061ae62c6aee4ef31266bb76d0fa167961c7ce7f4ac5488576ccca1e66926fccc1bccf9a33d142cf41f46685b5b79afc70271e82e5e220e4b62aa1d5a2d56695ba34158bfa0b087f9d3023526d4d548011546be2354ecad59b1c9d75009deb295a74f27467c2c829ce8925b058cf57b340f924335ffe39d0bd0de711ea5011ca60b1854ef940251291e96e47ece21697955071a9705a1576e7e8cf9366f0cfb8f3f1854bf1ed531b084ff6f400b3bbe5394bd6d42aca6edbbfba7d7468086f36337b83b25dfb520f8c0522bb80658d282c7a130a4ecea00ef2b1cdbee2489ebd47019a8676d518bfd6e15b39e5884e0bb8b91656c6adb46167184a2693197c6cea02fa1e5077979ef56dca20c20c458ca2ba4baf77f833899865d52fc3fd6aa351f1ac9a67fda2d3eaaccffda99a7abcb36b7d83fa545c394995a640eb448f5cf52da9bc0ae0c581275e05bad9ff034ca5606b6443648f1d95da4a2f898aaaa45a1209e09528b22370a54c4d2d627c3f72d12f2e100425c6eedbbc9bba2f3050dbb6a13e8849f5f0a9371be84586ba1faf3e3ae939cbf7035249b0547d77528b9a735e4703a7751011ad5c4016e747f57e6c9e690a38b2c1e3950658b8289cc6620e42b18bf7fd9760a36f9b077d8dd3796d53f5b457980761c762bc2f628947218d6b531d5f63639c480ff50dcb41404b087a3b2c38e2c9d88d40827acc3a30fcab5ccfeaae2ac41b2cfaffc561265f2ab506ded16f2565e5ed29b94bd4350767cb33c6dad77575bce81a2f22628a0ad7b7ee85d366e0ce23d0c60120610bec9380d3d18d9987d9bb2b465fde9c90394233d8245d9bfadbbbd2fda38833d509678b8cd6529267918451511b29a0040c7c189154b5edbe28e03ac3b2ef8d2f4dec327b52ff52d377bb45617243452ba087fa498720a93ebc2b5b0ccebdbc2c6453b4ca24f4423b8443859c1d91c20763dff6559395ce7d102caf226cddf210926a70e0f63bc262814b09456f281fdbedbf8641a2bfb5c8baa557b549fb1947ee94febc5d35d96a29e0c01f4f9e45fa1ea79326ebad32d64b5c5beb76f5cd744541c0546c188f43fb19df71414626a1638cd38f879a4979da7e9891530824a759caae7754da337eb16b08a8aa2ec8fc51718ad572958ae678278aa70c67c12fd10c624e656aec26b7af7f1aab996e7cc4a5b9d7aa8f41fafef20551e9694b097a4c3c4228abf52ae04985f3cfbfddb077c3a33b04ce861c000759711518844355fe18a2f94268c198d5b0386d4d5a49e2a969c665b74b9c2d1d61964cb6d29210de21a65467f63a561", 0x1000, 0x8001, &(0x7f0000000180)={0x4, 0x1, 0x7fffffff, "c765185e9e6f", 0x800}, 0x10) ioctl(r0, 0x8912, &(0x7f00000013c0)="c626262c8523bf012cf66f") sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000200)=@nl=@unspec, 0x80, &(0x7f0000000500), 0x0, &(0x7f0000000400)}}], 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f0000000080)=0x7d, 0x4) r2 = dup3(r1, r1, 0x80000) ioctl$EVIOCRMFF(r2, 0x40044581, &(0x7f0000000140)=0x6e) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f00000001c0)) recvfrom(r0, &(0x7f0000000000)=""/70, 0x46, 0x0, &(0x7f00000000c0)=@rc={0x1f}, 0x6f3000) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001280)={{{@in=@dev, @in6=@remote}}, {{@in6=@loopback}, 0x0, @in=@local}}, &(0x7f0000001380)=0xe8) 2033/05/18 03:38:11 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xc805, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:12 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:12 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) r1 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xfd1ce6d62aa13bdd, r1) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) getsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000040), &(0x7f0000000080)=0x10) sendmsg(r0, &(0x7f0000000680)={0x0, 0xea, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1, 0x0, 0x0, 0x200}, 0x0) syz_extract_tcp_res(&(0x7f0000000180), 0x5, 0x8) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x400000, 0x0) ioctl$IOC_PR_CLEAR(r2, 0x401070cd, &(0x7f0000000100)={0x8001}) 2033/05/18 03:38:12 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8035, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:12 executing program 2: r0 = memfd_create(&(0x7f00000004c0)="0000000010573860b48e03ab0b8110408d893dac540318386fc7e2d740bd31e757e1ae2e3d919d036f2e3d2a17abca4c4bcd1976cd50874d623af9f16312654bf931e5704191541d13f5762dadc275e112a8030bf0621fa161bc744923b22b21b6ababbc86cdc1e0a0569fbd31345e7978c3c7175089f36fc12006e0575ef969c45e8fb854b36f9a3319fb30c0a76fe0f7a3ccb89b7c7bbede0de110c40d2ed349c687122fa098892b87a16cc3540fdf9cb289a4509aaddcb1e389bf2239dcd6c886587dcefea2204935721c83bac1d302aad0afdde386cd0f177f5f229407ced4623ac9e98abb967cf5fd5b867eb063f3ba1e0e046aeb0da0312d171f4aa734acc712e6f7273a832227698f5c25ee10f25e961c3fdc9d4e0e2a1ec6a0ef46662046e9ff54f225e07b831d6bc401043f360748cdbb1e750d1d04000000bddb94362933c22f69bc71c1d69edc4c49f191925f48b6c41c1fd5deebe6981ea2b653f17d8ead11da91fdc4f377722ce6332852d3101c063105191e585ba7cbd3fe352a3e1889c84f", 0x2000800000002) write(r0, &(0x7f0000000040)="16", 0x1) sendfile(r0, r0, &(0x7f0000000140), 0xffff) fcntl$addseals(r0, 0x409, 0x0) lseek(r0, 0x0, 0x3) lseek(r0, 0x0, 0x0) getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f00000001c0)=0x101, &(0x7f0000000200)=0x2) r1 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffff9) syz_open_dev$sndmidi(&(0x7f0000000180)='/dev/snd/midiC#D#\x00', 0x9, 0x400) keyctl$clear(0x7, r1) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000240)=0x7, 0x4) connect$nfc_llcp(r0, &(0x7f00000000c0)={0x27, 0x1, 0x2, 0x7, 0x3ff, 0x2, "4c81ca8101ddeecddf2c1f8ee72b0378fa4c7a9016ae9769d7aae5db60f34e0018577c3af797ff279c248aa06061becf5175a9faa243f431b2387c15b00dd6", 0x3c}, 0x60) 2033/05/18 03:38:12 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000080)={@empty, @local, 0x0}, &(0x7f00000001c0)=0xc) getresuid(&(0x7f0000000200)=0x0, &(0x7f0000000280), &(0x7f00000002c0)=0x0) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000300)={{{@in=@remote={0xac, 0x14, 0x14, 0xbb}, @in=@remote={0xac, 0x14, 0x14, 0xbb}, 0x4e23, 0x1, 0x4e20, 0x4, 0x2, 0x80, 0x80, 0x3f, r1, r3}, {0xffff, 0x9, 0x4, 0xffffffffffff6d56, 0x6, 0x1, 0x5, 0x8}, {0x6, 0x0, 0x5, 0x4}, 0x9, 0x6e6bb6, 0x1, 0x1, 0x3, 0x3}, {{@in6=@remote={0xfe, 0x80, [], 0xbb}, 0x4d6, 0xff}, 0xa, @in6=@remote={0xfe, 0x80, [], 0xbb}, 0x0, 0x3, 0x0, 0x10000, 0x63, 0xfffffffffffffff8}}, 0xe8) r4 = msgget(0x2, 0x9) msgrcv(r4, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRES16=r1, @ANYPTR64=&(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYPTR64, @ANYRES64=r1, @ANYRES16=r3, @ANYRES32=r1], @ANYRES64=r2]], 0x1, 0x0, 0x4000000000000000) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x8001, 0x800) syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:12 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x600000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:12 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x3f000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:12 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0', [{0x20}, {0x20}, {0x20, '\'posix_acl_accesstrusted!'}], 0xa}, 0x27) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000080)=0x3) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:12 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0xffffca88, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:12 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012c") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:12 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000040), &(0x7f0000000080)=0x4) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:12 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:12 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x8864000000000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:12 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = msgget$private(0x0, 0x0) msgrcv(r1, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x800) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000040)={r0}) 2033/05/18 03:38:13 executing program 5: r0 = socket$inet(0x10, 0x40000000004, 0x20000000000011) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:13 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012c") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:13 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x81000000, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:13 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005f46c97131fab8fe555074093329bced0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:13 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x1100], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:13 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0xff, 0x20001, 0x2}, 0x2c) r0 = accept4$netrom(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x80000) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x3e}, 0x8) 2033/05/18 03:38:13 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x3f00}, [{}]}, 0xfffffc53) 2033/05/18 03:38:13 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x800, 0x0) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000080)={[{0xfff, 0xfffffffffffffffe, 0x80000000, 0x6, 0x1, 0x6, 0x400, 0x100000001, 0x1cc0, 0x0, 0x9, 0x1, 0x153}, {0x9, 0x7, 0x1, 0xff, 0x1000, 0x80000001, 0x6, 0x8, 0x3cce, 0x62a, 0x6052, 0x8, 0x1}, {0x7, 0x2, 0x89b1, 0x80000000, 0x3, 0x9e, 0xf66, 0x400, 0x3, 0x800, 0x8, 0xfffffffffffffffd, 0x6}], 0x1}) r1 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:13 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0xa88f9, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r0, 0x4040ae72, &(0x7f00000000c0)={0x7fff, 0x7, 0x4, 0x5, 0x7}) r1 = socket(0xa, 0x1, 0x0) finit_module(r1, &(0x7f0000000140)='/dev/loop#\x00', 0x0) ioctl(r1, 0xf93, &(0x7f0000000400)="f616cabd6b0eb2dc000000") ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000000)) msgrcv(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000f2ffffffffffffff00000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1, 0x3, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000040)={0x0, 0xff, 0x80}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000001c0)=@assoc_value={r2, 0x8}, &(0x7f0000000200)=0x8) syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x400, 0x0) msgsnd(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="dcb242be9669aeaf141e605210a63a0ad90706047bb9e6638d0730e54ffad49624086bbd8cea5a5f7ccd8a6cd1b458f1548e0a26d31538f27bad5e7c734e7b9fd5f8424124c6f49409ac102bcda302e1cb54c53d350eefce670f38083d77b9085363363ddd1ea4871d2258027777b7169c56288d729e2fcfc61127e5d80a462b9d209d34243d9d6f13787dd16e4702e9ea20768df9585b7572a6b72dfbc9fb"], 0x8, 0x0) 2033/05/18 03:38:13 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x6558, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:13 executing program 2: r0 = gettid() r1 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000080)={'vlan0\x00'}) getpeername$netlink(r1, &(0x7f0000000000), &(0x7f0000000040)=0xc) rt_sigtimedwait(&(0x7f0000448000)={0xffffffffffffffc0}, &(0x7f0000d31ff0), &(0x7f00007adff0)={0x77359400}, 0x8) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x10, r2, 0xfffffffffffffffd) tkill(r0, 0x1000000000016) 2033/05/18 03:38:13 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012c") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:13 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:14 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1, 0x0, 0x0, 0x8000000000000}, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000080)={'filter\x00', 0x2, [{}, {}]}, 0x48) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x22000, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r1, 0x80dc5521, &(0x7f0000000180)=""/208) 2033/05/18 03:38:14 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400000, 0x4) write$fuse(r0, &(0x7f0000000040)={0x18, 0x1, 0x9, @fuse_bmap_out={0x80000001}}, 0x18) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x2, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:14 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf6") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:14 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x301}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:14 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x38], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:14 executing program 2: socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f00000000c0)) r0 = socket(0x10, 0x3, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f00000001c0)={'filter\x00'}, &(0x7f0000000040)=0x78) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000940)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_NET_NS_PID={0x8, 0x13}]}, 0x28}, 0x1}, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000000)={r0, r0}) 2033/05/18 03:38:14 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x10}, [{}]}, 0xfffffc53) [ 1044.509719] Unknown ioctl -2133043935 2033/05/18 03:38:14 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x1a000}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:14 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf6") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) [ 1044.542511] Unknown ioctl -2133043935 2033/05/18 03:38:14 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040), &(0x7f0000000400)=0xb) r1 = open(&(0x7f00000001c0)='./file0\x00', 0x410080, 0x100) mount(&(0x7f0000000200)='./file0\x00', &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='ocfs2\x00', 0x1, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)=@pic={0x8, 0x1ff, 0xa894, 0xfffffffffffffff9, 0x584, 0x2, 0x6, 0x401, 0x4, 0x7fffffff, 0x7, 0x6, 0x7ff, 0x10000000000, 0x401, 0x8}) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:14 executing program 2: r0 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000000)) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@mcast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@remote}}, &(0x7f0000000140)=0xe8) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000280)={{{@in6, @in6, 0x4e24, 0x8, 0x4e21, 0x9, 0xa, 0xa0, 0xa0, 0x0, 0x0, r1}, {0x4, 0x3, 0x3ff, 0x2, 0x3, 0x5, 0x5, 0x4}, {0x7323, 0x2, 0x2f325925, 0x1000}, 0x0, 0x0, 0x1, 0x1, 0x2}, {{@in6=@local={0xfe, 0x80, [], 0xaa}, 0x4d5, 0x33}, 0xa, @in6=@local={0xfe, 0x80, [], 0xaa}, 0x3506, 0x1, 0x0, 0x930d, 0x6, 0x81, 0x5}}, 0xe8) r2 = memfd_create(&(0x7f000088f000)='b\n\x00', 0x4) r3 = socket(0xa, 0x5, 0x0) ioctl(r3, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") geteuid() mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x5011, r2, 0x0) 2033/05/18 03:38:14 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x11], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:14 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) ioctl$void(r0, 0xc0045c7f) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000080)="731b2cd7da91181a3284b1de0067f6c47e7b38737fdb6edd3d0dfec8b75bb079486c3c47c60aeddfcf1ec1f9d8398f381d619ffefbf4e56380fb7ede25dcdbd2dc12166532edb4c5628550014798fa9fd018ed92fba8a6a2fa9df3f90f4ce7914c487afde8b74a91538c56966f05fe9bae660281cf31bd19faad660816edc97cdf22f154d5c46ff24bd657bebacf55944c2ac1efe114360afd4e0a4a424e555247ac9312b81feab5fdbeadf593951a1302a42ff27e6e", 0xb6}, {&(0x7f0000000180)="45fb3352e697248d7f77e6fc7064e8d6fa0c3dc85df65976ca57d2dbf961ba99faaf87db2a8a39a5d82b871797a09a3e566d3da6e6da82e519720fecb2b8005ea757b8b24348bd7c8e3cd46a415591bdd7af183266945a0e2e7e2022b00237630132773fb1707b200c0931408c6a77", 0x6f}, {&(0x7f0000000200)="6e3b7998d4fea30acc519a32d006ddf4a8b037fb4ded0078a341234390901b4bc7613b7ceef87644a01a4cedb75a02cab8415905b84e45b75ffcb2147e0b9a039ef0b915a953ebd474e20e3b61e470e2fa42ff79ba4d3de95c7a18ba4f2dc975760d82c20ab815fc3bc157df252ae79109d9f0c80b1b6fa44517b510184682e7ef076967c019813ecd7c238e9d41ff47f120489368d0624c9afc7c9015536a5c63232eed33fdcce78a06eae2c00c3c1b5987301c97ca9c097f2d514e888840deca0dfb8c5d825f971ed769031300b2b087d0dab7392da4367edfdf91f59c6331d5d73bcd83875b5d33466d4f402a9e2ba7c0f4348dce27d74e0f19b5ba8f8d96f8efa742c119e53cc0daa6716bff24333106201d3ff10f5e8b31084fdbefbb7285cca969266119a21d32c2e575aab5c15cea051a7fa46c927078f5dd05d18c867c9642c0fb7cccc0efd27b8d825b48a70167a715c5239b5710bca8182940b48ea4f41a3808f26a9f885b750d9fb2adc4f354325f9edd942813a1f44494eb8c6ce20a2188c2aaec8792d8135db7bb4120dbe916b64e5165cab8ca65dbd82e948b9d878f4d92037ec94f1bcbae4e2f4d17c36b3a1bb6afddeed9dedcaf51b25813721741ff712c16c6ca6f0e658492858ee914504ae2afc90b2a318f88eec9fe705e7d6470d14c2f4866715d4e7b64e25f6427bdd3f21007d3432fb7d2371724ab696f1deb8e04997ea929087a6f54893d1ed319327b66f110c3d871470baa569271d8edfa9f240b826e77e3c04f3996122b370ff227a3ef567688731876328165da8f5099758ed2ebb29328f71469d3befebc47b33b1c88d5f1305ee605dda6b7e37bff7c13692e68a9aaef781e06345c3fdcef6726086b0ee0ab9e069dbbfe75252fd12057152135435f8fac9e96b644ae3c0fd9d608614c8345ec916951bedf1095febf093925daacc705c6bf49118fcd9c014a9ad0eddb4367d61bdb17a4c425462e44d4cbac19b030be01d9394461ec62df4c1be1d05bde807f27ac077a7596527c106363ed96874dbf2cc9ed10f090a710cc403498c945e30273a2e6c145829314f1d1bef891d92e1278de74327d32998bb5b52a0e19acfb789003af32544a196077b4dbfd10e82ddc8547bd5add634b902628445b89614e09d95db36b6be96705937a8300239ce4d8b442155e2925cfc3de689d6520facc48e387a2ffccaea5ff08cc215849b098a1cae62a11d8bd03993e6d23c7b999b1facb67d979ba29e84616c940ab8940a39114b0537c5a5f2b4a51c5c4a891ad383d957d2b1c32dbf0fd0b56a2c8511effd26eedb1f9c047b8aac3e3a591369755df2f0774d8b683e8d4093c056f7536b97575cd89db981958a5cc2169f4bfbba47552ed66a5276b0eeba2f707696234f2dd37e2ed28555eac08cb61c92da660ed29985b5e78ad7820f4a3cfbefee7e5109150a2f0fe85b1bdafcba0aeadd270b5dd642a3687a5957499fde1ccf1d888ba60fc22883e1b699b6443267ee6284177b5ca4e462eb95ac7bc6272578cc1fbbf9d843e4012d093a73af8a48156445354b610cb67c1c89842ba51e2021b0f4a0247b73810df1da0c8d87b6fbd311c2221dfac743cbd82b0abfe386378a536307d724905fdeca4f138db6db9b9962111b3bc074632b857e9afc5bfdf97af5a25d62f52fe51ea1bef22a33927df78ba817de6d84b9468dd3c4634bd2c110d3ae186cdfe363cd017927350fb12a7135021d5bf1230ccfe01c8eb79fce2429e371f4a5014e9a3ab53647be7c1aa5953eda720844789a1cd39ea5c6c120587a4da6d66b3e8e16ded4649796a8f73bc9a414fbb2b6d6747b423cbe00183974dc85e032fb7b69d6f97740875c1b4dfb128d05808e20c049cfdd46ee5abc7a614146e7601a47fb75e36bf606b93fc960b20d2a4fd33406aff859563a8980bb69c122f7265cc9484fde4f46124f7707cf11cc70ac2934a676b652a37003f8c566ccd1a4afea7276acf1920ce40d1267dbe0207853a57cffc7069d60bf7cc55f0badd3205ea67fe1da55bdd26ad8e2d5c44b8a9276dbab7f4fd1d98c1ee2b6f5a802928532348cc025d6c26e0d585a2e0f4caa7ecdb5235d7aff6faffd889193bbd3053f4b2e97066ad275e2c123c3ec18ad44b6f5de0ce3f05d6864361863e6473aa72ec7a8e72f8836114f194204fb896bd3b2f4d95bb5dba24712f1e82a795e232d0fbc431f9f643e0ce7b70ac22ec8b0d83027881a41d42960283f317b8bc48145cc2363fc4fa2cf25c8077b00c91d4ba755b9f9900de300cafe0550e62bb94f206e2364ed53068853752127339ba646f83e54fc9f7ca0ca37a68fa22d83c6ecaa4826abfb6d3a587cec59b44650a3c940f9100c9f56e988873e78aa2447d0a80fec723be95100f41fd7d46ef70d647fe3086bbfa3265de6df420e1ff7130785303ac6e25f2c8d41bbd6099699b2d8c9d4b4a33d0bc08c0e01dd2de0ee81b862bfb255e255733c454e832db4643d3d1de4207b0ba30a31e04110df1d11cd670e4f9219fafde1f2921c6a9e79aae1ddd2e2cf0d253da0661609d5b26524d61c6d19fc2fd4bccf72ed1b7e47f1a944fa83354a6bad761c6f544a8b9f56d8e658bc22dce538d6a48c896fa7e6bb4c2111035bc7c467dc965c765ddb8ed89b59435ae28dc0f887b6ecb7756284be4811f55d642c10ea3b51de58c501753960b8683c272b29d0667666281abef29af018a643e23ac6577c453d07af5b47163ea7a1faa0a1036808154a558e8df7a8739509edc25fbfa63299595a4a5a51652a60de976709653507f304ad2cf1917517c624c405dc63fb98d5e2dff52bea026c007fba6e74af15b3a8b21e0af5da3048ba71d8db1357c2e21c79c9a60e0ff3037fdb004e42c6eafd7d6fefc2abe9c1f2e608f1a0c67dc56a4dc3dc1e2b4d556f52f46058150399e553773884073e0c833422b6dbd7a1432237bed28d1906e99555280fc2706902a3d0fed5371baf6342e1839d6328aae21cc701f4eda5c04a91935bc8222360ab8764cc7dc5772d93c414c5271de7572cae535923ca674abf27a645226d106f20899f9fdb408c1c47683969306c5eb344123a9fd65049e07e26b499fc00159ec2a71f1452cfb6c647ef5bf349406a9aa375eb16154383deddd42ce43a4be5b4acf94921acdf7b7194f0c0a7d6c5cc0604a1b8bd3c43ac93bf08eea2cf1c3c886f58c33e5fcc4ee020631fc9b0a38e814e7c9d31495c83900e88295281c54d4f4123e30089918a6cf6f077efbe08ba027a114b543f31c0bbe0d50a7b493c67b8dce1e79f8fa227b1e708481cc9250b520f5a71617905a1f82c9e4b96e27931ba06c65e7d0d65bacd6b26c2731c303d8c1c0ce5b13fe60628c120a9ffd33f8d13a8d41f591e5f7c1f7b3c6f663e973f58ae5bfd8ac65387ec4269e071df134dbc13ec113064a21258e40422397a6cd8bde54ce8e3da66dfd2e53db0e59c0d518789e8aeb40f8e36f53c9f47b7f5b3d48d7b58f395623e5e8f61a122b6d5d71153126a52928b77c83226efd98a48566cdfeffed791f6ae54a4e24d590cdef1ff9c6c7b07d0d7fb364793d7bf3294f9d283f4a485daddbb03551ed8050a7a51b6e68953c6e2cfc7442c13a3920714d174e371ea7d4d5ad3f2ef8767df0f56c77def0a6d15f88120c345d3a6f9de8125a06341a2c4c784ab9c2a2de777f28b4dd42105b81c8f6c7eefe230d7102461f5d0f4ac133028230b65adc0daf1c2b15ef72879896cd573ebdfd82bb739ab90a9ad428df697fb7739acc18ece20dfce539ac93df1c3261ecd91846f768ca75da6c490ee4b9af3bd8da90bfe492c21fbfad5db61b63bbe1af6064315d6c15e48b4a833a450fa93a1a54e8186dffb0fea19248014e015715ae95be253766649c4cd3e3df165b3866ce2b27769cd24fbe768c59d698f9ea2d272caac1d1bb699692db533be971aee2111dba46e4871ab42aa98a52b03c8e89a84815b347acb5e5ad4fc6a5c6469dc2643a612003087cc530a8611ecbb0c2a2cc65587e0581fa5d512cd7280c32a523c3dc4824eb259c8eabdae0fcc14e11483d39bcc8d3db128a609cf129d92f965dbe01eee7a6a3991e9bf3512288f23c9b9ad786cae38cabfdb7b617149c4edac0744a7b0ad263272d7f8528a34658617adaefb93c9c6eafa04c9a59a23bf634c2bb0b5be22bb0d6f108f60cb574cc89859684b0422b0bc38523976e1e857777ba4212ed763cfc6a48dd5d85107b3ba18e31db4c9bdf63639a72961c2dc026adbd4d2c5ae5c33f8355d1279421a12a628288f4ba67b8bf6af68c026aaea52637919b255afd9cdf15296baa54f2c5d5b1a6c58071843a600675f172803fe2ea92b16f913e2fc6721a1256c280ec4bf06e543fe85cd01d9cad012cfea7610b45cf2d8717b47d54954eea7c4bf29ed9893f24d7285585a0df4eeb2cd41a2b441efbedf8728ba9492382b8a6cf058665485b92d201c22920c715e636e92b6fc95cc8eadbc9d0fc47d481187495a7bde5fbd7edcda8a7b67a704b398886ba43cf92d0ac339d9197b41b96647d8eabb52403ecfbb0ba2f69542df7f64f1840cee9764eba3cf161bef24837d975961e07b552cfb5773f94a8e9d6b574e3b285647afaf31429fef3387eed5f48d31f2afc4af2889a966673524e8db55ec21b3678db50653a5c19b39ef97bdf2aa3e9b985116108e6f1ff56b76ab2c4a174efe49a016f0fcbfbad99de83eb5fa8073973cf403aff41472eb676962a0f66e539a2974883573d80675ef9a36d5b248e86d43f5bf673f75931d88539bd2ce1c6d086dc10876b5042926e3a0cba937995b627cb67d3a8a4350d26d255fe092f086c74cbcc030bbfcd3421c6329c8c468f9808f7208bfe94503448d57d4231d2444bbeb3ef8b1f9ac915cd93db16fef71469827b91e1db0de5ef656473c7a6f6016eb885e4ba61abfd9fa1d50ded4b92e9a03ac8c12512e991c2bb444b9e45ee8f8daaba558f124300f24a670c100435fa0b55cbbcdb75cd04e23b8fa62e8dace32dc165f27fb543a6f2499e03257fbd54cfd0aa4464d6fcbf0d5bdfaabd0103c111073efd891b4bf8df7593b4d5faa1fef9ff60d5a2fd41a647497942e685d13e246634f6eef74d6da1137ab51a80e08d795b43c1aa05e0313bce17b90d63e726f8347a6592870e1cb32f75654ee7988c1ac24bb2c12d31d1b416a99b133084ec15f609b5fa851735733dec44701060f28858c0bc3b584aa829043f62e09eb94436f9143cf0b886ab04b19c6bcb2cae1e37ea973d2faff6c21f9b6d732a022acb2e94c7998ccfd3807199ae88f57f4cc506f41ecd3f4d33acbfc8c19d22d4817c141004258910edb261be0319ccb6ba84374a90b62c7ddfeba8a8c4d7574a8dbbb44e255e8d88a86a967aefab3d920a3a8ee2e669de7b66fdd55b9dccfa1bced6949db920921e13ed20cc4e27e196779ae018bd90cc3f928a8d885f6a6a49dd53835d795bc9b7273f9a7fc766a22f59f06920b1277e888db4e1f461086a7843fbc4f1369427e561f9e5dac892993707d0df7e46db6e78790e736b9a2729f05b8870b5c4bac28d28df6a939a95fabb38be60e53644b53ccd45ece9d31753d6f69a9420a0431379d9b20623a7adbd042c3f1975540bafe812b8848aeb5998acf37ea414fa1ea97ff289315aa82806a497e1f3f9fc9a413104e1a743efad912487b83ad2c121d9ff1b68ce85fb5e29686419850b3190241d6121fa373b454b9ffa0642ea3a1bd5c746f5b8", 0x1000}, {&(0x7f0000001200)="dbd64e5ff63e2fdf073a9a6e98d0faedb652349479f213c6a1ca8a78069fab688b178d046f115d5edf337cb0d5a86517ec6dd02604449b6e4da30f3f85d5f594706ea044e9a94f1a55d096bc097b2a26f5f34e1386b2ce1230dcc12f7ffd80f7868728cc12cc6e369b6b23a46f55c48486939cf919d81e7bcff6b9715983061f6f21cbee", 0x84}, {&(0x7f00000012c0)="d18a67b803347028e3d5811bcbfa5c2594db253b02aa6e58679fed9734646ff5d7e24b48f4ab14801ddcb511a42a247493dbe792bd04c5e7f9ef3a4131380d41f0c6bc4cda51a6a0dbf5bc588b90add7fdaef7205967781e93875fbdf2171011fa8ffd7924a7456c0de7dbfde3ad9a1399482249abc965d397a20772f9bd32f0da2869cbcb8966", 0x87}, {&(0x7f0000001400)="afafdd011a8d8a05c96cd60e1bdf327f83e2369ef99a6e416433010000000000000061498b609909", 0x28}, {&(0x7f00000014c0)="1682e7f0212e1194ab7ee3a327545e4ed5519bca83fae72e99cdebbafb5cf937ceaea7dd790152836ad56488fe89a2699938f1ab43bf05db9b4cf1a156fe61af858fc9b97e10c43ba4ec661d0b37da3295ae480e8943fee1e3708ab9ff1e72b2012d531fe043cef0f04a77b075bb637cd6bb59aec9b68b63ba6f0a66da2f2861", 0x80}], 0x7, 0x0, 0x0, 0x3}, 0x0) 2033/05/18 03:38:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:14 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf6") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:14 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x11]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:14 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = syz_open_procfs(0x0, &(0x7f0000000080)='timers\x00') ioctl$LOOP_SET_FD(r1, 0x4c00, r0) clock_nanosleep(0x2, 0x0, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000180)) clock_nanosleep(0x0, 0x0, &(0x7f0000000000)={0x0, 0x1c9c380}, 0x0) clone(0x0, &(0x7f0000000280)="447624df8d3eaff915d0769a616e1d30fbcb514d443dfab58bd9b204b9d78804ce37a8dfca3354e9023549c87813b19e8f006efab2a893c990bd20af99bfcacf252c25610833412a09366d2445781d70b93de4e3a1628ae2533711b1c088f357c6ae333e58966125d121ad6f07718963fc66609bf1e66d49ddf011d7064abf04a0441c187ba6a06f09b3bda56c3641c208ecb6c6b8940e35da58dae32980da4f92da6276c5402242023a9a370c43c8f7cd233a9c4d27cf444ded2f043e30f37633a67a1f477c6db2f8d805c12b2ad93ba73f768ef56e5fb032b979a01da1eda90389cf661246f47c37c43c812a380e7ce801edf77fdbe39c7a1c29f42d543e08a3c699712c75004f5fd778b7841e381f9b812151f7b7b5392a8712640372b194bcff81767f8f4726b7372a22309a9cd8eddc74ace8f5728f0db25d64c7e06cc41de72df358af10838f7c122241f30d76af3ad7793b1315", &(0x7f0000000100), &(0x7f00000000c0), &(0x7f0000000100)) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000040)={0xffffffff80000000, 0x6}) 2033/05/18 03:38:15 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) bind$bt_rfcomm(r0, &(0x7f0000000040)={0x1f, {0x0, 0xed50, 0x800, 0x2, 0xd5, 0xfffffffffffffff9}, 0xfffffffeffffffff}, 0xa) 2033/05/18 03:38:15 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x40, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xffffffffffffff96) r1 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:15 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:15 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(0xffffffffffffffff, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:15 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xe00000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:15 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3f00000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getpeername$inet6(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, @local}, &(0x7f00000000c0)=0x1c) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000040)={0x95e8, 0x8001}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x480}]}) 2033/05/18 03:38:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1045.931211] nla_parse: 24 callbacks suppressed [ 1045.931219] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:15 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000020e18e81d71d738a2e34d4d2bf94e8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002fea96ac61754513b0e133dde296a5be319db4055146e2f91815628a35c418785152c574eeb9b1b526d32fe02a156221f9749f3e44bebad664438ed8c90a3580c9c4c3166bc9af76f79fc8fcaaedcf00d9d8a9c4e4724fbe3ea379f94e454050632a106783bf691f6d44ee0a9cdd01fbbed2fd41704ca5d18ad4217cd5dd2fa326e0db875653690728cafb53558300d689c75bbf00db29cfeffddc0886e3a212073c1009851917759c7eef004d64084bf464d1f3db1375cd74072220c4b07c71f575fff3bf22a4af8de59f38e679a4f51a574655d1821346df73af0bd270dafef14a5879b984909283fa21c9c02e96681423663be4017d35b55858863aef49e2ce470e06d6e2b7384db117b3dbe15df6a272a95b9b9dfa9bea4820666d867366a79e9eb884033a8e99200c03ceddd65a237c43a14"], 0x94, 0x0, 0x800) socketpair(0x0, 0xa, 0x66, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$ax25(r1, &(0x7f00000000c0)={0x3, {"40d57db94ddc1c"}, 0x4000000000000000}, 0x10) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x6, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x4000) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={r2, 0x50, &(0x7f00000001c0)}, 0x10) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, {0x1, 0x40, 0x7ff, 0xee, 0x5, 0x7fffffff}}, 0x8) 2033/05/18 03:38:15 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xc805000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:15 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(0xffffffffffffffff, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) [ 1046.021875] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:15 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3800000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1046.073114] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000004c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001d00ffff0000000000000000010000007d966c51c832e69209288ece785251f9e0ba88c69e8051ec4c4ebb3407cd0331a2fe7c02c44d25e08a2931ca8327cf2e419b7e0aad2cdd8a86da739a4b6ea6087d7875b10a39d0ff2fe301334c9ecf1441c02ca417383d4f328891e398db437c93df36a3ca885753bec259e0a4b5789b95499bd9e96060beb7017dc92379c51fbfcb8e87bc5a2d83f04ee9ef39852b115efdb73614d64c2418c447230798788b33451ce03e4c63f9da9f4eb07914b95ce3ac09bfbbc310fe22624bfcc53663a2e9deed95"], 0x14}, 0x1}, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'ip6gretap0\x00'}) accept4$llc(0xffffffffffffff9c, 0x0, &(0x7f0000000080), 0x80000) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000100)={r1, r2/1000+30000}, 0x10) [ 1046.119023] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:15 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(0xffffffffffffffff, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:15 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x4000, 0x132) ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000001c0)={r1, 0x49d, 0x18}, 0xc) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:15 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xe00]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000004c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001d00ffff0000000000000000010000007d966c51c832e69209288ece785251f9e0ba88c69e8051ec4c4ebb3407cd0331a2fe7c02c44d25e08a2931ca8327cf2e419b7e0aad2cdd8a86da739a4b6ea6087d7875b10a39d0ff2fe301334c9ecf1441c02ca417383d4f328891e398db437c93df36a3ca885753bec259e0a4b5789b95499bd9e96060beb7017dc92379c51fbfcb8e87bc5a2d83f04ee9ef39852b115efdb73614d64c2418c447230798788b33451ce03e4c63f9da9f4eb07914b95ce3ac09bfbbc310fe22624bfcc53663a2e9deed95"], 0x14}, 0x1}, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'ip6gretap0\x00'}) accept4$llc(0xffffffffffffff9c, 0x0, &(0x7f0000000080), 0x80000) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000100)={r1, r2/1000+30000}, 0x10) 2033/05/18 03:38:15 executing program 5: r0 = socket$inet(0x10, 0x2, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x1) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f00000000c0)={r0}) getsockopt(r0, 0xfffffffffffff001, 0x5, &(0x7f00000006c0)=""/4096, &(0x7f0000000040)=0x1000) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:15 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xffffff7f00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:15 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x8000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:15 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x0) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) [ 1046.390054] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1046.421079] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:16 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x608]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:16 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000068711c490aae3e5ee008d781595e000000000000000000000000000000000000000000080000cd0000000000000000000000000000f4040000000000000000000000000000000000000000"], 0x94, 0x0, 0x0) fcntl$getown(r0, 0x9) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:16 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffff95}, [], {0x95}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000000200)={'team0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, [@jmp={0x5, 0x8, 0x9, 0x4, 0x5, 0x18, 0x8}], {0x95}}, &(0x7f0000000040)='GPL\x00', 0x800, 0xb2, &(0x7f0000000080)=""/178, 0x41000, 0x1, [], r0}, 0x48) 2033/05/18 03:38:16 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x0) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) [ 1046.460320] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:16 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x38000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:16 executing program 5: openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(r1, r1, 0x0) setreuid(r1, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x100, 0x0) socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f00000001c0)={0xffffffffffffffff}) ioctl$ASHMEM_GET_PROT_MASK(r3, 0x7706, &(0x7f0000000080)) ioctl$sock_bt_bnep_BNEPCONNADD(r3, 0x400442c8, &(0x7f0000000200)={r4, 0x5, 0x101, "c8c1cc57feeadbe9bef817e63ec5c4fc6e328f06981bdd49b40b5a40f73233ecfb9798c6d72cd519435573cf4413e6314d281e896502d0654f7d51f143e318f1417b4d6d648c7de5e39f0ebb8cbb72ed6f846d337d66dd5cf7bb01e0430f9a23818313fd8697216756cc45c9cc4a0a4e9759eb4f37b50e214b48dff9326ced73ba520da746ab3963f596b6f5a641e321b90a367ec06405520e56aa81ea071ecf682ffc2cacdead4fd313a4a5bc56a05fc7286dd4f052cfb716c1ebd763c340d01e7271f2bbf2ec7709d9d36251a455a77c9ff284abf75d2b4452d05258c692b7e68d97362a01b25a18"}) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x400, 0x18) inotify_add_watch(r5, &(0x7f0000000100)='./file0\x00', 0x10) ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000300)={@host=0x2}) r6 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r6, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r6, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) [ 1046.660054] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1046.697092] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1046.730797] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:16 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:16 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xa00000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:16 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x62000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:16 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000080)={@remote={0xfe, 0x80, [], 0xbb}}, 0x14) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8088000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000dbdf2500000000"], 0x14}, 0x1}, 0x40040) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={"73797a5f740800800900", 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0xe8d, 0x80) ioctl$DRM_IOCTL_DROP_MASTER(r3, 0x641f) getsockopt$IP_VS_SO_GET_VERSION(r3, 0x0, 0x480, &(0x7f00000001c0), &(0x7f0000000200)=0x40) socket$inet_tcp(0x2, 0x1, 0x0) syz_open_dev$amidi(&(0x7f0000000280)='/dev/amidi#\x00', 0x1, 0x14000) setsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000040)={@remote={0xfe, 0x80, [], 0xbb}, r2}, 0x14) 2033/05/18 03:38:16 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0xfe0e0c61771430d7, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000080)={{0xa, 0x4e23, 0x2, @mcast2={0xff, 0x2, [], 0x1}, 0x71}, {0xa, 0x4e21, 0x2, @empty, 0x40}, 0xf3, [0x200, 0x7e, 0x3, 0x2f5, 0x8, 0x9, 0x47, 0x7fffffff]}, 0x5c) r1 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:16 executing program 6: r0 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x3, 0x101000) sendmmsg(r0, &(0x7f0000000900)=[{{&(0x7f0000000280)=@ipx={0x4, 0x3, 0x1, "96b5a4e81469", 0xb57}, 0xcc, &(0x7f0000000640)=[{&(0x7f0000000300)="87a171e7be301ba0615088c824a31d94264232d689752ad28120fe812bceb77728399346220fe86d46c42c681d9d86be9d9bd7791f6031bed575cf3c9ed5ddf2957b17ed018be8261873705080c4d97b45e5fbd7a2092ec05bd2cfb88d19c311cc944dd2c09b61f7481aea192a6a2c8db420dc4cb677e4ebb54810532914639e5f6cff1d1e21", 0x86}, {&(0x7f00000003c0)="2e5c7efc1eea2c8cdcf44a4fe24b5c8eaa87e55e2e6220db58f21a744dd23863bef5774d70e2b202a58553ff9dec10705f1610f5d542eb4afc57a5b3b3677277d3c7a13b6bfc02b47b774e11415744018df0b744df2588af2899ab14bdf95fe22ad6da", 0x63}, {&(0x7f0000000440)="6c1ff022f0ec56cfbde97037e2df3a5bbe878d2b7b258455829423797361abaea0d02af0aecb06a0770fc55f06d28f2efc0a53ff9f2c1e5ecaa9d3bb1420bfbd18ab1c195ffecd5a7dd261d8687afc86492ea2a8a0215854a0f9aafeaaf2888a7bf2b84c27e80cfa8daf5a85753c305539aac699ad3edf801d62ab629b76175ad7eaaeb9769c094dfbe323825b1568089f13e2194292d5383b5ecc2b4e8ed993cf7879f9b2751a8d48aa4c24a2ec35370f93c340909b70", 0xb7}, {&(0x7f0000000500)="069a790d0ef8ef9d283ced3421bf01f53ba98008ff268ccfc3bbd926deb236468a8b24e045f3ea66eae1e4e3e554ca67e0999d9fd822cc821d07f218bd9b6ef3404279b1fcf8f1f87de1780b6f248533c7508337c2fd866bf26792ea320226cefaf33525f003ce47bba3", 0x6a}, {&(0x7f0000000580)="e394187363cd5c1a8e0c08eeb6ea61e0bcb6536715425495360803389e0866ca5300b76bcb400bba2e8af446b859d20b707c9ff85960bc89608a8f7448c5584c8836c1039590fa2e1bd444d501795abe0ea63d152e10aa0d3e60d472cdd009cc83c755abefe3cc601ca1e6124f13e84cbcbf18366829e7aec433068e5eb07df0bcb1356afa3442fa8b2daf70c10df511a077a6756fc2bf94f36dfa118ad8a93b673e7ac22b616c48c69b11b3aff4d03a07e25a63", 0xb4}, {&(0x7f00000001c0)}], 0x6, &(0x7f00000006c0)=[{0xe8, 0x0, 0x5478000000000000, "35336e084d054a4de40103756dca0ff51b9bf60cf90efafc3d679fe6cb81eaca5f102a5a12d3d6d3927fbcf6be968645fb8533e0386d97ede5e9cfee363f5909461ac546b991b8fae56797fc8bea3794fe56fa080ba23161b0f2fd0d9869a3330bda152e8be8c6a211de11f9174df516e6d5e5f71437da4abe624039896891429cc4bc48160173407ed1deb956260e045cd9ca751400f22726c5ae1e4cda8d167d9c6d5ddec6cd7035eae191fe7fabf8ec1fdab9912f6873e61a173ceb97409162ab4a7d353107519f4911512f14f9de348315a9"}, {0x68, 0x0, 0x1, "d0f438fcc548a6a4d72486e81be85bdc6d8dfde2602073fc61686b6c4455dd3d866fdfd9d329c9a49b77ba6e8bacd188e75d8f630ec73d80c7fefdc3ff8e4c1fb9eeb2e251d305a0bd4f8a98adfb0aec65fbf8d958"}, {0x28, 0x80000000000001, 0xec1d, "8e45211203a3f347becc981f1679c2633a4e3a042b319b"}, {0x98, 0x19f, 0x6, "d66d20237c2612944a1f4b61f04edbe2553004cb0eac6d61d211356444c067d12dd9e35c51e97cc9c47cc0880e347c9eb6329f920403b941282412e9511d2483299368e2b82bff61d3e4dc1816348f2f234d86a0a6fbe72c97c435a24d5d3e8a652677142172eb0174e462ba0f964b54caf2ec3abfc5fa8953dad60b14e7c00e27fa09c7ebaa1a"}], 0x210, 0x20000004}, 0x6}], 0x1, 0x0) r1 = socket(0xa, 0x1, 0x0) getsockopt$packet_int(r1, 0x107, 0x1f, &(0x7f0000000040), &(0x7f0000000080)=0x4) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") getsockname$netlink(r0, &(0x7f00000001c0), &(0x7f0000000940)=0xc) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r2 = msgget(0x1, 0x420) msgsnd(r2, &(0x7f0000000980)=ANY=[@ANYBLOB="0300000000000000fd1bb389686f941de03939a11baa5d36ef0dea0cc79d338f363036bc0f9d3aa504bce17983a54f4be49079668af2d628bd354ed243be746ab378771ffb12d6abe49fb52c82af6fb2ca611bcffd3161c13a49ba96986ebc4252307be95a9de4af9fc8ec1aa372632d1c8b200ed1b1be312c7239a541665b5f"], 0x23, 0x0) 2033/05/18 03:38:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:16 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x0) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:16 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(0xffffffffffffffff, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:16 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x86ddffff00000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:16 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) readv(r0, &(0x7f00000005c0)=[{&(0x7f0000000180)}, {&(0x7f00000001c0)=""/253, 0xfd}, {&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f00000002c0)=""/31, 0x1f}, {&(0x7f0000000300)=""/101, 0x65}, {&(0x7f0000000380)=""/230, 0xe6}, {&(0x7f0000000480)=""/22, 0x16}, {&(0x7f00000004c0)=""/198, 0xc6}], 0x8) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f0000000040)={{0x2, 0x0, 0x0, 0x3, 0x800}, 0x1, 0x7ff, 'id1\x00', 'timer0\x00', 0x0, 0x8, 0x33, 0x3, 0x7}) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:16 executing program 2: r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x20000) r1 = socket$inet6(0xa, 0x2, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") mknodat(r0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) renameat2(r0, &(0x7f0000000340)='./file1\x00', r0, &(0x7f0000000100)='./file1\x00', 0x1) lchown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0xfff, 0xd8f, 0x9, 0x40, 0x9, 0x100000000, 0x0, 0x80000000, 0x0}, &(0x7f0000000180)=0x20) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000200)={r2, 0xd1a3, 0x81, 0x3, 0xfffffffffffff455, 0x4}, &(0x7f0000000280)=0x14) linkat(r0, &(0x7f0000000040)='./file1\x00', r0, &(0x7f0000000080)='./file0\x00', 0x0) 2033/05/18 03:38:16 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") openat$full(0xffffffffffffff9c, &(0x7f0000000300)='/dev/full\x00', 0x8000, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0x80, 0x0) ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f0000000280)=""/127) getsockopt$packet_int(r0, 0x107, 0x9, &(0x7f0000000040), &(0x7f0000000080)=0x4) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) ioctl$EVIOCGBITSND(r1, 0x80404532, &(0x7f0000000340)=""/118) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000001c0)=0x3, 0x4) 2033/05/18 03:38:16 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x6], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:17 executing program 2: openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x200, 0x0) r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") syz_mount_image$reiserfs(&(0x7f0000000140)='reiserfs\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='jdev=.']) 2033/05/18 03:38:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x0, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:17 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x0, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:17 executing program 5: r0 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x6, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000300)={0x7}, 0x4) sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="88000000a5439b58b3cb6c6f09000000000000005249596793a03dce1b46935c6cdcac1c9dd2bd16fe4072fe111c3a12851e95a78c9f4d61bce3d01f79959ab8136829649b9763ec747afdb5bea3b522cb65d56f700ea7bc807ef51e869d9eae49a35b10185d7aef1477741c7f4fef04f17f69f0dfc663aabb25baa6f4ba771d7f315897d8b6903f98c6de101ef7caad3fc22762d31446c23d304525bb77bcaba4b9667f53a3266289912e479d73c0cecf7ff2b3ba0f72b6f2bca26d540b796c4794a605566c9c09b90033ae65828df7777c9e078142e6a064c1e56be5443d2298060d223dcb1ba70bb9aa09efe7061411d61a82709bbad6019fb57629", @ANYRES16=r1, @ANYBLOB="020328bd7000fedbdf250100000008000400c2fcffff640002000800070000000000080002004e200000080005004fe500000800030007000000140001000000000000000000000000000000000008000900ff0f0000080004000500000008000800000000001400010000000004000000000000000000000000080006007599ffff"], 0x88}, 0x1, 0x0, 0x0, 0x40800}, 0x8011) r2 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) pwrite64(r2, &(0x7f0000000040)="6dc34cb016e5f8cce7fba7279ec4b75671b8d2ae23ebe741ee9ebd4d055af027659c28cc2020386c59b5818abf7bdd4af6138bb4cb1c95426dfbd5253a946977bbca89134152aae7e9a6eaaaf6c4a6789b11305ec53604c529bee6fd5fc4bc86cc05a82ccb4c709aa78c672d8f44edba284b31fee509f94cd9e3c090d27419", 0x7f, 0x0) flock(r2, 0x1) r3 = syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x8, 0x8801) ioctl$sock_inet_SIOCGIFNETMASK(r3, 0x891b, &(0x7f0000000200)={'ifb0\x00', {0x2, 0x4e21, @rand_addr=0xfff}}) r4 = socket(0x12, 0x4, 0xfffffffffffffff8) getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000340), &(0x7f0000000380)=0xc) mkdirat$cgroup(r4, &(0x7f0000000240)='syz1\x00', 0x1ff) 2033/05/18 03:38:17 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) sendmsg$rds(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/37, 0x25}, {&(0x7f0000000280)=""/144, 0x90}], 0x2, 0x0, 0x0, 0x80}, 0x10) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:17 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x300000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:17 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x88480000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:17 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:17 executing program 2: r0 = semget$private(0x0, 0x7, 0x0) r1 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x1c, 0x80000) ioctl$void(r1, 0xc0045c77) semop(r0, &(0x7f0000000040)=[{}, {0x3, 0xa3}, {0x3, 0x3}], 0x3) 2033/05/18 03:38:17 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8848]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:17 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x0, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:17 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r1 = msgget(0x2, 0x0) msgsnd(r1, &(0x7f00000000c0)={0x3}, 0xffffffffffffff0b, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00') 2033/05/18 03:38:17 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:17 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x4, 0x202000) ioctl$SG_GET_VERSION_NUM(r1, 0x2282, &(0x7f0000000080)) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:17 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xcc05]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:17 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000140)=ANY=[@ANYBLOB="0500000000000000"], 0x0) 2033/05/18 03:38:17 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x0, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x0, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:17 executing program 5: r0 = syz_open_dev$vcsn(&(0x7f0000000240)='/dev/vcs#\x00', 0x7ef, 0x8000) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cuse\x00', 0x40, 0x0) ioctl$BLKSECTGET(r1, 0x1267, &(0x7f0000000000)) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f00000001c0)={{0xa, 0x4e23, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x80}, {0xa, 0x4e23, 0x3, @mcast2={0xff, 0x2, [], 0x1}, 0xff}, 0x69c, [0x8, 0x7520a174, 0x3ff, 0x9, 0xec12, 0x2, 0xe5, 0x2]}, 0x5c) r2 = socket$inet(0x10, 0x3, 0x2000000000000c) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000040)=[{0x3, 0x7fff}, {0xf, 0x4}], 0x2) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={r1, 0x6, 0x1, 0x3, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20) r4 = semget(0x3, 0x3, 0x40) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000140)=0x81, &(0x7f00000002c0)=0x1) semctl$SEM_INFO(r4, 0x1, 0x13, &(0x7f0000000080)=""/110) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0xc0305302, &(0x7f0000000280)={0x2, 0x1, 0x5, 0x7ff, 0x200, 0x6}) socket$can_raw(0x1d, 0x3, 0x1) sendmsg(r2, &(0x7f0000000680)={0x0, 0x529, &(0x7f0000000100)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0xfffffffffffffeb8}], 0x1, 0x0, 0xffffff62}, 0x0) r5 = getpid() getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@dev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@multicast2}}, &(0x7f0000000480)=0xe8) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000004c0)={0x0, 0x0, 0x0}, &(0x7f0000000500)=0xc) setsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000540)={r5, r6, r7}, 0xc) 2033/05/18 03:38:17 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x40000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:17 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x6, 0x202000) 2033/05/18 03:38:17 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) connect$ipx(r0, &(0x7f00000003c0)={0x4, 0x6, 0xa06, "8323fd9a2658", 0x91}, 0x10) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='sessionid\x00') ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000540)={'team0\x00', 0x0}) ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f00000006c0)) ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000680)=0x40) stat(&(0x7f0000000740)='\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) chown(&(0x7f0000000700)='./file0\x00', r3, r4) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xc, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000010000000000000002000000a0e8000000ffffff00000000000006000000000000009500000000000000"], &(0x7f0000000440)='syzkaller\x00', 0x3, 0xbf, &(0x7f0000000480)=""/191, 0x41f00, 0x1, [], r2}, 0x48) sendmsg$unix(r1, &(0x7f0000000340)={&(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000200)="ba8b0a2530084723748c64310e80655a92a207fdae88e04ba7cf3320c136b4e8d8b747c45dd6e9b503dd29f77e5e740df1045a2ff8e9a83efefb5b0fa09a3e442ecb9d6c64e9fd3e72df5353ce86a84d18534edb173b1aa44466ce9b02c3037e47008d1ed09be1ac6924a48b8860572399f38dd4d320c537e4a30feb44b275a5e0d37a6bb4918f80bfc3d39091f190635520013ae2cd12f34e4e0e9cbea08b", 0x9f}], 0x1, &(0x7f0000000300), 0x0, 0x810}, 0x80) r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4}) mq_notify(r5, &(0x7f0000000140)={0x0, 0x2e, 0x1, @thr={&(0x7f0000000040)="7be4d6b00202ca53878499e01146863a2e7c8ca45e1910e5eba6453bb6f234b5a1b1bca731970a74bfc8e1793749ea18156c9b8a615bfa2f506fcf44060d36e38f66f111149434d5139e416358ea33f34b4507cdc299f7868d5f186e6bd604", &(0x7f00000000c0)="3c5d8da40d1477844fc4c160b6004a90edc520a6935a49cf5da4c2b525d13146ed27d429c762a4b0e9aaed82555cd1ae800d"}}) bind$unix(r0, &(0x7f0000000600)=@file={0x1, './file0\x00'}, 0x6e) mq_timedsend(r5, &(0x7f00000e6000), 0x0, 0x0, &(0x7f0000e0b000)) ioctl$ASHMEM_SET_PROT_MASK(r1, 0x40087705, &(0x7f0000000300)={0x0, 0x3}) 2033/05/18 03:38:17 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x543]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:17 executing program 3 (fault-call:6 fault-nth:0): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x0, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:17 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x4000}, [{}]}, 0xfffffc53) [ 1048.359122] FAULT_INJECTION: forcing a failure. [ 1048.359122] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1048.371096] CPU: 1 PID: 9800 Comm: syz-executor3 Not tainted 4.17.0-rc5+ #54 [ 1048.378294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1048.387660] Call Trace: [ 1048.390268] dump_stack+0x1b9/0x294 [ 1048.393919] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1048.399130] ? check_noncircular+0x20/0x20 [ 1048.403388] should_fail.cold.4+0xa/0x1a [ 1048.407469] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1048.412591] ? graph_lock+0x170/0x170 [ 1048.416409] ? check_noncircular+0x20/0x20 [ 1048.420660] ? find_held_lock+0x36/0x1c0 [ 1048.424745] ? __lock_is_held+0xb5/0x140 [ 1048.428924] ? check_same_owner+0x320/0x320 [ 1048.433265] ? rcu_note_context_switch+0x710/0x710 [ 1048.438207] ? kmem_cache_alloc+0x12e/0x760 [ 1048.442542] ? __d_alloc+0xc0/0xd30 [ 1048.446187] ? __might_sleep+0x95/0x190 [ 1048.450184] __alloc_pages_nodemask+0x34e/0xd70 [ 1048.454875] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 1048.459916] ? print_usage_bug+0xc0/0xc0 [ 1048.464013] ? print_usage_bug+0xc0/0xc0 [ 1048.468093] ? __lock_acquire+0x7f5/0x5140 [ 1048.472357] ? print_usage_bug+0xc0/0xc0 [ 1048.476449] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1048.482004] alloc_pages_vma+0xdd/0x550 [ 1048.486002] wp_page_copy+0xc2d/0x1440 [ 1048.489911] ? do_page_mkwrite+0x500/0x500 [ 1048.494690] ? lock_downgrade+0x8e0/0x8e0 [ 1048.498943] ? kasan_check_read+0x11/0x20 [ 1048.503120] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1048.507545] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1048.512144] ? __pte_alloc_kernel+0x2e0/0x2e0 [ 1048.516660] do_wp_page+0x425/0x1990 [ 1048.520396] ? finish_mkwrite_fault+0x610/0x610 [ 1048.525087] ? debug_check_no_locks_freed+0x310/0x310 [ 1048.530317] ? find_held_lock+0x36/0x1c0 [ 1048.534429] ? lock_acquire+0x1dc/0x520 [ 1048.538424] ? __handle_mm_fault+0x1c0a/0x4310 [ 1048.543024] ? lock_release+0xa10/0xa10 [ 1048.547012] ? kasan_check_read+0x11/0x20 [ 1048.551198] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1048.555626] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1048.560225] ? kasan_check_write+0x14/0x20 [ 1048.565172] ? do_raw_spin_lock+0xc1/0x200 [ 1048.569424] __handle_mm_fault+0x2996/0x4310 [ 1048.573848] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 1048.578614] ? graph_lock+0x170/0x170 [ 1048.582432] ? find_held_lock+0x36/0x1c0 [ 1048.586511] ? lock_downgrade+0x8e0/0x8e0 [ 1048.590681] ? handle_mm_fault+0x8c0/0xc70 [ 1048.594928] handle_mm_fault+0x53a/0xc70 [ 1048.598997] ? __handle_mm_fault+0x4310/0x4310 [ 1048.603594] ? find_vma+0x34/0x190 [ 1048.607151] __do_page_fault+0x60b/0xe40 [ 1048.611228] ? mm_fault_error+0x380/0x380 [ 1048.615383] ? graph_lock+0x170/0x170 [ 1048.619206] do_page_fault+0xee/0x8a7 [ 1048.623013] ? vmalloc_sync_all+0x30/0x30 [ 1048.627172] ? find_held_lock+0x36/0x1c0 [ 1048.631246] ? retint_kernel+0x10/0x10 [ 1048.635149] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1048.640003] page_fault+0x1e/0x30 [ 1048.643469] RIP: 0010:move_addr_to_user+0xba/0x200 [ 1048.648400] RSP: 0018:ffff880177d77b20 EFLAGS: 00010246 [ 1048.653772] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9001133e000 [ 1048.661049] RDX: 0000000000000135 RSI: ffffffff85d43395 RDI: 0000000000000005 [ 1048.668328] RBP: ffff880177d77b58 R08: ffff8801b3e62300 R09: 0000000000000000 [ 1048.675619] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000707000 [ 1048.682909] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1048.690241] ? move_addr_to_user+0xb5/0x200 [ 1048.694593] __sys_recvfrom+0x3ab/0x5d0 [ 1048.698590] ? __ia32_sys_send+0x100/0x100 [ 1048.702849] ? wait_for_completion+0x870/0x870 [ 1048.707456] ? __lock_is_held+0xb5/0x140 [ 1048.711551] ? __sb_end_write+0xac/0xe0 [ 1048.715549] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1048.721112] ? fput+0x130/0x1a0 [ 1048.724408] ? ksys_write+0x1a6/0x250 [ 1048.728223] ? __ia32_sys_read+0xb0/0xb0 [ 1048.732301] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1048.737857] __x64_sys_recvfrom+0xe1/0x1a0 [ 1048.742123] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1048.747151] do_syscall_64+0x1b1/0x800 [ 1048.751048] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1048.755902] ? syscall_return_slowpath+0x5c0/0x5c0 2033/05/18 03:38:18 executing program 5: r0 = memfd_create(&(0x7f00000000c0)='\x00', 0x1) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000100)={0xd9, &(0x7f0000000180)="8e335fa18e6065d76bcc3c27894a3a6bc155e2a9ead62e4f708dc52efa70a68cadb751cb131dd04d809e58885eee7e2b8486dfdabd6fefdae650672c63c7e73f1b4ab6267ed4f2d9157a5c02847975acbe78d452240f666c59080cec7d495459adde03e37ef68f0534e60eed27128cff26670789e507aa1241cdbfce58c9ec93c7d43a088bfc451cd0748233102667ae3706a18cf1737390d2a346ee36a113b7757b3d494e22b5f0ced20449e0829a4b9969031c45c52701d57b39317f77f32a95e4010429d281e0fe67c667392149fdda7ea9c937d67fb920"}) r1 = socket$inet(0x10, 0x3, 0x2000000000000c) r2 = dup(r1) bind$can_raw(r2, &(0x7f0000000040)={0x1d}, 0x10) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000080)={0x3, r2}) 2033/05/18 03:38:18 executing program 5: r0 = socket$inet(0x10, 0x400000000005, 0x7) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0xfffffffffffffe97}], 0x2d8, 0x0, 0x0, 0x1}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuset.effective_mems\x00', 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz0\x00', 0x1ff) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000280)={{{@in6, @in=@multicast1}}, {{@in=@local}, 0x0, @in6=@local}}, &(0x7f0000000080)=0xe8) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000000c0)={{0x3, 0x3, 0x8, 0x0, 0x7325}}) recvfrom$llc(r1, &(0x7f0000001a40)=""/252, 0xfc, 0x122, &(0x7f0000001b40)={0x1a, 0x0, 0x40, 0x7b, 0x29d, 0x80000000}, 0x10) 2033/05/18 03:38:18 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x80000) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1000}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000100)={0xff, 0x4, 0x820c, 0x1, 0x5, 0x9, 0x1000, 0x4b, r1}, &(0x7f0000000180)=0x20) 2033/05/18 03:38:18 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000280)="e38c4068b4e96b0f940656d9395766d8d63e89dd324a22a649faa735fac3192f79ac592c30ce58b69efcf44569cdd9daaaa67fadc81e926d317e996624e22ca38d3544d3805e8af3d4f3eec5106788063f3647cd632981b1c8d41fd52317e70c579461c2b9ec99c32a26a2a20a97ffefa77f5d26d2398c622df33fc9716198ef949b74da1aef216b802f54965d58a52111b2805f33d1c017ddc19021b3380a0261601a0e0aad85bf1f57d3e47caadb4c702687aa08d737b9e5ca7f3f8ab65faed8ab4b7e389fad9e5cdf9d2315b0c363a067938a50fe947851eabe04ac500972", 0xe0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x10000, 0x0) unlinkat(r1, &(0x7f0000000080)='./file0\x00', 0x0) 2033/05/18 03:38:18 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000680)="c626262c8523bf012cf66f") bind$alg(r0, &(0x7f000065ffa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="0022f8ff020000000000000000000000", 0x10) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000200)={0x0, 0xb9, "ff729cfafcf25f29e8eded56fb06db286d4dad9934dbab992b1b9d5ba7ae8e8f157a2691cc70141a40f5165e2cbebc67acdbf182d575ad5bb4bf901afffa0cc19e1fcbba88bf80b0d025d46ffee6a249b49b0984bf3649f01a97d16dbe49f7d38ee6f2660bf49a45e7e10f7c3ff8070c58b624a3aa7e18ec2a1554ff160a0f2ca88a69ed798e3c0700341188ee8ced75260dc37ebf613bbdc0ede796ea5e1f5455c147ac986bca0d0f0ffb14984c8896c36d84e27f441aba42"}, &(0x7f0000000140)=0xc1) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000180)={r2, 0x3dc}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000340)={r2, 0x4, 0x30}, 0xc) r3 = accept$alg(r0, 0x0, 0x0) recvfrom$ax25(r3, &(0x7f0000000000)=""/239, 0xef, 0x0, &(0x7f00000001c0)={0x3, {"310601346e6274"}}, 0x6f3000) [ 1048.760839] ? syscall_return_slowpath+0x30f/0x5c0 [ 1048.765780] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1048.771175] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1048.776067] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1048.781440] RIP: 0033:0x455a09 [ 1048.784631] RSP: 002b:00007fac1e75ac68 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 1048.792363] RAX: ffffffffffffffda RBX: 00007fac1e75b6d4 RCX: 0000000000455a09 [ 1048.799644] RDX: 000000000000004b RSI: 0000000020000040 RDI: 0000000000000013 [ 1048.806926] RBP: 000000000072bea0 R08: 00000000200000c0 R09: 0000000000707000 [ 1048.814198] R10: 0000000040000001 R11: 0000000000000246 R12: 0000000000000015 [ 1048.821464] R13: 0000000000000542 R14: 00000000006fbed0 R15: 0000000000000000 2033/05/18 03:38:18 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="09000060717d4bf3fe064cff648b656dfa51d63f16e7ff30ecb0d239434b3f2a6c64b1f0f3031a9c5a4c9fa00cf0b82014b7768462a09072835804709162285393d067f478116181d8b3669c8ad0bf95b80dc1593e8f53457231a4934e9ea854e4d9e3e669a0fdf636ce38343c182b1cd90ed0bfff301f815f46fcaeb9776d49f3bf2af11c298447013f409ee544d1d7083c5e3508725b88"], 0x8, 0x0) setsockopt$ax25_buf(r0, 0x101, 0x19, &(0x7f0000000340)="f3030e97eb0c4c6efdf923778c30cdc8252268e19af2556d894579a83a201ed94f75a3ed5ae7800782bc916df9c2307335dd4a52748e592cab4cb280f3418582747e8ac05976c274d6f990654c20e5178148abf7259d3f79905439f1d6d03c1ec2a1aadb95c5c4cf0815706d4f27f9059dca488232402fe6ad458f0a77aead95c1b81955cfdb6a2f7c3dd8df09c1d92430a8bdcc5d9bf8f74a59968e4ecb532a532d13f16b8c2542820c7dc120a9dfba3876af5be2f39d997062b4410607ade5b3a3af3efa7280d5f7710f28bae9ff88e90a", 0xd2) 2033/05/18 03:38:18 executing program 2: r0 = open(&(0x7f0000000000)='./file0\x00', 0xa0b00, 0x2) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000100)={0x4, @time={0x0, 0x1c9c380}, 0x4, {0x4, 0x7}, 0x8, 0x3, 0x8}) r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) read(r1, &(0x7f0000000280)=""/28, 0x58) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f000019ffe9)={0xc1}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r1, 0xc02c5341, &(0x7f0000000080)) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000efb000)='/dev/sequencer2\x00', 0x0, 0x0) 2033/05/18 03:38:18 executing program 5: bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={0x1, 0x8, &(0x7f0000000180)={0x0, 0x0}}, 0xfffffffffffffec9) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={r0, 0x0, 0x18}, 0xc) r1 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1, 0x0, 0x0, 0x40000}, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000003c0)='/dev/snd/midiC#D#\x00', 0xcebc, 0x200080) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x6) sendmsg(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) syz_mount_image$jfs(&(0x7f0000000080)='jfs\x00', &(0x7f00000001c0)='./file0\x00', 0x10000, 0x2, &(0x7f0000000340)=[{&(0x7f0000000200)="a585d90154f66fac813557fc04ca3564ee8160c78156a74d21c41eddce833053a71b6d71aa2b32ac20ed8bbdedc25bf583d9b0f93475b3b13dd4013373816f8c50b8b95405cd62a79af7e891c9c3a0ecfc8815e18ff1534468f0e19d", 0x5c, 0x7}, {&(0x7f0000000280)="f6f1faddb2eb6f11409f1199f639c2300709e1d8f294a33be932251c78388534f4dabf6bc97e198cc80823465db5be526511fd8e5b7300b907f2c79d9f380daabdfce02edc97905244c4b6cd208e87e0c9b7655795e0c916dccb07f04dc82381e4bd95671e16fd4c3a5df78ab1ed5e320299e1d3f0f83fb2d9979c7f094f9cd6cf29ee9c7211aa12e489c1450e5d0323c130337c4ee793d5b65964c276c9d673a0aa18452f", 0xa5, 0x3}], 0x42408, &(0x7f0000000380)=ANY=[@ANYBLOB='discaqd=702?85x14,discard,discard,gid=x,\x00']) 2033/05/18 03:38:18 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x88a8ffff00000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:18 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:18 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x4000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, 0xffffffffffffffff, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:18 executing program 3 (fault-call:6 fault-nth:1): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:18 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x100, 0x0) getpeername$netlink(r0, &(0x7f0000000080), &(0x7f00000000c0)=0xc) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:18 executing program 6: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x40000000000, 0x0) setsockopt$inet_dccp_int(r0, 0x21, 0x1f, &(0x7f0000000200)=0x20000000000000, 0x4) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) socketpair(0x7, 0xb, 0xb704, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) openat$cgroup_int(r2, &(0x7f0000000080)='cpuset.sched_load_balance\x00', 0x2, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:18 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:18 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x40030000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:18 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x300], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:18 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) dup3(r0, r0, 0x80000) syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x5, 0x200480) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:18 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, 0xffffffffffffffff, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:18 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x109000, 0x0) ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f0000000080)) 2033/05/18 03:38:18 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, 0xffffffffffffffff, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:19 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x2000008b, 0x40000001, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:19 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) mknod$loop(&(0x7f0000000040)='./file0\x00', 0xc000, 0x0) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:19 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x11000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:19 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:19 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:19 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) r1 = shmget$private(0x0, 0x4000, 0x456, &(0x7f0000ffa000/0x4000)=nil) r2 = getuid() r3 = getegid() r4 = geteuid() r5 = getgid() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) r7 = getpgid(0xffffffffffffffff) shmctl$IPC_SET(r1, 0x1, &(0x7f00000001c0)={{0x6, r2, r3, r4, r5, 0x10, 0x1da}, 0x3f, 0x9, 0xa8, 0x5f, r6, r7}) 2033/05/18 03:38:19 executing program 2: socket(0xa, 0x1, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000500)=""/246) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) ioctl$EVIOCGREP(r0, 0x8010743f, &(0x7f0000000240)=""/174) 2033/05/18 03:38:19 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0xfffffffffffffeb7, &(0x7f00000000c0)=[{&(0x7f00000006c0)="aa1be938402f86cbda165caa048f33ade3b2730015f32460e9c34372874c4ccc81082710a3f85a59f51ea124176b230cc243c3b109d79efb0aa3ef118a47cd5f029c6b61fcf400352eb97da96dd689363e3820f2f61475837d1d59b96cb92be15ddd3c99fb9d532bde054b163b480ca9a6c454dfac09c1f59b8ca77d0fc4d2a0285a45870dd390f75e5e90e2d6374d98cb1a9c7a9c5d1c0c48bc66c1dc7fc1d31af0edf965172c7484db837ff98eba77c98acc5c0c021989dcf69d6fc093e3edd831dc8f1ce59fbd2ffd37ced888172698a7840cc90f25f294c142d2162636940bef2c6caa4dc838ff3b9bbe28f1bf56fa8c5feace4b878c66faa7e0902cf92cd615d0727197a7be4679e866c82d933c8ab10eb0d5df67937598133cd8e126c4ff287729ce3682ab40b37ba8c91c2c15e25dd42f00f0c07ddbdadb378c36822159fca1ba3bbbc5fc2e0d3cd1e47b3f0d11dc3308e105439c0bfee36c45e0e7334823c2e137047278a63f4d8d35bba0bfb71336a15b7167299f7eaf645b6bd29e35b53418bdf366597511d66d978297f8597438545abae60fa2823fed04a3054a20eb3e62eb568077d9e4a97063dc39980e894bb3284aa4d90cc4b704e7cbcb68a983f715c05c18cc2f050ff395df87e6355c747bbc25c39e85907ec6ce4f8f13e545c0b1d52e3d75e7ab718fe8c8539bc41892e8a39cf9f3c24bc076c662e648efe218f277076ec3d6d1edd91be30d42779d6d1526323e901486601d3986d659240df4b6796fcf33e44ed18788fcdbd551593acfb84406b63d1e037ad47cdbd042a710a67d0823c64afbfe3eb29f80cfe9a827dbac3cafd9d396460ff1204cea28fb14733867d01eb367a8e7fb798dcbe6bb23d8d55c655b3ceab1d5d9818722c8df24da99b6cb5d4840a3c7cf7f7794e1f9663eef5bef71fc642261b464e19a94c5d634495bf015c9202badc48dd9438340dd347760d9fd94339d15298fbe97754a2246507c7582df57daf24cf474722cfe62a41e8252b359d7831eb86780b0417ae3814e4c1d22fd167254fd1ce85a2d81bf5d0ff13b86324e6d4e0ea99b6d8cb212f800d0117ece46caba0581daafd2bc3f24f490904bba7440ad6dfed0e674542d89fbc5ef6d8e4c5439a550ac6e01a819bdc59f6263f42621e7aebf91e6c47ec6e41d817d06f1d9dd2b6c94d3d55da191dff104958ac0f2db8e6aabcc57e4ba1b997254faf652bcfd0f3d855dd69c36acea53a0fa46b6c6a481c9223d8cf35de4f20f5708a50eb7927bf10697697f9c0e24cb5a33a63724772ffd52a1d19183b3a2f9b5581d7e393606dcf471f376c8cdb7398df7fc14ad8c718dabc1216745221539e9d8803de1c0d2d0ca4f75aaacec7eb8b8a515018fbc365d1e92aa286116209785dbc7c430441aa04f60d9247acf3e3b355cc0a43c0477f8036608466ce4abb38f68146adbbed02b4742aaf6d7653b42a5a91d42854ab285d1e98432cad100810c5dbf51ca67d68df4e50642e8cfe9aebe6375fe0c132389346391b3c25aeeec03144a0f66b509af015b55ff5766698016744051b250a48e52dcc2b8759309e660c86b5badccf77278ee44f551cf41cbb1e40f7cb3d9369513df81e490ec255a23d3de95874d2c7ea4f78ee62d2d9d36150e46c4113267f8ccd6da118f428b2dee207ea1356229ce7e218b79b85f60dea88e2cb4c548282729de9aef8b3c051f0aacaa64bc9588ea1a77a8dd8b1ef8729e45146aefb7995457ec1754cf8785348315ee55a4568cb5d5b374a38f9f057b87f7d72be691f87f82eaf59efaae199a2c4b25e0cfe9c805d147ea4923a15c0b8c8dfc4708f0e860e9dfb8f5191db6b7b82888751d7897a6f9431682956ef082d3c0b797d5e81f3d0ea4278126691e36cce0608b7061103f728e9113731f69df278946987cb4c3b34b6ee707114f6739919543861c6c55256901af7ff79a889a77ac83e09c5b39f5425f629822dbcb06ba1f735cd1ed7e864181e02afd4eb2c5bd86c805b66efbec0f8bbc0cac124a1eb41bff1fa13d9efbcba2337ba36e3390c278e1717dc4cdd59bd606459451d1b4d99ee1e8b1d485ae84007bd09b758fa619516271083e5eab28a76a06c17d2d4f7a4454ccfd6aa89fecc16cb363f452df68294c12cdd354de57a644f7573198bad4a4751162ed6eedf17660bd6cb2e8a691285fd36d417674c7f2ae306c39db46e40dcbde08dac0b3af5f8a64e197d56e5dcd29183153d5b638a36c7798b506755d9a85e7dbef896f9ee7c9a15065a554928c859d90e75914a67ad4fdf81ed2f9483cf321574de00bf5f665be6d4d920de3afd7c9d1cff1260eed337950f71b95f837fd4d4872e92edb48a14b680b8a8a6a301d806ff476b2ead335a285ec3ab5d907952fbbc01efd47658a147316936193f46db16f46cbf0d88e5ba90fac5593592dd48e3d743646c4dfcb5715d61d8399e91b94c1e869998d06e40bbdc1cfb379f8e7eabe35bc02a3b68d98335fb3425dc10966fe64637576c6d2fcf6ef214000e7cb8174f7a2d200e220fd56b710414900583b5a8a1497cc8b65ecf972d1f3523c8c1c68f62c90eb6fcf394e64ab7a8bf977ba95a12f189fc6b459ec67cc58834b23ce6ebd09ab69ac46fb169e318d6c34c66c79d36f0c5a9386c35069ffd29fb86d558659ed2a5b90c4f89f542a5f874484fb1240adc9eaadeb7fdc24044b356c24f4416975eb6a256fc9e74179ee56afced23568b0f7d302c9c8b58742566bcbbc8de18034e8417be6a9c2efcc623f20a012e47e746a6b2e6d9c63db5025f6d67b8a1ec56b35f2880d52439847cd3fdc0e70ea776a79a52777ed33e1ddd8a20d45ec823f6eab1b6e31e25a6f868d3941fe9d59ba21cc8d5fc33aaa7e7d685e5de1aba39d602e18aa41756b297fe3b9e158484642cd3da90628b54f286ce9e02ae80a10df389998475c00618918eb45b5ad945ac6a15437567591b67bb426bfe0c574253e411bda0c7a174d3e473482d05df1a2c39c6052aea49d2cae590531e2462859e7c16082ba51f375381091faff8bda96fccdb41d09c030317a9a0f6c52228cd6d3f35c297412cd17b19361195f845548171fae8fd69c087feeb6d788db96a9c2bfd74edf9da31a2d5bdbd4e3f0694c753a94da631679dfc895e8149e3342f85fc48a6960d1eddae9f6e833d4cda04d5910eb7a2226025e4a5e2d3f043d2956e3d3a645c24673e0f9bd6b4708bf8db4e1f8f2597e5010b6ce95256094cf70b95e78b76931187337513edf105dcc0f50f16f8e39bc73535122c0bdd8118d7095bc7d88911d745e3d8b6cab06d2fbbfa9f27a79c6a07c5319c2313c91e32ca06cca17c8440bc5eea9f06abd12e7c846c4d988b3b8e1ac0870066f7e471b4d52d2e845969c4373abfb553df0a2058a1ea0b36e7f8eece8a74a65472c62cd861bf4d0c28db923ed430e95ddf42608e40cb82e05eb9323decefe34e30a17ad3c2ef31251c3895ad6d2b2a6b07b230c4f470f7d31cb31e26661f3842c2d7b8d5045efa56265ef6a280f1933f3f46f59222e54380d8d75174c50c9ffee421e9ff8c2e1b6cefb569f92efe99fc44d84efd3105fbe93cb79488c0e28673b13d613c54d6e3415e134d465fad3a59af7648135e25438d2e223989eb5d712a163d5e7d8562d165da480c1cac697e96a8dfdb51ffe5a0d27f72db99562911e68454e1318e841e961259434d15ead8948be76d3e1caf926ece456a4ce0099276ed21c6fc873ea623ab6cc622322739a8652382974959815b5833fa36b28fb23c126d0ccee942e80ec0817d548e808d47d3271187b1b76ba7217c50f997ff9894903b307cd5931f66f21c59f9df61c3c7b188de70b2dd0b6aeb21538ff74fe61ffb6ad065277a1f73f924dec3359d72c94bd277a192adcec731783f92b584193ce0261c17cae05272b6ab7ea2a19677b924f5b7d244e0bf9d57c8a2d3c9a6ed8569bd65f867dd31e96e2aa17eba63c844210f6c77c12c3a9c9ef454a4e44c2688eaf9597c32d4218c23c43f485799ecefbd438a38725af3d02d8c7a6c42810f617a9923bdf76e12eb36db9742c755b4e8ab04e0da0ccc93adcbaa4e445882d42afa95345449b2971de56166f170651d7067f2fe87f19655af073733fb6754534585e63c69a0a52169e47a0b302a8b467cfc7f9cc8c9886a8f9b2a8942962aa3a100f169eb8e8e68e83b6228bfd436f64475bea7c4d9232baaa280372a70dfc8bbbc334da39dd16154c4bf588e3fac93b51a1bc3725f22b0f77cd7e35947ebe1e59f78bae960efb9f7a2c3b703c39ee1e88f50a46ce34dc0b13bf8d95b8284e4b86aafc97ab17615cbc5fd761ffee411f537aa725a796fa05eac8c51078df2b68b1be9e470c6cb7260fb85a6d596778b55dfd08b8c618654fa638548f454e798c101974316569db7e3958775996aec7d5449b99664c3e3475f92db5458354dc976260c4135b0e01df1b118f09df182dc83a142a882799d3fb5401eeb524ef18f23bdc67083ead2fc2ff71353d054e5eafc1551483c4f517790dcb00351593c71dad1eda11b4cd81e7ce8de67af3d7ecf3f986e3f868b20ed273da5af18c976bde3764cab3f038f46d70768a26951ba883ddf4eca870d2f3cb998bef60b1df1e8b62226eaacc537217188ea2c71e9c523b50cb0f07ca0dc86eb6403bd5ef36c337213cfcd89f002b4c2cd95e2a8bd465c963139107c57ccd0f0fd297d6d5fe5040d60081f99d488d399737b5f9694f0cbf26d939b871e9582b3d92b185c69bfb47b8bfbf8467cc4091b95e227ea9acc90bdc6b97997f7063b1fbc485b4f405861d701afb1fe31f5dcb57a444a1ecbfd81fa8592740251eb8cacf605bdd4ea180bb77d0aceeb569b2963897f6732ec2bd14c7737fef2eeeeb319ac618f965164476595491f3f9a623cae7c6402caa71e251cefb2b7bdd7e075ea272722c02201a9c9c4dcc28939223ed28894972f7dd6e715e674c4acc5593e5e0e4b6419cda4f00e241ba87b2c3e89113393ef1096647ed535ceefa4252fc6ccac022cc2ac9d7634b6669c8efb09c4c24d8cb39185f9a0b920cb84a6bd2bad5742f4b0638885f218d97eecbe5db92195b045b7bd09f39a2e29238a6ecc8580406166d4977286d65b7b288d0c66d88d3577802eebfb4b9833dc2058eb943d7535046f3dba7f7f850b5d90343b0e0cd2011d22584a33525d997183fa2b5de2447931db4bc8018288add47a034addd44c78229cdb545c757deb9808873061bb959ce8d263cc1a74fcd2d3ca5e5580a6c248a1220aea72deb8811f2badd312e1b1df79c0cc381870945b2920e8789df5d236f317c514430e854b0c7d5f4c1668d78ee163e6d6110d0aa4ec56f8bf7fc1892561622bc8ffa891155f6c57f7cc93df65d146e5485d184f40b2e6da2c8c43acaf9b13a15a317bdd1ea2e5ed27afe830f277fca57d1833dd16f5dbfa8835f3f2b4cff56e021e00b3d167a405e9dd9a72ba54b650c5aee2b9cc4513d04f95fe07093a9de8ce6ca64bd30c7ba52dd8fdb3e13934df22483ebdbc03a9ba58ee490042caf717faf0dc15b6347e1c8bf7df0dcf2a8a9fb82f376fbda1811ddea4317bc7f49161e0b8dd84f6416ff121e0508825934af9450400e0f9d7805ef3f46ac72b7f10bd0e98bb32b39c5d62456bcbc67e90fc614b42d4b5ca30d119efc8ffa73c13c3df9835aa6b19fdad334a542a92c83cb0fcbf2c5eb60245db58b5e74fcc60fe58a6c301f24981ecdb49d79e32db2586e1087d2d4", 0xd899371bef019e13}, {&(0x7f0000000380)="65e7e9be25a09424bd9d4119c6682352ef37a94b20cf22dc3d6bdd3d36bdb3591eb656f1649eebac9870f2c13540f59c38bca78cfe1645200f0241f3bb70e1ed7fd001f221866aba64e43c6f73a1dc6ef8b34b8057f6cbaa30b6760855bd2daf249a8fa90279dc0017decd6651bf8f7de77984067848ba053478b6aa080f2f4ef35112c7a351974ce14e247a9bbc96588e13bffea543471ed2ed928d4679f28f01ece6c580a6d960fa5c236f480ac44bd2a307bf331799fdb9abccb3c7e1db69053c08860523dccd3a0f94694ad907e274e3afc77c20d68e9076f8be11abe584f9400e"}, {&(0x7f0000000080)="ea092c55518154924aa3a5e1acd0bba617"}, {&(0x7f0000000280)="5336214c147fed52d5c3b20da7e608b7c5781db7b5be5d82d520c41bed41be8cc0c961c2a1d0aed5e5febf332a7df2920eb9bd216d1f126421f3aa1858f216dac3d6dd54d106ea4361a8479f8816a89b3631bed1ed458237e4444f7dbc5e7cc7cfd339c240f796e8ad6655134492c0c55b6bcb1920138f17de826d0aa885890380e1369eea8f90ffdaa7220866b77406058b58d78a134c45c833b0b0a04b7c3c97465a7f69c6595aaacb17b95d86b3dac8b0797958aa362356bc3ec4555be5ecf4484e47f333e585856d48", 0xfffffffffffffe39}], 0x10000000000002c8}, 0x0) 2033/05/18 03:38:19 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) shmget$private(0x0, 0x1000, 0x42, &(0x7f0000ffc000/0x1000)=nil) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@remote}}, &(0x7f0000000080)=0xe8) getpeername(r0, &(0x7f00000003c0)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000440)=0x80) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=@deltfilter={0x2c, 0x2d, 0x401, 0x70bd28, 0x25dfdbfc, {0x0, r1, {0xffff, 0xfff3}, {0xf, 0xb}, {0xfff1, 0xfff2}}, [@TCA_CHAIN={0x8, 0xb, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040801}, 0x800) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000580)=0x1, 0x2) ioctl$sock_proto_private(r0, 0x89e4, &(0x7f0000000480)="4160d4ddb19d7070971e1f9addc2bd3b8ccee3d90db2bba3af9a98b328ec8a738a496121fed4fefc17bfa2c7d2787736fed4363068493430dd2480fbedee54bd65449df8b4cd5c513e778e65bc10e9cc4d7964fa9c92fafeb92cfb4751155125aad038a0a3cfaabe0955e234d241cfa669a1f2853477ca02565ddb1f7795b162153d71ab56056e3b688df9b07c7dc617608cfb212d27641ca98f8c892f728bba57345ad5f5ed3bcaf29a2a68df77df9707c7d363b9637ead448b18fa761bddf2983abcfc2bedc0be81095ca3b6d6a975c0636acd6fca38a4eeb32ea37f60757dd0906481ccabe2519af4f793cb1002f895d4c1c9ce") 2033/05/18 03:38:19 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x806]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:19 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xf5ffffff00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:19 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x4000004b, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:19 executing program 2: r0 = socket(0xa, 0x400000000000000a, 0xfffffffffffffffd) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x3}, 0x1c) fremovexattr(r0, &(0x7f0000000000)=@known='trusted.syz\x00') getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000180)={0x0, 0x9}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in6={{0xa, 0x4e23, 0xf, @local={0xfe, 0x80, [], 0xaa}, 0x5}}}, &(0x7f00000002c0)=0x84) setsockopt$inet6_int(r0, 0x29, 0x11, &(0x7f0000000100)=0x7, 0x4) r2 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0x9248, 0x200000) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000080)={'syz_tun\x00', {0x2, 0x4e23, @loopback=0x7f000001}}) openat$cgroup_ro(r2, &(0x7f0000000140)='cpuset.effective_mems\x00', 0x0, 0x0) 2033/05/18 03:38:19 executing program 6: r0 = socket(0xa, 0x1, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r1, 0x200, 0x70bd2c, 0x25dfdbfb, {0xa}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7fffffff}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xe64}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local={0xac, 0x14, 0x14, 0xaa}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0xfffffffffffffffe}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x2}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x800}, 0x800) ioctl(r0, 0x8912, &(0x7f0000000040)="c626262c8523bf012cf66f") syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:19 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) removexattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@random={'os2.', '#$&mime_type\x00'}) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00') ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) getsockname$inet6(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, @dev}, &(0x7f0000000180)=0x1c) 2033/05/18 03:38:19 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xffffa888]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:19 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40001300, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:19 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_netrom_SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000000)) r1 = socket$bt_cmtp(0x1f, 0x3, 0x5) ppoll(&(0x7f0000000040)=[{r0, 0x2400}, {r0, 0x83}, {r1, 0xa408}, {r0, 0x1}, {r0, 0x1000}, {r0, 0x4}], 0x6, &(0x7f0000000080)={0x0, 0x1c9c380}, &(0x7f00000000c0)={0xa3}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x3, 0x0, @loopback={0x0, 0x1}}], 0x1c) connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2033/05/18 03:38:19 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:20 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8906000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:20 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0xb, 0x7f, 0x7, 0x5, 0x1}, 0x2c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000ed1000)={0xf, 0x4, 0x81000000004, 0x8000000007}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000002ac0)={0x7, 0x7, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000018100000", @ANYRES32=r1, @ANYBLOB="000000000000000018100000", @ANYRES32=r0, @ANYBLOB="00000000000000009500000000000000"], &(0x7f0000001480)='syzkaller\x00', 0x3, 0x1000, &(0x7f00000014c0)=""/4096}, 0x48) 2033/05/18 03:38:20 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8914, &(0x7f0000000080)="c626262c8523bf012cf66f") r1 = msgget$private(0x0, 0x410) msgrcv(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000022cd01d975baefb61f23fa1e6328b2a6d04941f6b6afe18554bff5e32d111927f3c147caeadda234eef9e9b56832e6af19acac53a9076b850fbbdb99e249c314092ac22a972396147a9ec67172a416d413ba5de062f63e6a69b2d7c62eab933b56a6c44d29859c17d33b42a9c0b9c7a6c8adfd86706880fc9b6369f214f63b562ed68e42eea23b64454a5ea810815fa779ffcb59e423cfe24d4fa890a4c493fb09406933f70bb831aa6b5fdca96ea44d89d0e643f2b9ebbdc3494646f81ae620ba1bd1ec0727cf22ae855abe65b5cc10b383d6d51dd05d4f8f2c0ab443788024acd56e1bc1ea1b24e8cc6652b3cabc153ed3003a7b2c50fbcb2271ea2cd3212ba44f919409fe7d2c68475ee8a451643f0f1d2f9762eea00f4371d38f8908787f9d7c4485c58691724730cc922139185a3d4f9629fd33077c3fd5a8678a98a7cc784e722a7b6b304736cb87d8ed6edc5dfb907d8c000000000000"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="fc6bc6a4bf1b0775510840b20c0e5d021e7c67b8d03573c9f7c4b5820813df38556c107ebe2e4c81fe092d22e114efdb390f632c7bfd1bafde239bf21f6b50f2e79c78e2a921ecaca93fc5a8f0c02a08c3387050262c54"], 0x8, 0x0) mknod(&(0x7f0000000000)='./file0\x00', 0x0, 0x9) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000040)={0x400, 0x20, 0x8000, 0x1, 0x0, 0x4, 0x7}, 0xc) 2033/05/18 03:38:20 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000002, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:20 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000340)={0x0, 0xfffffff9, &(0x7f0000001a80)=[{&(0x7f00000019c0)="614874ccc322eda88a6d8f7a27fe6e5003e1fe08e2e9f0b6dcde4304c7d38ecfd9392f83df8adcf4d6f97db7ee5a1521e9398ea1784dccc4bf6ef5f851c77572c9248d710321bb36c7470fb5c7176c59caa2e6106547e330b4d2d5b55a96f6c5b72ef2b86309900170ee8b505c59dae2c69e39dd2cf00ec6c734dcde0160993097818c742012da785264cfdb97"}, {&(0x7f00000006c0)="46d835a06341744df496d9d9287819c76d2c4ec32f0d74e2ec912d7b60bde38d87b462cfb87347132eb84c6faf0ecb6861c1df71982dba4a944462fe6f5b04d35728f2e29768e836e32c75a76d0c7253977fcfdf16a4d9b9cfbed84deb8cc608be8b4b6873e0ebc15dbbe26105adb107b753cd1b4880a3947aaadfdc6b64ec712039886020b4ccec51f77c341b07f9e46f6b0471e6c7a293d86b5ca741c7acf0d65227e8e9b54400b09e4c579a3c9e426ea020fb642081da217de62e423c5f3c6b12d235a2b7c5a47100c952566f59bdcb81b2c0b313db6534b3ee38e5a259c15a0f3c4f496adaedf7706e1fc4f85e30ae4f736c6e52fe99a2f8e9a750826e3f795c603c0ea840318650d66d1659ab83cc48a44b6a8913ab58fa78faaede463a0db27e5cb97b7c230c1c75beba1a8c1a13e10f20b61eb585448ab517315eafd2ea128fdd7c0ded98a85e94a061458e8fc42f5883a6451101d2250e9342cbb24647b0e3c49a9b0ab70b826d1bb720684346378881ea31b3bf21d822a2e57bdb8d61a37eb141ef50cb30cbee10657e32d82452eaeb8052a1f89282807d9011dea3d152fbe8b0950283154eb05268fe9c3df3a3cdb5a724f9937fb19e14360c5398cd6c02048ef646a135428a4310db94ed9db4879ef9c5a56d2fdf8f437a54dea9c1ac80bba39c04914112f7f2ffb831299a933ec02ed446cfc3f1ee250d1f0e801ae7dd14e5bc1ec35811ede2f917f7e0089ee9d240306377f9ce5f8b352ec5044e6f2eb4b1b16d445f2acf2d5444d50bf13ca537c0c20c7e93faa8c61a13f46ee1b11aed4da62d7b4d7867941992f8df6a6c9e03fe8ee766eb0c2d6f389ca5d568facfbbc41b920598abff370b5c931f72957413d10e7ef64838fdced89badeff7a80740f53245e2786e47d1b0b1e33c4f401417defb39e50f92ca5e6c69528a0016358254688985250729ed8a02657623a131128c8a4fd242ed9b9cde2e065ac93f0b409593e5564e6212a4c2e7140aeb9a884b84318ac04b141ef6a8fd4db5272515a752c5b1f664ac14aa4a73394d15c51e67834530dcfc9db939b9aca9077bc27c287672d4f76d10488862ab617d203be24134679740413e40301e595463f3dbd38c8905d5d577c221b5fb8feb90860130e2c78d17a1f84e62b4d0ae062f1a2e8beea19ab003ee01196dbf7944a2be541e893f4b3fcf743720b71687d2713bcaa9adab3fc06eb6c17a43c9e320711e0c463945d8c6ebff11a6ae165197a0d2f1f22d8e4e318a13bef6b8e865b6c1d107c9bd5faab8896c2d8578305f84ce4fde1e9124cc94e143a3332ca3faf916b95899dcc7656a5cab339b6cb93c48ac270666cbad97415b54af0952bc47724d9151c0f6724952072e7004f8209d7576ad6a4cc93ad4fdba8c3a248374dad57107121195faf4bd4378e52aa4bc29170ba011adcefc86c9462aacf0223756e99caa4977244c6f0654a80c247f95b5432fe9233f71387b08cc82cb82510cb247f1187a79cc512e7305b407059b0ad939ad3d07bdd37fcc1e59b4f040626d01d7a1c359eebac3e86973f5dc27278ccdf95f8a9b6904465e0e98e062191acf0e68db0f259de9de0fb6ba3d164db0718fe86fe04cc1f7ebb21d2616cf3efaf2eb5d89dd7729b2f09accc584bc8411ccdcd49773ecf417648c260502d4c29e0b283fee3beee21c200c327fee71136bc948d0611088145ef75a6a0307ab6ba7c84c5cbb429b1a38d92c8e8a94527de2ee6a376af59991b628b72bca757642b5a903dac5b6c2812bc573b90d4d579890edc665d6873d9465fd837ae24ba2d2b4a722a03aadd1233a594c580b34c548cf513db0b3dcb68a0db732c554b6bab1e667aac02fca726ec3a3c23c54e0a1c12a4e59676e172d22cc920225d8b1c8b1500f44274e725b6e4018b0a81bf76e29fa0e160953634081642d97dfd7833d658ad3ed4b1a9a6ddd9e6bdd9e50d62192377323715bb6e3b126efb3e52e7d5fcc483f5d206f70112f89840354167578830fa8f91b77b76866ca4da09ebbc79e29438b117f92ec92753362a45c9b3d228cd925dd9a7bb9e49c8e5be07be94169b5dd4feabaee6e56c25937be456a14ad5981f95fed2fad35c9a8860bb6a1488a0b6547a42b0871bf56f160e04198f8fbee72152dd229a4d553a5f75955fdb180843b8be6dc1e2e21195bcb68df2516e60e8cf1f0cfc741139cd1d19aa7adbb3d180517c48a42049dadfc560a39f4c5bab2d184dc206d99163ba898a07dc98f0525360523ca6f8029c21cc04f469ebddb6d6e7a2650c75f202a6bc7e2f6d3c8e7906050f8b3b39cda64cdd433ec88e4a8bdfb3f171c353ed9de151974a9211b58729feaba158ad52fb0025562b9993582fbd722780b5e762de4ae55a35d0806b6dbf010809adfd0a62329b3b6139398efc6b5118570092e5596bc92713c3dfd563c5ce78eb8aaa056ce7a9e129bb9ff8e19276d37599b3b2f4eae0c55e55b3953a84c6d56e8caa6d7e7b94353d03b5dcd9cd7421b3b9ff566d6bb7d86e6436dbb99f99b541c0d1787f273b229d9446fc5ec4e835c48eda7438010b6366be7d0828dd7d84eac12635b4b76fd5f243bff391f076f4e2e80db9653d5b482d4af6a07705cd55ea2d7301a41011c52aeca21279612fd6afa52ac158fc0a03a329140909014901a61fd98825b84b71fed2a9911b7e29e01ab8f6a26e71c009a87a243958f24a60046e6a7ac9c81d856c88ac3dd83c0f852292db7f8fb42057a3b6a62e7d30a1c49c77dbae46efd5efdbf54762fb0e90719d3fd1f510b50c1938e97d1fe7999a25d9f0a760bf3019931c1135e908eb07f59e96e8d517cbd2e83401818ccd659858da6c9ac6ab9d3b2606b5ad4bd62504588cd9f330da13459e10e97da861028e8c1ae27316b9a395fd9212365f994bfd735cfd5f2b4154d542d121aad24a23b383e4ab6436a9db7cffca080952a038736c67d59472c04d281b3016dc60a9f67ab9b57a0403187b3b6f51acdaa597a858aa78746ac84c0385a724f5f4aa56322f8da892973c6705a28806049784f1c810560e1a31035532c1e5ecda868b216cea62943b02c17233e263a8e4c5df6671300c66ddffde355352255205790e81488e4c2c1aa567a15bc924b18f846cf554e316c10269ee54f35df55d1873c079001e2bbcd70d8831fdf83ae1b72408efab9b0bf92dde355210d754352dd6cd02f796b95e3bf9d3e54d220e71c769b13a3f8d290ec1df790180e760f687110b0ae73d1e0679d46563655eb6d75a786a03c22ad59cbdc7dc7272caa9b161f7aa2557c4d8fe0702bc02eb360f0e612a9c74b0f7291d985e69119a90cb458dad33e7671dd1e9124302ee5472552ef5f3a63e2e182e73b4c0617ec043a9d388788445316d9a6b59fcd9ef8726234b6bf2436f3e77e41c7306cf4d62790946831cb0627f5d0b17244ff5cac518c4399cce188b9861cd5aa1f4680edd7c0fbe9f954cd523c72a29d9efa3fe47287d01f417f26fb11f2de146ebfe53bb5f7c4dd5989d7e4e6689369a9a9f9690655cc806a98f3e92e038e4b3797c09f1f7a0a505e08cfb3a0b9f7a6398a80d7f9633ecd16bbef9127cb95c29bb799805a4c5c527f5d6e1ebf42990ea601658d770c3563dfa1c19ab68ca5de87ef52a6f8e87a0447a5ff3adf7f4c6342e870c9c05d6caf74b00953d5d537fd6ec1a87e5d36a108ffde7f21d19d195a85f09f64cb09780e2c97368ebbfaaabec531d2633e2934e9c9e54b8bcba3310e6cb7a1514cde5cc19e801d032a4ca97ba753e2ec4ca0754f64e3c7712c25c8f70a9b09aba5233014fe5bce8d5dbc4d0bb970032e2d048db160d781ef64227375ea50cd33a4cddac89453cf53dce4f9e94a22ba773fe4d7306ae7e248f4eb7b078834303f6436570d56a9a658e9464a367adffd2688652275e81cafc29057463e784fbafec55a0957ae546fe3b36627d6a41ddfb6f94e84965dffcf7775ea8d3f1816cc5512a66454984eb3bd4f2c52c0ac8b519b6dccddbda0e631c37c715a15b60a0f312aa603ec44d59fb9eb9e112a4797097e3e03b0491b45df82be6ab9f79bac167a9e445317a3128278f3618936521508aedbda71e91fdd45a9609c6248051b68284fac9fdb7069216e38246e0d8b34decdfbe8f47c3b40d69951b92c19a66782964d3d8687f82c2fd7e4bdfe4ede9bb4b2b85a7b0be73cd1406a7c4d713ce7564b5480f4ecebc3ba62724b5dc07c023dd26e41056251d8a6e52c829999b6e91b2dda749b9654a1dbc9c735b2ac747c0b57cff89f88d95cd09b289ab88f35d68b4eb2cbffef5771d536df65016584f83d92bec04302ac7ca7ac555604c5d1e302513dca6ec51584fae16a54fffbfffe51824dd783bdde70329a25e295fc69a6f458f03a4c485694cf60c60abc91ad76aa2fac34f762f514883f72e2454bb5c86e02e27dd1c6040ad6074e532d55ae352d70c6fa97d275123142ba8d6f2f37b7a380ba103e508be077fc35057ae93757c26010c9b1e68070a401ed8587b0f5fcfd9f2a6897692c4593ab6f89b79adb4ee5dfcdee458566784e0074fd18833e7d007fbc3068a8a21ecb8d3a153b12a20e4b95758869bdd2374e8505a35aca771d538ab0ca02a3e36edcd131d6fe41ed99d568cd4fc3ff7a1c1307ee8f2dbd477d28b17b000c9de4a8ea2d5876a572003905b953407c5fc6d8603a5953dbecb6522ce15f9989d7567bcf83914f404ee88b5b413615fad9acf8cdeecce55c87302f3db5b9a4e5d96784c81be06f190fdb67cc7cbe12af3564065660b80d4935e168756f89b58ca6b664f73ca699b9ea69947e685166132fc5d4814bf2db93466b7b8b3f162b4f302028cf816e0d4d1cbb8952104c98cede37bca4f36d8f1b30f34689ed0714b5f6bc20298fa0ffafce48fe7a3ca3dab1b2ae0cc7521629805347f1c884242006e898e9f04161fd336a99472bdb592d1a8785e8c72b299c5d402e0b369a411463d927f4a586a973b1e6fe56eb4f72a5463de4ba082d8b5eefa4a86f3022a554d7bc2ca9f3f7c4ecde0b59fb30e10bf60bf4dab6e854aaa5e7e15956855939472d6822803bd386b71358eff4249a2265fcdaaffc60fc062ae8f63703b935b5d1ac4f7a88c194237f92d0043b870dad592dbe363720f1b699ff4fe567b57e48bd0107a63a3c36c5ba73cd2d1efb3330ccb838235d114c93aa5f8acd6be6bc32c02b28b3bfb5eba0f1d79244bcfed8179ae92ea053c3f5630409b7c2afe2434a99e02472071d6afe2a21c8a79e753522ff76aa0a44609b72e54b6496b6015cb975a0b6bc851415a6447e2f8974628f7fbbf27bfbc92caacfd12d6b223cc7e6ec987ea668fce4fc30a3859598f16c4763f2fbe449cbf5920b3124a6e3fcf515b7090e7383786578b743f9caf38e4ffd11eada3e347aaa67f5dc701c89597aec12749eae12a543226ae5b88af0a5ebfbe1a304009f71054076e1828a76427fd4652409df498cce92d2046bd5900d6b878579d1276b8d8fb024513cd94e2dec030dbaf61166206578685c0bff89ea2108bfc51cc8e007759689a1a62a1f59ff5acdb9a40eb3f3e1a29cd3f8481629ad1cd12d99d82081ae82d1fc7907c28272b87cfc7450b3696fa4647d14e51f8e2ca055facf452ac967d577485f03301c0efeeaaea52d0f028106352bd0b4f9151f53c3cca4668b3ed006f1398ae9aa14b479bacfeb13a4ca4a9bb81cede9f5744c147eba76b6630cf0528c4bd479db21de735b19e8b705735b9592bb006ca5"}, {&(0x7f00000016c0)="98f069bcbd7f4acb7ca1379640bcbc12731d17d3722824bc0b6528470964b534d41a2dfc2396d9d16dbec726e795273f2c10457c2cf444f7"}, {&(0x7f0000001900)="28c880e16192f179ac62ee9951ba59f0c2a81444c02f10db5d35fdd05e85549d025c96d57f0ff7f919afd0c74e750f1e503d65550f445a50ec2e3f491bdafc4d9cf9961f44f422c0c994540b14efe7cd84ca304bd05e62ee7e7c1461e215d10264cc7d424a901f11aabbaa87d35a263d63ccfa4cd40d755d5701767f67ff2d8feb158c212b503ecba3e7c98a204f15b095b69d20e0d15113eef55825402a71f7c8cbcfa6a9eccb13a4fd8b6767bfae9fc1d4af99"}, {&(0x7f00000017c0)="97ad5edee9bd8077ef7cae147b1751570073d1c3f3fb650fcd7bde209623a7bbf10d90207942946071c11f661fb41f4b922e1092ce3c54cf8bdc939469452b9b216c99d364207bd60111435cbed8016ea21f0b2ac6f7ead703e0d9cfab7cd67749fb881fe567ffc9719cea8d9ca294bd41fbb59b69787ac67a310d1fe5ef506b216b98c7c2760b70dff5d7da2e0b400a26fe54eccdb14e5c51ddd0276fd89e185a46caa9dee0d9a6c2ec39595b3db757e4dcbfa5e8a1f093"}], 0x73, 0x0, 0x0, 0x4000}, 0x7d) 2033/05/18 03:38:20 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0xffffffff00000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:20 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4400], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:20 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8847000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:20 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000003, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:20 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="3300000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) socket$vsock_dgram(0x28, 0x2, 0x0) 2033/05/18 03:38:20 executing program 2: setrlimit(0x7, &(0x7f0000000000)) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x8000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000080)={0x201, 0xffff, 0x8, 0xa2, 0x7fff, 0x1, 0x100000000, 0x7, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000100)={r1, @in={{0x2, 0x4e22, @loopback=0x7f000001}}}, 0x84) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000240)=&(0x7f0000000200)) setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000300)={r1, 0x6}, 0x8) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f00000001c0)={0x6}) epoll_create1(0x0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000280), &(0x7f00000002c0)=0x4) 2033/05/18 03:38:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:20 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x6200], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:20 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000400c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffea0000000000000000008fb7151cdb0000800000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) 2033/05/18 03:38:20 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x1100000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:20 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000004, &(0x7f00000000c0)={0x2}, 0x707000) 2033/05/18 03:38:20 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1, 0x0, 0xfffffd4f}, 0x2) r0 = accept4$unix(0xffffffffffffff9c, &(0x7f00000000c0), &(0x7f0000000140)=0x6e, 0x80000) accept$unix(r0, &(0x7f0000000180)=@abs, &(0x7f0000000200)=0x6e) sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x100000000000016b, 0x0, 0x101e9, 0x880}, 0x48) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/autofs\x00', 0x40002, 0x0) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000280)=0x10001, 0x4) 2033/05/18 03:38:20 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:20 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x2200, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r0, 0xc05c5340, &(0x7f00000001c0)={0x3, 0x7, 0x3, {r1, r2+30000000}, 0x3, 0xffffffff}) r3 = socket$kcm(0x2, 0xa, 0x0) sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000000)=@in={0x2, 0x0, @multicast1=0xe0000001}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000100)="c70aeafa909b290397fe822159344403c9595478b7436486b9d4b8b4a881618a81e12288db36d79e3311b64060a391c9c0e0b0", 0x33}], 0x1, &(0x7f0000000640)}, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000240)) 2033/05/18 03:38:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2033/05/18 03:38:20 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3f00}, [{}]}, 0xfffffc53) 2033/05/18 03:38:21 executing program 2: perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$dh_compute(0x17, &(0x7f0000000100), &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000a3dffa)={'rmd3200\x00'}}) r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3, 0x0) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000040)="cccc2799ad3d73001a7d029e3a34037315534fa767128ba7") openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x280, 0x0) ioctl$TIOCCONS(r0, 0x541d) r1 = syz_open_pts(0xffffffffffffff9c, 0xa00) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000440)="cd2ca143bde032898b599deb9528c30cb256ef97d9fb27a8222a90f794da5e34ec50aa0620968f461c1b60cd4efc99928c011db2fc83058bbcac39f44d2ce3f00a61b9f0609f9e3cddea62b3067ca324b759d2ca1c24506628bfee113f89775a7d320527e7e61c65ebd71ba5c9c765b171ebbac2c252c3ea282a9ed1af26269ded33425c7c0c353333a3958f36d9a0dd71c3b8e2e6303edc63a7d1fdf1d6494d85352b46048c50a39fea11a031ae686ad20582fd7fb77256da542ea911c0f725d3036cdf8c311dd1fe79") 2033/05/18 03:38:21 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x2, 0x8) sendto$ipx(r1, &(0x7f0000000080)="4e67bc5e9c47782fa71bbe70554a6d1a6b7b81e112a8fe1179a55008d16a8f9206a9b843309a329784954d9e1b6dc8324112bd76472745303b7fd5139aba2647b78ad9827040fc6b13bfafb86529c82db969ba68fe57f14b25c7cc3479db4347e78dc4bcafab54906fb3d9299d2530eb21fbc128f9efa5c5603aee11d8e238731383327c844f", 0x86, 0x1, &(0x7f0000000180)={0x4, 0x7ff, 0x3, "e4da4d68d370"}, 0x10) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)}, 0x0) bind$bt_l2cap(r1, &(0x7f00000001c0)={0x1f, 0x1a51, {0x2, 0x10000, 0x3, 0x6, 0x4, 0x2}, 0x7, 0x7}, 0xe) 2033/05/18 03:38:21 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x4}, 0x707000) 2033/05/18 03:38:21 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x80350000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:21 executing program 6: r0 = socket(0x9, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r1 = msgget$private(0x0, 0x220) msgsnd(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="0300000000000000b0588a0cd7faecfef14b96e7a7d0eb347f3d52b46d57f6ce3fdfeb39d28927559438d7d2a1976cbcc151d68342283c27ebf65de41cac82e85ac6a9f56babe47ff8aa78d1fad44f94cb41c3fcb3b2be0f07192d0a8ce2510810a25627ab95124183da4cb982367b7f49338143d5ec94abf2da92c897eb017a75ae1ef1c877978f0c11143e5300cb0d0b525abd5000f962a1fff10b798bc624cce420913b3ca964c16f859991fd900efce717d213868ff5fad0cc9ebe20ad73ada5c9e58f6cfd54490e8431b1ba17e312c5bd3c90199453870f1414c1b15f04efa4c169a8dad3c918919b51955d56117c407be99a54b489fb9e0c426355cb94a210f59448d6e44f2ade0000008000000000590aa3e3e16877652b68c601ba0a7b4ee16dd135563a8e8b50cf722b"], 0x12e, 0x0) 2033/05/18 03:38:21 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x11], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 1051.572600] nla_parse: 41 callbacks suppressed [ 1051.572609] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1051.639151] could not allocate digest TFM handle rmd3200 [ 1051.667343] could not allocate digest TFM handle rmd3200 [ 1051.678386] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:21 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0xa}, 0x707000) 2033/05/18 03:38:21 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x4888]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:21 executing program 6: r0 = socket(0x7, 0x1, 0x0) ioctl(r0, 0x10000, &(0x7f0000000040)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:21 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x62], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2033/05/18 03:38:21 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000e95fe0)={@remote={0xfe, 0x80, [], 0xbb}, 0x1, 0xffffffffffffffff, 0x0, 0x4, 0x19}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000e95fe0), 0x20) close(r0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/anycast6\x00') preadv(r1, &(0x7f000055ff80)=[{&(0x7f00002f0f89)=""/204, 0xcc}], 0x1, 0x0) 2033/05/18 03:38:21 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x100000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:21 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:21 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x4000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1051.874525] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1051.905460] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:21 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x40000000}, 0x707000) 2033/05/18 03:38:21 executing program 2: r0 = socket$inet(0x2, 0x801, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f000064effb)="8907040000", 0x5) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast2=0xe0000002}, 0x10) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000040)=0x975f, 0x4) 2033/05/18 03:38:21 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x600000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1051.939319] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1051.986509] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:21 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x3ec}], 0x1}, 0xfffffffffffffffd) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c) r2 = socket(0xa, 0x1, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffefffffff86dd60d8652b00146400000000000000000000000000000000aa7e8000000000000000000000000000aa00004e20", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="4d18000090780000"], &(0x7f00000002c0)) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0xffffffffffffff2a}], 0x1, 0x0, 0xfe94}, 0x0) pipe2(&(0x7f0000000180), 0x80000) 2033/05/18 03:38:21 executing program 4 (fault-call:7 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:21 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/mcfilter\x00') bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-generic\x00'}, 0x58) r2 = accept4$alg(r0, 0x0, 0x0, 0x0) sendfile(r2, r1, &(0x7f00000000c0), 0x2f) 2033/05/18 03:38:21 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x2000000}, 0x707000) 2033/05/18 03:38:21 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xff03000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1052.233210] FAULT_INJECTION: forcing a failure. [ 1052.233210] name failslab, interval 1, probability 0, space 0, times 0 [ 1052.244697] CPU: 1 PID: 10152 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1052.251986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1052.261351] Call Trace: [ 1052.263955] dump_stack+0x1b9/0x294 [ 1052.267603] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1052.272818] ? debug_check_no_locks_freed+0x310/0x310 [ 1052.278033] should_fail.cold.4+0xa/0x1a [ 1052.282124] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1052.287256] ? print_usage_bug+0xc0/0xc0 [ 1052.291340] ? debug_check_no_locks_freed+0x310/0x310 [ 1052.296542] ? print_usage_bug+0xc0/0xc0 [ 1052.300605] ? print_usage_bug+0xc0/0xc0 [ 1052.304682] ? graph_lock+0x170/0x170 [ 1052.308512] ? print_usage_bug+0xc0/0xc0 [ 1052.312658] ? __wake_up_common_lock+0x1c2/0x300 [ 1052.317452] ? find_held_lock+0x36/0x1c0 [ 1052.321526] ? __lock_is_held+0xb5/0x140 [ 1052.325603] ? check_same_owner+0x320/0x320 [ 1052.329939] ? reacquire_held_locks+0xbc/0x3e0 [ 1052.334523] ? alloc_set_pte+0x1013/0x1600 [ 1052.338761] ? rcu_note_context_switch+0x710/0x710 [ 1052.343683] __should_failslab+0x124/0x180 [ 1052.347911] should_failslab+0x9/0x14 [ 1052.351700] kmem_cache_alloc+0x2af/0x760 [ 1052.355855] mmu_topup_memory_caches+0xf7/0x3a0 [ 1052.360514] ? debug_check_no_locks_freed+0x310/0x310 [ 1052.365700] kvm_mmu_load+0x21/0x10e0 [ 1052.369498] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1052.375052] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1052.379639] vcpu_enter_guest+0x3a83/0x6060 [ 1052.383954] ? print_usage_bug+0xc0/0xc0 [ 1052.388007] ? kvm_set_msr_common+0x2680/0x2680 [ 1052.392667] ? vmx_vcpu_load+0xadd/0xfe0 [ 1052.396721] ? __lock_acquire+0x7f5/0x5140 [ 1052.400960] ? vmx_vcpu_reset+0x1030/0x1030 [ 1052.405289] ? graph_lock+0x170/0x170 [ 1052.409086] ? graph_lock+0x170/0x170 [ 1052.412884] ? __lock_acquire+0x7f5/0x5140 [ 1052.417120] ? debug_check_no_locks_freed+0x310/0x310 [ 1052.422302] ? __lock_is_held+0xb5/0x140 [ 1052.426362] ? lock_acquire+0x1dc/0x520 [ 1052.430330] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1052.435332] ? lock_release+0xa10/0xa10 [ 1052.439293] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1052.444563] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1052.449049] ? preempt_notifier_dec+0x20/0x20 [ 1052.453553] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1052.458395] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1052.463425] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1052.467486] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1052.473187] ? graph_lock+0x170/0x170 [ 1052.476974] ? find_held_lock+0x36/0x1c0 [ 1052.481026] ? lock_downgrade+0x8e0/0x8e0 [ 1052.485164] ? kasan_check_read+0x11/0x20 [ 1052.489298] ? rcu_is_watching+0x85/0x140 [ 1052.493454] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1052.498655] ? __fget+0x40c/0x650 [ 1052.502104] ? match_held_lock+0x841/0x8b0 [ 1052.506331] ? expand_files.part.8+0x9a0/0x9a0 [ 1052.510913] ? kasan_check_write+0x14/0x20 [ 1052.515148] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1052.520069] ? wait_for_completion+0x870/0x870 [ 1052.524638] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1052.529831] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1052.535541] do_vfs_ioctl+0x1cf/0x16a0 [ 1052.539434] ? ioctl_preallocate+0x2e0/0x2e0 [ 1052.543847] ? fget_raw+0x20/0x20 [ 1052.547290] ? __sb_end_write+0xac/0xe0 [ 1052.551263] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1052.556788] ? fput+0x130/0x1a0 [ 1052.560052] ? ksys_write+0x1a6/0x250 [ 1052.563840] ? security_file_ioctl+0x94/0xc0 [ 1052.568233] ksys_ioctl+0xa9/0xd0 [ 1052.571688] __x64_sys_ioctl+0x73/0xb0 [ 1052.575563] do_syscall_64+0x1b1/0x800 [ 1052.579443] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1052.584362] ? syscall_return_slowpath+0x30f/0x5c0 [ 1052.589283] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1052.594647] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1052.599480] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1052.604654] RIP: 0033:0x455a09 [ 1052.607830] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1052.615534] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1052.622801] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1052.630090] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1052.637345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1052.644601] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000000 2033/05/18 03:38:22 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x6000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:22 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendfile(r0, r0, &(0x7f0000000080), 0x7) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f00000000c0)={0x7, 0xeab3, 0x5, {}, 0x1f, 0x2}) 2033/05/18 03:38:22 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x10}, [{}]}, 0xfffffc53) 2033/05/18 03:38:22 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0xffffffff00000000}, 0x707000) 2033/05/18 03:38:22 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040), 0x6c, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:22 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="41533404164090a7"], 0x8, 0x0) 2033/05/18 03:38:22 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8864000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:22 executing program 4 (fault-call:7 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1052.735576] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:22 executing program 2: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="b1ef909e2cec87cac2a1b5bf33faf257ee49ec68732a8beb3bf500f3698903b186501ce297c566ff70f8637c7f5eea990b238b17b2e9c6c4846f2bcb390b26048a9302c079e9c23d415220d451c87150602bd80ed2575c5c25579793e2a3050424b23d7df81f79bc961cc036", @ANYRES32=0x0, @ANYBLOB="000000000000000008001d0002000000"], 0x28}, 0x1}, 0x0) 2033/05/18 03:38:22 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x20000000000000}, 0x707000) 2033/05/18 03:38:22 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x81000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1052.782665] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1052.857586] FAULT_INJECTION: forcing a failure. [ 1052.857586] name failslab, interval 1, probability 0, space 0, times 0 [ 1052.868930] CPU: 1 PID: 10173 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1052.876210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1052.885606] Call Trace: [ 1052.888213] dump_stack+0x1b9/0x294 [ 1052.891867] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1052.897074] ? __save_stack_trace+0x7e/0xd0 [ 1052.901403] should_fail.cold.4+0xa/0x1a [ 1052.905467] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1052.910566] ? kasan_kmalloc+0xc4/0xe0 [ 1052.914458] ? kasan_slab_alloc+0x12/0x20 [ 1052.918604] ? kmem_cache_alloc+0x12e/0x760 [ 1052.922933] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1052.927762] ? kvm_mmu_load+0x21/0x10e0 [ 1052.931725] ? vcpu_enter_guest+0x3a83/0x6060 [ 1052.936206] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1052.941234] ? graph_lock+0x170/0x170 [ 1052.945032] ? do_syscall_64+0x1b1/0x800 [ 1052.949089] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1052.954465] ? find_held_lock+0x36/0x1c0 [ 1052.958528] ? __lock_is_held+0xb5/0x140 [ 1052.962588] ? check_same_owner+0x320/0x320 [ 1052.966924] ? rcu_note_context_switch+0x710/0x710 [ 1052.971860] __should_failslab+0x124/0x180 [ 1052.976105] should_failslab+0x9/0x14 [ 1052.979917] kmem_cache_alloc+0x2af/0x760 [ 1052.984059] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1052.988891] mmu_topup_memory_caches+0xf7/0x3a0 [ 1052.993547] ? debug_check_no_locks_freed+0x310/0x310 [ 1052.998728] kvm_mmu_load+0x21/0x10e0 [ 1053.002522] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1053.008070] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1053.012654] vcpu_enter_guest+0x3a83/0x6060 [ 1053.016968] ? print_usage_bug+0xc0/0xc0 [ 1053.021030] ? kvm_set_msr_common+0x2680/0x2680 [ 1053.025691] ? vmx_vcpu_load+0xadd/0xfe0 [ 1053.029747] ? __lock_acquire+0x7f5/0x5140 [ 1053.033989] ? vmx_vcpu_reset+0x1030/0x1030 [ 1053.038338] ? graph_lock+0x170/0x170 [ 1053.042144] ? graph_lock+0x170/0x170 [ 1053.046354] ? __lock_acquire+0x7f5/0x5140 [ 1053.050589] ? debug_check_no_locks_freed+0x310/0x310 [ 1053.055787] ? __lock_is_held+0xb5/0x140 [ 1053.060361] ? lock_acquire+0x1dc/0x520 [ 1053.064319] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1053.069333] ? lock_release+0xa10/0xa10 [ 1053.073388] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1053.078670] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1053.083152] ? preempt_notifier_dec+0x20/0x20 [ 1053.087637] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1053.092476] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1053.097501] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1053.101565] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1053.107265] ? graph_lock+0x170/0x170 [ 1053.111066] ? find_held_lock+0x36/0x1c0 [ 1053.115125] ? lock_downgrade+0x8e0/0x8e0 [ 1053.119264] ? kasan_check_read+0x11/0x20 [ 1053.123397] ? rcu_is_watching+0x85/0x140 [ 1053.127546] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1053.132728] ? __fget+0x40c/0x650 [ 1053.136197] ? match_held_lock+0x841/0x8b0 [ 1053.140445] ? expand_files.part.8+0x9a0/0x9a0 [ 1053.145045] ? kasan_check_write+0x14/0x20 [ 1053.149356] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1053.154275] ? wait_for_completion+0x870/0x870 [ 1053.158844] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1053.164025] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1053.169907] do_vfs_ioctl+0x1cf/0x16a0 [ 1053.173809] ? ioctl_preallocate+0x2e0/0x2e0 [ 1053.178230] ? fget_raw+0x20/0x20 [ 1053.181681] ? __sb_end_write+0xac/0xe0 [ 1053.185739] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1053.191272] ? fput+0x130/0x1a0 [ 1053.194540] ? ksys_write+0x1a6/0x250 [ 1053.198328] ? security_file_ioctl+0x94/0xc0 [ 1053.202722] ksys_ioctl+0xa9/0xd0 [ 1053.206164] __x64_sys_ioctl+0x73/0xb0 [ 1053.210049] do_syscall_64+0x1b1/0x800 [ 1053.213941] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1053.218782] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1053.223695] ? syscall_return_slowpath+0x30f/0x5c0 [ 1053.228621] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1053.233977] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1053.238808] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1053.243988] RIP: 0033:0x455a09 [ 1053.247164] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:22 executing program 2: open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) 2033/05/18 03:38:22 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x500], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:22 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x8, 0x10000) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) [ 1053.254871] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1053.262130] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1053.269392] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1053.276661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1053.283939] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000001 2033/05/18 03:38:23 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x200000000000000}, 0x707000) [ 1053.382743] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1053.431306] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:23 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x1100]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:23 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup3(r0, r1, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in={{0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}}}, 0x98) 2033/05/18 03:38:23 executing program 4 (fault-call:7 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:23 executing program 6: r0 = epoll_create(0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6, 0x110, r0, 0x0) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x9, &(0x7f0000000300)="c626266d57c933519bf4fad7ccebf99d2ad7577a360b20f69602c1635bf63c3a35e41b84948759bad132e5cc4218d500c2715d9c9ad5c1f8d0716361631d84729b5b3b55bb543158b08b15843822aaeb425b3b9414c84bc15ff6b2116073dde13489a2c4b1602a") msgrcv(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000f0000000000000000000000000000000000000000000000000000005b13afbf2f898e99d1f1c6b949df2d1500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001d00000000bf4a40aa718453ae000000000000e01745650000000000000000000000000000000000000000000000000000000000000000aab813d1e97ea446068fec6f658c5abe76c51875373dfeece4898e7de2c112716451074b787aa9d3aff3374850a6321140d3e5797dc8d92fcc2380fef1ae2e0e38580028fd3785e6d42387edd929988fb5493a"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x2}, 0x8, 0x800) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0xffffffffffffffff, 0x3, 0x1, 0x6, &(0x7f0000000040)=[0x0, 0x0], 0x2}, 0x20) ioctl$KVM_DEASSIGN_DEV_IRQ(r2, 0x4040ae75, &(0x7f00000001c0)={0x0, 0x1, 0x5}) 2033/05/18 03:38:23 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000040)={[0x7fffffff, 0x80, 0x3, 0x0, 0xfffffffffffffff7, 0x8, 0x40, 0x1, 0x59c0000000000, 0x1, 0x7fffffff, 0x81, 0x10000, 0x90e, 0x81, 0x7], 0x4, 0x1000}) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x0, 0x0) ioctl$BLKTRACESTOP(r2, 0x1275, 0x0) 2033/05/18 03:38:23 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x1100], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:23 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x8000000000000000}, 0x707000) 2033/05/18 03:38:23 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x10000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:23 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x2000, 0x0) ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f00000002c0)) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x0, 0x10000) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000300), &(0x7f0000000100)=0x4) statx(r2, &(0x7f0000000080)='./file0\x00', 0x100, 0x2, &(0x7f0000000180)) 2033/05/18 03:38:23 executing program 2: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x40000, 0x4) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x80) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r2 = syz_open_dev$binder(&(0x7f0000008ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000040)="b6"}) r3 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000007000)={0x0, 0x0, &(0x7f0000005fd4), 0x0, 0x0, &(0x7f0000002000)}) r4 = dup2(r3, r2) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000002c0)={0x10, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0e630c40000600000000000000000000571f8ae480df1bfb20a69ecb180ae6e6ab1db04ab3fe25dda2f48f0e5e2f6c04d873ff07000000000000ea070000dba08da3b13cbf397b30cb181b913931c047b11482cc873c756e70a6f57925beb4f2356eae9bcaeaa4891500e01af000006cb50fd12f1c"], 0x0, 0x0, &(0x7f0000000280)}) 2033/05/18 03:38:23 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x4000000000000000}, 0x707000) [ 1053.935629] FAULT_INJECTION: forcing a failure. [ 1053.935629] name failslab, interval 1, probability 0, space 0, times 0 [ 1053.947043] CPU: 1 PID: 10230 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1053.954332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1053.963696] Call Trace: [ 1053.966303] dump_stack+0x1b9/0x294 [ 1053.970400] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1053.975613] ? __save_stack_trace+0x7e/0xd0 [ 1053.979958] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:23 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@mcast1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}}}, &(0x7f0000000100)=0xe8) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={r1, @dev={0xac, 0x14, 0x14, 0x1e}, @local={0xac, 0x14, 0x14, 0xaa}}, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) [ 1053.984036] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1053.989158] ? kasan_kmalloc+0xc4/0xe0 [ 1053.993062] ? kasan_slab_alloc+0x12/0x20 [ 1053.997230] ? kmem_cache_alloc+0x12e/0x760 [ 1054.001571] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1054.006431] ? kvm_mmu_load+0x21/0x10e0 [ 1054.010424] ? vcpu_enter_guest+0x3a83/0x6060 [ 1054.014955] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1054.019984] ? graph_lock+0x170/0x170 [ 1054.023804] ? do_syscall_64+0x1b1/0x800 [ 1054.027880] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 2033/05/18 03:38:23 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x200000}, 0x707000) [ 1054.033262] ? find_held_lock+0x36/0x1c0 [ 1054.037440] ? __lock_is_held+0xb5/0x140 [ 1054.041528] ? check_same_owner+0x320/0x320 [ 1054.045869] ? rcu_note_context_switch+0x710/0x710 [ 1054.050817] __should_failslab+0x124/0x180 [ 1054.055070] should_failslab+0x9/0x14 [ 1054.058884] kmem_cache_alloc+0x2af/0x760 [ 1054.063054] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1054.067917] mmu_topup_memory_caches+0xf7/0x3a0 [ 1054.072595] ? debug_check_no_locks_freed+0x310/0x310 [ 1054.077802] kvm_mmu_load+0x21/0x10e0 [ 1054.081623] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1054.087178] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1054.091784] vcpu_enter_guest+0x3a83/0x6060 [ 1054.096119] ? print_usage_bug+0xc0/0xc0 [ 1054.100209] ? kvm_set_msr_common+0x2680/0x2680 [ 1054.104887] ? vmx_vcpu_load+0xadd/0xfe0 [ 1054.108960] ? __lock_acquire+0x7f5/0x5140 [ 1054.113206] ? vmx_vcpu_reset+0x1030/0x1030 [ 1054.117530] ? graph_lock+0x170/0x170 [ 1054.121343] ? graph_lock+0x170/0x170 [ 1054.125150] ? __lock_acquire+0x7f5/0x5140 [ 1054.129399] ? debug_check_no_locks_freed+0x310/0x310 [ 1054.134603] ? __lock_is_held+0xb5/0x140 [ 1054.138678] ? lock_acquire+0x1dc/0x520 [ 1054.142653] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1054.147675] ? lock_release+0xa10/0xa10 [ 1054.151663] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1054.156952] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1054.161460] ? preempt_notifier_dec+0x20/0x20 [ 1054.165979] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1054.170840] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1054.175883] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1054.179975] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1054.185702] ? graph_lock+0x170/0x170 [ 1054.189518] ? find_held_lock+0x36/0x1c0 [ 1054.193599] ? lock_downgrade+0x8e0/0x8e0 [ 1054.197767] ? kasan_check_read+0x11/0x20 [ 1054.201927] ? rcu_is_watching+0x85/0x140 [ 1054.206106] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1054.211320] ? __fget+0x40c/0x650 [ 1054.214795] ? match_held_lock+0x841/0x8b0 [ 1054.219058] ? expand_files.part.8+0x9a0/0x9a0 [ 1054.223652] ? kasan_check_write+0x14/0x20 [ 1054.227900] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1054.233199] ? wait_for_completion+0x870/0x870 [ 1054.237801] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1054.243003] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1054.248733] do_vfs_ioctl+0x1cf/0x16a0 [ 1054.252641] ? ioctl_preallocate+0x2e0/0x2e0 [ 1054.257060] ? fget_raw+0x20/0x20 [ 1054.260525] ? __sb_end_write+0xac/0xe0 [ 1054.264517] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1054.270066] ? fput+0x130/0x1a0 [ 1054.273361] ? ksys_write+0x1a6/0x250 [ 1054.277183] ? security_file_ioctl+0x94/0xc0 [ 1054.281623] ksys_ioctl+0xa9/0xd0 [ 1054.285092] __x64_sys_ioctl+0x73/0xb0 [ 1054.288993] do_syscall_64+0x1b1/0x800 [ 1054.292888] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1054.297745] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1054.302686] ? syscall_return_slowpath+0x30f/0x5c0 [ 1054.307631] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1054.313012] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1054.317874] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1054.323061] RIP: 0033:0x455a09 [ 1054.326254] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1054.333961] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1054.341307] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1054.348570] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1054.355831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1054.363101] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000002 2033/05/18 03:38:24 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) getsockname$inet(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1, 0x0, 0x0, 0x4000}, 0x0) 2033/05/18 03:38:24 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8100]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:24 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x4000}, 0x707000) 2033/05/18 03:38:24 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3f000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:24 executing program 4 (fault-call:7 fault-nth:3): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:24 executing program 2: syz_emit_ethernet(0x6e, &(0x7f0000101000)={@random="cd390b081bf2", @link_local={0x1, 0x80, 0xc2}, [], {@ipv6={0x86dd, {0x0, 0x6, "02290f", 0x38, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @rand_addr}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "9433df", 0x0, 0x21, 0x0, @mcast2={0xff, 0x2, [], 0x1}, @dev={0xfe, 0x80}, [], "802a08000000006b"}}}}}}}, 0x0) r0 = dup(0xffffffffffffff9c) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000000)=0x1, 0x4) 2033/05/18 03:38:24 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x6], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:24 executing program 6: r0 = socket(0xa, 0x1, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x401, 0x200) ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000080)={&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x5, 0x80, &(0x7f0000ffe000/0x1000)=nil, 0x3}) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0300050000000000"], 0x8, 0x0) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000200)={0x1, 0x7}) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/qat_adf_ctl\x00', 0x101000, 0x0) [ 1054.806020] binder: 10241:10242 BC_REQUEST_DEATH_NOTIFICATION invalid ref 1536 [ 1054.818585] binder: 10241:10258 BC_REQUEST_DEATH_NOTIFICATION invalid ref 1536 2033/05/18 03:38:24 executing program 2: ioctl$ION_IOC_ALLOC(0xffffffffffffff9c, 0xc0184900, &(0x7f0000000040)={0xfff, 0x0, 0x1, 0xffffffffffffff9c}) fremovexattr(r0, &(0x7f0000000080)=@random={'security.', '[system]security*.\x00'}) r1 = fcntl$dupfd(r0, 0x406, r0) bind$nfc_llcp(r1, &(0x7f0000000180)={0x27, 0x1, 0x0, 0x7, 0x4, 0x9, "4e8ce9e324c43a71d9fdd2e8b8737ba91ba28e87838dde47a27b6d1421029987467a286efe74cba66ca4a9a92e07b58d13967f1f57f8ec29137c10c3489d49", 0x19}, 0x60) prctl$seccomp(0x2f, 0x1, &(0x7f00000000c0)={0x0, &(0x7f0000000080)}) 2033/05/18 03:38:24 executing program 5: r0 = socket$inet(0x10, 0x3, 0x6) socket(0x0, 0x0, 0x4) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x400000, 0x200040) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000080)={0x4, 0x9, 0x0, 'queue1\x00', 0xff}) 2033/05/18 03:38:24 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xe]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1054.972089] FAULT_INJECTION: forcing a failure. [ 1054.972089] name failslab, interval 1, probability 0, space 0, times 0 [ 1054.983461] CPU: 1 PID: 10265 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1054.991009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1055.000373] Call Trace: [ 1055.002981] dump_stack+0x1b9/0x294 [ 1055.006634] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1055.011842] ? __save_stack_trace+0x7e/0xd0 [ 1055.016192] should_fail.cold.4+0xa/0x1a [ 1055.020273] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1055.025388] ? kasan_kmalloc+0xc4/0xe0 [ 1055.029289] ? kasan_slab_alloc+0x12/0x20 [ 1055.033449] ? kmem_cache_alloc+0x12e/0x760 [ 1055.037787] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1055.043239] ? kvm_mmu_load+0x21/0x10e0 [ 1055.047230] ? vcpu_enter_guest+0x3a83/0x6060 [ 1055.051737] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1055.056765] ? graph_lock+0x170/0x170 [ 1055.060579] ? do_syscall_64+0x1b1/0x800 [ 1055.064651] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 2033/05/18 03:38:24 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x2000}, 0x707000) 2033/05/18 03:38:24 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x30040, 0x0) ioctl$IOC_PR_CLEAR(r1, 0x401070cd, &(0x7f0000000100)={0x55}) setsockopt$inet_dccp_int(r0, 0x21, 0x1, &(0x7f0000000000), 0x4) connect$nfc_raw(r1, &(0x7f0000000080)={0x27, 0x0, 0x2, 0x7}, 0x10) 2033/05/18 03:38:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x101000, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000140)={0x80000001, 0x0, 0x10001, 0x3}) ioctl$DRM_IOCTL_SG_FREE(r3, 0x40106439, &(0x7f0000000180)={0x2, r4}) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0x0, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000001e00fb034d564b0000000001"]) ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [0x40000010]}) [ 1055.070029] ? find_held_lock+0x36/0x1c0 [ 1055.074104] ? __lock_is_held+0xb5/0x140 [ 1055.078186] ? check_same_owner+0x320/0x320 [ 1055.082521] ? rcu_note_context_switch+0x710/0x710 [ 1055.087463] __should_failslab+0x124/0x180 [ 1055.091715] should_failslab+0x9/0x14 [ 1055.095524] kmem_cache_alloc+0x2af/0x760 [ 1055.099677] ? kvm_clock_read+0x25/0x30 [ 1055.103667] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1055.108698] ? ktime_get_with_offset+0x326/0x4a0 [ 1055.113471] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1055.118328] mmu_topup_memory_caches+0xf7/0x3a0 [ 1055.123016] kvm_mmu_load+0x21/0x10e0 [ 1055.126838] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1055.132389] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1055.136993] vcpu_enter_guest+0x3a83/0x6060 [ 1055.141342] ? kvm_set_msr_common+0x2680/0x2680 [ 1055.146021] ? vmx_vcpu_load+0xadd/0xfe0 [ 1055.150094] ? __lock_acquire+0x7f5/0x5140 [ 1055.154339] ? vmx_vcpu_reset+0x1030/0x1030 [ 1055.158664] ? graph_lock+0x170/0x170 [ 1055.162469] ? graph_lock+0x170/0x170 [ 1055.166275] ? __lock_acquire+0x7f5/0x5140 2033/05/18 03:38:24 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) fcntl$addseals(r0, 0x409, 0x2) [ 1055.170521] ? debug_check_no_locks_freed+0x310/0x310 [ 1055.175722] ? __lock_is_held+0xb5/0x140 [ 1055.179791] ? lock_acquire+0x1dc/0x520 [ 1055.183772] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1055.188796] ? lock_release+0xa10/0xa10 [ 1055.192778] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1055.198062] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1055.202564] ? preempt_notifier_dec+0x20/0x20 [ 1055.207080] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1055.211934] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1055.216971] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1055.221050] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1055.226769] ? graph_lock+0x170/0x170 [ 1055.230576] ? find_held_lock+0x36/0x1c0 [ 1055.234654] ? lock_downgrade+0x8e0/0x8e0 [ 1055.238814] ? kasan_check_read+0x11/0x20 [ 1055.242973] ? rcu_is_watching+0x85/0x140 [ 1055.247132] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1055.252338] ? __fget+0x40c/0x650 [ 1055.255804] ? match_held_lock+0x841/0x8b0 [ 1055.260047] ? expand_files.part.8+0x9a0/0x9a0 [ 1055.264639] ? kasan_check_write+0x14/0x20 [ 1055.268881] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1055.273820] ? wait_for_completion+0x870/0x870 [ 1055.278414] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1055.283612] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1055.289328] do_vfs_ioctl+0x1cf/0x16a0 [ 1055.293230] ? ioctl_preallocate+0x2e0/0x2e0 [ 1055.297647] ? fget_raw+0x20/0x20 [ 1055.301109] ? __sb_end_write+0xac/0xe0 [ 1055.305093] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1055.310624] ? fput+0x130/0x1a0 [ 1055.313902] ? ksys_write+0x1a6/0x250 [ 1055.317713] ? security_file_ioctl+0x94/0xc0 [ 1055.322133] ksys_ioctl+0xa9/0xd0 [ 1055.325599] __x64_sys_ioctl+0x73/0xb0 [ 1055.329496] do_syscall_64+0x1b1/0x800 [ 1055.333394] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1055.338235] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1055.343172] ? syscall_return_slowpath+0x30f/0x5c0 [ 1055.348102] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1055.353470] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1055.358308] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1055.363483] RIP: 0033:0x455a09 [ 1055.366656] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1055.374355] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1055.381621] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1055.388882] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1055.396149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1055.403413] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000003 2033/05/18 03:38:25 executing program 5: r0 = socket$inet(0x10, 0x200020000003, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f00000000c0)={'veth0_to_team\x00', {0x2, 0x4e21, @loopback=0x7f000001}}) getsockopt$inet_int(r0, 0x0, 0x1f, &(0x7f0000000240), &(0x7f00000003c0)=0xffffffffffffffd3) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0xffffffffffffff9c, 0x2, 0x1, 0xfd, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20) getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f00000001c0)=0x1, &(0x7f0000000200)=0x4) connect$nfc_llcp(r0, &(0x7f0000000400)={0x27, 0x0, 0x0, 0x6, 0xffff, 0x4, "576ac43a3651c4ec4062c2e919954b96700406089b03326e10289a9e2e382bd5fbbfac9f14f62efa4cb7eaa4e0f55d587e142cfe9d240bf057761676a4ce70", 0x4}, 0x60) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f00000002c0)={0xa59}, 0x1) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) connect$nfc_llcp(r1, &(0x7f0000000300)={0x27, 0x0, 0x0, 0x7, 0xb9c9, 0xfffffffffffffc00, "9c8b9817fe48a1872d5488271fbd85002c2da129813cd9faff981c6090afd5b7380120c9a509a67270c3509eac889c8359f5e895d33ce70524657f72700305", 0x27}, 0x60) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000280), &(0x7f0000000380)=0x30) 2033/05/18 03:38:25 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xfffffff5], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:25 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x689]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:25 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x40000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:25 executing program 4 (fault-call:7 fault-nth:4): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:25 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x2}, 0x707000) 2033/05/18 03:38:25 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgget(0x0, 0x104) r1 = msgget(0x0, 0x240) msgrcv(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002e356515e983d5373fed249ce300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x6e, 0x0, 0x100000000ffe) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000040), &(0x7f0000000080)=0x4) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000001c0)=0x0) ptrace$peek(0x2, r2, &(0x7f0000000200)) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/autofs\x00', 0x2, 0x0) syz_mount_image$iso9660(&(0x7f00000000c0)='iso9660\x00', &(0x7f0000000480)='./file0\x00', 0x4, 0x1, &(0x7f0000000500)=[{&(0x7f00000004c0), 0x0, 0x7ff}], 0x800000, &(0x7f0000000540)={[{@cruft='cruft', 0x2c}, {@map_normal='map=normal', 0x2c}, {@check_strict='check=strict', 0x2c}, {@nocompress='nocompress', 0x2c}, {@unhide='unhide', 0x2c}, {@iocharset={'iocharset', 0x3d, 'macinuit'}, 0x2c}]}) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000002c0)={0x0}) ioctl$DRM_IOCTL_DMA(r3, 0xc0406429, &(0x7f0000000400)={r4, 0x2, &(0x7f0000000300)=[0x400, 0x4], &(0x7f0000000340)=[0x64], 0x10, 0x2, 0x3, &(0x7f0000000380)=[0x7, 0xfffffffffffffff7], &(0x7f00000003c0)=[0x6, 0xad, 0x7, 0x5, 0x200000000000000, 0xeb0, 0x0]}) msgget$private(0x0, 0x8) ioctl$sock_inet6_udp_SIOCINQ(r3, 0x541b, &(0x7f00000004c0)) msgsnd(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="03077217c1d887a8981e"], 0x8, 0x0) 2033/05/18 03:38:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) sysinfo(&(0x7f00000007c0)=""/4096) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000003c0)={"6a3d6646f9bac39af64bae875f46943d3434b8d60a4d71b018d1daadc6cbcb17159c311757996566d713780fd269bef05c83a094df2ed0d1a723e6f2cb540a12e8c20a0aa08f0c82df73abc25145474af425f8e57d12940bd18703c0bcb8afd809876ff52c19a5f3ca0b70582223c41c9cb699594b10329cd6b3fae3201637f12dd8e14e60d81e4a9f5c50abcb0f5669f0df1c38599bd2f58dc79ee1a3383bc468d2b3496dad82236efb60aeb195789700c69a07cac688940e9e849fddab408f75fbb6045abf96727fda0a41416439380bd1e8318088645a6b39955e634774e75e91340af2238c71e03fbe2f6ac63eae17ebec203cdd2a096882f056b021132ff0d8c0b2adf9d9351fe41567d40783e9fabaa53265d5a1b43444c0f9b7ae55a5d2c5efb56e36776811e0db6a7a2504c720c2e070d04926a285e970bb3fc5c6b151691395c7748019e0f3f5b5710f99efe19cd921c73662a6f3e8dbd1dcd2e3604294c2f1adb946fe883752756e2d2c6125eee864132ec6276a1af4eb0ef7aec754b83655a2a7994dca7c52d5d48be48f22ede2ba3f754d64044aa00d2e6e0b467b9ac7154d9cf331a159162a26be1ff7afb76101d55791a6e8a86d39ab847d300a7c6fb6a9584d0c22ede5271b4bc061920e83fc7e832e95e74a8176e6ea0d6740c15efcc7ffa7bc535763a9db730bbd85a71dc79c00f1c2b89dbbe5f965fb1a3201d4c0644f73ba236a8b3d771636bd0d65d16fdd6a69e310447e2912d9561ceb54fe768887630ef5ea74cd094dfbd5afcbd32810f0faad82fdc197e50e49c232543b5dbbb0413e73a7bc47e732f564f7d34bf4526c5a328ec74e99db4db0042d47e3d2dc8ad159f1a26f3b17700f1895fa6bcc3f1e6a5ed062e419413a4441fe570640fd79949e3ae229c755cde70a4bf44c168473784071b06f1e29de9dcc512df8824a4cf82cd8b00cf15275b8ff6b747f4428e2a8c4b8a41ad2e3d696287e1ead8e1b7b4b5cb25900905d70a11ae7a3d6bbc6dcf424c01dd1063d523ced3a745de4d59dcdcdf137f64c863c54fe465cfab7979af53584f13906e11637749038f08b751e245fbd184b6d7a71fcfce1cd089e87ece48259a80a69e8b7a5abb9c3692c2f74dde8bd1b86c08d4b1162edd4867efeede2ce478b49d8157e355967e3d6c64b9d62dbec402d2b5d23bd61ae1e74773be5b9a9c063fe6d69fa61e63db886f8ee2ca27a16a32f22a15f36abbfd27948a87d3f069db29b27e96d16e2de84b0d902b7877b3fabcd5f3e45026403dec8d689241c1a87ab9e698c1c7e39745f89148b048d59336666e02dc3ce7e682a4fc0b8acf2ec15b382e9c336d6fb942e662dfe6ee130fc0b1a89ff0f37bc176782c1bce1a2b576a6440f870b38f5d21ef979625f29bfa113f2a59122e25fdb1c2e9c5a2202d218914424ba9283d0"}) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x60001}) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000000)={0xa0000}) [ 1055.785260] isofs_fill_super: bread failed, dev=loop6, iso_blknum=16, block=32 2033/05/18 03:38:25 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x34000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:25 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x2}, 0x707000) 2033/05/18 03:38:25 executing program 5: r0 = socket$inet(0x10, 0x80805, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0xffffffd1, &(0x7f0000004000)=[{&(0x7f00000000c0)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x0, 0x0, 0x2f9}, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x20200, 0x0) ioctl$sock_bt_hci(r1, 0x400448e1, &(0x7f0000000180)="800062bac0cf02625c42a8f29192e93f51dfa9610d87d2f84810ad7c5a5e14ddcd02925e00aa0120a524d4f4330eb2a7a644b6ab23d133d8eac3eda826be9e46562a319400000000b3e7c4bbb078b9cfc4073afb871411aa36a22724a6282e0b2dc9be8451762ea2b847d4f681587e7eb0885fe4b85a4d2dd29ab62d52531c70d2b7d090ed87c0") 2033/05/18 03:38:25 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x44], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1055.863371] FAULT_INJECTION: forcing a failure. [ 1055.863371] name failslab, interval 1, probability 0, space 0, times 0 [ 1055.869755] isofs_fill_super: bread failed, dev=loop6, iso_blknum=16, block=32 [ 1055.874840] CPU: 1 PID: 10334 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1055.889435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1055.898799] Call Trace: [ 1055.901405] dump_stack+0x1b9/0x294 [ 1055.905056] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1055.910260] ? __save_stack_trace+0x7e/0xd0 [ 1055.914601] should_fail.cold.4+0xa/0x1a [ 1055.918676] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1055.923794] ? retint_kernel+0x10/0x10 [ 1055.927694] ? graph_lock+0x170/0x170 [ 1055.931513] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1055.936286] ? retint_kernel+0x10/0x10 [ 1055.940192] ? __lock_is_held+0xb5/0x140 [ 1055.944279] ? check_same_owner+0x320/0x320 [ 1055.948619] ? rcu_note_context_switch+0x710/0x710 [ 1055.953650] __should_failslab+0x124/0x180 [ 1055.957901] should_failslab+0x9/0x14 [ 1055.961698] kmem_cache_alloc+0x2af/0x760 [ 1055.965838] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1055.970684] mmu_topup_memory_caches+0xf7/0x3a0 [ 1055.975339] ? debug_check_no_locks_freed+0x310/0x310 [ 1055.980607] kvm_mmu_load+0x21/0x10e0 [ 1055.984403] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1055.989935] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1055.994508] vcpu_enter_guest+0x3a83/0x6060 [ 1055.998817] ? print_usage_bug+0xc0/0xc0 [ 1056.002867] ? kvm_set_msr_common+0x2680/0x2680 [ 1056.007531] ? vmx_vcpu_load+0xadd/0xfe0 [ 1056.011580] ? __lock_acquire+0x7f5/0x5140 [ 1056.015803] ? vmx_vcpu_reset+0x1030/0x1030 [ 1056.020108] ? graph_lock+0x170/0x170 [ 1056.023893] ? graph_lock+0x170/0x170 [ 1056.027678] ? __lock_acquire+0x7f5/0x5140 [ 1056.031988] ? debug_check_no_locks_freed+0x310/0x310 [ 1056.037182] ? __lock_is_held+0xb5/0x140 [ 1056.041229] ? lock_acquire+0x1dc/0x520 [ 1056.045191] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1056.050196] ? lock_release+0xa10/0xa10 [ 1056.054161] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1056.059437] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1056.063915] ? preempt_notifier_dec+0x20/0x20 [ 1056.068420] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1056.073249] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1056.078259] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1056.082308] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1056.088006] ? graph_lock+0x170/0x170 [ 1056.091803] ? find_held_lock+0x36/0x1c0 [ 1056.095859] ? lock_downgrade+0x8e0/0x8e0 [ 1056.099995] ? kasan_check_read+0x11/0x20 [ 1056.104147] ? rcu_is_watching+0x85/0x140 [ 1056.108293] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1056.113475] ? __fget+0x40c/0x650 [ 1056.116914] ? match_held_lock+0x841/0x8b0 [ 1056.121135] ? expand_files.part.8+0x9a0/0x9a0 [ 1056.125706] ? kasan_check_write+0x14/0x20 [ 1056.129927] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1056.134845] ? wait_for_completion+0x870/0x870 [ 1056.139421] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1056.144599] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1056.150299] do_vfs_ioctl+0x1cf/0x16a0 [ 1056.154175] ? ioctl_preallocate+0x2e0/0x2e0 [ 1056.158580] ? fget_raw+0x20/0x20 [ 1056.162031] ? __sb_end_write+0xac/0xe0 [ 1056.166007] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1056.171540] ? fput+0x130/0x1a0 [ 1056.174819] ? ksys_write+0x1a6/0x250 [ 1056.178608] ? security_file_ioctl+0x94/0xc0 [ 1056.183006] ksys_ioctl+0xa9/0xd0 [ 1056.186449] __x64_sys_ioctl+0x73/0xb0 [ 1056.190324] do_syscall_64+0x1b1/0x800 [ 1056.194207] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1056.199036] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1056.203953] ? syscall_return_slowpath+0x30f/0x5c0 [ 1056.208888] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1056.214239] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1056.219071] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1056.224244] RIP: 0033:0x455a09 [ 1056.227421] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1056.235125] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1056.242573] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1056.249839] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1056.257094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 2033/05/18 03:38:25 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x86ddffff]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:25 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3800000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1056.264358] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000004 2033/05/18 03:38:25 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000040)={'nat\x00', 0x3, [{}, {}, {}]}, 0x58) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000200)) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:25 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c9b50000000000000000000000000000000000000000000000000000770000000000000000000000000000000000"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:26 executing program 2: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x80b2, 0x8ac00) ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000100)) bind$llc(r0, &(0x7f00000000c0)={0x1a, 0x1}, 0x10) r2 = socket(0xa, 0x1, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") getsockname$llc(r0, &(0x7f0000000000), &(0x7f0000000040)=0x10) [ 1056.390889] QAT: Invalid ioctl 2033/05/18 03:38:26 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x2000}, 0x707000) 2033/05/18 03:38:26 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xc0ffffff00000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1056.422874] QAT: Invalid ioctl 2033/05/18 03:38:26 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x10}, [{}]}, 0xfffffc53) 2033/05/18 03:38:26 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:26 executing program 4 (fault-call:7 fault-nth:5): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:26 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) chroot(&(0x7f0000000400)='./file0\x00') sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f00000003c0)={0x0, 0xfffffd71, &(0x7f0000004000)=[{&(0x7f0000000340)="2400000002031f0000000015000404ff7efb544b81b49c54af9ce793b4275f3fb50a1a09e0d22f630f1cb28c971164bdf200abff650c2a71dada7963d8f6bf3e4f39374730d5b6f8db4e7fa0065cd147cf0b43a3f9e1f205053e8ac2a23369c69d9c19e201a0", 0x66}], 0x1}, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x10000) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r2 = getpgrp(0xffffffffffffffff) ptrace$setregset(0x4205, r2, 0x200, &(0x7f0000000300)={&(0x7f0000000200)="b98912d63fd5b6b8ca5923bb4a433e0404349dd70eb55bdd8ba132ce9449d32c756bc90f9db672f95b588442a121cf153b7e9bbee56af19f784d3f24f911eb0378606fa6c97cee973708053e98f5425ecc8ca32922a2aa6709464d4dc2c5af6394793bf9edfdfa0e9285f72fb320f41979431c253139c17a8d7295283a40468180dfb111f7e24321a3db681e1d9d1bc9056f58beff7d40ec6492a6546f41873322a99fa9b9cb3832138f665ce30d7a419a887183d31c1546057fb6a5ec00e06b2e4f85441a6d30abc85b535172", 0xcd}) futex(&(0x7f0000000100)=0xffffffffffffffff, 0xb, 0x0, &(0x7f0000000180)={0x77359400}, &(0x7f00000001c0), 0x1) 2033/05/18 03:38:26 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = socket$packet(0x11, 0xa, 0x300) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0xca, 0xfff, 0xffffffff, 0x81}, {0x53f, 0x9, 0x9}, {0x6, 0x7fd9, 0x100000001, 0x2}, {0x3d7d, 0x6182, 0x3f, 0x4}]}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="ffe0fffffffffffffffffffb08004500001c0000000000009078ac14ffbbe000000100000000020890789c8280750dbf53dc80e6371b208100422ddec8fcc64cfd2b4a8a05e48e85ee9a5ad24e6bf6fffba54b68cdb193e0245bc4445035141da7803a517fdd98a06e9adc6f1583ea1f347decdb9f9a7010311c842fef338dd39e7be9524fda832582979a7392ee4518539a2afc4f843aa9ff010000000000004f0c74000000e32340450d79f09754ac172195867d2bfbfc2a8b19a9ff99f9ad1d0368e873db2e275fb1173a8495cbf2f1102190eb9d1e32c416a0978d5620bd6b2166c6ab30f9851fb5892d294c7132b63b57d74041cdce44555dd3e40d5d604063a1c65a8c0c5a69f6873c47efb2dad3c13aeb9523aa3faaa88378f85e2bd9514aa62ca1d62be9b7522eb67768407423f3c0b15c7ffe68be2d93b80808"], 0x0) 2033/05/18 03:38:26 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x200000000000000}, 0x707000) 2033/05/18 03:38:26 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xc0ffffff]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1056.643329] nla_parse: 25 callbacks suppressed [ 1056.643338] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:26 executing program 2: syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) fstat(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$binfmt_elf64(r0, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x8d4, 0x1, 0x7, 0x4, 0x3, 0x3e, 0x8, 0x2b4, 0x40, 0x136, 0x5f, 0x100000001, 0x38, 0x1, 0x3, 0x8, 0x1}, [{0x70000007, 0x8, 0x9, 0xffffffffffffcfb1, 0x4, 0x8, 0x4}, {0x3, 0x6, 0x5, 0x0, 0x5, 0x7, 0xfffffffffffffff7, 0xffffffff}], "3f35be4652fa70ccbdfa141b4c3a32077e25081d896f943635fd376db4cd55f61b9a17d51ee38c919f9a1e868a45174264b234bf81b516d021bc4b3562df9c67a3fbc1dd5d0ea012aeebaafa6293515f7bfb07e62e4c7cbba57c37d1b54a3651b4a5b994555502181e3ea84f73a45c07dee12bc0cdea7b9f6a181cdb6426185191bad7bdc02cb4b0f7b15fa32b5f9909d58fb6c17b7a8c45f4b2d0227304db21b44a49521cacfe336b061e90dd460f549dce0862d36910d8e9b93d1b154a5abb9054433945143643f5d043d4709c3e81f9218bcc5fae0534229babc2401f7e8bac053579d6e17d62c05acb9b0e1dcf882568dfdd01", [[], [], [], [], [], [], [], [], []]}, 0xaa5) fchown(r0, r1, r2) 2033/05/18 03:38:26 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x88470000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:26 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x62000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1056.689833] netlink: 16 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:26 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x8000000000000000}, 0x707000) [ 1056.756923] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1056.781839] FAULT_INJECTION: forcing a failure. [ 1056.781839] name failslab, interval 1, probability 0, space 0, times 0 [ 1056.793385] CPU: 1 PID: 10406 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1056.794189] netlink: 16 bytes leftover after parsing attributes in process `syz-executor5'. [ 1056.800675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1056.800681] Call Trace: [ 1056.800706] dump_stack+0x1b9/0x294 [ 1056.800728] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1056.800747] ? __save_stack_trace+0x7e/0xd0 [ 1056.800769] should_fail.cold.4+0xa/0x1a [ 1056.800790] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1056.800806] ? kasan_kmalloc+0xc4/0xe0 [ 1056.800824] ? kasan_slab_alloc+0x12/0x20 [ 1056.851524] ? kmem_cache_alloc+0x12e/0x760 [ 1056.855866] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1056.860725] ? kvm_mmu_load+0x21/0x10e0 [ 1056.864713] ? vcpu_enter_guest+0x3a83/0x6060 [ 1056.869218] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1056.874241] ? graph_lock+0x170/0x170 [ 1056.878081] ? do_syscall_64+0x1b1/0x800 [ 1056.882185] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1056.887563] ? find_held_lock+0x36/0x1c0 [ 1056.891642] ? __lock_is_held+0xb5/0x140 [ 1056.895728] ? check_same_owner+0x320/0x320 [ 1056.900066] ? rcu_note_context_switch+0x710/0x710 2033/05/18 03:38:26 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) fstat(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000200)={{{@in=@dev={0xac, 0x14, 0x14, 0xc}, @in, 0x4e24, 0x1, 0x4e23, 0x3, 0x0, 0x2f076bed990e385d, 0x20, 0x2, 0x0, r1}, {0x2caf, 0xfffffffffffffff8, 0x2, 0x6, 0x2, 0xfff, 0x2, 0x6}, {0x72f, 0xf9c1, 0x2, 0xfffffffffffffffe}, 0x72d1, 0x6e6bbe, 0x0, 0x1, 0x3, 0x3}, {{@in=@dev={0xac, 0x14, 0x14, 0x20}, 0x4d6, 0x7e}, 0xa, @in, 0x3502, 0x5, 0x0, 0x2, 0x1, 0x1c, 0x1}}, 0xe8) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140), 0x1}, 0x0) recvfrom(r0, &(0x7f0000000040)=""/86, 0x56, 0x20, &(0x7f00000000c0)=@ethernet={0x307, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x80) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1, 0x0, 0x0, 0x8010}, 0xd0) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000300)='openpromfs\x00', 0x80000, &(0x7f0000000340)="b7927d0ca5f2e38aa02ad91a24fd954a3f3d6b5811cd5202f379f80be4b3e63f54b8895bf85fa48fd3adf1bdcb2780c709cdd02d72fa59f60107b1efad9af6a67be65d3cf084e19240ab682ce9d4") [ 1056.905008] __should_failslab+0x124/0x180 [ 1056.909259] should_failslab+0x9/0x14 [ 1056.913242] kmem_cache_alloc+0x2af/0x760 [ 1056.917403] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1056.922433] mmu_topup_memory_caches+0xf7/0x3a0 [ 1056.927113] ? debug_check_no_locks_freed+0x310/0x310 [ 1056.932325] kvm_mmu_load+0x21/0x10e0 [ 1056.936146] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1056.941694] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1056.946291] vcpu_enter_guest+0x3a83/0x6060 [ 1056.950622] ? print_usage_bug+0xc0/0xc0 [ 1056.954870] ? kvm_set_msr_common+0x2680/0x2680 [ 1056.959542] ? vmx_vcpu_load+0xadd/0xfe0 [ 1056.963612] ? __lock_acquire+0x7f5/0x5140 [ 1056.967852] ? vmx_vcpu_reset+0x1030/0x1030 [ 1056.972188] ? graph_lock+0x170/0x170 [ 1056.975995] ? graph_lock+0x170/0x170 [ 1056.979810] ? __lock_acquire+0x7f5/0x5140 [ 1056.984060] ? print_usage_bug+0xc0/0xc0 [ 1056.988136] ? debug_check_no_locks_freed+0x310/0x310 [ 1056.993339] ? __lock_is_held+0xb5/0x140 [ 1056.997408] ? lock_acquire+0x1dc/0x520 [ 1057.001411] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1057.006443] ? lock_release+0xa10/0xa10 [ 1057.010429] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1057.015720] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1057.020228] ? preempt_notifier_dec+0x20/0x20 [ 1057.024743] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1057.029595] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1057.034657] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1057.038736] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1057.045088] ? graph_lock+0x170/0x170 [ 1057.048906] ? find_held_lock+0x36/0x1c0 [ 1057.052991] ? lock_downgrade+0x8e0/0x8e0 [ 1057.057168] ? kasan_check_read+0x11/0x20 [ 1057.061329] ? rcu_is_watching+0x85/0x140 [ 1057.065546] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1057.070771] ? __fget+0x40c/0x650 [ 1057.074233] ? match_held_lock+0x841/0x8b0 [ 1057.078486] ? expand_files.part.8+0x9a0/0x9a0 [ 1057.083087] ? kasan_check_write+0x14/0x20 [ 1057.087337] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1057.092268] ? wait_for_completion+0x870/0x870 [ 1057.096853] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1057.102044] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1057.107751] do_vfs_ioctl+0x1cf/0x16a0 [ 1057.111640] ? ioctl_preallocate+0x2e0/0x2e0 [ 1057.116058] ? fget_raw+0x20/0x20 [ 1057.119509] ? __sb_end_write+0xac/0xe0 [ 1057.123477] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1057.129002] ? fput+0x130/0x1a0 [ 1057.132271] ? ksys_write+0x1a6/0x250 [ 1057.136149] ? security_file_ioctl+0x94/0xc0 [ 1057.140550] ksys_ioctl+0xa9/0xd0 [ 1057.143991] __x64_sys_ioctl+0x73/0xb0 [ 1057.147867] do_syscall_64+0x1b1/0x800 [ 1057.151742] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1057.156570] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1057.161492] ? syscall_return_slowpath+0x30f/0x5c0 [ 1057.166421] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1057.171793] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1057.176633] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1057.181807] RIP: 0033:0x455a09 [ 1057.184979] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1057.192697] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1057.199991] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1057.207268] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1057.214526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1057.221780] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000005 [ 1057.841076] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:27 executing program 6: r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x4, 0x4102c0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x2ae, 0x3f, 0x0, 0x0, 0x14, 0x4, "9022cef1122d6a0fae4d68263744e205e1d81e59ecfb04d9f516825cd1598efd962f99925b10ac5eee7897108626a6f2ef0b0af4a94dd10c7b7455496e1552ce", "01fb3822cbb95db5815e2e4ecf71f8d5a923a9dbc9efef4c7d65cdff659f5c96c45a1b18c62dabf9d9467d544e799b59325edf419f2530a67455380230eea23a", "6a0020e5e4f970e700f54b99f031b4279717e5aa2834b1017d2a25c716e4735c", [0x80, 0x7fff]}) sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x30010010}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)={0x78, r1, 0x0, 0x70bd2c, 0x25dfdbff, {0xe}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x6}]}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2e}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x100}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x800}]}, 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x20000080) r2 = socket(0xa, 0x1, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, r1, 0xd0c, 0x70bd26, 0x25dfdbff, {0x2}}, 0xfffffffffffffe27}, 0x1, 0x0, 0x0, 0x3ffd}, 0x48810) r3 = msgget(0x3, 0x100) msgrcv(r3, &(0x7f0000000600)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:27 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) syz_mount_image$iso9660(&(0x7f0000000200)='iso9660\x00', &(0x7f0000000240)='./file0\x00', 0x7f, 0x6, &(0x7f00000016c0)=[{&(0x7f0000000280)="1b8cb8dce9c393ec3ea837aebafbab8156da31be48360ee5bea0a128ba5b9ca27ca9959c1dc0bce3456529ea4b42700c154fe4a48b149153ca1f35697e67eb6704a32b589aff7656535d00e55681f8c5ecd5629d670eab5bbffe6fb585ccc67c31e43a4993eaffdff1797e6e786344d40b27641b801e49f45adc1c577fc832aec218cb0a32a6333d8bf07e9a26737e65296988053b2f1ee6d8c91d9f0d37424061ef2f274ac6ffd81f6f1a3e375d8f5aa591c556d88de5858ee2cf6bc047f3a09bce893225290348c069b6e20f05afc8a9", 0xd1, 0x6}, {&(0x7f00000006c0)="d09ea2cad3d1eec8c59b2bc218974bf5a2daa900c1283f45628d21894ee96b279fd4d41a57d1481f233044063ff82a5a39aee67a10046fccc72402699da9993223a613c12202b830771735650bea73af71252c6c20f45c04be8d37ca336a16686ebcc5f5145be987cad8236aea3d4afd255e5a70c9e44ee20eb3e6860f3f40e77c0485351c72c4ca0cae9711d9e34160459f1770fb47e3a67631dbfc49e3f34d19eb23b18e5af83f2e6be24db2d2139b56994dbfa7f7aaa14dd2bfad154970118c4e5843808d9f6c8a4add50c859f4b979de376dad73bb28ff0b8970f63117972d4b1ac9103f3f0e7e0740876bd1bfea217512c462ac6baf20896f08125a14ae5027fb906d4e7e782d1fed945bb84fcf1a77e3462c7d7662f8a7461a4e1337b0524897ba5d71cc2c24a20bef22159b1343a6055852dc888df3119f0e524ad1f0246d4730abec2ea1881a0a9e6de0b500abcd69c8ad3dbac481f53aac014ad390298064ff43c930da875addc9e18f765f4957dd765bb6c562bea44516c37b98ab1a242f895e76411ffe9a6cc270d3d32d26243c34ef171e4620e7df555a0ff2261fe641402b57e3862220c777190aa0d7927f140dfcd0ca04547d4f87d9c663676675ceb73e0fe311a6f0fe184715c0c665ea4f3e99028664585fac7ab8d6054f78774dedf27a393859e346d203e130f789a6ca88427384131aa66b5b08891bb345fd926a442ade1a723855793bb88e513941a696b7e1cce4a297a8f2d08bd635a7e495835464bfb6c4e8d66e65151310cfc162d5f1ba0126d2b66861c7affb20a1267671199acf2828c29ad1347b4e1ab08d242a3fb09cf74a14d7d14ba3e1869e4e983d999c067f60acb853444c3f766ad3802627830e9367a9e32bb24cb616341e723448a3d6e99302aa850eeed6d15a009e3f8dce4309430004096b0a05f6d439e65e37a747955d564ceb3fcdbe634b4b526134875ba21459eafae22f720f9358742868e55795dd78e73ac424c389c5c1e6989b8cf2f1c48d770d5888fc3ccbea1f6bb05ecc9313ef71855ef9374bef8fe84935d620af6935df90b6f72f4ae2ac5759e23ab2b27ffdf31d2d1c25714d93bd3962eecc2bec31e66ac3abca1ba092842624564d562e7fe7714cc4445013df5242f60f8cbfc24d58cd9f7dad405ce98b731531c87f2d123ed333879a1c95b4ebd81d8549f0b198caad2b48299f42ac1e9178be28c91737a933899b72fbfe8294c5bb10fefe27a7c706677cfc91be018ddd98f4b03336729806414e60fabd3976c410d030cafa3211fcd0dfdefa3ea130492bbb6fcb234e9e71e9210ab1c33d01939cf16cc88b98034d35135de8e4b04b962a6561e3fdf123cb8a588fbb6670cfcfdf2e481639238eabb55ccfdeadf54a440eddabf08c304fe7e02bb52360071f0e83cfa4ed7af245cb94511f563230d013a0195c42d031adf89b56cec2c9f6ba542aad3e0730ce84cde491838be71c4bfb494600721beb4a2e8083722f05efd01e28aabba5b6dafa9f475214bdc861cd44bc2f47e6a2091f5caed07436e72771cde69945e326996d475d4f3bdf1a281f2f03fb9fbb2807120666ba9a63e0e843d57245a2ca60bf2a7abf60d01adf9305e9297bc7c3e6fe162c1c7b8ccc5321d77f97991a82ea9ed460b53c6e022033ab8f5fe0f8598c940345781efa8f8862cc70f9c8b3bae0fb1fea14caa7a9ff5b7b9a30a271cd7543ec479a748ac7bb64d6731a39f8c98de11cd618406ec4dad9a51773b517db18e3a89c998b2e29de4c34d71351e6eff0903abbf1e621895c466656b6ca640244c6de859853b46ba18591049bfcbb719cbb2b8f280d65621b3e1f233982421b80170949f1a71b494ccdb4e6883b37c5ff92f8a2b67dc03d19245b817cf43dce95276059987f9e034db1ab021bdcdeb11c829ad653de1b56e23e805408994bc4e01ab79b6482c18873d861811ecf268ced0e72d6b130d53af6640f672cbf9cd14a4831773f03b0e4f931d6fbf8b53a8a103fcbb5a9c9bbe9b6de94ecb060184894297207e84f5904b60b0cc815a8d0aaf257422f8ea2bd3c3ba7f4442f2291caf28a2ea98587c6a52b942036ab2ea198743c4a54c4970649c948426e67ca6d2e3c25e75e24783a2bfe509db5e7a480110d29e0787c77866dcb0f966093821d0a3e8f0223dcfc97e4c75eda02482293ef9a47141399f63b981bec1cbc69fde0b962bf87b5e7b8c9ccd2ea0efe5182987b3f0ec3bfa6c186c83e9612c2c4332bc4f64f7ad9cd6ca020443833de5020e2b8c1dbf3f5aab8d5d0331dc44b1b781fafe2c97b352c22a0e54d9c93aa0146a17b9265e79b2de80ea8a4bed4abc71e424277373cf259235fda2ac7823712e86552ac44e779ca53c17846c676922a409cdd94309b7a861dffa31028ab7b86f5433fe20270cf56232f742cd63b0fc3b464f9b1045da8e928059d257e7c678ad1edf28a1c04ed0956a2a639317d49b172f288978a6966cf5063596aa0c8d907814c57cc10869d9a937a5b5fa9e0fc96e0fd0ca6116f599776070ed098808f28463dfe055d7916ee84a5974043f90aa5b9ef0933878faf8823bdf7fdf26036f661c76d9a7e96a0f6567ca3a5770281b4695db15fe7ab5c4bd5ea6415736e2514ab231c55300a6cc0eef5fd67ab8fe9a9b523267e9f608b485e247756c5226048d7e9bc6b0e58a4439284bb246cc0cd2c446221939cafd84348315b7659a55ce6ffe442d570d9f36f1a6079ff8548ff2c50b7fb7a0c9d80f868560f29f1c9926f09f2b85f2e06ef58a274e2e2907cb314d2b92459999dd45217aba34c8e5759dfea40510823da0ed8bf63fc0234e6a92726a3373bbb9443f1ba3b9bd80f2c76ffecfc03c8624012308b391937ff8d783a20cae0803e186eedf39831676b71f5a5678aef63e941fdfb55b343b5c4ddafb2ba112f883307ff9eb529d02b6079a439475264457ddb53468e6c87403f60c700638f039381dcba1831827af4432dea25347a6bda406027d4d142b674abd301a832b561ac5754e76857d3bd5c42aed70c3da5be6d93b3f98284f73f6472828b5e29904c7cf2c3405c0c5f57a6326b114fc4bfa12f565b559ac91170f2881c699012c4da91504aa75f103aa5b2326499200e0879d66d014738cd398a2dee3de40b8fb9d481db643312f887c17f753b7efab54d4c894135cabc61c0506120391f78222db7894415343238998ec3856bf8928c78507b22345e96b33382624fa257b69bc9903363dcc7302f2e4942e37b146d7e5face3f10e6e911c68c407a27b35aa0a603bf4c1912b2600f3d8c1322c67819fad9b4c8d211156405b6202a8aa2b162bd0e9efaee3aaa4aae7d728081968494cba5c13191f774e938ce123d540c4ca2341217c4a99f79edbe0124ef43bfc48e531babf266e426b0def1300554c5491fc46d845fd423b1d3f7bf532c4a878ed25972bca1292ba97d8b005cfa8b4207aac751f89dbb3a62a842e26e360ae3015b32f190a9cbc0a95550da251411c0d4f4334871836f94aa65c448f504f4f86bcf54c24e3da7fa7c696b4ab2e3f4267c25dd7e1e8381a7813eebc36a9067c201e5c6403276337854e93b199130c8598484988f35c18a32cc7edc25d732ce21160a85429bf3a533569a51210dabe9790e626a2b94581c561863dbfb4535ffc5b20ea5b685fcfcf6aea8afcf50ca8dc538d24d6e857e0d112cc92dc34712e1ea917132f984c2fc11335ddc41fd7b6805388132d3a9b2b880c6be6c5f44d95cbe62b5413a40abe48944c511e95d72ba3edb75915baeec7250df894de1a747af9869be3608c55205189c989c7bc34938ba8db7d282aada7cdabeb1a53a449fc92da54f5185060e90287776d3ba2d2b7625763ca14db715f84246269136ae4ff19284af401a21acc307bce9d9ca801d2dbadaf4c41c816a71bdbb426ed5ade9a50912c82ff0638438eb442245faebfc5700d33e237f653710a9795893963cb78a6a5a651c25e605e60dbfa0078ef4cb110eda1197dd604236e652ef1679185153d924534722cfa7b4c82c2478d21d48d7e757d4ea1e5ad740402a28418c07b78a06ee00674520b8b3f67c6ff143f831385d545e0a362fc29f7f2436327060252caeed1e8bf102ba99a1929d3abcd96c9cb75f08c9007659ce96e95402ae0c80493258d65f461470fd87c4e53f7e0c31ea610b26ccd4f3a39cbf533b161efc44efbd4f595da3c44cc1f1c3f78fb777989c15cfe9516959bf9e1a16358808a970db4aa3d9485d402dfa2ef31517c14bf3153aa2491cc47a05c074ebb4a92cf6caa4ac8d346770cdba961b3b4642bbc0293bacb3ea2a288e1ebeab938714a420f6ef685c063fc42930f7ca0eca32c8aa5e785f5e9dbd8db955aa906383f90c83f9b37cde3ed3e60b183cb35fce29d95d0c77c00ef1d155b6514f35f717e7d372851ae9dd2e151c948e5fa5395541d2ccc0110e9b868f9d16baeb80655885d886b6525e67e9a0a629d505e6097557401c59ae2b01474a10492f10b2156e988fe2c9324eb5f4cf5efd73506d3f992363689a557204a644d4c411822a40e2b87690fe1c8bd23e104197ffc4c01d3f7d038a545a184e722d07568ccd88a02046c490d4470ecb1113a2153e38e2ef381ee58b63bfb6c04524e739b28ed9a84106bf08eb9b8ee8d851d2268f1e5d0d78206c762f8532546fb7125b4a8554dcd080974b9956e0fc056f30272e472612674141cfa71c55a50d53f6da11733de09ff0d1089be10d0e9eb7ef2a7c6d578a4d5e7929a1a49e61a24b65407cd5e7f5bea3c7c302159a982ef234d9ef3c83683d02d3dfd985ee28009d8a43a537c90dcceb7e9a472a6b73a7bc75a30cb8ab307cd78a9397c53c7fffc700e860cb68c52fee6f917022c28e487a09b7fde74cd68e40a5c8cab08a1390031a264db37a9571152b1ae29143827bfb759d78180e8a4226a0b7c94b70e9ec744014276ee9064fbfed38a6f33736da633fc1f03e6015eaed10312d8ba60794219a0bd3c51236e1d62b65c496089d1f9b3968373a43bed7bf12e0f34c96a5b5bd5585b33e719823872cb155ecc48ba2037b5f1d3c594c5c97f83fe7bf26ca5d7ec8efc5386d5baa7feab2aaf1c03eed5a9414d4306652f8513cd42dc683461b6321e4fae1491c236a4543ce4e31c2d923191fe698013e487a73f0feaed974b2578053988ad01a7cd133cabf31e1f457d4c6bb3b6f3693309585dd12967909213575cb4d9d1c2f29796b745704936b53d5d22915141b26fef94b7c093021c45f9e205b0733de54ce61b32ae3a48db838aca7a885e2ecdfd753d1eb2bf13cca0209022079087d57102abd670a27a36a9a82ae251a1d786e5d8fdc36d6c1f48e70fabc6ed2a243ceae6adfe9737c419ad6e31f0d5c4104ab5a454eb5cb36aabed1e45f5aea518b26675e50010d8f2ed4c5f745554a834ba1152711710b7e2b46b8b95a082ca5ec79932128dc86f67a37ddff93f718a827957a8ffb4e7261b20553d4945693add8b769b76a286facbf6ba7fd89a0f357fec13c9fe074c8f0a29189eb7e53a53b64d1bedfc61d47df9aeee3e27eaeaacead475bcea0eae714d6ef484eaed83e795fc69411ae11be1fa517b1005fe238a517598d92930d28f57635b6b9264eff0d09d9dac6cc4d9193c850b694781f978aac0b6792318cb0d1cc9e45c2f05ce04ee0b9bb55ee19159764e48687bc1ee91438fa3e9abe452c4697a3219b7b0ee072e2a84ccd214c5999503cf88ab2ba462f78d21f54339", 0x1000, 0x800}, {&(0x7f0000000380)="cb0d6d675c0856031570eb916aa5771d772f8ebdd5d1816294c8e790b59060b7cb433899b50f25fb87442a505b9f87b5a369cbbc756a36256582cfe0e69680b67cc3aef097ba5f5bfe48afec1a09d4ccb90e76cb0767ca86d7506426518fd733cdf64f01258594136519d7c5495054a8b9ffe77c179b70fbdcc7e99f86dacc243e7081a47b746715bdca743c439ec638318a4dc5827d", 0x96}, {&(0x7f0000000440)="07ad2e55ad371b14ac3c2e6615b5ac84f58cfd90ce6f03b52444eb7bafc7b188aa846e800aa679528ec9b6cf0ce92c624630c7e3bcc16e2214f3122f0bf8e908619fc4309bc054352639a1f1559cfa1eb88f3b480130b99d1a1984", 0x5b, 0x5e975455}, {&(0x7f00000004c0)="e14844743c28f273f27b5c88e45998f5f9da6adc992609c2293d8cb2fac77fadff04ffbf80a7f2040ffe9039df72b258a3c91e72b3d29368a68c125f066575dfc8a5b6a32269ce5c299b7c4f1786567a8c0e6395eca5bb0e68f39d0b5fff8272d2c1dc41ec67db5ec93eb186c6e42bdb02b16054969da5ca48ce4350dff0d77217c780af2a28386a446a677e7f1a3daec0ead94c7a294f3bd8ebc97a8de430", 0x9f, 0x8000}, {&(0x7f0000000580)="568a7bd0dae0483e8b2d242fddab437bf520dec523ac7237e484bd1fa220a5c0f9a8759fc6d26e582df47aef0e79d764405a5721e7311e4bca51bed7642ed52e11054a6519679ee8baec36ec0f506a7481ad00558a4bf42a39d2cd564986dd5eade54ec243453487d349a2febd9855f3ff90bb60b8b8e9279de405761f3b7bb862397785f42dbcb510f18ea8e96b65fab66e8a30aa", 0x95, 0x8}], 0x0, &(0x7f0000001780)={[{@map_acorn='map=acorn', 0x2c}, {@unhide='unhide', 0x2c}]}) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000017c0)={0x0, 0x100000001}, &(0x7f0000001800)=0x8) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000001840)='/dev/dsp\x00', 0x100, 0x0) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000001880)={r1, 0x9, 0x7, [0xffffffff, 0x400, 0x7fffffff, 0x6, 0x1, 0xfffffffffffffffb, 0x8000]}, 0x16) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000040)={r1, 0x7, 0x9da, 0x2, 0x3, 0x7, 0xffff, 0x21, {0x0, @in={{0x2, 0x4e23}}, 0x58, 0x6, 0x7, 0x200, 0x6}}, &(0x7f0000000100)=0xb0) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000180)={r3, 0x9, 0x9, 0x9}, &(0x7f00000001c0)=0x10) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:27 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x100000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:27 executing program 4 (fault-call:7 fault-nth:6): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:27 executing program 2: socket$inet_smc(0x2b, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x1, &(0x7f0000001fe8)=ANY=[@ANYBLOB="7ba0070000002d2a14"], &(0x7f0000003ff6)='syzkaller\x00', 0x0, 0xc3, &(0x7f0000009f3d)=""/195}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@ldst={0x3fd}], {0x95}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x437, &(0x7f000000cf3d)=""/195}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x0, 0xe, 0x77, &(0x7f0000000000)="ff7a759142bdf8177631e7ff6a95", &(0x7f00000000c0)=""/119}, 0x28) 2033/05/18 03:38:27 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3800], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:27 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x8000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:27 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x4000000000000000}, 0x707000) [ 1057.881823] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:27 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xeffdffff]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:27 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x40000000}, 0x707000) [ 1058.057241] ISOFS: Unable to identify CD-ROM format. [ 1058.082000] FAULT_INJECTION: forcing a failure. [ 1058.082000] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.093465] CPU: 0 PID: 10440 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1058.100745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1058.110121] Call Trace: [ 1058.112729] dump_stack+0x1b9/0x294 [ 1058.116380] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1058.121594] ? __save_stack_trace+0x7e/0xd0 [ 1058.125938] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:27 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x200000}, 0x707000) [ 1058.130102] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1058.135219] ? kasan_kmalloc+0xc4/0xe0 [ 1058.139209] ? kasan_slab_alloc+0x12/0x20 [ 1058.143366] ? kmem_cache_alloc+0x12e/0x760 [ 1058.147698] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1058.152556] ? kvm_mmu_load+0x21/0x10e0 [ 1058.156551] ? vcpu_enter_guest+0x3a83/0x6060 [ 1058.161060] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1058.166089] ? graph_lock+0x170/0x170 [ 1058.169905] ? do_syscall_64+0x1b1/0x800 [ 1058.173977] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1058.179359] ? find_held_lock+0x36/0x1c0 [ 1058.183436] ? __lock_is_held+0xb5/0x140 [ 1058.187508] ? btrfs_reloc_post_snapshot+0x1450/0x1730 [ 1058.192808] ? check_same_owner+0x320/0x320 [ 1058.197145] ? rcu_note_context_switch+0x710/0x710 [ 1058.202088] __should_failslab+0x124/0x180 [ 1058.206342] should_failslab+0x9/0x14 [ 1058.210154] kmem_cache_alloc+0x2af/0x760 [ 1058.214321] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1058.219181] mmu_topup_memory_caches+0xf7/0x3a0 [ 1058.223865] ? debug_check_no_locks_freed+0x310/0x310 [ 1058.229072] kvm_mmu_load+0x21/0x10e0 2033/05/18 03:38:27 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fc9000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$KDGKBLED(r0, 0x40045108, &(0x7f0000000040)) ioctl$TIOCSCTTY(r0, 0x540e, 0x0) 2033/05/18 03:38:27 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x2000000}, 0x707000) [ 1058.232890] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1058.238440] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1058.243038] vcpu_enter_guest+0x3a83/0x6060 [ 1058.247370] ? print_usage_bug+0xc0/0xc0 [ 1058.251447] ? kvm_set_msr_common+0x2680/0x2680 [ 1058.256127] ? vmx_vcpu_load+0xadd/0xfe0 [ 1058.260202] ? __lock_acquire+0x7f5/0x5140 [ 1058.264446] ? vmx_vcpu_reset+0x1030/0x1030 [ 1058.268775] ? graph_lock+0x170/0x170 [ 1058.272581] ? graph_lock+0x170/0x170 [ 1058.276390] ? __lock_acquire+0x7f5/0x5140 [ 1058.280638] ? debug_check_no_locks_freed+0x310/0x310 [ 1058.285845] ? __lock_is_held+0xb5/0x140 [ 1058.289918] ? btrfs_reloc_post_snapshot+0xc20/0x1730 [ 1058.295119] ? lock_acquire+0x1dc/0x520 [ 1058.299100] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1058.304217] ? lock_release+0xa10/0xa10 [ 1058.308205] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1058.313489] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1058.317991] ? preempt_notifier_dec+0x20/0x20 [ 1058.322504] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1058.327366] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 2033/05/18 03:38:27 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x20000000000000}, 0x707000) [ 1058.332398] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1058.336473] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1058.342202] ? graph_lock+0x170/0x170 [ 1058.346011] ? find_held_lock+0x36/0x1c0 [ 1058.350090] ? lock_downgrade+0x8e0/0x8e0 [ 1058.354253] ? kasan_check_read+0x11/0x20 [ 1058.358408] ? rcu_is_watching+0x85/0x140 [ 1058.362567] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1058.367866] ? __fget+0x40c/0x650 [ 1058.371335] ? match_held_lock+0x841/0x8b0 [ 1058.375590] ? expand_files.part.8+0x9a0/0x9a0 2033/05/18 03:38:28 executing program 2: stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280)) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000340)="8da4363a00000000000000000000000000000000000000000000000000000000ecf6f2a3299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4dd5f45b0adb28719b57a4bf4d55599ec8489a6c334daba15970bb7c8101e101c9e44169d000412d68d732ea998ee0cabf132f267ac948783c1cc54e6534d47ce1e2d396a7ad6d4382d277894373d402d9b533e18289ee97d407dcf49c2763be8409a8b1ca260f2e26360c8a75694d32c0da67f2af29e345d0a370eea0e33f8362110f", 0xca, 0x10000}], 0x0, &(0x7f0000000140)) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x101000) getsockname$llc(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000000c0)=0x10) 2033/05/18 03:38:28 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0xffffffff00000000}, 0x707000) [ 1058.380182] ? kasan_check_write+0x14/0x20 [ 1058.384427] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1058.389368] ? wait_for_completion+0x870/0x870 [ 1058.393964] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1058.399182] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1058.404899] do_vfs_ioctl+0x1cf/0x16a0 [ 1058.408800] ? ioctl_preallocate+0x2e0/0x2e0 [ 1058.413214] ? fget_raw+0x20/0x20 [ 1058.416677] ? __sb_end_write+0xac/0xe0 [ 1058.420664] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1058.426216] ? fput+0x130/0x1a0 [ 1058.429557] ? ksys_write+0x1a6/0x250 [ 1058.433376] ? security_file_ioctl+0x94/0xc0 [ 1058.437800] ksys_ioctl+0xa9/0xd0 [ 1058.441268] __x64_sys_ioctl+0x73/0xb0 [ 1058.445169] do_syscall_64+0x1b1/0x800 [ 1058.449068] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1058.453924] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1058.458872] ? syscall_return_slowpath+0x30f/0x5c0 [ 1058.463817] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1058.469194] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1058.474037] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1058.479218] RIP: 0033:0x455a09 [ 1058.482410] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1058.490124] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1058.497379] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1058.504633] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1058.511907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1058.519161] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000006 [ 1058.547654] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1058.559996] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1058.588776] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1058.592583] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1058.638205] ISOFS: Unable to identify CD-ROM format. 2033/05/18 03:38:28 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x600], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:28 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:28 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty=0x4000}, 0x707000) 2033/05/18 03:38:28 executing program 2: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x402, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000100)=0x5) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x0, &(0x7f0000002b00)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r2, &(0x7f0000000000)={&(0x7f0000f7ffa8)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000000200)=""/4096, 0x329}], 0x1, &(0x7f0000fb3fa9)=""/87, 0x57}, 0x0) 2033/05/18 03:38:28 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xcc050000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:28 executing program 6: r0 = socket(0xa, 0x1, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x6, 0x6, 0x8, 0x2}, 0x8) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:28 executing program 4 (fault-call:7 fault-nth:7): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:28 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f00000000c0)={@dev, @remote, 0x0}, &(0x7f0000000100)=0xc) r2 = geteuid() setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x4e24, 0x3, 0x4e22, 0x9, 0xa, 0x80, 0x20, 0x2b, r1, r2}, {0x2, 0x8000, 0x0, 0x0, 0x5cc5, 0x100000001, 0x401, 0xb7}, {0x120, 0xc3, 0x9, 0x5}, 0x0, 0x6e6bb3, 0x0, 0x1, 0x3, 0x1}, {{@in=@broadcast=0xffffffff, 0x4d2, 0xff}, 0x2, @in=@multicast2=0xe0000002, 0x3500, 0x2, 0x1, 0x4, 0x3, 0x2, 0x401}}, 0xe8) ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f0000000080)={0x80000001, 0x100000000, 0x7, 0x100}) 2033/05/18 03:38:28 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000000), &(0x7f0000000040)=0x4) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0xffffffffffffff09, &(0x7f0000000080), 0x7, 0x0, 0x0, 0x4000040}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:28 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x2]}, 0x707000) [ 1058.882823] FAULT_INJECTION: forcing a failure. [ 1058.882823] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.894162] CPU: 0 PID: 10518 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1058.901446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1058.910803] Call Trace: [ 1058.913412] dump_stack+0x1b9/0x294 [ 1058.917059] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1058.922271] ? __save_stack_trace+0x7e/0xd0 [ 1058.926618] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:28 executing program 5: r0 = socket$inet(0x10, 0x80007, 0x80000000) ioctl(r0, 0x20, &(0x7f00000006c0)="de689707178eb31073645eca6e6e45ce8554afa51bed43b0391b8c1ed86258c7d861c049496983dd968751b5720d7f4a57eb5cee7bda14bf131b045feab97d4f6bc196d180846215525e22851d52e1db39f875d1a3026251244ab2ada15dbc6722e2df0b12d317d7b89818792c325ef492df8ae7cb54e14a83cdff9673df578fa9231a18ae1e12f64c03b34daafd7277007f898cf20c9b9b8f06173c37964f7106bfeb4349c5b02bd20120351c9246b45cb63320526082421bc6380706a3b96bef9dcffb59ee4671bb22a98dba504c154e79853009cdf880f68b482c173d2ec37dde7d9679c8c262d3a2cc9ea0203834075d53cf0e879dfea07d0de838dfd3d413a3ed4dc4a3fd10c1ee458e7a74bccd290b9b8de99e6a76abb0ec5065a370d1f3e4c2a8ebcdb481de86b7bde64ccabaa30454c2daca0429c6a28e6b1fa47705fba32d351434386b357842b941751638e61d4ed99166bef4a6c6830aed8d2b513d1dd01ee0cb67333b44667cb075368c6b0c7390a5c8ccba23f7eaea7dbf2611d8fb66373fd5570bc03ace4eadc894ab9b4bf9aeeb62b8e94a8436c267ed0a6d42758781bc3a590ef775fb8e9c8c4afb295c765facce1a6150e1c267a455f92a44e63f048425324fb21a8c551099aa972b140a068f9ecc3589a15c2d6e0d67d607b189bb370f1cc0c3f5d7f82bfb89b489702944110e9967d1872bb20f2ce603a221db65f8b2657a5c8b598522ade9b5f2419b297f1f29458905f3241ce62d686d31fef0303e5d2abd030d1763a7996b078ee3f674a1d8a7b486c3626786247376d7522ef589956a206e86fab35f05f391f6558975d8d651afe1c979bf8e75f4a17d246667457732580590f179325cb0a6edc2eb0c237ba14fc8633fdf093d0eed2c55bdf929a5624274ac5df7fc0a7efd34eae11253956a27c49ab8082b18006c321d79334d780b476d0a541449c84465b8472a831e8b7d59a9229cec59f36cdd08688933c4a5d3f9685bee9903498c0acfce0a58666fb61cb1b00034682853bb462cb825a19418393dee062ae0846855913d7cc8d2ababc6da310f8e7a6c8f7475b4720ac23a6c69f1bd474455e042bad5412dc67af5814095926029dc19d853c23cf517c591e4673393ae7569fc7be1f36107bd29be54b5052f2554916a174985255cbe3603ac4a80256383a0bb2bd0c9a760b5928836e82e57bfda873418977e441a2d73e8973ff46f43ed7c5b9e003c0b0e04d1bb22e24556f695e9044f946895aeb9c0a45a2807864a8caac3e11241ee3087fe526c04d1dfcb016f0205222b6aff164bbfcae3697edb2e1e64fe1dbb0caedff2421fd1ca78f8e23f9b066235d627f6eb51c7c2c026d21222e65f7851990e51ff7fc8cae453d8adc014228770070ee0b0712ff1ebff5ec9c814c49fb5f5181bdd8bdf9d70ff56f3354dc6dddc12f9b721e1a220c269ce9cd87695ecebd5614024238a4d2c58619c3e802529f9dac653f9c9a79bcceaa3f9d37444ed5dc8cc93e3fb1a86c46001bbdd3f042d6baf9817d9e982498dfd5b20dd45f48873ca366a589ed5337532349069a45e4dac2f9f131b0ce4c141b37a6cc33d275933a8c33a56b9729c32198c2a1be4c9cfff2d3c4c62fc7925f05cb99d2f550bde785e0950926859e0eb69edd0b01d3ab86470e3ba1d6872db8acc932b076394fc78b4e0d7ec9c6eacade23d6aa313067c412174f456249a2462bcf12a3ef041f32521e24b728ca09025ff06dc4f30d38bce0f9337f761c23d77414bd5b83e115772511a62751b98f38ba40789e1c981f7bc2f296594e8d24ca8c414a0bc7ab37e25079618429f3a4c425f55279045549e55740825e6f81cf3a91af164e6ca8af5f703332cc2afe6584ccd1e0c22272f8b1a16ee6e28fc355774cb8be23f4594956be8776bc385b05c7a9d8bd68c6dba693ce5d4f9a4c407c6f0bc778a71ac5e348fd9f51a089c4c7a54a1dd56859c90e99628bf89cb3b21a530e08ef52796c6bd3107eb650bb6b17e5515b14b08479f9103d41d40543eb2d9064fed8e8cdcee0360c52675425351a03249a71a5f1ffa134092e153bf83dc631cf1d0b9c5411442874f2646b07907e07b5952db2e8e85a988d4dba3f0ccb4a7166f8bb09f30421579ff96928a6366931c4343bad8be613cc1716765213ffe027267d226eedfe63c036b0f1ba7b3b99dc4a0a7533bc2dce8554cfe82690a62fa721571770defbea53863c608a4aec2004682c8b2790952fafc05e3e39ef2a1d258ab96e721e6c6e5813232cbf90799a556cbbfc030062371a8649f994c65a573c54939644c225aa53e9d26f91c2f12331f5259b50a97d5570e552deee4af381964f89bb0caca8aeeb263bba284e6c2e505329c6b342cc4326cca1fc54f8dff3f7cb0368f91fdcf125c3a3f76de2971280c3be05632ea2a9a3300d8418226159354acb66a5787792ebb04cd380c32200f7da81beb9e8f111370c39c8842299ef73c34f681303a6dfd0892246d0c49ada01104403ccedae9a7855db9b4fafc3ef060b06e4a1e6cbad9f1a149540290ebabe5afd2753af45c285e775f664042d81c5ab6cae5447cb6020a3898700e0a9a87fa79f1c1a7e17b8cb4cb9bbd6a66ec3942915780f18a60c44c166859fe37e62d765f3577b0a2dd8214aa98c6b4cc53426a6a6b7c3be38548793f7ce23987b1e8d21a70c9a9a1c0af1a47c30cf23922bb4e11b74080948ccd5b4182ef9ecb0885e78305bdd7fa56a404a0d1e49eb93d36b19014dcb0c9c12f1ae335e24a00ea7adc0886c3fc4b660bf83133e43ae5ef62e584c55202901fb973281ae1ddcea0693531033b07e8700f567a8d99742ed750f00b9e4382644c421b5b29a73ff4a8f30ded7fffc8cfcc71d226d278abbe23b3f0fe93cd19bcdd4a6cabd3fb074c9d713a07cace691980fb6cd3f509d7def4079cb56998b74e37e37784bd0fdf47235375ac91f874c9263ed6e5dc893dc3b2b1f7852991f2eaf6f58c4b5d2521d0fa097c854c303e52c72236b37c8999fc3958954886235797dee1ed23c640796d6a18e311bea63f18ccdb9577c1e6ed9b8124fe44927db96747f912e04f68bbb43a683d17c3304ad28e89d33f2520e13f9d60307d6a26a49ddfd7d6376ccbeb385f9401705145e2d43b6a94ba7d8248f073b0c3166cd3e557f0a5a91e2b50134d190eb43f3acfe9d8e82d0fa117fe9015e80562d0e1cd0691d62373121d127f3614dd828c77d26f4696b80d3a2078353e3324a4447c10fc98e228ab119cb0a11de72fefd155c5b84356104a45ed55221cdff11df0722255e3473b00390c023bf7ed71b0b8a00727c962a7a7140dff397d3f5f876c2ec233e1c72ed1fa52e8d2ea64c4b638c2f86bdb917c524500582260c15ab9ebd06a9df92bb9c37f077f1984a81e0767bec017b4bf3d584d8a0683518ac5cfadf70322f51ad6132de7d0f188237b9ef005395e35f4fcc4ae9eb9cea7ee7cfa9598b4bbaa97da9f3b982357c76c13bf66f51bc88120f4826ffd20973f7bc9ff6ded8d28681cb4aa119cb609fad845cb34df1675a6060bed6c2b1d893509681f6c80ba6476a5436f9290b5c9999acf88678eb9c85c36dac344f6bbcbbc6dc56e9768289c3176b19c421d6b7820b9102c2b07795c63a4db59dff5d796917fccb3b4235756d7fdca396427ca24c3861423212c790ac6f39db68dd380301248dd7c4efc236c740b7d03d0bc4cf3e1714d4d076bf792ff529954a373fda7f59e55c24905dbb44925fe28254107a5bfd1fc6284ba3a841df5988db888df5e0e8c45d371ff760e4e9737c2165d694ea6a4ff7261a66bcc4934f0bbefb62493a4391a01c882f723552a804822d3bf8ac9b06b0247c5d70783cccd8e1cc431209120015b45894db2a7630e1848af778e02585edbbe132ca5f543b12b6bf889518a1ed7895db1997ebc9f19eb3cd4e7d2c39e477fe39cca8cf3ff788394b272f566f9cb4df38d3257a8340c12300fe1f42b516f36bfdc4bfcd79c0a6b1ac4655bebd07d2698feedd04d094df9842f0924b0a0340bed840d2f3e040d6b5063b8e00cc9e8e505ef330be1e966b0d39f52b744efca6af3216c69032d18b82348f28b27051592ca18688f7527feaaf154141b8e258d26180fbd1f0b5a7044167b632484b1efedd4a7101dcb58f5d199bac4d74c7f3dfd7479273f71f63f4bd01596e78e062c6ba023da4d937705eb0ed8890ff868f052c3c0eed3b5d27dc6487bf61f4b246a57d2b262d0323c904d969cdeb6c9af28691a06a10171e5bb5ba24f32c818c7270cd2c13621c0cb57de133be9117406bdc78f9610ce72b864c78af6a38ec03f98dc1798587523ce9fb31bb80a3a617ab831420e56b4779db67c0f50a7216ff450dc234d05b3188c461b08d0ce5f33319cb105af7494d658f6ba25a2b93e2d18c0a08ba7e883d582749ffc062d517adc515073beb79041bcadaba78f6b0f24095d62d31cbd9ddfb4ca5bd68ec11245373141994474cb335081dea0c8eaa69a5ad8414a7065941cd694d46be09f26ab98d5101a4db1d610690f83a519ead61f2afc8bfa97e59b4aeef90f071c097859dc5333d797b6d99f2dcca95e0c7f7fad4d2b39589e7537f9b3fba3074f20b6f14886ee110c3680c6cac949d676faec430e8399689014f098a8a7d1b90c9ed86d173988b33e8e7f55b187479538cf8d4b8f08854986ba66f9f300879b4a806d3f2c42e0a2ee9fdb42f15cbc784dd89b5a63d6febb8fc0fd1786b5ff2b86dea979ced00ef04ff3faf7c9b8b2139122597e0bbaf9639e2d3033f044338f0c747cdc7598a33d5634db834d0608526ffb944a462945dea51660c44eceddba89839761943f1d3e1e18953aea1fe4203beaade3c25dca3f8714c1d4814a060ea9ec9a46cf66c6c558a0a4992a42e53823c1abf0947ddbff4d5893c07619e223f7d12fc6ea94f0ad6601e9c863a71d58faa8307d6f6e1e4c3f272b009ed7bdfd73270da43b73434915be819269f8111e6a74a567e0355b95212901d9bb9c63039a4d476b800cf8138fcf85e6d8f477e750f32cde9983daab8d8b22f75b9c961f1f48c7f63ce2cb45375a6f3876b948039169cc91aa84149205bfd218d23ff3585603a24b82ccf0045c9032e2d3e2584e5d4ff771a0daa2d02671b3c64ea8cbedfda3975f3bd24990736da0e998b8ce29339b35bc7551af3c96cb58a9220022c05ca95d0e03776b5334598dfd7bcadd2e62aaf38bb170636a43d23021810527b4ee9a1dde7f746379b41beb1acb3c6fa8c7e71ab30770f26eaedc75270dc93eeb65753c8841e4f09ab7de994f6d21c1718e07f538244c670c6a04e19d92bf7dab1a0ced67afb00762c00b5a7b827c7786e719c2687d7cbeb3aeaada57273e63f2bd91203d3df04fa947f83a6be83e417cee716c71680c0690f92a1a74dfe7fc94f0c84c0832cd5a7162662b4fc304fba29e9ef51421763b6aba6f5323341ac09824485b1418989520c885859ce21b1669534347b0cf1c3580194c29db8aa49b64ec35bc0faa288de15ea5c7654e963e04bd8bef2668c01cd04bd96694ea205318aaa0db61fe55f49edb710d4906de796f99f804c0e40132fb14327113b37af5640c0c23c15cc060b35e3ecafad93319b9d64719299879d702a7e44fdc5efecb7c1c43c48f4babae48a2895fc22d161bade6f9bf82b187c296b017a2e81d4bdc4af525688a78428a8624003ecbbc76e0b895c7f0b0c57aef8f7782e0dcc5888a2073826091cf4442165453430599") sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x3dc, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000340)={r0}) getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000380), &(0x7f00000003c0)=0xb) [ 1058.931652] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1058.936770] ? kasan_kmalloc+0xc4/0xe0 [ 1058.940669] ? kasan_slab_alloc+0x12/0x20 [ 1058.944828] ? kmem_cache_alloc+0x12e/0x760 [ 1058.949159] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1058.954015] ? kvm_mmu_load+0x21/0x10e0 [ 1058.958000] ? vcpu_enter_guest+0x3a83/0x6060 [ 1058.962509] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1058.967535] ? graph_lock+0x170/0x170 [ 1058.971352] ? do_syscall_64+0x1b1/0x800 [ 1058.975427] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 2033/05/18 03:38:28 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@ax25={0x3, {"b185ca61394e1d"}, 0x8}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000180)="e2f37e1bfc40f63d2146bb76511a9a998d67c92681016ecaac43308865bf51283b02bd1b46392b0dc9af3b4a732eb74aca5e4139451fb1b79bafc8bcc72fc4509f3301cf028ceb581914569284d41a6c809c2201e4b55d4d84812b093405532bbb12dd4d3323e582773285e513e8f95ead8adf89fa37cf733b44868dd5068e8c471544f60bc952b4047dc39bfe90872411", 0x91}, {&(0x7f00000000c0)="a2a521165d6da754fbe2094a6f48cee7942d27ff1751003ae1", 0x19}], 0x2}, 0x4000) [ 1058.980812] ? find_held_lock+0x36/0x1c0 [ 1058.984891] ? __lock_is_held+0xb5/0x140 [ 1058.988973] ? check_same_owner+0x320/0x320 [ 1058.993314] ? rcu_note_context_switch+0x710/0x710 [ 1058.998257] __should_failslab+0x124/0x180 [ 1059.002508] should_failslab+0x9/0x14 [ 1059.006316] kmem_cache_alloc+0x2af/0x760 [ 1059.010481] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1059.015342] mmu_topup_memory_caches+0xf7/0x3a0 [ 1059.020024] ? debug_check_no_locks_freed+0x310/0x310 [ 1059.025229] kvm_mmu_load+0x21/0x10e0 2033/05/18 03:38:28 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x20000000000000]}, 0x707000) [ 1059.029044] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1059.034600] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1059.039197] vcpu_enter_guest+0x3a83/0x6060 [ 1059.043531] ? print_usage_bug+0xc0/0xc0 [ 1059.047618] ? kvm_set_msr_common+0x2680/0x2680 [ 1059.052298] ? vmx_vcpu_load+0xadd/0xfe0 [ 1059.056370] ? __lock_acquire+0x7f5/0x5140 [ 1059.060620] ? vmx_vcpu_reset+0x1030/0x1030 [ 1059.064949] ? graph_lock+0x170/0x170 [ 1059.068761] ? graph_lock+0x170/0x170 [ 1059.072574] ? __lock_acquire+0x7f5/0x5140 [ 1059.076815] ? debug_check_no_locks_freed+0x310/0x310 2033/05/18 03:38:28 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f00000006c0)=""/4096, &(0x7f0000000040)=0x1000) [ 1059.082024] ? __lock_is_held+0xb5/0x140 [ 1059.086268] ? lock_acquire+0x1dc/0x520 [ 1059.090252] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1059.095280] ? lock_release+0xa10/0xa10 [ 1059.099297] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1059.104588] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1059.109093] ? preempt_notifier_dec+0x20/0x20 [ 1059.113624] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1059.118476] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1059.123511] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1059.127595] ? kvm_uevent_notify_change.part.29+0x440/0x440 2033/05/18 03:38:28 executing program 5: socket$pppoe(0x18, 0x1, 0x0) r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) [ 1059.133316] ? graph_lock+0x170/0x170 [ 1059.137130] ? find_held_lock+0x36/0x1c0 [ 1059.141212] ? lock_downgrade+0x8e0/0x8e0 [ 1059.145375] ? kasan_check_read+0x11/0x20 [ 1059.149533] ? rcu_is_watching+0x85/0x140 [ 1059.153697] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1059.158914] ? __fget+0x40c/0x650 [ 1059.162387] ? match_held_lock+0x841/0x8b0 [ 1059.166633] ? expand_files.part.8+0x9a0/0x9a0 [ 1059.171226] ? kasan_check_write+0x14/0x20 [ 1059.175469] ? __mutex_unlock_slowpath+0x180/0x8a0 2033/05/18 03:38:28 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0xffffffff00000000]}, 0x707000) [ 1059.180408] ? wait_for_completion+0x870/0x870 [ 1059.185090] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1059.190290] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1059.196010] do_vfs_ioctl+0x1cf/0x16a0 [ 1059.199917] ? ioctl_preallocate+0x2e0/0x2e0 [ 1059.204336] ? fget_raw+0x20/0x20 [ 1059.207831] ? __sb_end_write+0xac/0xe0 [ 1059.212331] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1059.217880] ? fput+0x130/0x1a0 [ 1059.221165] ? ksys_write+0x1a6/0x250 [ 1059.224981] ? security_file_ioctl+0x94/0xc0 [ 1059.229399] ksys_ioctl+0xa9/0xd0 [ 1059.232864] __x64_sys_ioctl+0x73/0xb0 [ 1059.236767] do_syscall_64+0x1b1/0x800 [ 1059.240665] ? finish_task_switch+0x1ca/0x840 [ 1059.245171] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1059.250112] ? syscall_return_slowpath+0x30f/0x5c0 [ 1059.255055] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1059.260431] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1059.265289] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1059.270492] RIP: 0033:0x455a09 [ 1059.273682] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1059.281395] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1059.288689] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1059.295961] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1059.303232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1059.310507] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000007 2033/05/18 03:38:29 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4400], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:29 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e22, @multicast2=0xe0000002}, @in6={0xa, 0x4e20, 0xffff, @dev={0xfe, 0x80, [], 0xe}, 0x800}, @in={0x2, 0x4e21}, @in6={0xa, 0x4e24, 0x8, @remote={0xfe, 0x80, [], 0xbb}, 0xfffffffffffffffe}, @in={0x2, 0x4e22, @multicast2=0xe0000002}, @in6={0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, [], 0x16}, 0x7}, @in6={0xa, 0x4e21, 0x1ff, @dev={0xfe, 0x80, [], 0x1f}, 0x2}, @in={0x2, 0x4e20, @multicast1=0xe0000001}, @in={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}], 0xc0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="000000000000f6ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:29 executing program 4 (fault-call:7 fault-nth:8): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:29 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xa00]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:29 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f00000000c0)={0x3, [0x0, 0x0, 0x0]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000180)=@assoc_value={r1, 0x4}, 0x8) syz_open_dev$evdev(&(0x7f00000001c0)='/dev/input/event#\x00', 0x4, 0x100) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0xffffffffffffffff, 0x7, 0x1, 0x20, &(0x7f0000000040)=[0x0], 0x1}, 0x20) ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) delete_module(&(0x7f0000000200)="81656d31265c766d6e65743100", 0x0) getpeername(0xffffffffffffffff, &(0x7f0000000180)=@ipx, &(0x7f00000000c0)=0x80) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000000)={0x10003, 0x0, &(0x7f000000a000/0x3000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x0, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000100)={0x3}) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_S390_UCAS_UNMAP(r2, 0x4018ae51, &(0x7f0000000040)={0x8, 0xff, 0xad15}) 2033/05/18 03:38:29 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x3f000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:29 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x4000000000000000]}, 0x707000) 2033/05/18 03:38:29 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x200000]}, 0x707000) 2033/05/18 03:38:29 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) [ 1059.777684] FAULT_INJECTION: forcing a failure. [ 1059.777684] name failslab, interval 1, probability 0, space 0, times 0 [ 1059.789021] CPU: 1 PID: 10577 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1059.796307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1059.805662] Call Trace: [ 1059.808266] dump_stack+0x1b9/0x294 [ 1059.811911] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1059.817117] ? __save_stack_trace+0x7e/0xd0 [ 1059.821455] should_fail.cold.4+0xa/0x1a [ 1059.825532] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1059.830653] ? kasan_kmalloc+0xc4/0xe0 [ 1059.834558] ? kasan_slab_alloc+0x12/0x20 [ 1059.838738] ? kmem_cache_alloc+0x12e/0x760 [ 1059.843080] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1059.847943] ? kvm_mmu_load+0x21/0x10e0 [ 1059.851932] ? vcpu_enter_guest+0x3a83/0x6060 [ 1059.856437] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1059.861464] ? graph_lock+0x170/0x170 [ 1059.865276] ? do_syscall_64+0x1b1/0x800 [ 1059.869349] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1059.874731] ? find_held_lock+0x36/0x1c0 [ 1059.878808] ? __lock_is_held+0xb5/0x140 [ 1059.882889] ? check_same_owner+0x320/0x320 [ 1059.887222] ? rcu_note_context_switch+0x710/0x710 [ 1059.892271] __should_failslab+0x124/0x180 [ 1059.896521] should_failslab+0x9/0x14 [ 1059.900332] kmem_cache_alloc+0x2af/0x760 [ 1059.904497] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1059.909360] mmu_topup_memory_caches+0xf7/0x3a0 [ 1059.914050] ? debug_check_no_locks_freed+0x310/0x310 [ 1059.919259] kvm_mmu_load+0x21/0x10e0 2033/05/18 03:38:29 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) r1 = dup2(r0, r0) setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000040)=0x52, 0x4) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000080)={0x8, 0x3ff, 0xd6, 0x5, 0x173}) setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f00000000c0)=0xe00000000000000, 0x4) 2033/05/18 03:38:29 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x2) r0 = syz_open_dev$midi(&(0x7f0000000180)='/dev/midi#\x00', 0x8, 0x800) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000100)=0x7f, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e22}, @in={0x2, 0x4e21}], 0x20) sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004000), 0x10000000000002bf}, 0x1) [ 1059.923081] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1059.928633] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1059.933235] vcpu_enter_guest+0x3a83/0x6060 [ 1059.937573] ? crash_vmclear_local_loaded_vmcss+0x170/0x170 [ 1059.943298] ? print_usage_bug+0xc0/0xc0 [ 1059.947380] ? kvm_set_msr_common+0x2680/0x2680 [ 1059.952066] ? vmx_vcpu_load+0xadd/0xfe0 [ 1059.956144] ? vmx_vcpu_reset+0x1030/0x1030 [ 1059.960478] ? graph_lock+0x170/0x170 [ 1059.964298] ? graph_lock+0x170/0x170 [ 1059.968105] ? __lock_acquire+0x7f5/0x5140 [ 1059.972488] ? debug_check_no_locks_freed+0x310/0x310 [ 1059.977712] ? __lock_is_held+0xb5/0x140 [ 1059.981766] ? lock_acquire+0x1dc/0x520 [ 1059.985732] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1059.990742] ? lock_release+0xa10/0xa10 [ 1059.994707] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1059.999974] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1060.004456] ? preempt_notifier_dec+0x20/0x20 [ 1060.008943] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1060.013771] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1060.018796] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1060.022845] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1060.028542] ? graph_lock+0x170/0x170 [ 1060.032327] ? find_held_lock+0x36/0x1c0 [ 1060.036378] ? lock_downgrade+0x8e0/0x8e0 [ 1060.040527] ? kasan_check_read+0x11/0x20 [ 1060.044684] ? rcu_is_watching+0x85/0x140 [ 1060.048823] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1060.054006] ? __fget+0x40c/0x650 [ 1060.057446] ? match_held_lock+0x841/0x8b0 [ 1060.061666] ? expand_files.part.8+0x9a0/0x9a0 [ 1060.066319] ? kasan_check_write+0x14/0x20 [ 1060.070540] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1060.075458] ? wait_for_completion+0x870/0x870 [ 1060.080028] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1060.085207] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1060.090906] do_vfs_ioctl+0x1cf/0x16a0 [ 1060.094782] ? ioctl_preallocate+0x2e0/0x2e0 [ 1060.099180] ? fget_raw+0x20/0x20 [ 1060.102622] ? __sb_end_write+0xac/0xe0 [ 1060.106587] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1060.112109] ? fput+0x130/0x1a0 [ 1060.115372] ? ksys_write+0x1a6/0x250 [ 1060.119166] ? security_file_ioctl+0x94/0xc0 [ 1060.123581] ksys_ioctl+0xa9/0xd0 [ 1060.127025] __x64_sys_ioctl+0x73/0xb0 [ 1060.130907] do_syscall_64+0x1b1/0x800 [ 1060.134778] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1060.139618] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1060.144538] ? syscall_return_slowpath+0x30f/0x5c0 [ 1060.149456] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1060.154809] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1060.159640] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1060.164813] RIP: 0033:0x455a09 [ 1060.167989] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:29 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xfffffdef]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1060.175693] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1060.182958] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1060.190215] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1060.197471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1060.204726] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000008 2033/05/18 03:38:30 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x38], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:30 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x453f, 0x4000) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x82) r2 = fcntl$dupfd(r1, 0x0, r0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, &(0x7f0000000540)=0x3, 0x4) 2033/05/18 03:38:30 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x4000]}, 0x707000) 2033/05/18 03:38:30 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x5cc]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:30 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x40000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:30 executing program 4 (fault-call:7 fault-nth:9): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:30 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) connect$bt_sco(r0, &(0x7f0000000040)={0x1f, {0x0, 0x863, 0x3, 0x2, 0xd2c, 0x1f}}, 0x308) 2033/05/18 03:38:30 executing program 2: r0 = socket(0x11, 0x1, 0x0) ioctl$sock_ifreq(r0, 0x89f1, &(0x7f0000000040)={'ip6gre0\x00', @ifru_data=&(0x7f0000000000)="ac8be4abd0f79d6325ae476aab5970a3131f2fb4bbfb3c75500e33d0612f430d"}) 2033/05/18 03:38:30 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) fcntl$getflags(r0, 0x40b) 2033/05/18 03:38:30 executing program 2: r0 = socket(0x10, 0x80002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000080)="c626262c8523bf012cf66f") syz_read_part_table(0x0, 0x0, &(0x7f0000000400)) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000040)=r1) 2033/05/18 03:38:30 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x2000]}, 0x707000) [ 1060.588866] FAULT_INJECTION: forcing a failure. [ 1060.588866] name failslab, interval 1, probability 0, space 0, times 0 [ 1060.600262] CPU: 1 PID: 10611 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1060.607541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1060.616910] Call Trace: [ 1060.619517] dump_stack+0x1b9/0x294 [ 1060.623162] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1060.628362] ? __save_stack_trace+0x7e/0xd0 [ 1060.632703] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:30 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x8000000000000000]}, 0x707000) 2033/05/18 03:38:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev={0xac, 0x14}}], 0x10) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffff9c, 0x84, 0xd, &(0x7f0000000280)=@assoc_value={0x0, 0xffff}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x3, 0x9, 0x1, 0x63ff, 0x4}, &(0x7f0000000340)=0x14) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000480)={r1, 0x100, 0x1000, 0x8cf, 0x401, 0x6, 0x7fff, 0x44e1, {r2, @in6={{0xa, 0x4e21, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, 0x0, 0xa97, 0x8, 0xffffffff, 0x8c2}}, &(0x7f0000000540)=0xb0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000600)=ANY=[], &(0x7f00000006c0)) r4 = socket(0xa, 0x1, 0x0) ioctl(r4, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x7b, &(0x7f0000000440)=ANY=[@ANYPTR=&(0x7f0000000200)=ANY=[@ANYPTR64=&(0x7f0000000140)=ANY=[@ANYRES64=r4, @ANYBLOB="069c387eb5cc7c4420325ab1ac88841b3d6f1949108b8d7b1ad79762a3e70a9be8926667ab7f4ac79515766ab698aa2605e45529a784262c32f4b455601f4024a5827a0906b2", @ANYRES64=r4, @ANYRES32=r0, @ANYPTR], @ANYPTR64=&(0x7f0000000380)=ANY=[@ANYRES16, @ANYBLOB="7d703c6996160ff675a56d18920cefb685b495ae7d886d66a861c39d628e3d1da935428d32cfdaf91865f245d37da3be8b8b921e1cb105ca020e7bef56508825c6544534608665f89527b242eea8ae261abc830ce8ef1582fb3972e78369ff2efc1cf5d95e054d93d12e8c37e0eb19079ea8cee8272059a7b493c2476517796cfbc53f64ec2cdb53", @ANYRES32, @ANYPTR64, @ANYRES32, @ANYPTR, @ANYRES64=r4, @ANYRES32], @ANYRES64=r0, @ANYRES64=r4, @ANYPTR, @ANYPTR64=&(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYRES32, @ANYBLOB="ea81cde1aacab79b09bf19a133f10e289b425e82b8e926b600", @ANYRES32], @ANYRES64=r4], @ANYRES32=r4], &(0x7f0000000100)=0x2) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000580)={r3, 0x20, 0x1, 0x964e, 0x9, 0xc17}, &(0x7f00000005c0)=0x14) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x7a, &(0x7f00000000c0), &(0x7f00000001c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000080)=0x8) [ 1060.636774] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1060.641884] ? kasan_kmalloc+0xc4/0xe0 [ 1060.645778] ? kasan_slab_alloc+0x12/0x20 [ 1060.649932] ? kmem_cache_alloc+0x12e/0x760 [ 1060.654258] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1060.659107] ? kvm_mmu_load+0x21/0x10e0 [ 1060.663095] ? vcpu_enter_guest+0x3a83/0x6060 [ 1060.667602] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1060.672627] ? graph_lock+0x170/0x170 [ 1060.676437] ? do_syscall_64+0x1b1/0x800 [ 1060.680517] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 2033/05/18 03:38:30 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x2000000]}, 0x707000) [ 1060.685903] ? find_held_lock+0x36/0x1c0 [ 1060.689982] ? __lock_is_held+0xb5/0x140 [ 1060.694073] ? check_same_owner+0x320/0x320 [ 1060.698407] ? rcu_note_context_switch+0x710/0x710 [ 1060.703351] __should_failslab+0x124/0x180 [ 1060.707598] should_failslab+0x9/0x14 [ 1060.711409] kmem_cache_alloc+0x2af/0x760 [ 1060.715575] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1060.720435] mmu_topup_memory_caches+0xf7/0x3a0 [ 1060.725120] ? debug_check_no_locks_freed+0x310/0x310 [ 1060.730335] kvm_mmu_load+0x21/0x10e0 [ 1060.734149] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 2033/05/18 03:38:30 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x40000000]}, 0x707000) [ 1060.739698] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1060.744296] vcpu_enter_guest+0x3a83/0x6060 [ 1060.748631] ? print_usage_bug+0xc0/0xc0 [ 1060.752708] ? kvm_set_msr_common+0x2680/0x2680 [ 1060.757387] ? vmx_vcpu_load+0xadd/0xfe0 [ 1060.761464] ? __lock_acquire+0x7f5/0x5140 [ 1060.765714] ? vmx_vcpu_reset+0x1030/0x1030 [ 1060.770048] ? graph_lock+0x170/0x170 [ 1060.773847] ? graph_lock+0x170/0x170 [ 1060.777648] ? __lock_acquire+0x7f5/0x5140 [ 1060.781893] ? debug_check_no_locks_freed+0x310/0x310 2033/05/18 03:38:30 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x200000000000000]}, 0x707000) [ 1060.787093] ? __lock_is_held+0xb5/0x140 [ 1060.791154] ? lock_acquire+0x1dc/0x520 [ 1060.795140] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1060.800165] ? lock_release+0xa10/0xa10 [ 1060.804154] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1060.809439] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1060.813957] ? preempt_notifier_dec+0x20/0x20 [ 1060.818473] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1060.823318] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1060.828351] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1060.832421] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1060.838136] ? graph_lock+0x170/0x170 [ 1060.841928] ? find_held_lock+0x36/0x1c0 [ 1060.845987] ? lock_downgrade+0x8e0/0x8e0 [ 1060.850135] ? kasan_check_read+0x11/0x20 [ 1060.854279] ? rcu_is_watching+0x85/0x140 [ 1060.858419] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1060.863605] ? __fget+0x40c/0x650 [ 1060.867044] ? match_held_lock+0x841/0x8b0 [ 1060.871276] ? expand_files.part.8+0x9a0/0x9a0 [ 1060.875850] ? kasan_check_write+0x14/0x20 [ 1060.880091] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1060.885025] ? wait_for_completion+0x870/0x870 [ 1060.889606] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1060.894785] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1060.900486] do_vfs_ioctl+0x1cf/0x16a0 [ 1060.904379] ? ioctl_preallocate+0x2e0/0x2e0 [ 1060.908790] ? fget_raw+0x20/0x20 [ 1060.912238] ? __sb_end_write+0xac/0xe0 [ 1060.916210] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1060.921735] ? fput+0x130/0x1a0 [ 1060.925038] ? ksys_write+0x1a6/0x250 [ 1060.928830] ? security_file_ioctl+0x94/0xc0 [ 1060.933232] ksys_ioctl+0xa9/0xd0 [ 1060.936674] __x64_sys_ioctl+0x73/0xb0 [ 1060.940561] do_syscall_64+0x1b1/0x800 [ 1060.944442] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1060.949271] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1060.954186] ? syscall_return_slowpath+0x30f/0x5c0 [ 1060.959106] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1060.964464] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1060.969298] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1060.974477] RIP: 0033:0x455a09 [ 1060.977664] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1060.985377] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1060.992638] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1060.999900] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1061.007166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1061.014426] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000009 2033/05/18 03:38:31 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x1000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:31 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x500000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:31 executing program 2: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0xf, &(0x7f0000a0c000)={{{@in6=@mcast2={0xff, 0x2, [], 0x1}, @in=@broadcast=0xffffffff}}, {{@in6=@mcast2={0xff, 0x2, [], 0x1}}, 0x0, @in6=@mcast2={0xff, 0x2, [], 0x1}}}, 0xe8) bind$inet(r0, &(0x7f0000a0dff0)={0x2, 0x4e20, @broadcast=0xffffffff}, 0x10) syz_emit_ethernet(0x3e, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaa2aaaa0086dd6050a09c00081100fe800000000000000000e1ffffffffbafe8000000000e90000000000200000aa00004e2000089078"], &(0x7f0000000040)) 2033/05/18 03:38:31 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x2]}, 0x707000) 2033/05/18 03:38:31 executing program 5: r0 = socket$bt_rfcomm(0x1f, 0x3, 0x3) getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000240)=0x2, &(0x7f0000000280)=0x4) r1 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x10b402, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000180)=0x6, 0x4) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xac41, 0x2) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f00000001c0)={[{0x1, 0xea, 0x5, 0x9, 0x0, 0x80, 0x3, 0x9, 0x80, 0x8, 0x2, 0xf9, 0x6}, {0x2, 0x2, 0x35, 0x61, 0x100000001, 0xa5, 0x9, 0x80000001, 0x4, 0xffff, 0xffffffffffff0000, 0x4, 0x5}, {0xfff, 0xffffffff, 0x6, 0x9, 0x5, 0x13, 0x7b27e324, 0xb9a0, 0x6, 0x10001, 0x4, 0x1000, 0x1000}], 0x800}) 2033/05/18 03:38:31 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:31 executing program 6: r0 = socket(0xa, 0x80805, 0x5) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r1, 0x200, 0x70bd28, 0x25dfdbfe, {0x9}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4b2}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x840}, 0x1) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:31 executing program 4 (fault-call:7 fault-nth:10): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1061.665739] nla_parse: 27 callbacks suppressed [ 1061.665747] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:31 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:31 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x1100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1061.751181] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1061.820107] FAULT_INJECTION: forcing a failure. [ 1061.820107] name failslab, interval 1, probability 0, space 0, times 0 [ 1061.831466] CPU: 0 PID: 10684 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1061.838764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1061.848123] Call Trace: [ 1061.850726] dump_stack+0x1b9/0x294 [ 1061.854471] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1061.859683] ? __save_stack_trace+0x7e/0xd0 [ 1061.864026] should_fail.cold.4+0xa/0x1a [ 1061.868106] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1061.873225] ? kasan_kmalloc+0xc4/0xe0 [ 1061.877125] ? kasan_slab_alloc+0x12/0x20 [ 1061.881282] ? kmem_cache_alloc+0x12e/0x760 [ 1061.885616] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1061.890471] ? kvm_mmu_load+0x21/0x10e0 [ 1061.894463] ? vcpu_enter_guest+0x3a83/0x6060 [ 1061.898975] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1061.904004] ? graph_lock+0x170/0x170 [ 1061.907837] ? do_syscall_64+0x1b1/0x800 [ 1061.911908] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1061.917287] ? find_held_lock+0x36/0x1c0 [ 1061.921362] ? __lock_is_held+0xb5/0x140 [ 1061.925446] ? check_same_owner+0x320/0x320 [ 1061.929783] ? rcu_note_context_switch+0x710/0x710 [ 1061.934837] __should_failslab+0x124/0x180 [ 1061.939091] should_failslab+0x9/0x14 [ 1061.942905] kmem_cache_alloc+0x2af/0x760 [ 1061.947071] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1061.951929] mmu_topup_memory_caches+0xf7/0x3a0 [ 1061.956609] ? debug_check_no_locks_freed+0x310/0x310 [ 1061.961819] kvm_mmu_load+0x21/0x10e0 [ 1061.965635] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1061.971182] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1061.975781] vcpu_enter_guest+0x3a83/0x6060 [ 1061.980108] ? print_usage_bug+0xc0/0xc0 [ 1061.984172] ? kvm_set_msr_common+0x2680/0x2680 [ 1061.988825] ? vmx_vcpu_load+0xadd/0xfe0 [ 1061.992873] ? __lock_acquire+0x7f5/0x5140 [ 1061.997090] ? vmx_vcpu_reset+0x1030/0x1030 [ 1062.001398] ? graph_lock+0x170/0x170 [ 1062.005192] ? graph_lock+0x170/0x170 [ 1062.008980] ? __lock_acquire+0x7f5/0x5140 [ 1062.013214] ? debug_check_no_locks_freed+0x310/0x310 [ 1062.018399] ? __lock_is_held+0xb5/0x140 [ 1062.022453] ? lock_acquire+0x1dc/0x520 [ 1062.026428] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1062.031436] ? lock_release+0xa10/0xa10 [ 1062.035399] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1062.040667] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1062.045144] ? preempt_notifier_dec+0x20/0x20 [ 1062.049632] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1062.054472] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1062.059493] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1062.063540] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1062.069263] ? graph_lock+0x170/0x170 [ 1062.073048] ? find_held_lock+0x36/0x1c0 [ 1062.077097] ? lock_downgrade+0x8e0/0x8e0 [ 1062.081232] ? kasan_check_read+0x11/0x20 [ 1062.085365] ? rcu_is_watching+0x85/0x140 [ 1062.089503] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1062.094684] ? __fget+0x40c/0x650 [ 1062.098124] ? match_held_lock+0x841/0x8b0 [ 1062.102344] ? expand_files.part.8+0x9a0/0x9a0 [ 1062.106912] ? kasan_check_write+0x14/0x20 [ 1062.111130] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1062.116055] ? wait_for_completion+0x870/0x870 [ 1062.120624] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1062.125801] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1062.131507] do_vfs_ioctl+0x1cf/0x16a0 [ 1062.135385] ? ioctl_preallocate+0x2e0/0x2e0 [ 1062.139790] ? fget_raw+0x20/0x20 [ 1062.143230] ? __sb_end_write+0xac/0xe0 [ 1062.147193] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1062.152724] ? fput+0x130/0x1a0 [ 1062.156172] ? ksys_write+0x1a6/0x250 [ 1062.159969] ? security_file_ioctl+0x94/0xc0 [ 1062.164367] ksys_ioctl+0xa9/0xd0 [ 1062.167808] __x64_sys_ioctl+0x73/0xb0 [ 1062.171690] do_syscall_64+0x1b1/0x800 [ 1062.175562] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1062.180388] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1062.185321] ? syscall_return_slowpath+0x30f/0x5c0 [ 1062.190243] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1062.195595] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1062.200435] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1062.205610] RIP: 0033:0x455a09 [ 1062.208782] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1062.216473] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1062.223737] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1062.230999] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1062.238250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1062.245502] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000000a 2033/05/18 03:38:32 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x20000000000000]}, 0x707000) 2033/05/18 03:38:32 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000040)=0x2, 0x4) sendmmsg(r0, &(0x7f0000006840)=[{{0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="28000000000000002900000002000000000000000000000000000000000000010000000000000000"], 0x28}}], 0x1, 0x0) 2033/05/18 03:38:32 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x400000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:32 executing program 5: r0 = socket$inet(0x10, 0x80807, 0x2000021000000c) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x800, 0x0) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000080)={0x7}, 0x4) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:32 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0xffffffff00000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:32 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") accept$alg(r0, 0x0, 0x0) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:32 executing program 4 (fault-call:7 fault-nth:11): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:32 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x5000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:32 executing program 2: r0 = socket$inet6(0xa, 0x1e, 0xffffffffffffffff) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x4}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000000140)=0x9, 0x4) getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x82, &(0x7f0000000080)={'nat\x00'}, &(0x7f0000000000)=0x78) 2033/05/18 03:38:32 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xeffdffff00000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:32 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) socketpair(0x2, 0x68d74b57ca524097, 0x3f, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_GET_NR_MMU_PAGES(r2, 0xae45, 0x6fdb) sendmsg(r0, &(0x7f0000000080)={0x0, 0x101, &(0x7f0000004000), 0x0, 0x0, 0x24f, 0x20048800}, 0x0) readahead(r0, 0x7, 0x11) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000000040)={0x7, 0x7f, 0x8, 0x400}) 2033/05/18 03:38:32 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x8000000000000000]}, 0x707000) [ 1062.664301] FAULT_INJECTION: forcing a failure. [ 1062.664301] name failslab, interval 1, probability 0, space 0, times 0 [ 1062.675701] CPU: 1 PID: 10724 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1062.682993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1062.692366] Call Trace: [ 1062.694984] dump_stack+0x1b9/0x294 [ 1062.698634] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1062.703841] ? __save_stack_trace+0x7e/0xd0 [ 1062.708190] should_fail.cold.4+0xa/0x1a [ 1062.712277] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1062.717402] ? kasan_kmalloc+0xc4/0xe0 [ 1062.721305] ? kasan_slab_alloc+0x12/0x20 [ 1062.725467] ? kmem_cache_alloc+0x12e/0x760 [ 1062.729808] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1062.734668] ? kvm_mmu_load+0x21/0x10e0 [ 1062.738662] ? vcpu_enter_guest+0x3a83/0x6060 [ 1062.743170] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1062.748198] ? graph_lock+0x170/0x170 [ 1062.752013] ? do_syscall_64+0x1b1/0x800 [ 1062.756086] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1062.761465] ? find_held_lock+0x36/0x1c0 [ 1062.765543] ? __lock_is_held+0xb5/0x140 [ 1062.769632] ? check_same_owner+0x320/0x320 [ 1062.773973] ? rcu_note_context_switch+0x710/0x710 [ 1062.778916] __should_failslab+0x124/0x180 [ 1062.783167] should_failslab+0x9/0x14 [ 1062.786987] kmem_cache_alloc+0x2af/0x760 [ 1062.791157] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1062.796017] mmu_topup_memory_caches+0xf7/0x3a0 [ 1062.800698] ? debug_check_no_locks_freed+0x310/0x310 [ 1062.805911] kvm_mmu_load+0x21/0x10e0 [ 1062.809725] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 2033/05/18 03:38:32 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x80000) ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000080)) [ 1062.815276] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1062.819878] vcpu_enter_guest+0x3a83/0x6060 [ 1062.824212] ? print_usage_bug+0xc0/0xc0 [ 1062.828291] ? kvm_set_msr_common+0x2680/0x2680 [ 1062.832975] ? vmx_vcpu_load+0xadd/0xfe0 [ 1062.837052] ? __lock_acquire+0x7f5/0x5140 [ 1062.841299] ? vmx_vcpu_reset+0x1030/0x1030 [ 1062.845741] ? graph_lock+0x170/0x170 [ 1062.849555] ? graph_lock+0x170/0x170 [ 1062.853365] ? __lock_acquire+0x7f5/0x5140 [ 1062.854778] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1062.857606] ? debug_check_no_locks_freed+0x310/0x310 [ 1062.857628] ? __lock_is_held+0xb5/0x140 [ 1062.857646] ? lock_acquire+0x1dc/0x520 [ 1062.857661] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1062.857679] ? lock_release+0xa10/0xa10 [ 1062.888268] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1062.893555] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1062.896307] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1062.898079] ? preempt_notifier_dec+0x20/0x20 2033/05/18 03:38:32 executing program 5: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x40) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) sendmsg(r0, &(0x7f0000000480)={&(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @broadcast=0xffffffff}, 0x2, 0x1, 0x0, 0x2}}, 0x80, &(0x7f0000000400)=[{&(0x7f00000006c0)="eb5d8a1ab88a0e537f4cbd3a3a6f36d7b5fa02780de30c06ef751aad21e175fcb998c1d4a8263e433ce4df939f1eabb07d8e4e9c259f5fc6ce5e077413de3724692d003eb8b6722be6bb540c7403eaa6159ab265ebfda447c53c1ebeabe78c30c1ea6c1cdaedc627de0471e33ea0e79b1b6c1f2e1f9dc0f212c7cd61abc251f9858dd938654a882358b38fdc436c825cabdad689d6c81d9a3c7a8fc21fccea4d470cb71d9aa3c84547b88a81eecbf56fd6f1cd7cd086f14b0a7568e3d263d1026a999ba3051bb6a52dc95650aa3ed43d34f07bbbc9aed85151ce7fc7b20abcf5887ad80539d64082791e0c03e3835b084c7c528cda85f4cd8b0f4521cd23b38783e0c473c901ed3af3ece9973ad1b1efb8d9f6549f0ca1faeadaa69dc813b34e5a3997f2407dd067168e097f99f42c679f019c8faa98fa84aeaca4ee7c5a8e4f3439e0e334fbb61d710df3eda99f97e7f9a154c981509088a97baeefe151a55ae0b16089050f39fb50366b5f20a6a6b533d3b97168d68ec7af90d167bd0b56d753b0924293f14dce4db38ab35a6d4e5c1d45dacf853dfda3a527f150dcfbfd01474dfd28e0213f7b728c16552763e7e1f300e72d7fc1c93fbcfa0d27c6671f59edb3efc583e24a82dcdb4a25087ee4838aa084767366c2afb97a03c28533f35a9104a9c204af4af656aac882f97c8bc985b448638264f1743f2864421041656dc1c72b705c56fe9ea580a92e2da997450b5ba0704eab4ab2df1fef27f650906338994a39f9f5e65fa68fecf120cc6ac0357b86da8fca320933ef3c161ce9056ebd65c23fa09cf4addb52cf8fe990e2c73d8a6ccb8a44a0c54c5b4c56077538834484bc0d5390a310d567b5e85e18295a54e2296d6d121628706be48c4195a2604df4a86198a61acbab8e24708568bcd365a14cb8e2f3b81b2d54279d929192b78a1d839386f868e45ff9346654c7a2129cfab3e826846805b8914ac23db393a8cb5f1dc21a46e9a7442ddd4bc8ad023bc50ce20f6344d45d49aa3cf5e859776a1064d9e9c0fc8a1a634857462e08909e35678d7f8a224a8771e56ce84ee3cad2d63cd2e2064baa382ccaa9530e05b03b5f8e43fbf74da108140d647c91feab02dfa6ffa58c0551777b35709966cb8ec554b45413e8d247382e25579ffcdcc1f23a0e80bfb1d04dab273ff3209a77f252ea0ff29cc495697fbd20749db39d1865a701fd35cc777e94b135f38728b965f05c3ad85b19f58b8dea7b057efc12678494ecd56aeb3d792db77aea7e806dfd4261ea8353fa922bc877507da0cb14b8f10d458580b4981129282042d03d2a788c59dfe605e41780125f0de915b7fa2183c4fc83b9f85f80b93c24f06b69e369c67c85d18699a90d983815959a571e8456ec574f7601b1122111d45d966337b695afea335e27bea02f42559934412b0ad7ec328f6ea1ca9ebc13873a944b36c5bed3be6a52a4cf8b663339f26fba2d5e9def4e54c7dd41d07de45e336cfa768136a3631c730c4eb40bf27ef8f6cc592520cafd7659c332c89de2f7a7511c87a646a782720324a2448cd48c820361ffe5b41915804ef3c3340f00674ea1464ae223c147714ce1172a5eb4a05dead8b91c9e8aa673d2510055311dd76d254b67d29cff1bc665351d46ad1cf491076886dcbaa8232924efee40071b46e06731addbf57b79110fc5545d5d8575774a4675adbd1016ec39968727557915f5482ee1557665ee6af0cb0f87f12421b032010c43b6bb24e76a2db374b9275c861b0313f2e9f739103169b9cc3f763872f028f5ef40b2337eba578fa2ff2976bbeefbe43ea6d19f1bb6f309cf574d5e4a7847dfdf911ef18085988d77cf941085ba1dbc6924aad25eb80bb29f192820541cc572e1929a7c4ddd6f9668185449c426fe5df75a88577d017b0dba39824fdff634e65a7c837965784ecedb71577edf9009113b44425d11779c95cc481c64e3e0a0f24cc2cac1edfe51328fa594243ac3b5667e7053deba5ba498388356757669010c590dab80da773582c96eed10142b7e5ad8c7ca9ac0eeb9596efd278fe39304491382f779aede8744e80e9278fca003ac6509f7e872062f211512d17e94f25a9565e9623b59562e443c3f6c0f9f31a0ff4ea5a03e78e1fc587ceb0aa5fd512fbb04ff2f7db9c4c97ae3f560b909af1aa0814920983862d1d7a2020c128b73e81d6702a35558141574c30c7b3ec9b35bb0a55b16f077192ea626b0e429abdcd8a212557cf94860691ed4b0ee85b7b7537b07907dcedb749b0fc5aa6dee7d06520935e38d18c61fcc1acacdc1bde32a2cf9a52d3bedcc0948d9350eaa49ee9abe68af2a939725eeb96c13b0a750d0de572228f025e634f94c063e81248c1a061cdb87486eca387e8e6d351b7afec693f1a85200901d83ff1a7a0f9efa6f14752a640ef2dc4ae9b4b1ed686e6476302adee76dd5ca69c68ff5b2a29daff062d459204bf0b06bbac306845333ea3ea4df592d32650429a08e7474f25933fd1607b87cb9f6c9ca6367d03d5f9732ea0c2eff0ab18078408d7f1927d7686bd8035024c75d915f0dd2cfeaf82d1b17025bba543d93cdf10e4623239d66e72d2c70cbbf9f676180fd5aa4cca3604d0d6b44aeefcb8c0a8e8c2ab11a365e4ae96076dfad43bcbac3fb8832043d0fee2129dc79eb90b00683a8ceba299b71182c0c352b0a0c8bc31ebb726496c0a9c91e2f030b57278c59fdf24f31a158863bd1fb6c955138b4c26c72c3a48fb51e92cbe9b2196414360fa0eccbb48c49a6b86b59f5fb794b24d57af596d2cdf5eb661cda001d8765a95150eec185497e3685d24857d11c2ba93796b76717c2845836c1e9b3173bd8919ecf6bc75f5c3f07aaa961a8a6ebb33adde5dfa1d5113de2df6948289562914384918ab81dc03f3a8726167e1178138da9f9271e14c302356ae0677907fd8ad0557ad11301f0000bfe9aacf4b64fba27f6084a6474685fdcd2f7cc5d11ca0e44089ff8df57fd498f6af20bbc746af4cabb884851f32cfd2cbf04f30f90802e8cdd52fc5d590aa63f1b01ac9cc5965293535cdbbce32eeca7ec57f5bf90dcb067a1b395d5a10bbc718ef3ca0bdcae6a7d08524552b84f750874c188b2c01159c8319148e65fb455608b8049f0052299f8c327670b97ce561668754f8422f51e7860c346fedfac020396af0a74be8536903de975dc7af15c2eddd5a326aef3441bcf1ecab0b41e00067cc2dcf0d0f3c220006807e956cc925a82a870f4994e3eb4cafb69dfbb5020dbdd4f7ebe52fa708320ce7a3e6a0b29ad9efe57405df9e6e85712bfb614c7659fe55b423cd227487a81c1359519854333f53d3e8b4de3811f2c20a8d8d9e95ab910cf0ed4168d84050dd30360b0945de0c155ff39bb7e1c7443fc15c76a1a0465979808443457dec0ecea25cb475238c1571d5c66f1032a208462a2fee08094d4d518c8c07f2f4411e89f0d3aa2446b0a7ff93878fba83a750c957cf76defaec0f2d437686004ce138c2c1a7beb9cc34481b55dc2db95d2a07b6cf52134333f6f4274aa7a8e2e80e2971b35ab95a055cc22c6b316cbe612908d2f38a67dd37898ffd8423977e7a8078841e16f40693c92d16675f554e429d1c1ec34bb759f734ac6dc9d6b6de473142ec0923badb03c87f8b7509b46b8a3c2d30e90ff87e841ae80e655295c88a21d7f0f7ad779981f9c60cf0f5a77aab9e64aec8994f2598deedd56e5e477001d5f050cc17eea16cc3a2358f7a336a7d10896978b2021efcee407d8d411b2ce0cc56e6a1a2a8b6c506e45fe110f41bf28343bbdfd27bb475e375c031112b6ac2b2028cec71766405d67cba176d98a8e744db1e07f6437ebd3d6fd8ab6ace3ef72f6fd54e66f236a1b6ec4e5e4c7e88e90ab65888a748591dcde452e5123582d2926fc5629d94f21db2cc638343b573f9521952df1d6b75212e3c0ecd290c435641ae2d382f1f6f3dcec59888b034ad0afda99d028402395c9c8131a567a18eeddedf928f8cb89ccb6dbbf1561c0608c5cd3d775be72e7b0b4d237022c0f207d49e0ab49eb0bf1e4161f83230d041ca1a4723c49c02ef5799e9b5e3cbfdf4d39cbb94f51d5e06084b410964d4b7f32b5b4e85a6eeb7cce0af2a98aa1174a9ea72bf1d711d5f52b4a9d6de25e18310a98b763d82d212ef1f00b36ca883ae437893aaaf5715317acff7b54749a8f5ff637cb5740d1a7a000c0f96d36da768c660e938120b4412ff894cc952cfdc3712b0063b6f2121c518a27cfb206cc29181fc74f7d968b53d2c6bd5334fba2944327824ead889f54095ae4f5b0458ef9b46b9c507ec1a267941b225d91ddf865ce38feaa70b05ecaefe0a4b3cec190f1eb0719e43c07b34b13dde6d94b7d71dc3110eb8e5859ef492dffc93cf9506a90f0eee06ef4ef0d2154123c7cd699eb18f8f5320dd710e4ef69de697c16f7c65d85ebc5a82db31eb80098320c7001d33214c4770b8ca6830c4b7fd4ce7aec34b8b963a6cae3a8eda9992d0a92ea61da3c5d02426aff0067105ddd6df81d54388875baadb6367352059ac7108d6c05d9e3b28ef17084967f0545703aed59ab5a7f06601496d064024f91b7ccfb1cc62e7ead3438172a19abd4621ec779d36d000e764037c5d1200c3da7bddb9615b018dc6bd748fb8b3b93b20f1a25f5af370db54bef52a3767c50b6bb49b74cc152bb688443dfe9015f40069e7feef95a1b93a449bdabf5a7c597ceee59fb1377b4a558da7a98c549c49127d1a5bac41f79cf95355f39128baf83c8994edbf5023285a5e72f84020421e0e3d8a725203cc36c7bdc2d5a4defaa92d5e55cbb56d69f83c9a7569b9f41fddc5edc9662fa208a574e4b03a16404b49f4f961836af8e8f4df41945c079a15967609149e1ddc9ed8de95dda4c221548eb730242f48c7c41613ca4175e1ff2803381fa1466aceba9c5b831eb5aaabfd56c5f66c9244a84a6f6d9b2bc15fcf13e507e1d9ca97685bddd781c555f29ee3befa100acbb345c328631180ff89b9eff423b2e98c911609eebfc14f411f3f1fc8eab5f0f96796a49c66dab82bbaae44724f0b67c4225829bc948cf93d7610ab5a06fff334c842657df05cf492161e7bae1e8591529ad1944debe78a1ca165bd51863ee8ff8eec0c10e13bcb8ade79a2a048c227e438c3a912c3a11847f02c4a68874fefb04b6fd35283ab4dbd8cafe4e7582b68a0f891866906ed1c13ad7a6f549f03cc270ad789167895e3691fabef3fecc4e5f543000f81f3de2fab4b468ae7abc73cec6b877b40586df8fe72333fa3755526cbf0b84429ee6286abf8bd31039341a2d20d6adbfdcd97da8f7e65042e2b8df3a989e37b95faf3d5886f9a5dfe8e9ac282e94d75ffa3b7b5ebf5e29564c4c7f6da5d98894bafcecc5c62e0ef105dc033f25351639829d8a0565958a7002d41c99fdef24c5c8cdcdbf198b0fe696b5a783775fecb119767c07aa017ab68a028ec6ac1ff126655545060ff381f4f789a634ac3f5e31204996c19c5551ef87287e1384a726ce7759020f5b2463eae1bfd6daca04def6f9b07df06e806104ad27f4edf55fd190d971f75fd1808f951d63dcb19e873ebebf6ae96a86849c381c1b95f6878f2648279de897491ca941bc971b2a555662869e076c67fcb8d54892536398ee037ce330e2b339ddd7cdc6cf1db10dc395aa070c463cc30a0189af6f15ca7c274161050d27dc1e0cfc9bef9278d016ea272d84ad78f5fdd127520d3f79328e06f88165485715c781d5a615", 0x1000}, {&(0x7f0000000180)="8f73f9211aead15f134be4b9af417300f169eb11dfdbf2b389e5b0246bf6d0699e41e481961a9f7b89e3bc0bca5f65b45251f9fc1dca2935cbdc30993d69578aaf49fb085278587e653ea1adf3c4", 0x4e}, {&(0x7f0000000100)="226f460cde4a2d353ea8b48e52e09ae638148deef0ed3c22dbbdba3f6b87db983b19004ca0a8", 0x26}, {&(0x7f0000000200)="44555178360174ad5a40711bb7b095a9bb19c0b83b717e7779065fb7cb1c7c380cb380e159b59c0aaa8de54851345be355967ee447adcedf155eb690e88ec0b08beb69c05f5ebd914e684eec38a51de4be8c04db25424885a8c197dbfc3b76de07769bb0f6d3a0acd73b2aa0d3c98f6c5e6e18caf099bce1d82446eb204dc29072aab239d6cdc9b247f8477dac87eb27e7fceab4cfde6a1cbb4e7f7d64b9d0f9c9d3d6b8c9e8768d2d124099d1bbb56f5b81cc01674dafafa436df1c3bf5cadcd30fdc61eab34911dd", 0xc9}, {&(0x7f0000000300)="d05c1705a5948b3a5aef89b6d7f85423839c0c7544432b6cb09ff8a1336548a55c4660e8b83aa33e3efe55b4b6803504b1b3b9ba09e1f549c926023d821bb378edfdb91ebcd0ef56cc2ec0040373076063411d06dbafca0d42ac33fa24ab2545bde9ec6613f9a809d2d0e0de1a1e2f340b16c88d5ef3b0bae2cf286ca4badf639586e23f3ea0f96ccbc50d86b17f43c71f7d111715448f0c937143a524374648d599bba65f498efb38e913ee35a35ecb50e8fa667804a78bc10cac31d70b2d7ba971be542ff86f63878269202d4a36fcc360dd699f61c4d3b87a9ffc1c297ee4298571000d", 0xe5}], 0x5, 0x0, 0x0, 0x20000000}, 0x20000080) r2 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) bind(r0, &(0x7f00000004c0)=@un=@abs={0x0, 0x0, 0x4e24}, 0x80) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000540)={'veth1_to_team\x00', 0x7f}) [ 1062.898106] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1062.898121] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1062.898147] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1062.898164] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1062.898181] ? graph_lock+0x170/0x170 [ 1062.909562] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1062.911069] ? find_held_lock+0x36/0x1c0 [ 1062.911095] ? lock_downgrade+0x8e0/0x8e0 [ 1062.911118] ? kasan_check_read+0x11/0x20 [ 1062.911132] ? rcu_is_watching+0x85/0x140 [ 1062.911149] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1062.911171] ? __fget+0x40c/0x650 [ 1062.916253] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1062.921003] ? match_held_lock+0x841/0x8b0 [ 1062.921023] ? expand_files.part.8+0x9a0/0x9a0 [ 1062.921041] ? kasan_check_write+0x14/0x20 [ 1062.921059] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1062.921078] ? wait_for_completion+0x870/0x870 [ 1062.921097] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1062.921112] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1062.921131] do_vfs_ioctl+0x1cf/0x16a0 [ 1062.988343] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1062.989573] ? ioctl_preallocate+0x2e0/0x2e0 [ 1062.989592] ? fget_raw+0x20/0x20 [ 1062.989610] ? __sb_end_write+0xac/0xe0 [ 1062.989632] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1062.989644] ? fput+0x130/0x1a0 [ 1062.989660] ? ksys_write+0x1a6/0x250 [ 1062.995157] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1062.999162] ? security_file_ioctl+0x94/0xc0 [ 1062.999183] ksys_ioctl+0xa9/0xd0 [ 1062.999203] __x64_sys_ioctl+0x73/0xb0 [ 1062.999222] do_syscall_64+0x1b1/0x800 [ 1062.999239] ? finish_task_switch+0x1ca/0x840 [ 1062.999257] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1062.999274] ? syscall_return_slowpath+0x30f/0x5c0 [ 1062.999293] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1063.008561] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1063.010171] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1063.010195] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1063.010207] RIP: 0033:0x455a09 [ 1063.010215] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1063.010232] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1063.010240] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1063.010249] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1063.010258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1063.010266] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000000b 2033/05/18 03:38:32 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x3f00000000000000}, [{}]}, 0xfffffc53) [ 1063.161794] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:33 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xe000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:33 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x200000]}, 0x707000) 2033/05/18 03:38:33 executing program 4 (fault-call:7 fault-nth:12): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:33 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:33 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket(0xa, 0x1, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") sendmmsg(r1, &(0x7f00000015c0)=[{{&(0x7f0000000f80)=@nfc={0x27}, 0x80, &(0x7f0000001180)=[{&(0x7f00000010c0)="ab71a723", 0x4}], 0x1, &(0x7f0000001340)}}], 0x1, 0x0) 2033/05/18 03:38:33 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0xfffffffffffffdfd}], 0x1}, 0x0) 2033/05/18 03:38:33 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x4000000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:33 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000300)={0x0, @remote, @loopback}, &(0x7f0000000340)=0xc) bind$bt_hci(r0, &(0x7f0000000380)={0x1f, r1, 0x1}, 0xc) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x4, 0x8400) msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0300000000000000"], 0x8, 0x0) 2033/05/18 03:38:33 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="dc9a9b6b1951780007dc591d94f1322473797374656d2eefea"]) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r1 = fcntl$getown(r0, 0x9) getpgrp(r1) 2033/05/18 03:38:33 executing program 2: recvmsg(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff}}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000100)=""/190, 0xbe}, {&(0x7f00000001c0)=""/185, 0xb9}, {&(0x7f0000000300)=""/68, 0x44}, {&(0x7f0000000380)=""/96, 0x60}, {&(0x7f0000000000)=""/50, 0x32}, {&(0x7f0000000400)=""/164, 0xa4}, {&(0x7f0000000500)=""/181, 0xb5}, {&(0x7f00000005c0)=""/113, 0x71}], 0x8, &(0x7f00000006c0)=""/185, 0xb9, 0x1000}, 0x0) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000780), &(0x7f00000007c0)=0x4) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) r3 = getpgid(0x0) sendmsg$nl_route(r1, &(0x7f00000018c0)={&(0x7f0000000840)={0x10}, 0xc, &(0x7f0000001880)={&(0x7f0000001900)=@ipv6_newroute={0x0, 0x18, 0x200, 0x70bd25, 0x25dfdbfe, {0xa, 0x10, 0x80, 0x1, 0xff, 0x6, 0xff}, [@RTA_EXPIRES={0x0, 0x10, 0x6}, @RTA_ENCAP={0x0, 0x16, @nested={0x0, 0x92, [@generic="98b25bec03f8447fe5bccb779dcebbd8d356f838412a56da9e3105cae7492fd0fe49ff76fa292adfbac590fe45180f681815d14420b3d3bc10c855d4da1b0eba1a2d0b43e40c357405aa3520a9c89dda094c4aa91ad188511451e7f34a0e0e118fc578a9a25ce5ffd8897626a387638a3c1e41e0596985c1022102add49773db661df6a21391d660b69c179d986992dced5316bc1223209668df2308e173d32703276f4434d1ca66cf266df33f9e", @generic="fa5bc08e8a77c2643d6d8fc35a2ba352ebd6bd9cb480952f5d593f8fe48738d08030cfb770a3f90e76ecc7ccf00a0cab0ab5442f28201f9d83dcae021212fbac70e48cfaac6307a9e32fb8abae0416bc1d8c020482466fe2c3ad0afb6354bc0dbdb36958e0e186034b091da3588b6a235e82ab2aa6fc16741ca5d8a77c37ddfb5f236f7fdad39bc056370d1050de59c0b40e28d4df853b5a89e33444d1ca9a5f06cdfdb6a4c13279a19f6994d46c0bdbcd73", @generic="f75b6761a64f815c4afd817430b35e6060d1a90ccb662332b94e8135a054a629adbabb8244de4932d58d81b25d2571e59e726cff02cf32d95b37d9720fd7e9b7a1b5c1f61cd97dacc6b08a233cbcf3e0d7322d1ce143e8dce8ee5d84de31f9725545569dcdf5443b026c5aadaacb335ab9cc052e2b769b87de2a7e17728bf1d1c9ced508356e802d35aa6d5f3db6e85ddd5a91963e95f19ac5a625f2a52ec948f4c1f14f31f01d86fc80812ac2927d5f125b11bff0c0a130da8c40e273876683dd880593b0eefa36d3cd1ef15d1387b1aacb86735835e3b1c25d9053aa304486058863badc2b5703056e5bb459c59906d249b2219d4272367f634cbbf3d1f6fb24a7ef45183c384fad4062d406b40ceae9968d6c2b8e98b12c484780eb2bdd89401b963a0b117e339ad2635279c0087ae5bd8211571ff957edefba8cf64232a75aa41ca120ac97cfb36583231b2aa87108b606a9ea67e88bbd557502cdde18d9e0b0bba34384cb4b66250d9e65379a7f335867584ba28cb817698a5150be5c0abb6f681dccc4df2e64cc7d95d484af116832adf81116e2545538d1dca37188b2c3ad80fe897d3390f277a081b334b9400a59fe5fdff54a49294f6c58e75f46fef542b96afe7fa52969ab0c71b22bf8097debfff15a7cdf05437ed8d3358d3ba7d1474f63225b47f6ac6ece74dfa4dca88eaf6c927287da5b19c28ce8b75e47df75b50d602b98a5c7f38d20ff244cb1d78227f2f962bc94c3bad19ee57f305b09015db23244d30ad08e28a86af06b05b0240171ce471b615d8d5a86717a4ea08db5404666459bf0c3f24cf6878aade6f4dad345bc0ab48104db8f32f706af38a0cd7017acf96bc332893fcaa6b62c3f79aa89bc870a67b6859ae75badf30c614739efdbab3694d46145991ce777c2a4fb7c276f6becff9d3a653d3e8d6dbd3b51c62a28cad28ec3a904df5c0e99975160e4f1ca624271591c7e4ffc7fb2aca60f8661f7cc5424304cb584fd17231bb9ffcbfa70e4e09a078353e7c27efca3fcc1d752f33460dbaa14b0b0dd158a1eea190262dd8df813f50d9dd26174a3a8ecd16980fe9d82900ed6dc9bec4f7a35be5a3b8774fd20ccc87f53346f93868acf8e6088bba2e75df36891d8c2fbf806e205d488d10b672884cd2e1e7b529b34f10b3988bb4dfa9f1e66cbe80fe037135573d76861e4a8b8d26f263e07ea5880a90a9bca185ef942042e443d6338ab139a21365bdc433b911cf07bd0c0b5d293b5809440c3c898889a5157fd39d56efb874605bc0033ca30ecc2500025122aaa69fe9f99c88f1884cf50a0e9615ab8152f4407cdd31231bb1a81fe7ae129edb1703210a0950de60dbdbf428bee61b74d2bda68edb9436ee0dc48b63fd54dd57f25746f33173da8c0c86b50d17d9603abb565f4854a054b432fff4c818c818713d1aec68360670a2ca3e7843d5314a85ce9f72b68dfde92cdd9382648f3d4aec133b39cf4f1737dc5f6322a60a522bf7f944c7a5f79161fc66236e66aacf88934aeb34d23ebf367af1e313bfc935af678dc80baa51a2dd5d4fa382858d1c73e7ff3cb28e5c88c7c4d80c6fd473e2c360a572b328dc37b1a8e05beffe222e369071c9b7fe98d21174662ab18233bb020d744da81050e0be4f9e528abde6fb4230f893d874c2246cfbaf4df0f4788afbf109e43d1e555d2449988aae0d2e0670af0b5fcb41f7acc7df5eea3c0c82197562d2b1abbcd279f749d9257a69d38e16e189565ca4398f0d8434221e1d2274d0f797aa29cde9f043c46fa2ea98e5fea533efc7c8f1c4f1d930eec34dfa8902618d973b69f90e5a3d96449223780bd06c04e6c705822353302c3198fbd236017f068c1fead0dd9d10e8449491aeddfa1c5bb406c9e6e94daf1c9da12e6c4803617734db0162bb0e4075cbdbb049c703703e2494600b9429dbee3abd7d314a74bfcfcda2f529de3e95945cdd4fa6cdbc4b70599b8b3ed30aad80df69797c2de1bea4b0df02450f4f54a9b1390c99475d7e511e37e623d5209aa0360b111bbbea7c7788261a5e830cbffa2291b1d1631e130681b3a0eea434e1548c7cde8430b8c7aa512ec579162b55e9ae56974807df32b0caebf5a7f95c0280fefea55e072a7ddf55f9a21ca766220c405932207e451f779771a3b646db7880b979a180be9170082830449632e81d8ad90ebafc0d27ed7880b8456359eccb096238cad26e27453ec29d45d1265a314df0bd0cf9271369715dd3032c54a8191d7f0991b9783e24d7b2134f1e973df1d21c927947345074ae82213337792bb10ab4441f958b01994edda74afe098d56a981cd120c7e9550c30b07723431160af5077f8349f8f9a434b5213182d034f713b43dc0143ba674f98ff5a130f445ba569cd4f8c5def6c4fc2919e237d6a28dda43b8809e282fd27bb43ab466e75ad19806827625b4367eb88944dc7d1655ddc1b07c7af0b277494964092d5e5b379fbc045fe8daf319ecb70e72fc4698a7ab90e389ac8c59496b66732e6e74411451c14a314daaab7a46195bd49ff9137b15110b6776df972f408b67f3823c330ac76c65150b4d15829ab03a3c7517ed4136943eeca29e607508de952f317f6033de75601eca2f6df80b011b8790ed2c987c88c059a287b82d7214af7b151410706ee0956a8cf25995ee0be9ec1a4181a6b1f5acd7cc1b75f7168005d3397e4139b988427d9f580ded9bdcd2f5d84fd151fe5f99991e61441555684b7f182ac07f4194c4e2aa1817ad2db9c481585c3f44bb86225d2ebfd94f34f98099257661b290c897c0f9db02d7ffa01ea95482958cff2e65463943d20fa6d8540473af87c3e6bd2b29e898e2611c0a18665e2cadbfe150e500f93038616afaeee4a6c1772347d19bf4a56866c5c0f38c8d8cf171011e74630c12b0b8be70d7dd0cb3342e04cfa19de9ebb7986ed991ba2d7ca85788e475c30c5d132c4843559c2fe46e73ffc23582d43ab9c8de546ec8374be8e582302edea23f48647d7f9282cf4dd7c8a51935f271ea51292825aa44e411480c2e0b47ff50569a2a371e7eb42f5f643e4cb0243e67ba2a32bb25e91d4ba45fd88287aa354f66c66b675ee9afd6122cf7fa7f6d593b52969f68ed077b9a8dbf58c2516e373e29ee789c4bafdb07b8c187e05f7fca41f2a9c1629e0290db872f03b86c1285b9cd786063aafaa780ed95989071f6adf890323d76446bf9959753d48ed7aafafb4e144f676a9c0fc9a7426268167e35ddd6d826fd6d9414c11c8d73f50d9b8a2c92cd883931752e30f4644c42991506e921d6f73776fa1ca989c99a0bc6802e08daae2ed1a83d9ad77bc7eff744f8c5abd7502d090f41c898767d161f80a5bf3f5093f33444c79d36bb8cfd47538a601c4cdab2ba96db6712b85152edb6249d6951717069b38d9dd7104442c38a706cfa9d6c2cb4e748ab39374cb564e0ef00d1062aaf4b99cb084ecb1483b707f7b90f7ec4ce76687a7140c33ec564734fc70bc30ab4117d9c8280ae9e2fc7b2f6c8b420737456a8259bf5594a7849e5fc57865d6890e7f293d5ca59d868bd40be802501db55fc407de07fc0bef796f01b9fcc59d44782de9fdb11b067c326139c8d951365c16d213f2d6815e6872dee48cb549db0275be6ee2d4a478e4014cda56c83f7a5a587d9502e82c389e14b710e5b302cf3d69e0fdafe9059018d80b8f1aa0691cd1f3aebc0a3e9042987c1582a09ceec0fc197f3ee267f69fda06de12caa54a7c769c427c1551a282c9e1bcbc68682dd0599239273d81a56e656229f440e8910e9d059fb7dbb0a7f77dd37395d7cba1db9b4700a83788f97bb3c779a73c34b9adf08f3ba52024437b0a6c3e5d699e847e3423e18eb49bf189be3ee9a65c1a15cec32d9cbc27093d8bacc2b1fa2472f5e4aba92d56c54fb699787286e145401b09023c6c10fdf8a2a226ae057760df6fb7d42b4e5f05402acc8a966f44946f252f93d348a5a3a68c1092a24944acab7738bf21d1d0c46e629add6e6adb88abe0e6f22b55e87c9a4694b46ac27435f39fc6809407270d10c286c2a63321ef6eb625a7a2b0a096085f43d80552bb3fcf82ae13479d6eb8a5b3b76819e3f8e07e097030d2f2c18bf42fcedf2be097b593d222000ab495602498e747f2720d2afb859c43d001daf1d51e3e0f22ca2bd4ce9274fcb8887965536d26f7f12300ef9541a4ab2b3b1d31bef0cbddacd2d59b323df9e034dcb4788bdd134f7fa5e55e2d6c2fa9de909800e02007b899a1337df1312dd45f66759a990d82b7e569b7cacd49b8aff91eb80959c482efc78177ef56a3c5febbd81d95e9a9eade962d810857ccbb9e3bb3f57312741623d1cb6bb4509fd071abac10cdae906e0d0ed1b6d0efb3af7e29a42a9019020a1f7bcd2f54ee8269f4715493452138cd1f8876ab7786105526459ce62f0a1cb1ff31a7ed1db50cfb9dd48bad52b20edc763a3f1a949005dec4e55a8f443a031c2947fd70ae2a590be6ef41d495306d13cf2b053660f50d2c7b7e9fb67e8d5d37fbff0258c02ccbc30624cdb1c4f76636171bb2e5cc3eeb6368ab7493b7f59505a20c74c49cdd563ebe2b6a1e84275dcbd2bbbf9c7be5aeb49522b1f2051b0da6f40c3c0e4d8cfec5c2e205cd1aa54e8669e18ee11c0f00cf327316412642918b552b7a41826ca9e5ffb0a2554103d4784a696ebdaca80393543961f842d864b3571cf397208cd500df80ca6790659b32550d782786ca1e63fd0d68d4190a393c31be09f528c6d45e59ab7f697a46b37b7ca65c13706ff784a66182528be7c45e7b25ffd68ae63de58174a4a1265ad7a7486f763c5c43e5a0cfe6792e54dec3a17ebf7eecc50cc9c40096b51efda7d4e08a9422861b8e104c373cd7bd6fdcc5217e92a03a2900bb8dc183a6adc740131fdd2f21f2c777527266b6c564ba233a3e3c69d6f2b44eedfeab051a2c386bacfd1f86045442a64e8610b0edf613b4f53cf7b253742f4d08afbe49b811169e02559966196709d3284296c3bdf7a338e45ea8330d63b0af83fd88bbec7c959468887c792b6ad6c41054103bced31332ceb1241c3f09efe9a1e3c731edda8420ebb433fc0252c58cbc7fdf7018ca47b16c53cbf640f519b8f7f2c36483026e278cf0219a75d3c3727e8458776488c23ec9a342fd1d4b691334f53f7e7f173b35d2a2f4a9a6082e56a2dc20346a17b39b71fa7813da2a8cfc13564b7cf747dce54dd0b04f754fdc78bc47eea4c1453800b2f45b58c377749df705bd8bcf1ddfa7a9e5a9f43d17c03a55e1d25d69d5b7e4f21350851c3fa7d373f047f2641716c9ffb0797c836b82b92db2e306955f663b88d6451cf6b37e9cb234765285822681c8c567fde9b46a3c7a832d5d00369f73d5fd549bbfda94d4972f67637582ee096ffb7a5b19d9a19c12eba8fd4ea4712a9a0a94f03dc8482c02ce807b5a53fb71fda06de4b8baef9d9d36067923f3f591c7dfc1700a4fdec3527e62e53e32709637d63559d85d0419872966daa6aa44ffb2e21c9bdcf83f6c577e35facda58c97b6130db0bac9f46ca6892fa177c1efa0e929bfe841c6940457815cea9bfb7c4fcdc607f13a61f5ab5f1163b450115215217e8eb9459e15b0d615f36d0d3b8cec7b2e9ab86b33e66b229d663fdd5b04a306250aa9cbc8fefe1fd75676ff902f8e8b3a82c7c178828d7342d6c021b9f6d96b7e6ff76849774b7e2d48992593073b1c136a67a212418ee8e9714e0ff55feca24657073812b425ca3b06d30ac877b293", @typed={0x0, 0x32}, @typed={0x0, 0x90, @pid=r3}, @generic="9945806f96b3137f6d716d07f1adf553c159e807f74c5c80be8a3a92f7e76046dbd713230705e8421fdde16a55f4e00943bd890c871610e452563b3ead872f5c4705b2bc50c168b903cee1d75a49db2f4cbaaab395506ebb1d7bfbe2db551d25c13a0653518337f275b5e3ade9a399bc48e65319ec9e2275e6b7bf39df064319048d091094352f8d57f6d079558fbd2c", @typed={0x0, 0x2b, @u64=0xb63}, @typed={0x0, 0x30, @u64=0x6}]}}, @RTA_PRIORITY={0x0, 0x6}, @RTA_PREF={0x0, 0x14, 0x3}, @RTA_ENCAP_TYPE={0x0, 0x15, 0x5}, @RTA_MULTIPATH={0x0, 0x9, {0x401, 0x0, 0x3, r2}}, @RTA_MARK={0x0, 0x10, 0x4}, @RTA_PRIORITY={0x0, 0x6, 0x6}]}, 0xfffffffffffffe7c}, 0x1}, 0x0) 2033/05/18 03:38:33 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8906]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:33 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:33 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x4000]}, 0x707000) 2033/05/18 03:38:33 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x1, 0x2000) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f0000000080)={0x1, [0x7a]}) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0), 0x10) socketpair(0x9, 0x1, 0xdf6, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000040)={0x6}, 0x4) [ 1063.688509] FAULT_INJECTION: forcing a failure. [ 1063.688509] name failslab, interval 1, probability 0, space 0, times 0 [ 1063.699964] CPU: 1 PID: 10778 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1063.707246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1063.716635] Call Trace: [ 1063.719262] dump_stack+0x1b9/0x294 [ 1063.722922] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1063.728142] ? __save_stack_trace+0x7e/0xd0 [ 1063.732494] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:33 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540)='/dev/cuse\x00', 0x4b00, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000580)={@dev={0xfe, 0x80, [], 0x18}, 0x3615, 0x1, 0x0, 0x1, 0x9, 0xfffffffffffffff7, 0x5}, 0x20) r1 = socket$vsock_stream(0x28, 0x1, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$vsock_stream(r1, &(0x7f0000000400)={0x28, 0x0, 0xffffffff, @any=0xffffffff}, 0x10) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0xffffffffffffff9c, 0x6, 0x1, 0x100000000, &(0x7f0000000040)=[0x0], 0x1}, 0x20) ioctl$sock_netrom_SIOCGSTAMPNS(r2, 0x8907, &(0x7f00000000c0)) [ 1063.736575] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1063.741700] ? kasan_kmalloc+0xc4/0xe0 [ 1063.745603] ? kasan_slab_alloc+0x12/0x20 [ 1063.749775] ? kmem_cache_alloc+0x12e/0x760 [ 1063.754111] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1063.758971] ? kvm_mmu_load+0x21/0x10e0 [ 1063.762962] ? vcpu_enter_guest+0x3a83/0x6060 [ 1063.767488] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1063.772518] ? graph_lock+0x170/0x170 [ 1063.776422] ? do_syscall_64+0x1b1/0x800 [ 1063.780525] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 2033/05/18 03:38:33 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x4000) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='team_slave_0\x00', 0x9}) [ 1063.785946] ? find_held_lock+0x36/0x1c0 [ 1063.790028] ? __lock_is_held+0xb5/0x140 [ 1063.794117] ? check_same_owner+0x320/0x320 [ 1063.798456] ? rcu_note_context_switch+0x710/0x710 [ 1063.803399] __should_failslab+0x124/0x180 [ 1063.807650] should_failslab+0x9/0x14 [ 1063.811461] kmem_cache_alloc+0x2af/0x760 [ 1063.815624] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1063.821007] mmu_topup_memory_caches+0xf7/0x3a0 [ 1063.825675] ? debug_check_no_locks_freed+0x310/0x310 [ 1063.830865] kvm_mmu_load+0x21/0x10e0 [ 1063.834661] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1063.840193] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1063.844779] vcpu_enter_guest+0x3a83/0x6060 [ 1063.849091] ? print_usage_bug+0xc0/0xc0 [ 1063.853143] ? kvm_set_msr_common+0x2680/0x2680 [ 1063.857799] ? vmx_vcpu_load+0xadd/0xfe0 [ 1063.861847] ? __lock_acquire+0x7f5/0x5140 [ 1063.866083] ? vmx_vcpu_reset+0x1030/0x1030 [ 1063.870389] ? graph_lock+0x170/0x170 [ 1063.874182] ? graph_lock+0x170/0x170 [ 1063.877979] ? __lock_acquire+0x7f5/0x5140 [ 1063.882379] ? debug_check_no_locks_freed+0x310/0x310 [ 1063.887655] ? __lock_is_held+0xb5/0x140 [ 1063.891707] ? lock_acquire+0x1dc/0x520 [ 1063.895669] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1063.900675] ? lock_release+0xa10/0xa10 [ 1063.904638] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1063.909912] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1063.914396] ? preempt_notifier_dec+0x20/0x20 [ 1063.918889] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1063.923719] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1063.928728] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1063.932784] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1063.938482] ? graph_lock+0x170/0x170 [ 1063.942295] ? find_held_lock+0x36/0x1c0 [ 1063.946361] ? lock_downgrade+0x8e0/0x8e0 [ 1063.950501] ? kasan_check_read+0x11/0x20 [ 1063.954645] ? rcu_is_watching+0x85/0x140 [ 1063.958780] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1063.963970] ? __fget+0x40c/0x650 [ 1063.967417] ? match_held_lock+0x841/0x8b0 [ 1063.971641] ? expand_files.part.8+0x9a0/0x9a0 [ 1063.976209] ? kasan_check_write+0x14/0x20 [ 1063.980436] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1063.985359] ? wait_for_completion+0x870/0x870 [ 1063.989941] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1063.995132] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1064.000831] do_vfs_ioctl+0x1cf/0x16a0 [ 1064.004712] ? ioctl_preallocate+0x2e0/0x2e0 [ 1064.009111] ? fget_raw+0x20/0x20 [ 1064.012562] ? __sb_end_write+0xac/0xe0 [ 1064.016539] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1064.022063] ? fput+0x130/0x1a0 [ 1064.025340] ? ksys_write+0x1a6/0x250 [ 1064.029133] ? security_file_ioctl+0x94/0xc0 [ 1064.033530] ksys_ioctl+0xa9/0xd0 [ 1064.036976] __x64_sys_ioctl+0x73/0xb0 [ 1064.040852] do_syscall_64+0x1b1/0x800 [ 1064.044739] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1064.049573] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1064.054492] ? syscall_return_slowpath+0x30f/0x5c0 [ 1064.059428] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1064.064784] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1064.069618] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1064.074816] RIP: 0033:0x455a09 [ 1064.077993] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1064.085691] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1064.092952] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1064.100211] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1064.107467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1064.114722] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000000c 2033/05/18 03:38:33 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x3580]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:33 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x2000]}, 0x707000) 2033/05/18 03:38:33 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x100000000000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:33 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xf5ffffff], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:33 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x80000, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x8006, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/autofs\x00', 0x105000, 0x0) faccessat(r1, &(0x7f00000000c0)='./file0\x00', 0x80, 0x1400) socket$inet(0x2, 0x80006, 0x8) 2033/05/18 03:38:33 executing program 4 (fault-call:7 fault-nth:13): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:33 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f0000000040)={0x3, "1998e8fadf357f4a4dd06007d3cdfe834b02edc5bd7b93865c67073aec8ad3eb692b0df50dea724f592bf239a0452af542"}, 0x39, 0x0) 2033/05/18 03:38:33 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(xts-twofish-avx)\x00'}, 0x27) r1 = accept$alg(r0, 0x0, 0x0) r2 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) fallocate(r2, 0x0, 0x0, 0x73e0) getsockname(r1, &(0x7f0000000040)=@can={0x0, 0x0}, &(0x7f0000000140)=0x80) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f00000001c0)=0xc) setsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000200)={{{@in6=@dev={0xfe, 0x80, [], 0x1b}, @in6=@mcast1={0xff, 0x1, [], 0x1}, 0x4e24, 0x7, 0x4e22, 0x0, 0xa, 0x20, 0x20, 0x7f, r3, r4}, {0x0, 0x8, 0xfffffffffffff000, 0x2, 0x401, 0x3, 0x86e, 0x96}, {0x6e0, 0x800, 0x6, 0xba24}, 0x913, 0x6e6bb9, 0x1, 0x0, 0x2, 0x1}, {{@in6=@dev={0xfe, 0x80, [], 0x16}, 0x4d5, 0x32}, 0xa, @in6=@local={0xfe, 0x80, [], 0xaa}, 0x3506, 0x7, 0x0, 0x6, 0x0, 0x0, 0x6278}}, 0xe8) sendfile(r1, r2, &(0x7f0000000000), 0xffa) 2033/05/18 03:38:34 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xa]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:34 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000080)={0x2, 0x18, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x4, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@loopback={0x0, 0x1}, @in=@remote={0xac, 0x14, 0x14, 0xbb}}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}]}, 0x80}, 0x1}, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000000)) 2033/05/18 03:38:34 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0xffffffff00000000]}, 0x707000) 2033/05/18 03:38:34 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1064.528718] FAULT_INJECTION: forcing a failure. [ 1064.528718] name failslab, interval 1, probability 0, space 0, times 0 [ 1064.540058] CPU: 1 PID: 10838 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1064.547341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1064.556797] Call Trace: [ 1064.559400] dump_stack+0x1b9/0x294 [ 1064.563047] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1064.568246] ? __save_stack_trace+0x7e/0xd0 [ 1064.572588] should_fail.cold.4+0xa/0x1a [ 1064.576668] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1064.581789] ? kasan_kmalloc+0xc4/0xe0 [ 1064.585689] ? kasan_slab_alloc+0x12/0x20 [ 1064.589846] ? kmem_cache_alloc+0x12e/0x760 [ 1064.594181] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1064.599035] ? kvm_mmu_load+0x21/0x10e0 [ 1064.603031] ? vcpu_enter_guest+0x3a83/0x6060 [ 1064.607580] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1064.612614] ? graph_lock+0x170/0x170 [ 1064.616429] ? do_syscall_64+0x1b1/0x800 [ 1064.620503] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 2033/05/18 03:38:34 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$EVIOCSKEYCODE(r1, 0x40084504, &(0x7f0000000080)=[0x6, 0x152d]) [ 1064.625881] ? find_held_lock+0x36/0x1c0 [ 1064.629963] ? __lock_is_held+0xb5/0x140 [ 1064.634048] ? check_same_owner+0x320/0x320 [ 1064.638384] ? rcu_note_context_switch+0x710/0x710 [ 1064.643326] __should_failslab+0x124/0x180 [ 1064.647576] should_failslab+0x9/0x14 [ 1064.651389] kmem_cache_alloc+0x2af/0x760 [ 1064.655555] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1064.660421] mmu_topup_memory_caches+0xf7/0x3a0 [ 1064.665101] ? debug_check_no_locks_freed+0x310/0x310 [ 1064.670319] kvm_mmu_load+0x21/0x10e0 [ 1064.674139] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 2033/05/18 03:38:34 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x4000000000000000]}, 0x707000) [ 1064.679727] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1064.684346] vcpu_enter_guest+0x3a83/0x6060 [ 1064.688683] ? print_usage_bug+0xc0/0xc0 [ 1064.692762] ? kvm_set_msr_common+0x2680/0x2680 [ 1064.697439] ? vmx_vcpu_load+0xadd/0xfe0 [ 1064.701514] ? __lock_acquire+0x7f5/0x5140 [ 1064.705763] ? vmx_vcpu_reset+0x1030/0x1030 [ 1064.710103] ? graph_lock+0x170/0x170 [ 1064.713964] ? graph_lock+0x170/0x170 [ 1064.717780] ? __lock_acquire+0x7f5/0x5140 [ 1064.722021] ? debug_check_no_locks_freed+0x310/0x310 [ 1064.727229] ? __lock_is_held+0xb5/0x140 [ 1064.731312] ? lock_acquire+0x1dc/0x520 [ 1064.735300] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1064.740327] ? lock_release+0xa10/0xa10 [ 1064.744313] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1064.749604] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1064.754108] ? preempt_notifier_dec+0x20/0x20 [ 1064.758622] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1064.763475] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1064.768512] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1064.772591] ? kvm_uevent_notify_change.part.29+0x440/0x440 2033/05/18 03:38:34 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x200000000000000]}, 0x707000) [ 1064.778316] ? graph_lock+0x170/0x170 [ 1064.782134] ? find_held_lock+0x36/0x1c0 [ 1064.786212] ? lock_downgrade+0x8e0/0x8e0 [ 1064.790377] ? kasan_check_read+0x11/0x20 [ 1064.794535] ? rcu_is_watching+0x85/0x140 [ 1064.798692] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1064.803898] ? __fget+0x40c/0x650 [ 1064.807362] ? match_held_lock+0x841/0x8b0 [ 1064.811604] ? expand_files.part.8+0x9a0/0x9a0 [ 1064.816195] ? kasan_check_write+0x14/0x20 [ 1064.820445] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1064.825392] ? wait_for_completion+0x870/0x870 2033/05/18 03:38:34 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x40000) r1 = dup2(r0, r0) sendmsg$kcm(r1, &(0x7f0000000600)={&(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e22, @multicast2=0xe0000002}, 0x3, 0x2, 0x0, 0x4}}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000180)="f0cf5c48f9ec35b26622474b335cd2dfb35ccd5f65771628a82ddc5c36a82abd5c827b72eabfa063d13d2ee85254a09cd6ef6a9c3c48f47bff1566447054e800582aed5b1d9c4034cba03cc8f894bde513a2d16cc9655afbdc7f45269a574546777010d9872cf5d06cf17ab25cb8a0467f9306b638f9123da1e75cec2595f39c0a5b99967f", 0x85}, {&(0x7f00000000c0)="df233e89344785de20d1a64fe88c683f193385e6cc20b5ec3caf92724fcd1361771d6427aa71abc10258c12e1aeb1045d0bcf7ff1178f4f54bf74c240a31c748e702a9aa7af87f8909218037d870d2dc29bd6445f3e7e522dbfd5609ad8bf86d15f4ee3d7889211cb11cd83a99", 0x6d}, {&(0x7f0000000240)="cc32f532a8357dad601a2bda6f077ba2f329f13aac10bfbd87b299626d4610a3210571b81aad03cd292514f7496b5f7aa0a2df3801f10ccd6051ac461b7dfb7ef527ae848a9df705313b384109bc143d4fd0d41da95876945cff21fde59b91794eacfce2cfe7e61e8c10d17dbe7f5defd004bc843d01529e940bf2fa04024b29f9308a4de46b11dc88b30151c20bfe80fe02f7c012f3ea39870a90bd6f6305d47ef3fcbc0111db640b22fe8db5d2735fd81aa57a", 0xb4}, {&(0x7f0000000300)="8b84ed1fac8fadd37f90faa0728cfac0cda51340c47fed93bbe50c08f561d4bf6b5859f19cffd17d8efdfc51cdd725df701eeab7556281de0bddd48a045c09516e65418655ddc0958c9af5a5f1686325d9af103e7e72f092630774a70888c673a458a59f826237d6e829a75bc917df8afaeafd755b0855d832409a0684d542f22ef55dbf541d4b136a4a4213407449bbd6197a1e1e2fbdeed9749be184f18cfa90a4c4821b17d890", 0xa8}, {&(0x7f00000003c0)}, {&(0x7f0000000400)="e09482e3a6ef1a4dcf7d45df87c72bb4ce432d0344b8fd406d9edc24f77418783298e173a97c5bf08e6d6defc2ec8ccb6db93536bfb2785ea36ceeff53f2fbfe175d048347d339df347d188c00460849933985faa5994a1ec4d0fa7e38ce5bb499eba056ffd0cb648fbc69350075606692ed3e57786eec93d4ca36258dce22adf0514ef9555ff5634c3595510dfcdd1f8f570b6d654f3fbc5ea54a0d474bf6070feb292a075ba1f019c82d8da9ed12120a1913d4d09bb168ffad8ddba3a8d7319f079a3f679aa49deba76c699e3111a9047392d70984f41ff593e0c5aa0f69576bc9c829d851d15a165dcad70cd85f36017eecd2dcf2cb", 0xf7}, {&(0x7f0000000500)="59c894a3a5a691132d260aa7f0bef05d8a1f5332b15528328da442a12da2b3af3dc45583a9cd9d6de9f031d06dde1237b7093b9e9716f8b03389ed400ace0737aaea696db7133b4ff7562d3cf1edb0a0ac28033ca2c3d01bc1b57a18a4d25adc1a18aa064ef3042b63206c1832a91b9b8250576e08d31739d6ecf3f493dbbd5f94bfb55efaa5ebb4765850330121ede597d535a68cd01a6d03443833dd698521bc999b258bf0d9dc9169e6d170713e4a1377be6c1f659c81cb93b4aef47a4e80c69bac1ea38e859e04d9e17ae4db76e7ec4148c1afb1cc9273c70698c08b409cbd24fb679a82df802a5303f5f33c4a817671eca27e9a", 0xf6}], 0x7, 0x0, 0x0, 0x20000001}, 0x90) [ 1064.829991] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1064.835195] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1064.840927] do_vfs_ioctl+0x1cf/0x16a0 [ 1064.844836] ? ioctl_preallocate+0x2e0/0x2e0 [ 1064.849257] ? fget_raw+0x20/0x20 [ 1064.852718] ? __sb_end_write+0xac/0xe0 [ 1064.856716] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1064.862260] ? fput+0x130/0x1a0 [ 1064.865550] ? ksys_write+0x1a6/0x250 [ 1064.869362] ? security_file_ioctl+0x94/0xc0 [ 1064.873803] ksys_ioctl+0xa9/0xd0 2033/05/18 03:38:34 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x2000000]}, 0x707000) [ 1064.877274] __x64_sys_ioctl+0x73/0xb0 [ 1064.881172] do_syscall_64+0x1b1/0x800 [ 1064.885070] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1064.889931] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1064.894958] ? syscall_return_slowpath+0x30f/0x5c0 [ 1064.899988] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1064.905376] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1064.910235] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1064.915428] RIP: 0033:0x455a09 [ 1064.918618] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:34 executing program 5: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x200000, 0x0) ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000080)={0x14, 0x2, 0x5}) r1 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) setsockopt$inet_buf(r1, 0x0, 0x23, &(0x7f00000006c0)="624d9041539460077dda0d1f4011189f2d9ea374000000f7961ddd23cf8a336004cf272e2d322f83cb742eec9e30dec79986e0aa576cf9ee6007bb28ed37f498c4dd0998982cdcf1e6d1017408c7793ce62f739a0af1efa4649ea45c6a32f1a1d822faa0713103c248590300000000000000a647cb868105b01a4a95704f84692bcd8381a2ebeda5f519b2af87ea5fc5590ad565c0003a79f671868c0c6cad9e02394899e22dd58413618b0e7f3ec4114a4492b08cc7d3ff87222192847a59090ae9fb87227f0a2072dd5b514f6677af401e12ce8414886ab3397461335530f796c290d47349ecb7b4d5731515266038b99ec99f5a97c76abe19086506ea7ce8bffefe388e831292d2e9212321bd98909cc9bf0600751a1b3bd9b470f8884490fa5ad74de617acd559cccb53d2521f470088e7fecaa46319a0fa291245940fcd33bee81e96a39f726928c472faae668af0d79e350775ed924d1740d10ab38d4494b3593da93d1d39df83408540dc607fbab1c8f14786790dba6599bb6e043de6d6df155f6b3f0f02896c3ea16e2a8f367267", 0x192) sendmsg(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:34 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x3f00}, [{}]}, 0xfffffc53) 2033/05/18 03:38:34 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x4788]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1064.926333] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1064.933611] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1064.940972] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1064.948246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1064.955523] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000000d 2033/05/18 03:38:34 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCXONC(r0, 0x540a, 0x1) r1 = socket(0xa, 0x2, 0x0) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000140)={'ip6_vti0\x00', {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xb}}}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000200)="440f20c03501000000440f22c0460f30363e410f010241f447dd7c65002e360fd7c6b995020000b80e000000ba000000000f300f0097050000000f01d10f35", 0x3f}], 0x1, 0x0, &(0x7f0000000080), 0x10ae) r5 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x5, 0x18200) ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r1) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r5, 0x800442d2, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @link_local}, {0x0, 0x0, 0x0, @remote}]}) 2033/05/18 03:38:34 executing program 5: getresuid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)=0x0) quotactl(0x3f, &(0x7f0000000040)='./file0\x00', r0, &(0x7f0000000180)="4e8a57d02180a0bcb2bb5580eb977b5b4e98f3b9b441f2a35fa667873a648f271f098565aaca6486224a41465cda0fa845e2313ab236ad30dd3f7b5be5d0763b2aef250db7") r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/hwrng\x00', 0x20200, 0x0) sendmsg$key(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x2, 0x12, 0x8001, 0x0, 0x6, 0x0, 0x70bd2d, 0x25dfdbfd, [@sadb_lifetime={0x4, 0x7, 0xc802, 0x0, 0x800, 0x40}]}, 0x30}, 0x1}, 0x44890) r2 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:34 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:34 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x6200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:34 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x40000000]}, 0x707000) 2033/05/18 03:38:34 executing program 4 (fault-call:7 fault-nth:14): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:34 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x40000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:34 executing program 6: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200)='/dev/hwrng\x00', 0xc00, 0x0) bind$llc(r0, &(0x7f0000000280)={0x1a, 0x334, 0x7fff, 0x8, 0x81, 0x8000, @random="3e1eee0b0f45"}, 0x10) r1 = socket(0x5, 0x5, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000040)=0x20, 0x4) msgrcv(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000080000deff00000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ebdba8af7e9e3af45d4cc2072048696f100c826f08c11cf3ccc97476e6ce6f51b31dfbd7850186a7e546b19429b7da18599c0cc9cb0527c49af04a816e5cc4a7045766e4ec42b6f26359c05abcc174f502a296674a461ea3d4488339b032e87a39c6b758978a9d6986c70e562b5bbf5b53ead3febfcb6bf5aeb504557514c26a826d217144ff43ff56d27027abb8753e635f2ad901104"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000400)={0x6, {{0xa, 0x4e22, 0x80000000, @ipv4={[], [0xff, 0xff]}, 0x3}}, {{0xa, 0x4e24, 0x8, @empty, 0x7}}}, 0x108) [ 1065.355132] FAULT_INJECTION: forcing a failure. [ 1065.355132] name failslab, interval 1, probability 0, space 0, times 0 [ 1065.366670] CPU: 0 PID: 10910 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1065.373956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1065.383321] Call Trace: [ 1065.385930] dump_stack+0x1b9/0x294 [ 1065.389580] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1065.394790] ? __save_stack_trace+0x7e/0xd0 [ 1065.399140] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:34 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xffffff7f]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:34 executing program 5: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000006c0)=@nat={'nat\x00', 0x1b, 0x5, 0x578, 0x2a0, 0x3c0, 0xffffffff, 0x3c0, 0x2a0, 0x4e0, 0x4e0, 0xffffffff, 0x4e0, 0x4e0, 0x5, &(0x7f0000000540), {[{{@ip={@multicast2=0xe0000002, @loopback=0x7f000001, 0xffffff00, 0x0, 'veth1_to_bond\x00', 'veth1_to_team\x00', {0xff}, {0xff}, 0x86, 0x2, 0x20}, 0x0, 0x118, 0x150, 0x0, {}, [@common=@addrtype={0x30, 'addrtype\x00', 0x0, {0x2, 0x200, 0x0, 0x1}}, @common=@osf={0x50, 'osf\x00', 0x0, {'syz0\x00', 0x9, 0xd, 0x1, 0x2}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x1, @loopback=0x7f000001, @empty, @icmp_id=0x64, @icmp_id=0x67}}}}, {{@ip={@loopback=0x7f000001, @remote={0xac, 0x14, 0x14, 0xbb}, 0xff, 0xffffff00, 'ifb0\x00', 'ip6tnl0\x00', {}, {}, 0x4, 0x1, 0xf}, 0x0, 0x118, 0x150, 0x0, {}, [@common=@addrtype={0x30, 'addrtype\x00', 0x0, {0x6, 0x9}}, @common=@osf={0x50, 'osf\x00', 0x0, {'syz0\x00', 0x61, 0xc, 0x2}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x10, @broadcast=0xffffffff, @rand_addr=0x393e, @port=0x4e23, @icmp_id=0x68}}}}, {{@ip={@multicast1=0xe0000001, @multicast1=0xe0000001, 0xff000000, 0x0, 'ip6gretap0\x00', 'bcsf0\x00', {0xff}, {}, 0x4, 0x3}, 0x0, 0xe8, 0x120, 0x0, {}, [@common=@socket0={0x20, 'socket\x00'}, @common=@addrtype={0x30, 'addrtype\x00', 0x0, {0x1, 0x59428f30465d62a5, 0x1}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x3, @multicast1=0xe0000001, @dev={0xac, 0x14, 0x14, 0xc}, @port=0x4e21, @port=0x4e20}}}}, {{@uncond, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@set={0x40, 'set\x00', 0x0, {{0x7, [0x8, 0x0, 0x5, 0x100, 0x8000, 0x3], 0xfffffffffffffff9, 0xfffffffffffffffd, 0x79}}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x12, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}, @ipv4=@rand_addr=0x2d, @icmp_id=0x68, @port=0x4e20}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x5d8) r1 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1, 0x0, 0x0, 0x40}, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000440)='/dev/vcsa#\x00', 0x100, 0x880001) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000480)={0x6, 0x0, 0x10001, 0x1ff}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x7fffffff, r3, 0x2, 0x1f}) syz_mount_image$jfs(&(0x7f0000000040)='jfs\x00', &(0x7f0000000080)='./file0\x00', 0x3, 0x3, &(0x7f0000000340)=[{&(0x7f00000000c0)="aec76ccb30a1c69b3e6fb49a0e1013ab7cf93cc9aaee44c652887285203d350e45f7f3eee199e7728e39e9459a937c14a5d896ba78dd", 0x36, 0xffffffff8e79af5a}, {&(0x7f0000000180)="26941563b6c25f3d342f04944f5b43b4e6856bf7e25f10b556a4854a066c9dca2faba9c4bd66de7bbd1382f76d71e50bbf2fec2196b3a73008af0a67ce8b7ba427c92004d5512530612b918593955464c6d3f01bbee3b3e0da41d07797b872303faca677002ab651130ebffd6c0a8a47bf77e9546d2e3300afe962de6567cbc2d76e97ee51325dcc867afd9bc7e97044023ec7ec86c0a9c19683925f3bcbbfb59a7a71131663f19b3b0362675ca0e1e7fefe46be2c4bd24dd14c0386d77a046a2252387497571dc6bfca8ce247d1f51d85a6812b9ce0d59dc7dbf23b7d3aa2e2ef", 0xe1, 0xfff}, {&(0x7f0000000280)="554b5158f447876546ab72fef4eda6ba5d3efdce47037bc3227d214a22b581f99166a72fbd100d893578436e576754d142cafe24917ccb0d98eb6c2d3a8cabee90ca0f84f297c4643ef272f04c178b56d30d5345c063e1eea71a691bba2d54990ef670f7a6d1c92f7f994284750dd7ecb6ac7c1c0ff0a2fdba8da45cb087128742c90adc26e0923ac512514165b1d89c55551bd77cb2cf2af0b19c8a1b5f103f2b4448", 0xa3, 0xe993}], 0x4000, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00']) sendmsg(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f00000003c0), &(0x7f0000000400)=0xc) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f0000000500)={0x0, r2}) [ 1065.403223] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1065.408343] ? kasan_kmalloc+0xc4/0xe0 [ 1065.412263] ? kasan_slab_alloc+0x12/0x20 [ 1065.412279] ? kmem_cache_alloc+0x12e/0x760 [ 1065.412296] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1065.412312] ? kvm_mmu_load+0x21/0x10e0 [ 1065.412324] ? vcpu_enter_guest+0x3a83/0x6060 [ 1065.412336] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1065.412350] ? graph_lock+0x170/0x170 [ 1065.412365] ? do_syscall_64+0x1b1/0x800 [ 1065.412382] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1065.412411] ? find_held_lock+0x36/0x1c0 [ 1065.412431] ? __lock_is_held+0xb5/0x140 [ 1065.412459] ? check_same_owner+0x320/0x320 [ 1065.412476] ? rcu_note_context_switch+0x710/0x710 [ 1065.412494] __should_failslab+0x124/0x180 [ 1065.412512] should_failslab+0x9/0x14 [ 1065.412526] kmem_cache_alloc+0x2af/0x760 [ 1065.412544] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1065.412559] mmu_topup_memory_caches+0xf7/0x3a0 [ 1065.412577] ? debug_check_no_locks_freed+0x310/0x310 [ 1065.496654] kvm_mmu_load+0x21/0x10e0 [ 1065.500451] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1065.505975] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1065.510550] vcpu_enter_guest+0x3a83/0x6060 [ 1065.514964] ? print_usage_bug+0xc0/0xc0 [ 1065.519014] ? kvm_set_msr_common+0x2680/0x2680 [ 1065.523668] ? vmx_vcpu_load+0xadd/0xfe0 [ 1065.527716] ? __lock_acquire+0x7f5/0x5140 [ 1065.531936] ? vmx_vcpu_reset+0x1030/0x1030 [ 1065.536241] ? graph_lock+0x170/0x170 [ 1065.540026] ? graph_lock+0x170/0x170 [ 1065.543812] ? __lock_acquire+0x7f5/0x5140 [ 1065.548038] ? debug_check_no_locks_freed+0x310/0x310 [ 1065.553234] ? __lock_is_held+0xb5/0x140 [ 1065.557281] ? lock_acquire+0x1dc/0x520 [ 1065.561252] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1065.566256] ? lock_release+0xa10/0xa10 [ 1065.570230] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1065.575493] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1065.579981] ? preempt_notifier_dec+0x20/0x20 [ 1065.584481] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1065.589321] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1065.594330] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1065.598381] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1065.604089] ? graph_lock+0x170/0x170 [ 1065.607874] ? find_held_lock+0x36/0x1c0 [ 1065.611935] ? lock_downgrade+0x8e0/0x8e0 [ 1065.616075] ? kasan_check_read+0x11/0x20 [ 1065.620210] ? rcu_is_watching+0x85/0x140 [ 1065.624344] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1065.629535] ? __fget+0x40c/0x650 [ 1065.632982] ? match_held_lock+0x841/0x8b0 [ 1065.637204] ? expand_files.part.8+0x9a0/0x9a0 [ 1065.641784] ? kasan_check_write+0x14/0x20 [ 1065.646023] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1065.650942] ? wait_for_completion+0x870/0x870 [ 1065.655513] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1065.660708] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1065.666423] do_vfs_ioctl+0x1cf/0x16a0 [ 1065.670304] ? ioctl_preallocate+0x2e0/0x2e0 [ 1065.674699] ? fget_raw+0x20/0x20 [ 1065.678140] ? __sb_end_write+0xac/0xe0 [ 1065.682104] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1065.687630] ? fput+0x130/0x1a0 [ 1065.690895] ? ksys_write+0x1a6/0x250 [ 1065.694684] ? security_file_ioctl+0x94/0xc0 [ 1065.699090] ksys_ioctl+0xa9/0xd0 [ 1065.702532] __x64_sys_ioctl+0x73/0xb0 [ 1065.706423] do_syscall_64+0x1b1/0x800 [ 1065.710296] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1065.715132] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1065.720047] ? syscall_return_slowpath+0x30f/0x5c0 [ 1065.724967] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1065.730319] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1065.735150] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1065.740322] RIP: 0033:0x455a09 [ 1065.743497] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:35 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x20000000000000]}, 0x707000) 2033/05/18 03:38:35 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x11000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1065.751203] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1065.758458] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1065.765727] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1065.772980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1065.780236] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000000e 2033/05/18 03:38:35 executing program 4 (fault-call:7 fault-nth:15): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:35 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x88640000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:35 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000400)='/dev/null\x00', 0x10000, 0x0) write$fuse(r1, &(0x7f0000000440)={0x20, 0x0, 0x8, @fuse_ioctl_out={0x80000001, 0x0, 0x3, 0x1000}}, 0x20) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mixer\x00', 0x0, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000380)={0xa, &(0x7f0000000300)=[{}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}]}) ioctl$DRM_IOCTL_GET_CTX(r2, 0xc0086423, &(0x7f00000003c0)={r3, 0x2}) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r4 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x1, 0x0) prctl$getreaper(0x0, &(0x7f0000000540)) write$fuse(r1, &(0x7f00000004c0)={0x50, 0x0, 0x0, @fuse_init_out={0x7, 0x1a, 0x4, 0x8, 0x6, 0x7, 0x6, 0x101}}, 0x50) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f00000001c0)=""/244) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000040)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e500aadfbb781b60fef048e782b148748fa60b787d15758e0b29f65203e9f3842a7f9e54600e793b12e155885eef3d1f734e961f1aa6912a26a045b1e90849d1dec3367fe7451a48f3af59878bf72d243d06e41889ddf700aa22e028bad6793f0915b3d4241f0d6ae003f9aca32a7b1ed86d336a636c71f8b62a4fb9ef5a86fbbb0ddf6211fd4ae9942ecea2e161f391138d5c7f1f87f0f8e5e45429d52f42ca9196b78f06074130e5c3842ec", 0x24}], 0x10000080, 0x0, 0x240}, 0x10) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r1, 0x800443d3, &(0x7f0000000480)={{0x3, 0x8, 0x4, 0x4, 0xf7, 0x9}, 0x3, 0x3, 0x4}) 2033/05/18 03:38:35 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x2000000]}, 0x707000) 2033/05/18 03:38:35 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:35 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x10000000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:35 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") clone(0x4000000, &(0x7f00000001c0)="33acc01e34581034054833f01db03c8f0554463c5cefb13013cc69d63fa4a1746b9a901989aa61fdb62fb03f7d68400415f8a13960423a92f8b61ef46c5c18e84560d1b5c791b8a6c662789f8f0c3e8e7cf78f6950582a3df61246a88d4292a47adbcbb7a7414f465962f69190f3bcbb007f", &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300)="140945a0ee3ae8d3bd5320967b0f18abd0714d65cc13c7678112c8f006a5015d5cd3454ca723b073b9") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=0x0) ptrace$cont(0x3f, r1, 0x9, 0x4) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000000)=0x1, 0x4) 2033/05/18 03:38:35 executing program 2: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) readv(r0, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/40, 0x28}], 0x1) write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[], 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000026c0)={'vcan0\x00', 0x0}) clock_gettime(0x0, &(0x7f0000002740)={0x0, 0x0}) sendmsg$can_bcm(r1, &(0x7f0000002840)={&(0x7f0000002700)={0x1d, r2}, 0x10, &(0x7f0000002800)={&(0x7f0000002780)={0x3, 0x8, 0x25b0, {}, {r3, r4/1000+10000}, {0x0, 0x4, 0xe5f, 0xdcb0}, 0x1, @can={{0x3, 0x7, 0xef, 0x8}, 0x1, 0x1, 0x0, 0x0, "382e94fc0396f132"}}, 0x48}, 0x1, 0x0, 0x0, 0x20044800}, 0x11) fcntl$setpipe(r1, 0x407, 0xb0f3) 2033/05/18 03:38:35 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)=0x0) process_vm_readv(r1, &(0x7f0000000100)=[{&(0x7f0000000180)=""/215, 0xd7}, {&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f0000000080)=""/84, 0x54}], 0x3, &(0x7f0000000300)=[{&(0x7f0000000280)=""/124, 0x7c}], 0x1, 0x0) 2033/05/18 03:38:35 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x2]}, 0x707000) [ 1066.214256] FAULT_INJECTION: forcing a failure. [ 1066.214256] name failslab, interval 1, probability 0, space 0, times 0 [ 1066.225647] CPU: 0 PID: 10950 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1066.232929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1066.242289] Call Trace: [ 1066.244891] dump_stack+0x1b9/0x294 [ 1066.248543] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1066.253750] ? __save_stack_trace+0x7e/0xd0 [ 1066.258098] should_fail.cold.4+0xa/0x1a [ 1066.262174] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1066.267296] ? kasan_kmalloc+0xc4/0xe0 [ 1066.271205] ? kasan_slab_alloc+0x12/0x20 [ 1066.275367] ? kmem_cache_alloc+0x12e/0x760 [ 1066.279712] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1066.284567] ? kvm_mmu_load+0x21/0x10e0 [ 1066.288557] ? vcpu_enter_guest+0x3a83/0x6060 [ 1066.293061] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1066.298092] ? graph_lock+0x170/0x170 [ 1066.301905] ? do_syscall_64+0x1b1/0x800 [ 1066.305978] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1066.311359] ? find_held_lock+0x36/0x1c0 [ 1066.315447] ? __lock_is_held+0xb5/0x140 [ 1066.319537] ? check_same_owner+0x320/0x320 [ 1066.323876] ? rcu_note_context_switch+0x710/0x710 [ 1066.328825] __should_failslab+0x124/0x180 [ 1066.333077] should_failslab+0x9/0x14 [ 1066.336889] kmem_cache_alloc+0x2af/0x760 [ 1066.341058] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1066.345921] mmu_topup_memory_caches+0xf7/0x3a0 [ 1066.350601] ? debug_check_no_locks_freed+0x310/0x310 [ 1066.355898] kvm_mmu_load+0x21/0x10e0 [ 1066.359718] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1066.365273] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1066.370137] vcpu_enter_guest+0x3a83/0x6060 [ 1066.374482] ? print_usage_bug+0xc0/0xc0 [ 1066.378570] ? kvm_set_msr_common+0x2680/0x2680 [ 1066.383256] ? vmx_vcpu_load+0xadd/0xfe0 [ 1066.387335] ? __lock_acquire+0x7f5/0x5140 [ 1066.391592] ? vmx_vcpu_reset+0x1030/0x1030 [ 1066.395923] ? graph_lock+0x170/0x170 [ 1066.399732] ? graph_lock+0x170/0x170 [ 1066.403542] ? __lock_acquire+0x7f5/0x5140 [ 1066.407791] ? debug_check_no_locks_freed+0x310/0x310 [ 1066.412997] ? __lock_is_held+0xb5/0x140 [ 1066.417073] ? lock_acquire+0x1dc/0x520 [ 1066.421056] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1066.426087] ? lock_release+0xa10/0xa10 [ 1066.430076] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1066.435373] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1066.439903] ? preempt_notifier_dec+0x20/0x20 [ 1066.444418] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1066.449283] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1066.454321] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1066.458405] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1066.464125] ? graph_lock+0x170/0x170 [ 1066.467940] ? find_held_lock+0x36/0x1c0 [ 1066.472023] ? lock_downgrade+0x8e0/0x8e0 [ 1066.476189] ? kasan_check_read+0x11/0x20 [ 1066.480349] ? rcu_is_watching+0x85/0x140 [ 1066.484520] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1066.489729] ? __fget+0x40c/0x650 [ 1066.493191] ? match_held_lock+0x841/0x8b0 [ 1066.497436] ? expand_files.part.8+0x9a0/0x9a0 [ 1066.502022] ? kasan_check_write+0x14/0x20 [ 1066.506259] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1066.511192] ? wait_for_completion+0x870/0x870 [ 1066.515778] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1066.520969] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1066.526690] do_vfs_ioctl+0x1cf/0x16a0 [ 1066.530578] ? ioctl_preallocate+0x2e0/0x2e0 [ 1066.534984] ? fget_raw+0x20/0x20 [ 1066.538435] ? __sb_end_write+0xac/0xe0 [ 1066.542422] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1066.547963] ? fput+0x130/0x1a0 [ 1066.551231] ? ksys_write+0x1a6/0x250 [ 1066.555018] ? security_file_ioctl+0x94/0xc0 [ 1066.559423] ksys_ioctl+0xa9/0xd0 [ 1066.562981] __x64_sys_ioctl+0x73/0xb0 [ 1066.566867] do_syscall_64+0x1b1/0x800 [ 1066.570746] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1066.575577] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1066.580495] ? syscall_return_slowpath+0x30f/0x5c0 [ 1066.585440] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1066.590809] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1066.595652] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1066.600831] RIP: 0033:0x455a09 [ 1066.604020] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1066.611721] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1066.618983] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1066.626237] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1066.633492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1066.640755] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000000f 2033/05/18 03:38:36 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x8000000000000000]}, 0x707000) 2033/05/18 03:38:36 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0xffffffffff13dd9b, 0xff, 0x6, 0x6, 0x3}, 0x14) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x801) 2033/05/18 03:38:36 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8060000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:36 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x4000}, [{}]}, 0xfffffc53) 2033/05/18 03:38:36 executing program 4 (fault-call:7 fault-nth:16): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:36 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:36 executing program 2: r0 = socket(0xa, 0x2000000004, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r1, 0x40085203, &(0x7f0000000080)={0x0, 0x31, "75c26f3cef63172a1040b53a564e43a40bc2d4799ff4a1b6c011f31c19d54cece0851fbb93707860a627698e8709c731fb"}) 2033/05/18 03:38:36 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f0000000080)={0x2}, 0x5, 0x800000000) [ 1067.189624] nla_parse: 43 callbacks suppressed [ 1067.189633] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. 2033/05/18 03:38:36 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x4305]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:36 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0xffffffff00000000]}, 0x707000) 2033/05/18 03:38:36 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="985815b8c6ab1243c35e2d2f905e5599f8bdf402f3894446f75520799dd0e14ca1b7f182757559457ff52a283da07a0a7ec57e93c17318f0934280908ed0b6038287ef", 0x43}, {&(0x7f0000000200)="1d3ae08b733dc5a9d889bdcf2441f72ce40d4f1e11765ac1a2f75bdd7461a8df1b8e8186604eb9126d2e9b6466db6306269e51bb5e1a0dd98ec6e5ec4be064c2357b95bb0d2821c750c328b45672fd6083d8aee8a42c4edcf5d651961e37600c394bb70d2edd19f604c0735291f5bbe54018c818eb33acfe4b2bc4d9f85d809cecbd97b3c8a51bad1a192d23a7a21ad2dcdf9ae92c9921a8068a72d9db6d8739c27943a8d4c41a29bdcccd199c59470037380727b58144dd94c3a9", 0xbb}, {&(0x7f00000002c0)="4c24ea5ca4c6fb87452ad8f630187eee52360f0458b2517930cb442f6aec57ea1828e0ef87d90c6c823aa8bfd4c7bcc98609eb7312120ec35fcabec0efe0dfe35a2765913c41b2cebcca074038e9ef5338233ccd530a7d88547c37094d5e36d83bbeea139cba9c47a39a4056c2f93e71e54889f885fc64b53e37ac4b949b3a4689e95cb81aa88fa3f3047edc29ba2385f1a51ab4ce1ddb4ccd9fb9dab7d4c7417ffaed1f1c4b0756", 0xa8}], 0x3, &(0x7f0000000380)=[{0x88, 0x3a, 0x7, "ce4ed9c3f7d109bff48ab644136919cdf494e3f295698430a248a0f73d7bf831ff0019d24ebcc0389f075015be632a538b1c150b872c99d6dac9f90ff7fcbca5dab06e0f89f502e9a48f4e34753c56c2755bf791ba49547f42f9a7f9de0cf6f55a4a58fb8a5bc77ba19b2ef46d45442f69a600688d99ac"}, {0x48, 0x13b, 0x0, "5bdd2d4849cbc31cba87c59413732ada0d02495c237af8855c37778a7f1a3984d042040bfece4f101669aab8e4da8ca3461b2bdb2e472f"}, {0xd0, 0x11d, 0x401, "e33d05f28fdd7cd826561261b8da4b5d74a9adeb103482d434dfab42124cacc355945a9118117777439886f90839abdefa6f3b5d7eb1f50a3f1f601a86ace7d4054fd53912b1e376ee8fef1d1f77703f6c464f420ca34213f78835ebd8a23d2eac94bc26fa6f8410fbc7bca687bcc4ae2c3905b937d5098fad2c6017465808f6f192be9ceca2eb07a918e2e029302296da3e74e3c46648a0ab06d29f565ea8e2b2f1fe20a1a508e194cfbed6978717210e04902d01ae41b3b2843693fa"}, {0x10, 0x10f, 0x3}], 0x1b0, 0x4}, 0x10) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000040)={{0x2, 0x4e20, @multicast1=0xe0000001}, {0x307, @link_local={0x1, 0x80, 0xc2}}, 0x0, {0x2, 0x4e21, @rand_addr=0xbe2e}, 'bcsh0\x00'}) [ 1067.253553] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1067.305461] FAULT_INJECTION: forcing a failure. [ 1067.305461] name failslab, interval 1, probability 0, space 0, times 0 [ 1067.316811] CPU: 0 PID: 11002 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1067.324095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1067.333462] Call Trace: [ 1067.336073] dump_stack+0x1b9/0x294 [ 1067.339723] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1067.341192] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1067.344922] ? __save_stack_trace+0x7e/0xd0 [ 1067.344949] should_fail.cold.4+0xa/0x1a [ 1067.344966] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1067.344988] ? kasan_kmalloc+0xc4/0xe0 [ 1067.359319] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1067.361774] ? kasan_slab_alloc+0x12/0x20 [ 1067.361792] ? kmem_cache_alloc+0x12e/0x760 [ 1067.361809] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1067.361822] ? kvm_mmu_load+0x21/0x10e0 [ 1067.361841] ? vcpu_enter_guest+0x3a83/0x6060 2033/05/18 03:38:37 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)}, 0x0) ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000840)=@get={0x1, &(0x7f0000000740)=""/222, 0x3f}) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x100, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x65, &(0x7f0000000040)=0x4, 0x4) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000880)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000400000008040000ffffffff380100002802000000000000ffffffffffffffff38030000380300003803000038421dffffffff0400000051d000fe2e83a780637bf374cde86ff48f", @ANYPTR=&(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000060000000000000000000000000000000000"], @ANYBLOB="ff020000000000000000000000000001ff020000000000000000000000000001ffffffffffffff00ffffff0000000000ff000000ffffff00ffffff00ffffffff726f736530000000000000000000000076657468305f746f5f7465616d000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000000fb00068e54000000000000000000000000000000100138010000000000000000000000000000000000000000000000004800647374000000000000000000000000000000000000000000000000000000080000000701f00006000900106c060008000e00080006000004fdff020000040100000008000d0028004d41524b0000000000000000000000000000000000000000000000000002030000000900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800f00000000000000000000000000000000000000000000000000028005443504d53530000000000000000000000000000000000000000000000000200000000000000ff010000000000000000000000000001fe800000000000000000000000000016ff000000ffffffffffffffffffffff00ffffffffffffffff9eb3c956ff00000073797a6b616c6c65723000000000000073797a6b616c6c657230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000007e007f0701000000000000000000000000000000c800100100000000000000000000000000000000000000000000000048004c454400000000000000000000000000000000000000000000000000000073797a30000000000000000000000000000000000000000000000001fdffffff09000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x468) setsockopt$ipx_IPX_TYPE(r0, 0x100, 0x1, &(0x7f0000000540)=0x6, 0x4) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000700)={0x6d4, 0x5, 0x0, 0x100000000, 0xffffffff80000001, 0x2, 0xffff, 0xb7, 0xfffffffffffff800, 0x6, 0x7fffffff, 0xfffc000000000000}) r1 = add_key(&(0x7f00000005c0)='asymmetric\x00', &(0x7f0000000600)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000006c0)='ggQ', 0x3, 0xfffffffffffffffa) keyctl$set_timeout(0xf, r1, 0x18e) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r0, 0x111, 0x5, 0x8, 0x4) [ 1067.368331] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1067.370823] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1067.370839] ? graph_lock+0x170/0x170 [ 1067.370854] ? do_syscall_64+0x1b1/0x800 [ 1067.370870] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1067.370887] ? find_held_lock+0x36/0x1c0 [ 1067.395715] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1067.396520] ? __lock_is_held+0xb5/0x140 [ 1067.396537] ? e1000_cfg_on_link_up_80003es2lan+0x660/0x890 [ 1067.396564] ? check_same_owner+0x320/0x320 [ 1067.396584] ? rcu_note_context_switch+0x710/0x710 [ 1067.459061] ? bad_range+0x160/0x160 [ 1067.462791] __should_failslab+0x124/0x180 [ 1067.467044] should_failslab+0x9/0x14 [ 1067.470854] kmem_cache_alloc+0x2af/0x760 [ 1067.475010] ? kvm_clock_read+0x25/0x30 [ 1067.478999] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1067.484031] ? ktime_get_with_offset+0x326/0x4a0 [ 1067.488839] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1067.493701] mmu_topup_memory_caches+0xf7/0x3a0 [ 1067.498391] kvm_mmu_load+0x21/0x10e0 [ 1067.502217] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1067.507770] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1067.512378] vcpu_enter_guest+0x3a83/0x6060 [ 1067.516721] ? kvm_set_msr_common+0x2680/0x2680 [ 1067.521399] ? vmx_vcpu_load+0xadd/0xfe0 [ 1067.525478] ? vmx_vcpu_reset+0x1030/0x1030 [ 1067.529813] ? graph_lock+0x170/0x170 [ 1067.533626] ? graph_lock+0x170/0x170 [ 1067.537436] ? __lock_acquire+0x7f5/0x5140 [ 1067.541685] ? debug_check_no_locks_freed+0x310/0x310 [ 1067.546892] ? __lock_is_held+0xb5/0x140 [ 1067.550965] ? e1000_get_variants_80003es2lan+0x9b0/0xa50 [ 1067.556519] ? lock_acquire+0x1dc/0x520 [ 1067.560507] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1067.565545] ? lock_release+0xa10/0xa10 [ 1067.569538] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1067.574829] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1067.579341] ? preempt_notifier_dec+0x20/0x20 [ 1067.583860] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1067.588715] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1067.593755] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1067.597838] ? kvm_uevent_notify_change.part.29+0x440/0x440 2033/05/18 03:38:37 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {0x6}, [@IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2}, @IPVS_SVC_ATTR_AF={0x8, 0x1}]}]}, 0x30}, 0x1}, 0x0) r2 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x2, 0x3}, &(0x7f0000000100)=0x90) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000180)={r3, @in={{0x2, 0x4e24, @multicast1=0xe0000001}}}, &(0x7f0000000240)=0x84) [ 1067.603564] ? graph_lock+0x170/0x170 [ 1067.607385] ? find_held_lock+0x36/0x1c0 [ 1067.611469] ? lock_downgrade+0x8e0/0x8e0 [ 1067.615634] ? kasan_check_read+0x11/0x20 [ 1067.619793] ? rcu_is_watching+0x85/0x140 [ 1067.623957] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1067.629192] ? __fget+0x40c/0x650 [ 1067.632679] ? match_held_lock+0x841/0x8b0 [ 1067.636927] ? expand_files.part.8+0x9a0/0x9a0 [ 1067.641521] ? kasan_check_write+0x14/0x20 [ 1067.645764] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1067.650709] ? wait_for_completion+0x870/0x870 [ 1067.654500] netlink: 'syz-executor5': attribute type 4 has an invalid length. [ 1067.655306] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1067.655326] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1067.655350] do_vfs_ioctl+0x1cf/0x16a0 [ 1067.655371] ? ioctl_preallocate+0x2e0/0x2e0 [ 1067.655386] ? fget_raw+0x20/0x20 [ 1067.655404] ? __sb_end_write+0xac/0xe0 [ 1067.662718] netlink: 'syz-executor5': attribute type 2 has an invalid length. [ 1067.667877] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1067.667891] ? fput+0x130/0x1a0 2033/05/18 03:38:37 executing program 2: capset(&(0x7f0000000340)={0x19980330}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2, 0x0, 0x6}) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xfffffffffffffdca, 0x84, &(0x7f0000000000)="cfd72f7aecd04e2e9b85b3d8d5ffff6a19a8441318ae747d1e3ad2e069", &(0x7f0000000400)=""/132, 0x800000, 0x2}, 0x28) [ 1067.667903] ? ksys_write+0x1a6/0x250 [ 1067.667924] ? security_file_ioctl+0x94/0xc0 [ 1067.673640] netlink: 'syz-executor5': attribute type 1 has an invalid length. [ 1067.677500] ksys_ioctl+0xa9/0xd0 [ 1067.677523] __x64_sys_ioctl+0x73/0xb0 [ 1067.712953] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1067.713629] do_syscall_64+0x1b1/0x800 [ 1067.713646] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1067.713663] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1067.713680] ? syscall_return_slowpath+0x30f/0x5c0 [ 1067.713699] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1067.713720] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1067.728058] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1067.728336] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1067.728352] RIP: 0033:0x455a09 [ 1067.782275] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1067.782446] netlink: 'syz-executor5': attribute type 4 has an invalid length. [ 1067.789988] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 2033/05/18 03:38:37 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) poll(&(0x7f0000001080), 0x0, 0xffff) restart_syscall() readv(r1, &(0x7f00000023c0)=[{&(0x7f0000001040)=""/15, 0xf}], 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e21, @loopback=0x7f000001}}}, &(0x7f0000000040)=0x84) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000180)={r3, 0x100000001}, &(0x7f00000001c0)=0x8) writev(r2, &(0x7f00000002c0)=[{&(0x7f00000007c0)='q'}], 0x1) [ 1067.789997] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1067.790005] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1067.790014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1067.790022] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000010 [ 1067.834921] netlink: 'syz-executor5': attribute type 2 has an invalid length. [ 1067.842230] netlink: 'syz-executor5': attribute type 1 has an invalid length. 2033/05/18 03:38:37 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8035000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:37 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x3f00}]}, 0xfffffc53) 2033/05/18 03:38:37 executing program 4 (fault-call:7 fault-nth:17): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:37 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:37 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x40000000]}, 0x707000) [ 1067.857557] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1067.913863] netlink: 4 bytes leftover after parsing attributes in process `syz-executor5'. [ 1068.029141] FAULT_INJECTION: forcing a failure. [ 1068.029141] name failslab, interval 1, probability 0, space 0, times 0 [ 1068.040498] CPU: 1 PID: 11055 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1068.047792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1068.057166] Call Trace: [ 1068.059777] dump_stack+0x1b9/0x294 [ 1068.063433] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1068.068645] ? __save_stack_trace+0x7e/0xd0 [ 1068.072991] should_fail.cold.4+0xa/0x1a [ 1068.077073] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1068.082995] ? kasan_kmalloc+0xc4/0xe0 [ 1068.086896] ? kasan_slab_alloc+0x12/0x20 [ 1068.091056] ? kmem_cache_alloc+0x12e/0x760 [ 1068.095395] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1068.100261] ? kvm_mmu_load+0x21/0x10e0 [ 1068.104250] ? vcpu_enter_guest+0x3a83/0x6060 [ 1068.108761] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1068.113793] ? graph_lock+0x170/0x170 [ 1068.117614] ? do_syscall_64+0x1b1/0x800 [ 1068.121691] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1068.127079] ? find_held_lock+0x36/0x1c0 [ 1068.131191] ? __lock_is_held+0xb5/0x140 [ 1068.135266] ? e1000e_free_rx_resources+0x180/0x480 [ 1068.140313] ? check_same_owner+0x320/0x320 [ 1068.144660] ? rcu_note_context_switch+0x710/0x710 [ 1068.149622] __should_failslab+0x124/0x180 [ 1068.153899] should_failslab+0x9/0x14 [ 1068.157717] kmem_cache_alloc+0x2af/0x760 [ 1068.161887] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1068.166751] mmu_topup_memory_caches+0xf7/0x3a0 [ 1068.171432] ? debug_check_no_locks_freed+0x310/0x310 [ 1068.176648] kvm_mmu_load+0x21/0x10e0 [ 1068.180472] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1068.186025] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1068.190625] vcpu_enter_guest+0x3a83/0x6060 [ 1068.194959] ? print_usage_bug+0xc0/0xc0 [ 1068.199039] ? kvm_set_msr_common+0x2680/0x2680 [ 1068.203720] ? vmx_vcpu_load+0xadd/0xfe0 [ 1068.207798] ? __lock_acquire+0x7f5/0x5140 [ 1068.212047] ? vmx_vcpu_reset+0x1030/0x1030 [ 1068.216378] ? graph_lock+0x170/0x170 [ 1068.220187] ? graph_lock+0x170/0x170 [ 1068.224167] ? __lock_acquire+0x7f5/0x5140 [ 1068.228420] ? debug_check_no_locks_freed+0x310/0x310 [ 1068.233627] ? __lock_is_held+0xb5/0x140 [ 1068.237703] ? e1000e_setup_rx_resources+0x5e0/0x950 [ 1068.242828] ? lock_acquire+0x1dc/0x520 [ 1068.246807] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1068.251825] ? lock_release+0xa10/0xa10 [ 1068.255789] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1068.261075] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1068.265576] ? preempt_notifier_dec+0x20/0x20 [ 1068.270069] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1068.274898] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1068.279906] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1068.283957] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1068.289665] ? graph_lock+0x170/0x170 [ 1068.293472] ? find_held_lock+0x36/0x1c0 [ 1068.297545] ? lock_downgrade+0x8e0/0x8e0 [ 1068.301698] ? kasan_check_read+0x11/0x20 [ 1068.305838] ? rcu_is_watching+0x85/0x140 [ 1068.309973] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1068.315158] ? __fget+0x40c/0x650 [ 1068.318608] ? match_held_lock+0x841/0x8b0 [ 1068.322843] ? expand_files.part.8+0x9a0/0x9a0 [ 1068.327423] ? kasan_check_write+0x14/0x20 [ 1068.331656] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1068.336590] ? wait_for_completion+0x870/0x870 [ 1068.341177] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1068.346366] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1068.352076] do_vfs_ioctl+0x1cf/0x16a0 [ 1068.355959] ? ioctl_preallocate+0x2e0/0x2e0 [ 1068.360372] ? fget_raw+0x20/0x20 [ 1068.363826] ? __sb_end_write+0xac/0xe0 [ 1068.367791] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1068.373317] ? fput+0x130/0x1a0 [ 1068.376583] ? ksys_write+0x1a6/0x250 [ 1068.380373] ? security_file_ioctl+0x94/0xc0 [ 1068.384781] ksys_ioctl+0xa9/0xd0 [ 1068.388237] __x64_sys_ioctl+0x73/0xb0 [ 1068.392113] do_syscall_64+0x1b1/0x800 [ 1068.395986] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1068.400826] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1068.405750] ? syscall_return_slowpath+0x30f/0x5c0 [ 1068.410673] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1068.416031] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1068.420884] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1068.426061] RIP: 0033:0x455a09 [ 1068.429231] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1068.436932] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1068.444193] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1068.451451] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1068.458712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1068.465976] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000011 2033/05/18 03:38:38 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xc8050000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:38 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, &(0x7f0000000080)=0x200, 0x4) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f00000000c0)) socket(0x5, 0x5, 0x3) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:38 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x200000]}, 0x707000) 2033/05/18 03:38:38 executing program 6: accept4(0xffffffffffffffff, &(0x7f0000000480)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @multicast1}}}, &(0x7f00000001c0)=0x80, 0x80800) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000280)={{0x6, 0x1, 0x5, 0x1, 0x80000000, 0x3f}, 0xff, 0x9, 0x8, 0xe9b6, 0x1, "314e15b91fb7402799222cad14d1366aa6bff7333a5a1ea6aa053c99e47f8cce3d9cbcacea8583dac9b8fa8b93fa963a2be7f1ddc3fec3aef6fa098b42a923f1b183f1b195bdc8b1bbbd0019f257062a984164596fc955ae8c35a790641eaeab1bda5815e9d1419d401158aa3560eb08b618518984fae60eac2979a5f0ddf4c2"}) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x1, 0x100) ioctl$TIOCLINUX3(r2, 0x541c, &(0x7f0000000080)=0x3) msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x8, 0x800) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f00000000c0)=0x800001d) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000340)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x54, r3, 0x100, 0x70bd27, 0x25dfdbfb, {0xd}, [@IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x21}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x7}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip_vti0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x810) 2033/05/18 03:38:38 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x3f00000000000000}]}, 0xfffffc53) 2033/05/18 03:38:38 executing program 4 (fault-call:7 fault-nth:18): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:38 executing program 2: kexec_load(0x0, 0xa, &(0x7f0000001600)=[{&(0x7f0000000000)="b81e44a1f2b704430e553d57dd028e1c2ca572ec3c661dd6b524464ef85688121ce596216a87dd47bc9d975af75090c3cf404998d1d984bf7d587d18edb7026e423b1d49b16c6b936d9765672c41a05062c50d9809c30546ae18c71623ee744c4cd2afad90b265c78770b35562e72c6b15113549cadf97256f0b784cb770a38c53b20f4c1b2e78edc5547a834c174cdbb5dd92de8925232317e255172c41503366be64f6dc4ba17919c9079cc8d4827ecbf9d152f0a4", 0xb6, 0x8}, {&(0x7f00000000c0)="0851206db64246e6c55bc6fcb1edd746148953534f4e1469d1441901200fe91144624d3731345ad223fc006a884782afcaabfd560a2fc4424d3666bf166b3427e3a53648836067c381d90440f0e76c3a0bbe229354703cbcc2d59eb6417bf6c6dc543277e97a4aee0fe4b843528f47bbec70fd844b", 0x75, 0x8001, 0x7}, {&(0x7f0000000140)="5367f3dfb15c91c46c5671faf78f9649f088422a1b9ee5f9f2db70da1a4276ab14e770d9a3180cf80ce554c7583aa925ae646a76563955b60083cff34479ff86680970d0fdb4ef26c9268261", 0x1, 0xfff, 0x4}, {&(0x7f00000001c0)="c61c61d92e5b21220346ce86d7f1a1d364f5c656d235e698db363253c043161d82e2a8444348b5072f1cbc6dd29872d7198fe5882bda2adac78e7fca299237a3d87a787f21a225c4c4f8044483c6d2eb9e464e411caf69d3dff99b639b70db4bfaa41e1419b563728d10ee298ccb330ea9934aaad5f3bd6aea8045fdc887627bf25d8f32b43e6c543091714094a7d10a7193f20f6ae125713d566b2404960422136801318410229431299aa2c57e0c3e266683a60e1ec8903e3060f9a0354b58fdb494f4d613f0ae47b58e917bf92f5fac3a3649b97368376e1c1d0024d6f67ace303f5bdeaa506b578fbbd0cef1549df6f24e5b7a1f8307483fd001da4954", 0xff, 0x0, 0x2}, {&(0x7f00000002c0)="ce9b6d3bab329b6d5e81c8056ffb7284c85467909bf7e8827cbcdc79c1a933e5aee5dfe373a8dea5f295fea72b74201d41510638b22f97462408313f9c7db72e799dcbe6580b25692cf4fccb39ef0179a28be2cea9e9f602809b656e5eff9d399e5e913fe6125464c3acbadced38e23e86e1411a30fce7dc6adad739538e33723ca1b2b40bcd49414e248ce3a216b269bae4c48fe3bc3adcb6acf33079ca37b69fa3a25639f1d64510686cbacc93d25fdd26f1adf4434e8b5dcc42bc7a53ef73e466a87c009c0edad6b9d5e5bd7f2ab906d721e6ec36ec2182d8ed8b34692f13c24e94e99e21e589b2e982ad6df20b58c88d401bafb42de8e07e7b3ce7a79c549ba7c4e08ba5e6819e9e15dc0ac9fabe4457de97574917945f3af2a220b1721d98b0c44034b303e18e6211a4d2fb535893124f5639adfd95a57565f1eba473a6854ac1d735661fbd0f4b8a9246ad10365203dc91ee58d241ca062257ed5bf348482862d46f7c4decc9d76d9b55f6dbd46cf11fd4560494370d08ef0291f468fefbf4b4d98c071677c1f205b1642e55c1f107cb45ecaea6c4b9cd452f0967daab6dff688b62ce5a802af8c8a3994caa3151033e133284ec7a632481211d3e20e34e06b3bce003ece2d508a2357ae43e6fb8e12f30df7c8e6c69096e145112b0bc2a476cc9b7f6a87f139243cfb0a6a7857ee7522beec0354d8ae46e93d0022435f26a52bf28eddb936b878d990477e6ccb49448f92ce4a39b16937429ccb811af4dd5d2d8c7b6f652cba9f3650b57208f3b99d49a37ae813420ea40bcf43e53e21463e141abd7a3efe301f08475f3edb37786240b2cf1986761f25ec4f6bb01ded1bf3f88c38ac530c3930b91535fdfbb9cb0b9fecb57ffcaa9a5512e4488db89b94cd5927c34a987cd0baf1a76b111a950012c6609244d3b7ff232a22f1b5ccf5fbdee23501118d3b8b6987e1f0be07c3650cd127459d1db1c906627a237864990e242252587e9b0261d016e5a007ca7c58f21e3b9c8df57bcad41f5c4ad577b116b953afd29bddd90f6ed102b047b6ba0efd75085f2d35e2b07c2bd99e75c4629213e8c1dc40545b6f69e3a27a362015ce318470276783960ae4307edf4eaca335d1148963bbe7a54eb7832a8f77118876fbcbf0eb3d7792bb93427ce3a6be3ddd08373bc1d37341da397aeaf00961c6f557f90f6d8bf846d5f3dd72c1147885b3b67afb11273360577ce698ef07a4535b05796d1db1e256bb6362b43c67d786c60f1edb1ce388e2cba49242a97e06f9b09a20e4079c94ffc32fd9bbfea5897f312d961cc28e15d860a84784f4051aed23c4fdc7b2353e2d9db0d85da125329a599243c8ec2459ab3892bbb1d7d0bf33aafb79829babef6b916209363c2fe779b7968aeebcf3fa049c25ea5231a6f4982dcb181e9a4ed77aad625f77705afe96a097a3a1fe073fd56f4aa5c0a4418ad4a67347010093f686a3718bc784786b0070f9ff84aee594e4102e4beec2b63a3ac638df1c424a82883c200ca4559b39c5ff33874b6b632ea0c6e88e4cd76c0eaca30fc7133f26ac2188b3768b1d3358887c214a77dd16c2b0bfbf8424e12defb1da334949455ad89ca7aa09b21a0a0c71b08881e4cc82deace5e1b41836355b91140fb289b330359786d773e627e7af5d37d4a4de6e369ad50ecb7728eac9ecf1e171d0553658f4350e5cf7b34511f236e12c4136641541775e56d61e5b9cef0d95e97ef948e8dee4004b87044f907c53f0f4234cdd2418c0268319644756b4f79c7df71d2390abf927c658ec180e9ce06700002930277a62d435544025882e539371bef93f0bc8f8ebd1b4d94908da8908d8d59f7faba66866ca673bcf5ee4b3f29f258c02a4516fb83f8a86c43a6740f419e8b1a8202381f71d32bcec0c4548b3743bd6689155ef2ce2b22cc2abde90b09bc1935393820b9b6c65e0c13d4916c9f0a171df60accda4f02e63639dd12592feccacf52cf027542ad499293b82737d7c897d1244158a30386ea7cee46338994b3b745d36720fc101b263ef89aea4b520d4126a667d60c8dc4e483d535fa0b86c7cf18c69b94ba1e4e5d6bae9755d4c5a896ee8566bfcdab10b12862323a50ca4c49becd1cbaa98928e2082568a2cee21e82ae97213ebfff03f1819d0d5f615329ac99b49691c917f4b5ce132fbc0b554d7c25e6e451823bc82f575682287f5e74aab2d88b6f18ba7939cb9f84c7584825b613b6f1737da6ff0a35bb6d8ac4a8d7dd2700cb8fd95a291cc2db8c2951c0c3883008f9ac0f45684b317daa2e5d0671639ed9876c539c2b3666e4d807513f79cd2375a2a258d2723fa592c3dca10b97540677444ccfbe0dee119add8975e720b1ef777b53c4750df2a2452f181b6f4b7e4e040e4dc72be754603cd811638606e7aab09680ac3378ccf9738121ad5ff98b1293d273d205cf12f662d1529d3f1a5c24c650650f5bb96ffe0c76b25e5de3f55e1c6f341de8ed93147e1b437b4cf3e87cc126942720c88b61831a3b20193004661744712b7672919d206d2b777f597c1129f8e77698922906ed379dcecf68b4bd79fe5a36ef9dade925465c86164d08393fc6cb73d12abe32d264c3d79b7cf3895543f3dbae3d447fa10ae752a41aa91632bf5d0b3ee8ea9cabaa939a51c3578aa7ae27ef64896ba3b363e36679f504535a68152a6ee9bfc6f38d6894de9871c7dddb280fff452f3494de03059364587f4c8d3fcfc7667931b80feccb13733b33f1b09ac497a0dbb36799bb4f5f2db2086463011cf34db37e1d26e31a1f9f3c21e2d14f37729184dfcd05edc0b77717811d60acc2d4eb054bd4742a81890ae9aef3c8c5a8bca44b03b633ad8926f4b519a0741237a4d269825bb1a5d82e0439bce4e222a542460684fb6d658d2d5a56abceee51ffef5af667d21a78b23f4e7143adbeb205c4f6fed79d430b62776557392338cb0647a0c5101b5f9727d35f0bd555f96f559cb433e39b7533a5f51d2b8aaa9302f3dfa0bfe18d016b3a7b50b35eadc3897500f3b7fecc68b5e8e7cde83e6ff93162b894e0c226dbe241da23a7dcdfc981cfa3a7b55f4abbe5b1ba94ac28b95059cf0e097beaa21ea3abdc718c594adb679af8e32955bee160ad8f9ba3442d9ebfdf2de2d2595d95f7c2c0c2cb8b8fd0b69d4729b3985624782394edc3b1c3852a22aab13717a3aaa6f9580c7d8ec56a2f6acfc3fd9f295de912a23bf9612a478d3bb6ae479133cf4f1cd5a443b928ee3c3e1ff833a65a6d142cde16aeea52648e561e0f407a051d1bc587b96de97d41c056ce0151583825b8b7cc9b73389313cd0ebf34f40a4e50a168456dc473a95856b3f4dab5432c5fdae31abbdccdfcea21901d2715b6fed7954cd5fa8442ce1cbe7866713ddf4eb978eb93f862dd56943922082afaa535693685519c8a623cc92f20ff667d06098262f98fe35de7a3ab3d52fa62da87c40e92802ead1d026bac2b070c53891df48a7047c58688bf19a8e7a583e380d5ff517cb171e6254bf2548d2369998685bd41fc70b7c51625f4a5fa248707f0a725bfb956bb06b4a08dec942967d9e6cbf5a6af3a5db18bca1c0539f7d149f5b6ae1528fd85dd6eeb11c50b24dc9261ae2bee1eae4a87ada71c290a2f8bd37650cd3e8834cb1a3790bba29c01e8a2ef0d7ff3ded23d9e3a8a4929039542d44d25cd63a642c1b54a670059bb89b20b37ab3efbdac75dfa8764e8bc90fa865e5c11f5d23809e75477c0af1f8f64d624ab11246465c3a72ca55231201baed35cd810fac66bb73a053b0f9b099afe18060198e841ccaeeaa9d6ae9b07d076c1c5769965a0a935589bb9b2e11300da062e4576fdf7b4889e5938c8956da00ba8cc34161e60c4ec9879e43682a21de8993ae14c3db43a637e5924944423b646b84a5cac619f82d6945fa2f5ef75759ecc3c663b630a7173eb682e6df0e6bba333e3c389ea98528bacea0ad6a683a032dbfa9eb3980fc3b79828219b89d0a53907aeebbf4422b1df7115133c77d3c752593f6bcd7545611d218eccfb15e6c446b31fba92b826ec36debb2c00f57994d35840747683b675497dbb1774ae8d947238fa9c6b7b8d18af6ca1b4af5225fab0f2b905b77e0afe1620953eca253e75ad73169eb12e3f2aec7d14162393f176eab025b51136b27e3752ad3dcf2269175a320d1150e889aa111bae1d7f07f2bbc4517709a2f94084c3f13568b59d02a41e011be4434e92448a83229b06e554e6077ce5ac83cf964b58e4fa563bcbbcc4251294e017b674398c0009bc615e7344b6ac3550652ec39812baf14745a12cc76f00a7c42b49f68b9f21096b991a1ceec8f6bd00b8135be0181235a9247e8d2923165ccf9d0514c0349dbe7314f017f40ed38e33a900409369a4873b07e172f74f5949e7908d2f9c1d23d62f59e7a90f2c209aebb03967614ae86a8549062e71651c4df7238cabb3fa27eba6283abab270049aa8c85a993c62371948d1d95d548683690ad2f6073eca315725fa6cc13f5e5062241ea40c12678bb79f604c9786b9befe4b8274ddf440ed9d143e28def2ca656ab9504bc250080ca213063b98ec4122ae88fe7531496c1868f518d52c667a43ad2c09a8b456ecb62975cc270003ba6355f6a64a3a4e865e200af24466badd2c142cc85982222435d6b857682fea067c22cfb606d7f9f1ad74a42859a207ce9d461ec122fd7e29f859d20107bb2796952ad31e18d8477991f66b2bc69c76c25ef8a80d523f783f8ec253b738a75dad592f3a9549831728c8467d2b7c5610c48cc0844a9bffa2888652441f40a34c430fe323d6498bf30e34f3402bcca6614c5fba018f3250634c23498730f9dff3ba1ff059edea0b78ad784a56c0a4a1afadc6ef37801857246059fd533be03008f37e0bf4dc459043f122b8b894dae06adffa3375ce39ea2671fc0411c2cbbd502bc402d534de6372bca9c152662b3648dffb276607087348690156321b564adada91e15f5b48d2a0d301cd4c09be9eeab3df19662c59c971a1339cef2d5b5bc0edeb3e64145104943ed35356bf4923f43c7d85c5c8f68a9bea271629412afdc009ea82896c546787024c9460b755edc2a47c41aea3b564312c74e83237e88bc189563e105f828ccb78494a23b22b7d5e09e2aa946959e295d21a0f8c1e5744c6116c50ebce40269ec491f1ec5f3c2e6c4200109c373229a40543dd17bfb9f5ca77a82f5706a3f385010b965d7847eeeec7485399592e7e741d35b35238329cf009f7ad80c5afb475473788573ae4ef5d288d6abb2e44a6db2b5ca701bfc34b46862df1560279ede44d5da22d4b7c7d2e55c56dca2fce1ac6a9d6f1932cc380bccc4906fa5c0e473d79c127509fdc96a92b3cb6ff03675b392c8ba02e99a04557a9b12a9bdb094d095f3e48da180b4e262657a48fb0d7a20ca1e1e6599258366516ea06833afa40f6b3531c2ffe6e917803b6168b3220aa533e2bc16087b859a726fa72e7f8de03ea8f4d7edb769da368ee9e830669e1a5b0014e01a28ce11683da2cb2609a4152d34346be38e5c05f1364578a120ecbbf50961d64f2f31b64c5016dd42eb4107aa235fcaf09dd5b2fb8286f513daa461c3214c35e4e961fa49b47f683e8e2dd45a63c63b2decf8e43617cc97bf81cc4523cfb9a7ca897de31336d0cb14004ba37b40f1e9cd2ce652498a5402e808852dc3a0896e5d3262b70384d451f5ab53a47c83ef42cb138ce722e83bc818612b432a79677146230d0e589273631934594ab4c", 0x1000, 0x4, 0x5066}, {&(0x7f00000012c0)="30bf0563500ba5d55c79ea282dd96d14495fb563334d84c8a015603e500d8cae42a9f80a86388649496b0ae51672d404c17e540c78ca1f25a30c873f609f40c250a41e2c3cab36d25e90532d0397586d75e38454a4c1ecafd552015ff17b5725dd3dfa5a700062e38168fde6e1f6667553c29c2a7e1b48e1de0841421c77e31941a6161e2ee6f2681db90f677fb1bf3612947c5ee7107a147dae7ef28bec41c47318c04cefd036135554cdcdb54938426216ceed86dbe4c64b74337da8e8722e5e3cf7ed35", 0xc5, 0x3ff, 0x8000}, {&(0x7f00000013c0), 0x0, 0xfff, 0x3f}, {&(0x7f0000001400)="64fdf24664e4d5be7c25303c4736c6297ade1fcf4f47202d0e1791f25fd7eb6fd7a804e502f954c0915143332972c2a97d1da8909b882303b13f58f35da787daf335a7f6601005856d5f6639ad1bd3ebbc6b205a25151cf274a7c0e519d92f3eed09f53a126b647d4cbeb1db3ba98ecbafe3660655b785f884e8f8bcb36ffa7a17c46bad36192214ec3c07e32c75971c909117896f6ff35c851f1372131711c992ee5d8b05d3a1880403b42a1555", 0xae, 0x5500, 0x7}, {&(0x7f00000014c0)="e99264e714e37e0173f2909757da3152262e9498b65e7e84d5919526baac58dfc315f892f93432df79f7488b4ce207ab5df8ecd19439a7f713b7bb7c580c9312427c40aeeca1a3ee8a7dbfb1602e0388c156ced9ebc7afd115f327363b45a129580b880324145ac7672e78539a", 0x6d, 0x5}, {&(0x7f0000001540)="681eec66d280c4bb7c4ffcb213027bb7c7f85b51f65eb2a997ef4f18e862592e2e82330829e1ec4b614e7b82337f838bf6faa61aabd9542aae857c9ad14d2b438c7588cf29e5aab001d94ed1123372ab2b14fee3ad16d229c8b95a307af8b832ffba38752b8d146fdab740149b174f0fb8b85f666a35864618d88f1d9e6628aa2b76ae104464546bd7a58c21fd30413077e22625395b2ac65708486b68883fed23c7e298b7ccacaa4b0bd19310ce7fe7b912fe24", 0xb4, 0x3, 0x3}], 0x10000) 2033/05/18 03:38:38 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1069.007551] FAULT_INJECTION: forcing a failure. [ 1069.007551] name failslab, interval 1, probability 0, space 0, times 0 [ 1069.018933] CPU: 1 PID: 11080 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1069.026215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1069.035576] Call Trace: [ 1069.038179] dump_stack+0x1b9/0x294 [ 1069.042349] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1069.047575] ? __save_stack_trace+0x7e/0xd0 [ 1069.051913] should_fail.cold.4+0xa/0x1a [ 1069.055988] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1069.061114] ? kasan_kmalloc+0xc4/0xe0 [ 1069.065022] ? kasan_slab_alloc+0x12/0x20 [ 1069.069178] ? kmem_cache_alloc+0x12e/0x760 [ 1069.074639] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1069.079509] ? kvm_mmu_load+0x21/0x10e0 [ 1069.083489] ? vcpu_enter_guest+0x3a83/0x6060 [ 1069.087998] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1069.093026] ? graph_lock+0x170/0x170 [ 1069.096843] ? do_syscall_64+0x1b1/0x800 [ 1069.100915] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 2033/05/18 03:38:38 executing program 2: ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x40096102, &(0x7f00008da000)={{0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}, [0xfe]}, {}, 0x0, {0x2, 0x0, @loopback=0x7f000001}}) 2033/05/18 03:38:38 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x4000]}, 0x707000) 2033/05/18 03:38:38 executing program 2: r0 = socket$bt_hidp(0x1f, 0x3, 0x6) r1 = socket$bt_hidp(0x1f, 0x3, 0x6) connect(r1, &(0x7f0000dcd000)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e21, @loopback=0x7f000001}, 0x4, 0x4, 0x3, 0x3}}, 0xff97) ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, &(0x7f0000000040)) 2033/05/18 03:38:38 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x2000]}, 0x707000) 2033/05/18 03:38:38 executing program 2: r0 = memfd_create(&(0x7f0000001fcd)="776c616e302a6d696d655f747970652d7472757374651d0fe17f6c616eee74418a23a825a2747275737465647b5c7b47504c00", 0x0) mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x4, 0x4011, r0, 0x0) mknod$loop(&(0x7f0000000200)='./file0\x00', 0x0, 0xffffffffffffffff) writev(r0, &(0x7f0000000000)=[{&(0x7f0000b23000)="82aaabfc6c5b1c7a6718badabd246d62c80270e00d637af19152d09e59a695e5ecb4b013dea5c5ab0458f38fca8bbf1404fe615f1e536e0f35664718", 0x3c}], 0x1) symlink(&(0x7f0000004000)='./file0\x00', &(0x7f0000000340)='./control\x00') ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)={0x8, 0x24, "08bdab9d382b161e5c259eb74f24974d06da125c0e1d73ab566b7aa3cffacf2fc53e3ba0"}) r1 = socket(0x2, 0x1, 0x1) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='./control\x00') [ 1069.106298] ? find_held_lock+0x36/0x1c0 [ 1069.110380] ? __lock_is_held+0xb5/0x140 [ 1069.114468] ? check_same_owner+0x320/0x320 [ 1069.118807] ? rcu_note_context_switch+0x710/0x710 [ 1069.123753] __should_failslab+0x124/0x180 [ 1069.127999] should_failslab+0x9/0x14 [ 1069.131820] kmem_cache_alloc+0x2af/0x760 [ 1069.135985] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1069.140841] mmu_topup_memory_caches+0xf7/0x3a0 [ 1069.145523] ? debug_check_no_locks_freed+0x310/0x310 [ 1069.150729] kvm_mmu_load+0x21/0x10e0 [ 1069.154543] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1069.160092] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1069.164689] vcpu_enter_guest+0x3a83/0x6060 [ 1069.169019] ? print_usage_bug+0xc0/0xc0 [ 1069.173097] ? kvm_set_msr_common+0x2680/0x2680 [ 1069.177772] ? vmx_vcpu_load+0xadd/0xfe0 [ 1069.181851] ? __lock_acquire+0x7f5/0x5140 [ 1069.186103] ? vmx_vcpu_reset+0x1030/0x1030 [ 1069.190433] ? graph_lock+0x170/0x170 [ 1069.194333] ? graph_lock+0x170/0x170 [ 1069.198145] ? __lock_acquire+0x7f5/0x5140 [ 1069.202391] ? debug_check_no_locks_freed+0x310/0x310 [ 1069.207595] ? __lock_is_held+0xb5/0x140 [ 1069.211670] ? lock_acquire+0x1dc/0x520 [ 1069.215655] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1069.220684] ? lock_release+0xa10/0xa10 [ 1069.224670] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1069.229959] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1069.234464] ? preempt_notifier_dec+0x20/0x20 [ 1069.238975] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1069.243827] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1069.248868] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1069.252940] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1069.258658] ? graph_lock+0x170/0x170 [ 1069.262463] ? find_held_lock+0x36/0x1c0 [ 1069.266539] ? lock_downgrade+0x8e0/0x8e0 [ 1069.270702] ? kasan_check_read+0x11/0x20 [ 1069.274861] ? rcu_is_watching+0x85/0x140 [ 1069.279022] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1069.284230] ? __fget+0x40c/0x650 [ 1069.287696] ? match_held_lock+0x841/0x8b0 [ 1069.291943] ? expand_files.part.8+0x9a0/0x9a0 [ 1069.296582] ? kasan_check_write+0x14/0x20 [ 1069.300838] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1069.305779] ? wait_for_completion+0x870/0x870 [ 1069.310378] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1069.315582] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1069.321299] do_vfs_ioctl+0x1cf/0x16a0 [ 1069.325204] ? ioctl_preallocate+0x2e0/0x2e0 [ 1069.329621] ? fget_raw+0x20/0x20 [ 1069.333081] ? __sb_end_write+0xac/0xe0 [ 1069.337065] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1069.342606] ? fput+0x130/0x1a0 [ 1069.345891] ? ksys_write+0x1a6/0x250 [ 1069.349701] ? security_file_ioctl+0x94/0xc0 [ 1069.355248] ksys_ioctl+0xa9/0xd0 [ 1069.358713] __x64_sys_ioctl+0x73/0xb0 [ 1069.362633] do_syscall_64+0x1b1/0x800 [ 1069.366528] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1069.371382] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1069.376323] ? syscall_return_slowpath+0x30f/0x5c0 [ 1069.381263] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1069.386631] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1069.391470] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1069.396737] RIP: 0033:0x455a09 [ 1069.399917] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1069.407634] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1069.414894] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1069.422154] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1069.429418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1069.436689] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000012 2033/05/18 03:38:39 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") poll(&(0x7f0000000040)=[{r0, 0x6410}], 0x1, 0x8) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:39 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x89060000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:39 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x200000000000000]}, 0x707000) 2033/05/18 03:38:39 executing program 4 (fault-call:7 fault-nth:19): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:39 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1, 0x0, 0x1a8}, 0x0) sendto$inet(r0, &(0x7f0000000080)="ba0fbda1cd79a9255145dde8aad2a551b155cb8f886825d511c6b8b63cb1df7a5ec5d8d6a0cc4616e78c7e85ad69ca46be973d6684be8a33f6eb028aceb5d9c4d1d4a0f3e8f8688e843b54d30d8c390fe3cbc0e9606dada8ed1d27cd185e141ba77ed907cb325e078ecd1d0b6fd34b0894c4bdc717eb89b5e2801895ef3224ad8235dee09e9681d0d16334c2516b52b6877397da825186354154dfaead8f671eacf57152ecb02c960b9e84b20913be", 0xaf, 0x4000000, &(0x7f0000000180)={0x2, 0x4e22, @multicast2=0xe0000002}, 0x10) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000040)="2400000002031f001cfffd946fa2830000000a000900020009000000000015000404ff7e", 0x24}], 0x353}, 0x3) 2033/05/18 03:38:39 executing program 2: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhost-net\x00', 0x2, 0x0) write$vnet(r0, &(0x7f0000000400)={0x1, {&(0x7f0000000280)=""/39, 0x206, &(0x7f0000000000)=""/235, 0x0, 0x1}}, 0x68) 2033/05/18 03:38:39 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xf5ffffff00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:39 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x1000000000000000}]}, 0xfffffc53) 2033/05/18 03:38:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0xf503}, 0xc, &(0x7f0000000280)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000082700ffff435876f66181a48a628c55bb"], 0x14}, 0x1}, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x220400, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000080)=0x8) 2033/05/18 03:38:39 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8035]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:39 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x200, 0x0) ioctl$EVIOCGUNIQ(r1, 0x80404508, &(0x7f00000006c0)=""/4096) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) [ 1070.055905] FAULT_INJECTION: forcing a failure. [ 1070.055905] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.067255] CPU: 0 PID: 11137 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1070.074567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1070.083926] Call Trace: [ 1070.086539] dump_stack+0x1b9/0x294 [ 1070.090201] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1070.095415] ? __save_stack_trace+0x7e/0xd0 [ 1070.099761] should_fail.cold.4+0xa/0x1a [ 1070.103842] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1070.108958] ? kasan_kmalloc+0xc4/0xe0 [ 1070.112857] ? kasan_slab_alloc+0x12/0x20 [ 1070.117013] ? kmem_cache_alloc+0x12e/0x760 [ 1070.121344] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1070.126210] ? kvm_mmu_load+0x21/0x10e0 [ 1070.127714] Unknown ioctl -2143271672 [ 1070.130190] ? vcpu_enter_guest+0x3a83/0x6060 [ 1070.130207] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1070.130225] ? graph_lock+0x170/0x170 [ 1070.130241] ? do_syscall_64+0x1b1/0x800 [ 1070.130256] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1070.130283] ? find_held_lock+0x36/0x1c0 [ 1070.158365] Unknown ioctl -2143271672 [ 1070.160850] ? __lock_is_held+0xb5/0x140 [ 1070.160882] ? check_same_owner+0x320/0x320 [ 1070.160902] ? rcu_note_context_switch+0x710/0x710 [ 1070.160920] __should_failslab+0x124/0x180 [ 1070.160941] should_failslab+0x9/0x14 [ 1070.186026] kmem_cache_alloc+0x2af/0x760 [ 1070.190199] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1070.195058] mmu_topup_memory_caches+0xf7/0x3a0 [ 1070.199738] ? debug_check_no_locks_freed+0x310/0x310 [ 1070.204943] kvm_mmu_load+0x21/0x10e0 [ 1070.208762] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1070.214315] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1070.218914] vcpu_enter_guest+0x3a83/0x6060 [ 1070.223252] ? print_usage_bug+0xc0/0xc0 [ 1070.227333] ? kvm_set_msr_common+0x2680/0x2680 [ 1070.232012] ? vmx_vcpu_load+0xadd/0xfe0 [ 1070.236087] ? __lock_acquire+0x7f5/0x5140 [ 1070.240342] ? vmx_vcpu_reset+0x1030/0x1030 [ 1070.244685] ? graph_lock+0x170/0x170 [ 1070.248496] ? graph_lock+0x170/0x170 [ 1070.252403] ? __lock_acquire+0x7f5/0x5140 [ 1070.256657] ? debug_check_no_locks_freed+0x310/0x310 [ 1070.261863] ? __lock_is_held+0xb5/0x140 [ 1070.265941] ? lock_acquire+0x1dc/0x520 [ 1070.269927] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1070.274954] ? lock_release+0xa10/0xa10 [ 1070.278939] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1070.284227] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1070.288744] ? preempt_notifier_dec+0x20/0x20 [ 1070.293282] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1070.298257] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 2033/05/18 03:38:39 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x4000000000000000]}, 0x707000) 2033/05/18 03:38:39 executing program 2: r0 = socket(0xa, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[0xfeffffff], [0xff, 0xff], @loopback=0x7f000001}}, 0x1c) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) setsockopt$inet_mreqn(r0, 0x0, 0x14, &(0x7f00000002c0)={@dev={0xac, 0x14, 0x14}, @multicast1=0xe0000001}, 0xc) 2033/05/18 03:38:39 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000040)=0x8, 0x4) 2033/05/18 03:38:39 executing program 5: r0 = socket$inet(0x10, 0x3, 0x2000000000000c) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0xc000) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) [ 1070.303313] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1070.307394] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1070.313120] ? graph_lock+0x170/0x170 [ 1070.316934] ? find_held_lock+0x36/0x1c0 [ 1070.321021] ? lock_downgrade+0x8e0/0x8e0 [ 1070.325188] ? kasan_check_read+0x11/0x20 [ 1070.329351] ? rcu_is_watching+0x85/0x140 [ 1070.333516] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1070.338733] ? __fget+0x40c/0x650 [ 1070.342202] ? match_held_lock+0x841/0x8b0 [ 1070.346458] ? expand_files.part.8+0x9a0/0x9a0 [ 1070.351057] ? kasan_check_write+0x14/0x20 [ 1070.355310] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1070.360256] ? wait_for_completion+0x870/0x870 [ 1070.364867] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1070.370076] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1070.375810] do_vfs_ioctl+0x1cf/0x16a0 [ 1070.379716] ? ioctl_preallocate+0x2e0/0x2e0 [ 1070.384136] ? fget_raw+0x20/0x20 [ 1070.387605] ? __sb_end_write+0xac/0xe0 [ 1070.391602] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1070.397156] ? fput+0x130/0x1a0 [ 1070.400453] ? ksys_write+0x1a6/0x250 [ 1070.404281] ? security_file_ioctl+0x94/0xc0 [ 1070.408712] ksys_ioctl+0xa9/0xd0 [ 1070.412297] __x64_sys_ioctl+0x73/0xb0 [ 1070.416198] do_syscall_64+0x1b1/0x800 [ 1070.420106] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1070.424966] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1070.429898] ? syscall_return_slowpath+0x30f/0x5c0 [ 1070.434829] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1070.440192] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1070.445038] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1070.450228] RIP: 0033:0x455a09 [ 1070.453425] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1070.461132] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1070.468403] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1070.475677] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1070.482937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1070.490205] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000013 2033/05/18 03:38:40 executing program 5: r0 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x1, 0x8200) ioctl$sock_netrom_TIOCINQ(r0, 0x541b, &(0x7f0000000080)) r1 = socket$inet(0x10, 0x3, 0x2000000000000c) sendmsg(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:40 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8864]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:40 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x1000000000000}]}, 0xfffffc53) 2033/05/18 03:38:40 executing program 4 (fault-call:7 fault-nth:20): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:40 executing program 2: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) syz_open_pts(r0, 0x200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCNOTTY(r1, 0x5422) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f00000000c0)={0xc, @remote={0xac, 0x14, 0x14, 0xbb}, 0x4e21, 0x0, 'sh\x00', 0x1, 0xa25e00000000, 0x70}, 0x2c) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x61) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x8000, 0x0) fchmodat(r3, &(0x7f0000000100)='./file0\x00', 0x1e) read(r1, &(0x7f0000000040)=""/11, 0xb) r4 = syz_open_pts(r1, 0x84043) ioctl$TCXONC(r4, 0x540a, 0x0) 2033/05/18 03:38:40 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:40 executing program 6: r0 = socket(0x8, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x102, 0x0) ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f00000001c0)={0xffffffffffffffff, 0x400}) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) r2 = msgget$private(0x0, 0x10) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@local, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@dev}}, &(0x7f0000000080)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000380)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000003c0)={{{@in6=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f00000004c0)=0xe8) r6 = getegid() ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000600)=0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000540)=0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000580)={{0x3, r3, r4, r5, r6, 0x82, 0x3}, 0x9, 0x4, 0x7, 0x34ae, 0x4, 0x8, r7, r8}) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="8689afcd910008080000000401b974f3", 0xffffffffffffffc1) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r9 = msgget$private(0x0, 0x281) msgsnd(r9, &(0x7f0000000080)=ANY=[], 0x0, 0x10000) 2033/05/18 03:38:40 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x20000000000000]}, 0x707000) 2033/05/18 03:38:40 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xff03]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:40 executing program 5: r0 = socket$inet(0x10, 0x3, 0x6) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0) 2033/05/18 03:38:40 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x2000000]}, 0x707000) [ 1070.968016] FAULT_INJECTION: forcing a failure. [ 1070.968016] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.979457] CPU: 0 PID: 11188 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1070.986744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1070.996120] Call Trace: [ 1070.998736] dump_stack+0x1b9/0x294 [ 1071.002387] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1071.007594] ? __save_stack_trace+0x7e/0xd0 [ 1071.011941] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:40 executing program 5: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) syz_fuse_mount(&(0x7f0000000340)='./file0\x00', 0x4000, 0x0, 0x0, 0x0, 0x0) syz_fuse_mount(&(0x7f0000000080)='./file0/file0\x00', 0xe000, 0x0, 0x0, 0x0, 0x0) chroot(&(0x7f0000000000)='./file0\x00') umount2(&(0x7f00000000c0)='./file0\x00', 0x3) [ 1071.016032] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1071.021158] ? kasan_kmalloc+0xc4/0xe0 [ 1071.025060] ? kasan_slab_alloc+0x12/0x20 [ 1071.029221] ? kmem_cache_alloc+0x12e/0x760 [ 1071.033565] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1071.038512] ? kvm_mmu_load+0x21/0x10e0 [ 1071.042497] ? vcpu_enter_guest+0x3a83/0x6060 [ 1071.046998] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1071.052027] ? graph_lock+0x170/0x170 [ 1071.055836] ? do_syscall_64+0x1b1/0x800 [ 1071.059912] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1071.065288] ? find_held_lock+0x36/0x1c0 [ 1071.069366] ? __lock_is_held+0xb5/0x140 [ 1071.073456] ? check_same_owner+0x320/0x320 [ 1071.077796] ? rcu_note_context_switch+0x710/0x710 [ 1071.082741] __should_failslab+0x124/0x180 [ 1071.086991] should_failslab+0x9/0x14 [ 1071.090810] kmem_cache_alloc+0x2af/0x760 [ 1071.094976] ? kvm_clock_read+0x25/0x30 [ 1071.098965] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1071.104187] ? ktime_get_with_offset+0x326/0x4a0 [ 1071.108958] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1071.113821] mmu_topup_memory_caches+0xf7/0x3a0 [ 1071.118511] kvm_mmu_load+0x21/0x10e0 [ 1071.122328] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1071.127876] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1071.132480] vcpu_enter_guest+0x3a83/0x6060 [ 1071.136827] ? kvm_set_msr_common+0x2680/0x2680 [ 1071.141508] ? vmx_vcpu_load+0xadd/0xfe0 [ 1071.145585] ? vmx_vcpu_reset+0x1030/0x1030 [ 1071.149919] ? graph_lock+0x170/0x170 [ 1071.153727] ? graph_lock+0x170/0x170 [ 1071.157539] ? __lock_acquire+0x7f5/0x5140 [ 1071.161792] ? debug_check_no_locks_freed+0x310/0x310 [ 1071.166996] ? __lock_is_held+0xb5/0x140 [ 1071.171068] ? lock_acquire+0x1dc/0x520 [ 1071.175049] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1071.180078] ? lock_release+0xa10/0xa10 [ 1071.184074] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1071.189368] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1071.193854] ? preempt_notifier_dec+0x20/0x20 [ 1071.198345] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1071.203277] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1071.208289] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1071.212932] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1071.218653] ? graph_lock+0x170/0x170 [ 1071.222458] ? find_held_lock+0x36/0x1c0 [ 1071.226596] ? lock_downgrade+0x8e0/0x8e0 [ 1071.230757] ? kasan_check_read+0x11/0x20 [ 1071.234903] ? rcu_is_watching+0x85/0x140 [ 1071.239046] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1071.244244] ? __fget+0x40c/0x650 [ 1071.247688] ? match_held_lock+0x841/0x8b0 [ 1071.251921] ? expand_files.part.8+0x9a0/0x9a0 [ 1071.256497] ? kasan_check_write+0x14/0x20 [ 1071.260729] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1071.265656] ? wait_for_completion+0x870/0x870 [ 1071.270249] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1071.275445] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1071.281149] do_vfs_ioctl+0x1cf/0x16a0 [ 1071.285042] ? ioctl_preallocate+0x2e0/0x2e0 [ 1071.289467] ? fget_raw+0x20/0x20 [ 1071.292921] ? __sb_end_write+0xac/0xe0 [ 1071.296900] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1071.302447] ? fput+0x130/0x1a0 [ 1071.305727] ? ksys_write+0x1a6/0x250 [ 1071.309529] ? security_file_ioctl+0x94/0xc0 [ 1071.313929] ksys_ioctl+0xa9/0xd0 [ 1071.317392] __x64_sys_ioctl+0x73/0xb0 [ 1071.321278] do_syscall_64+0x1b1/0x800 [ 1071.325161] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1071.330003] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1071.334931] ? syscall_return_slowpath+0x30f/0x5c0 [ 1071.339863] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1071.345221] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1071.350062] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1071.355242] RIP: 0033:0x455a09 [ 1071.358421] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:41 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xc805]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:41 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x8000000000000000}]}, 0xfffffc53) 2033/05/18 03:38:41 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x300000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1071.366143] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1071.373421] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1071.380693] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1071.387961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1071.395247] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000014 2033/05/18 03:38:41 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x6488]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:41 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x40000000]}, 0x707000) 2033/05/18 03:38:41 executing program 4 (fault-call:7 fault-nth:21): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1071.670901] FAULT_INJECTION: forcing a failure. [ 1071.670901] name failslab, interval 1, probability 0, space 0, times 0 [ 1071.682299] CPU: 1 PID: 11225 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1071.689599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1071.698970] Call Trace: [ 1071.701593] dump_stack+0x1b9/0x294 [ 1071.705249] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1071.710461] ? __save_stack_trace+0x7e/0xd0 [ 1071.714812] should_fail.cold.4+0xa/0x1a [ 1071.718895] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1071.724013] ? kasan_kmalloc+0xc4/0xe0 [ 1071.727914] ? kasan_slab_alloc+0x12/0x20 [ 1071.732076] ? kmem_cache_alloc+0x12e/0x760 [ 1071.736417] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1071.741279] ? kvm_mmu_load+0x21/0x10e0 [ 1071.745286] ? vcpu_enter_guest+0x3a83/0x6060 [ 1071.749785] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1071.754801] ? graph_lock+0x170/0x170 [ 1071.758597] ? do_syscall_64+0x1b1/0x800 [ 1071.762654] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1071.768020] ? find_held_lock+0x36/0x1c0 [ 1071.772087] ? __lock_is_held+0xb5/0x140 [ 1071.776157] ? check_same_owner+0x320/0x320 [ 1071.780479] ? rcu_note_context_switch+0x710/0x710 [ 1071.785416] __should_failslab+0x124/0x180 [ 1071.789653] should_failslab+0x9/0x14 [ 1071.793455] kmem_cache_alloc+0x2af/0x760 [ 1071.797601] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1071.802447] mmu_topup_memory_caches+0xf7/0x3a0 [ 1071.807116] ? debug_check_no_locks_freed+0x310/0x310 [ 1071.812315] kvm_mmu_load+0x21/0x10e0 [ 1071.816125] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1071.821684] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1071.826291] vcpu_enter_guest+0x3a83/0x6060 [ 1071.830632] ? print_usage_bug+0xc0/0xc0 [ 1071.834699] ? kvm_set_msr_common+0x2680/0x2680 [ 1071.839372] ? vmx_vcpu_load+0xadd/0xfe0 [ 1071.843439] ? __lock_acquire+0x7f5/0x5140 [ 1071.847686] ? vmx_vcpu_reset+0x1030/0x1030 [ 1071.852018] ? graph_lock+0x170/0x170 [ 1071.855809] ? graph_lock+0x170/0x170 [ 1071.859601] ? __lock_acquire+0x7f5/0x5140 [ 1071.863841] ? debug_check_no_locks_freed+0x310/0x310 [ 1071.869041] ? __lock_is_held+0xb5/0x140 [ 1071.873105] ? lock_acquire+0x1dc/0x520 [ 1071.877090] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1071.882106] ? lock_release+0xa10/0xa10 [ 1071.886084] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1071.891731] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1071.896228] ? preempt_notifier_dec+0x20/0x20 [ 1071.900731] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1071.905758] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1071.910773] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1071.914839] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1071.920546] ? graph_lock+0x170/0x170 [ 1071.924344] ? find_held_lock+0x36/0x1c0 [ 1071.928423] ? lock_downgrade+0x8e0/0x8e0 [ 1071.932582] ? kasan_check_read+0x11/0x20 [ 1071.936733] ? rcu_is_watching+0x85/0x140 [ 1071.940874] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1071.946059] ? __fget+0x40c/0x650 [ 1071.949514] ? match_held_lock+0x841/0x8b0 [ 1071.953763] ? expand_files.part.8+0x9a0/0x9a0 [ 1071.958348] ? kasan_check_write+0x14/0x20 [ 1071.962587] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1071.967516] ? wait_for_completion+0x870/0x870 [ 1071.972101] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1071.977291] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1071.983004] do_vfs_ioctl+0x1cf/0x16a0 [ 1071.986909] ? ioctl_preallocate+0x2e0/0x2e0 [ 1071.991335] ? fget_raw+0x20/0x20 [ 1071.994804] ? __sb_end_write+0xac/0xe0 [ 1071.998788] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1072.004320] ? fput+0x130/0x1a0 [ 1072.007600] ? ksys_write+0x1a6/0x250 [ 1072.011406] ? security_file_ioctl+0x94/0xc0 [ 1072.015832] ksys_ioctl+0xa9/0xd0 [ 1072.019297] __x64_sys_ioctl+0x73/0xb0 [ 1072.023189] do_syscall_64+0x1b1/0x800 [ 1072.027104] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1072.031947] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1072.036886] ? syscall_return_slowpath+0x30f/0x5c0 [ 1072.041837] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1072.047228] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1072.052084] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1072.057280] RIP: 0033:0x455a09 [ 1072.060476] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:41 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x88caffff00000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:41 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x2000]}, 0x707000) 2033/05/18 03:38:41 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x40000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:41 executing program 5: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f00000013c0)='ramfs\x00', 0x0, &(0x7f000000a000)) chroot(&(0x7f0000000280)='./file0\x00') execve(&(0x7f0000000780)='./file0/file0\x00', &(0x7f00000008c0)=[&(0x7f00000007c0)='ramfs\x00', &(0x7f0000000800)='user.', &(0x7f0000000840)="27706f7369785f61636c5f61636365737323d5766d6e65743000", &(0x7f0000000880)='ramfs\x00'], &(0x7f0000000a40)=[&(0x7f0000000900)='\x00', &(0x7f0000000940)='btrfs\x00', &(0x7f0000000980)='fragment=metadata', &(0x7f00000009c0)='user.', &(0x7f0000000a00)='$\x00']) lgetxattr(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000700)=@random={'user.', 'fragment=metadata'}, &(0x7f0000000740)=""/33, 0x21) umount2(&(0x7f0000000040)='./file0\x00', 0x2) pivot_root(&(0x7f0000001380)='./file0\x00', &(0x7f00000016c0)='./file0\x00') syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f00000000c0)='./file0\x00', 0x9, 0x8, &(0x7f0000000600)=[{&(0x7f0000000100)="211266069ea1acf68e6d72b714ba0f9fbdd8c5a86a2019e8ec87e46528d8f96b26997a6aa5d270a2edf3670aa551263d42607c3671f736122fdf94ca2bbaaedb05fd69ef651798d5df0471af1a36788b8a98a6fa85e726dc92e2fd", 0x5b, 0x101}, {&(0x7f0000000180)="decce5a63c6da5fb52ba70b69567106156d2166a684a5cbb1c47c549406bdd6b96a5dcb3275633c57107fd18b9ad67538b04b43d8bff1aa78d0e538ea3c95bf7a8fb0152ccd0462607fdc72e52dfd9fdcd938e8b7d0091c9af52b7a0db1c215dcf610e7a1dd8c8aea82213e30bc3393052b84e111482da7c7497f841d86b4fcf", 0x80, 0x8f7}, {&(0x7f0000000200)}, {&(0x7f00000002c0)="b1cd109728c2887588592b4a59103ef2def8af457807b65ad0dfb6b1995bd580d83fdc3f6ef20d76faf03dc223dae57b6f020feedfa41be372e6f0f68dd22ff76e1b5e8dcbd830722fbcdeb2de604c252b3d1fd264e4bb1dfcbc984418c3f6ac7b43f73049f7dc6ed18fba8909c3931f5d63c29dd3b092756315cdf8e9fc18e2015fbe6b7b280c3f0830150cdc084cef84f9315467f19d8bb19bcbf454b15e18d3dce9918cdfbe62d24a241110d725f0", 0xb0, 0x6}, {&(0x7f0000000380)="55c9ec1096c9191804ce1387e0edf4f11c7b193dd8d3f595b392fb24541a9d681a7d0da7ee62e8f7ac70e25e2c1a7312c6ff180452e0ff6878d8fdb099d6fe5b8fb3bd66064edb1d178fb15c015253de0bfeb23fa74bd24da89aba9f83ce5f1cf3e71a39d57eee7d47373535aaeb8a390fc1dc28c0dee204ffd8729b1872e144a653580e8b927d9140d7c65f2d0fd1182633b3c75ee56283743f6537ca76f1", 0x9f, 0x3ff}, {&(0x7f0000000440)="1fe97946e74d01b4adede21c71a3149f39d65db319e4a326d8654f25e649ca28c79b59c8c783db86bf3776da8bedc6630f95934ca7322e0d691b7449ae823b491e69c825f5f0676796d03156dd5579d05aaec80739f482676ce32f11ec809c9c9b70cceb4d9d97dafe815201f5c66d3378e485ade06c8629629618cdd4ae8f685ca614e9cd3abf82e8c5d599546d37a253d41707873ae041ca468c7120016a", 0x9f, 0x3}, {&(0x7f0000000240)="65d6", 0x2, 0x5}, {&(0x7f0000000500)="ba94f2a4780e38ac5e531f24243105af07d59db126a6674e2d0f4c60adbc976df176590b9ea507974325096202bd69ff3ca4e9a63d2f2a2bea2987641f23c7ef07cd6be9e00fe85eeda64cdd41593b9dc867497c34250c76cff3397a63a405e0189d59dd12c871f52cc5086a08bdc1d2233d7074baae9c90585395334e5f3f62a86da40e430b5cd7b56380a2a2aa5dcb827b99920603aeab34fd073ddc4a302760619c9544940645c8544b22b3cdeeee216d3dc607290bfe693e7a43dab5bfcb768a5f30bbcd2fadeb7047", 0xcb, 0x6f4}], 0x40, &(0x7f00000006c0)={[{@fragment_metadata='fragment=metadata', 0x2c}]}) 2033/05/18 03:38:41 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000400)="c626262c8523a44592ed28c0f0782a2de07acc068d4245376ec1bde3edd59751958b8ca15fe564428f7a38612167034e6f144abce806000f92c97c78c5be7205e531e975d7316a9d53161d63e9d3a44c5de085f052a328431ab2e3b5f709be995bfa1b3dbd3871dd1b886c042335bd085e1994cbe72fbb7d976f45d730e65c04f0e8b2c9a5450b2f14ed768d5bee11c780fc2ae1e38680291affa67d4b30063c335f8c6bc92f95dd50963080d197872b5df68d0de5a8bc") keyctl$set_reqkey_keyring(0xe, 0x7) getitimer(0x0, &(0x7f0000000040)) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003900000000000000030000000000ae8e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000"], 0x94, 0x0, 0x0) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={'team_slave_1\x00', {0x2, 0x4e21, @rand_addr=0x1}}) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) 2033/05/18 03:38:41 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x10000000}]}, 0xfffffc53) 2033/05/18 03:38:41 executing program 4 (fault-call:7 fault-nth:22): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:41 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x80, 0x0) r1 = syz_genetlink_get_family_id$team(&(0x7f00000002c0)='team\x00') getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000e80)={{{@in=@dev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@broadcast}}, &(0x7f0000000f80)=0xe8) accept4(0xffffffffffffff9c, &(0x7f0000000fc0)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000001040)=0x80, 0x80000) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000001080)={{{@in=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@loopback}}, &(0x7f0000001180)=0xe8) accept4$packet(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000001200)=0x14, 0x800) getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000001240)={0x0, @dev, @loopback}, &(0x7f0000001280)=0xc) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000001300)={@local, @remote, 0x0}, &(0x7f0000001340)=0xc) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1b, &(0x7f0000001380)={@mcast2, 0x0}, &(0x7f00000013c0)=0x14) clock_gettime(0x0, &(0x7f0000003b40)={0x0, 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000003ac0)=[{{&(0x7f0000003400)=@rc, 0x80, &(0x7f00000036c0)=[{&(0x7f0000003480)=""/154, 0x9a}, {&(0x7f0000003540)=""/71, 0x47}, {&(0x7f00000035c0)=""/53, 0x35}, {&(0x7f0000003600)=""/145, 0x91}], 0x4, &(0x7f0000003700)=""/74, 0x4a, 0x80}, 0x2}, {{&(0x7f0000003780)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, 0x80, &(0x7f0000003980)=[{&(0x7f0000003800)=""/243, 0xf3}, {&(0x7f0000003900)=""/76, 0x4c}], 0x2, &(0x7f00000039c0)=""/203, 0xcb, 0x100}, 0xd3}], 0x2, 0x2, &(0x7f0000003b80)={r9, r10+30000000}) getpeername$packet(0xffffffffffffff9c, &(0x7f0000003c80)={0x0, 0x0, 0x0}, &(0x7f0000003cc0)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000003d00)={{{@in6=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@rand_addr}}, &(0x7f0000003e00)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000003e80)={{{@in6=@ipv4={[], [], @local}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}}}, &(0x7f0000003f80)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000003fc0)={{{@in6=@mcast1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @remote}}, 0x0, @in=@local}}, &(0x7f00000040c0)=0xe8) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f00000047c0)={'tunl0\x00', 0x0}) accept$packet(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000004840)=0x14) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1f, &(0x7f0000008ac0)={@mcast2, 0x0}, &(0x7f0000008b00)=0x14) getpeername$packet(0xffffffffffffff9c, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000008b80)=0x14) getsockname(0xffffffffffffffff, &(0x7f0000008bc0)=@hci={0x0, 0x0}, &(0x7f0000008c40)=0x80) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000009140)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000009100)={&(0x7f0000008c80)={0x464, r1, 0x0, 0x70bd2c, 0x25dfdbfe, {0x3}, [{{0x8, 0x1, r2}, {0xf4, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}]}}, {{0x8, 0x1, r5}, {0xc8, 0x2, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r6}}}, {0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x14, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r7}}, {0x8, 0x7}}}]}}, {{0x8, 0x1, r8}, {0x80, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r11}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r12}}}]}}, {{0x8, 0x1, r13}, {0x78, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r14}}}]}}, {{0x8, 0x1, r15}, {0x174, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r17}}, {0x8, 0x7}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8000}}, {0x8, 0x6, r18}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x400}}, {0x8, 0x6, r19}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r20}}}]}}]}, 0x464}, 0x1, 0x0, 0x0, 0x4001}, 0x4004) r21 = socket(0x2, 0x1, 0x22) ioctl(r21, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") write$binfmt_misc(r21, &(0x7f0000000180)=ANY=[@ANYBLOB="724a5cbb128a59f234982123f450bcff71a208e2b609daaef8ee6529ab3a0ab1c374690bc30b99f737bdd577608760ad0e0c4a6d1202ffc579e3a5720e8cf3db93a99a8c24b6d7e3d47b0eb6c1a76e1da497e7b00825662c830230c4d945431aa6ec142ef2bbd43cc0e6761cf0620ba46981f4498761d3757ed0933728f03198ba33de471ef983822953f29046042e6c133422d646084cc74b14b18d47b74d1376b2885fbca8b54727997bf6dc0f3939eaf2774ac81a62"], 0x5) r22 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x2, 0x202040) ioctl$KVM_GET_LAPIC(r22, 0x8400ae8e, &(0x7f0000000740)={"2027c1fe128c589aa831d8c4ad9318d0441cf8f0506bd27ce46d04e23f313fe5c55ba24ae8c079ec1497762f85d6e736c2bacb864f0b7e0cd8e451fdb0ef4311bf50df99b2af72ce8c277623077292752a2652bc4ec5c3ba6fa4744ac4c7b7a1ebc2254919eaaafa822c576890717618a7901b411990503562b35210728a496189444c2db3ee0a72f57fe0d2f390b4996ad27a00acd90b5f5781433be08943e7e54e9a4c2eb12db760d5a2d441a351a11ed010057f32728849688d5ce5b53f58d31f8dcf73240d3eb792f55cb6901039e3b59dff8ba223ff434a5923fb6fa40d2e9193c6925d2a5186805cbbb9acb7571285f964beeb3c4075e353dd99080fe0e2ca11ef4d5d6bf9e0ce090c62a0dec7dc578764b6bbd95541a1682b0c0d39f8efa33b783569295f8e81be070a9c19fee520890b1eecb28e1a07503cfe149a08dff5b2d70a8e70bd65f7d942c4713ef144e836206898ee05abe2a4b782e8ec29a434dc84d84aa10774d5df9d8fbe2a76d597d8d527cf5314f8c52a168b15ef0b6be147b9938406bceea53706e9cd6161ecf6b5a99821e46508e8aa618f907ffea5d3d335959e0babe6a2ecd18d5952f382650de2f45a6aaeebbfa768ad211fcb9e03c4019d65708e8d52000549382210f9aa670236161fbdf0c4474a70dc80301136d19f9a91316cbe57920702a824afe107140ffd0c58d4472dbad8bd0b6a1111516c19fdcea195250e5b47fc51de34cb5cceadf9051c487dd5747c268ce9d293bbd65370f6a51376b07d3735211a892319d3ed094901cea6b21d32abc14747f64f35e797a53fcbfe1d4cd791cb21eea0c3ba9296f65cbf79918b5af317765f1805e648acc132973783a6524b9ab831469c252cf0aac7857579b71ececfa4efd178e1c096a1bb67ac6ef5b0ed734cb2c6366796c51290dea03fa2e8f52cde21b2cb9067580bef718c7f0bb2d32106a924f79021fa58587b4f5bedb19844fa3eb5a8ae27cd9e55ecda432737da2339c65cba44dd92ee9ad242e0637290939aac5545d81af14189143cd0963ada2576ea028c377d78a5f088ee01937291468f0afe7b5443c12bc4b8a9ea01fc7c0eac88e22157eb4c7057ebfeb26a41fd3baab153592b42d20744d4da73312b0c37c6cd8830bb62f593f6e85dd0d378a7da2f491bb6e0654a349a884e026dd7df621859cdf0b3f4d3d3e6b5af52fae5dfa0ac04b8b2b308ef01ef3c8d839eedfad2de52b6a06a9c04861674389faeb2608592a8d481145b95190a56073380c2bae8cd8a0f5b8300ac4830d56ffdabf4c4887c2ca7790e722535d0f6d679826759341e2309e8ebf90047109a5331368e9ac04aaade017c696c9c60cd502ef97c70c2bbcfd58d7dd5f620b34db20559b34dc92fa5a8a374d86198aa897779e64c3ff2f586a20bee713bd6a691fde73225ca59231b"}) set_mempolicy(0x8003, &(0x7f0000000000)=0x3, 0x9) mq_open(&(0x7f00000000c0)='em1\x00', 0x81, 0x8, &(0x7f0000000100)={0x100000000, 0x1, 0x5a64, 0x9, 0xe0, 0x8, 0xff, 0x6}) r23 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='numa_maps\x00') readv(r23, &(0x7f0000000300)=[{&(0x7f0000001400)=""/4096, 0x1000}], 0x1) [ 1072.068198] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1072.075475] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1072.083540] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1072.090819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1072.098099] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000015 2033/05/18 03:38:41 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x4000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:41 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x200000000000000]}, 0x707000) [ 1072.336683] FAULT_INJECTION: forcing a failure. [ 1072.336683] name failslab, interval 1, probability 0, space 0, times 0 [ 1072.349349] CPU: 1 PID: 11260 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1072.356637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1072.366007] Call Trace: [ 1072.368622] dump_stack+0x1b9/0x294 [ 1072.372301] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1072.377513] ? __save_stack_trace+0x7e/0xd0 [ 1072.381858] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:42 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.stat\x00', 0x0, 0x0) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x200, 0x0) r2 = openat$cgroup_ro(r0, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) r3 = getpgrp(0xffffffffffffffff) ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f00000000c0)=r3) ioctl$TIOCMBIS(r2, 0x5416, &(0x7f0000000100)=0x80000000) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000140)={0x4, 0x8, 0x3f, 0x8, [], [], [], 0x6, 0x0, 0x80, 0x80000001, "53855231c23048a4663bcb7b783604b5"}) ioprio_get$pid(0x1, r3) flock(r0, 0x5) ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000280)) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f00000002c0)={0x4, [0x0, 0x0, 0x0, 0x0]}) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x80, 0x8, 0x1, 0x1, 0x1141}, &(0x7f0000000340)=0x14) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000380)={r4}, 0x8) uname(&(0x7f00000003c0)=""/114) getsockname(r0, &(0x7f0000000440)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000004c0)=0x80) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000500)={0xffff, 0xb9d, 0x7, 0x100, 0x80, 0x10000, 0x8, 0x9d, 0x5, 0x58a}) ioctl$DRM_IOCTL_VERSION(r2, 0xc0406400, &(0x7f0000001700)={0x2, 0x8001, 0x6, 0x1000, &(0x7f0000000540)=""/4096, 0xec, &(0x7f0000001540)=""/236, 0x81, &(0x7f0000001640)=""/129}) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r2, 0xc0505405, &(0x7f0000001740)={{0x2, 0x3, 0x401, 0x3, 0x22}, 0x49b5, 0x1, 0x100000001}) getsockopt$inet_mreqsrc(r2, 0x0, 0x26, &(0x7f00000017c0)={@local, @multicast2, @multicast2}, &(0x7f0000001800)=0xc) ioctl$TIOCSCTTY(r0, 0x540e, 0x7) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000001840)={r4, 0x0, 0x2, [0x2000000, 0x9]}, 0xc) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000001880)={0x1, [0x18d]}, 0x6) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000018c0)={0x2000200a}) io_setup(0x1, &(0x7f0000001900)=0x0) r6 = syz_open_dev$sndpcmc(&(0x7f0000001a00)='/dev/snd/pcmC#D#c\x00', 0x3, 0x101800) io_cancel(r5, &(0x7f0000001a40)={0x0, 0x0, 0x0, 0x0, 0x7f, r2, &(0x7f0000001940)="67f4c842f3211c00ef22d55397c6ff9a6957865f80cb3e13430d71ff4df486850a36dd8bf85745f83723e25ca606cba53be7ca303d01592a9cf21ed557805d7cb90d0fe8bf9b4341d54bd94360d490ca73e06b354079488d226e4313a9f80089ff29e8d0463850a93089c69bfa7b03eabbf18fb386f632e9964d8cfdc06e993d84de85c1e382668786f365774d686ad04d", 0x91, 0x1755, 0x0, 0x1, r6}, &(0x7f0000001a80)) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000001ac0)={r4, 0x80000001}, &(0x7f0000001b00)=0x8) write$binfmt_script(r1, &(0x7f0000001b40)={'#! ', './file0', [{0x20, 'bdevvboxnet0em1'}, {0x20, '/dev/snd/pcmC#D#c\x00'}, {0x20, 'md5sum'}, {0x20, "f6637075736574"}, {0x20, '/('}, {0x20, '/dev/hwrng\x00'}, {0x20, 'memory.stat\x00'}], 0xa, "feeca7ff6244e1c11968b03e6817226ee5a7e6de9d7f3a928d5ae2cdf4e2eb375b60e0124f08d24e9ca7fc998b387e4b8121"}, 0x8b) [ 1072.385936] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1072.391054] ? kasan_kmalloc+0xc4/0xe0 [ 1072.394953] ? kasan_slab_alloc+0x12/0x20 [ 1072.399111] ? kmem_cache_alloc+0x12e/0x760 [ 1072.403448] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1072.408308] ? kvm_mmu_load+0x21/0x10e0 [ 1072.412300] ? vcpu_enter_guest+0x3a83/0x6060 [ 1072.416810] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1072.421850] ? graph_lock+0x170/0x170 [ 1072.425671] ? do_syscall_64+0x1b1/0x800 [ 1072.429800] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1072.435189] ? find_held_lock+0x36/0x1c0 [ 1072.439272] ? __lock_is_held+0xb5/0x140 [ 1072.443367] ? check_same_owner+0x320/0x320 [ 1072.447719] ? rcu_note_context_switch+0x710/0x710 [ 1072.452667] __should_failslab+0x124/0x180 [ 1072.456928] should_failslab+0x9/0x14 [ 1072.460771] kmem_cache_alloc+0x2af/0x760 [ 1072.464944] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1072.469814] mmu_topup_memory_caches+0xf7/0x3a0 [ 1072.474493] ? debug_check_no_locks_freed+0x310/0x310 [ 1072.479710] kvm_mmu_load+0x21/0x10e0 2033/05/18 03:38:42 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0xa5ae0d002567985) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0xffffffffffffffff) openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x0, 0x0) [ 1072.483534] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1072.489090] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1072.493697] vcpu_enter_guest+0x3a83/0x6060 [ 1072.498060] ? kvm_set_msr_common+0x2680/0x2680 [ 1072.502762] ? vmx_vcpu_load+0xadd/0xfe0 [ 1072.506836] ? __lock_acquire+0x7f5/0x5140 [ 1072.511083] ? vmx_vcpu_reset+0x1030/0x1030 [ 1072.515502] ? graph_lock+0x170/0x170 [ 1072.519309] ? graph_lock+0x170/0x170 [ 1072.523115] ? __lock_acquire+0x7f5/0x5140 [ 1072.527361] ? debug_check_no_locks_freed+0x310/0x310 [ 1072.532560] ? __lock_is_held+0xb5/0x140 2033/05/18 03:38:42 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:42 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x8000000000000000]}, 0x707000) [ 1072.536632] ? lock_acquire+0x1dc/0x520 [ 1072.540616] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1072.545649] ? lock_release+0xa10/0xa10 [ 1072.549636] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1072.554923] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1072.559427] ? preempt_notifier_dec+0x20/0x20 [ 1072.563943] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1072.568797] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1072.573830] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1072.577905] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1072.583630] ? graph_lock+0x170/0x170 [ 1072.587444] ? find_held_lock+0x36/0x1c0 [ 1072.591522] ? lock_downgrade+0x8e0/0x8e0 [ 1072.595686] ? kasan_check_read+0x11/0x20 [ 1072.599846] ? rcu_is_watching+0x85/0x140 [ 1072.604011] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1072.609218] ? __fget+0x40c/0x650 [ 1072.612681] ? match_held_lock+0x841/0x8b0 [ 1072.616931] ? expand_files.part.8+0x9a0/0x9a0 [ 1072.621518] ? kasan_check_write+0x14/0x20 [ 1072.625750] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1072.630676] ? wait_for_completion+0x870/0x870 [ 1072.635256] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1072.640444] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1072.646149] do_vfs_ioctl+0x1cf/0x16a0 [ 1072.650031] ? ioctl_preallocate+0x2e0/0x2e0 [ 1072.654432] ? fget_raw+0x20/0x20 [ 1072.657879] ? __sb_end_write+0xac/0xe0 [ 1072.661846] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1072.667383] ? fput+0x130/0x1a0 [ 1072.670668] ? ksys_write+0x1a6/0x250 [ 1072.674472] ? security_file_ioctl+0x94/0xc0 [ 1072.678877] ksys_ioctl+0xa9/0xd0 [ 1072.682325] __x64_sys_ioctl+0x73/0xb0 [ 1072.686210] do_syscall_64+0x1b1/0x800 [ 1072.690119] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1072.694976] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1072.699901] ? syscall_return_slowpath+0x30f/0x5c0 [ 1072.704826] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1072.710273] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1072.715115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1072.720303] RIP: 0033:0x455a09 [ 1072.723482] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1072.731182] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1072.738439] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1072.745701] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1072.752959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1072.760216] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000016 2033/05/18 03:38:42 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x707000) 2033/05/18 03:38:42 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xff030000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:42 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x4000}]}, 0xfffffc53) 2033/05/18 03:38:42 executing program 4 (fault-call:7 fault-nth:23): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:42 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4400000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:42 executing program 2: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_int(r0, 0x3a, 0x1f, &(0x7f0000000080), &(0x7f0000000400)=0x4) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000280)=0x4) r1 = socket(0x8, 0xf, 0x3) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}, 0x18) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000300)={{{@in=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@remote}}, &(0x7f0000000040)=0xe8) ioprio_set$uid(0x3, r2, 0x9) accept$nfc_llcp(r1, &(0x7f00000001c0), &(0x7f00000000c0)=0xffffffffffffff0f) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/snapshot\x00', 0x0, 0x0) ioctl$VHOST_RESET_OWNER(r3, 0xaf02, 0x0) ioctl(r1, 0x9, &(0x7f0000000440)="51354a68641c9db504000000fcbc6a69dc9737990d45a8f27e9559bda950d716457e1b2af7fe769c540cc9a565df536bc97a0d877bfd88f0f9") getsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000100)=""/127, &(0x7f0000000180)=0x7f) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000480)={@mcast1={0xff, 0x1, [], 0x1}, 0x7, 0x1, 0x0, 0x3, 0x8, 0x401, 0x4}, 0x20) 2033/05/18 03:38:42 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) r1 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key(&(0x7f0000000280)='dns_resolver\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000300)="9bbedc298fce3791eb15cf76af098ef27bc6fa159949af9a8cf9b0eef9c57b58ad2924a7090001418535be93ebca5173149558c4e740edc990421d99daac0a8c23e1ebe6cded045b57d870cef04f38154285d99cf13189eac593becda6dd2c7a7f8fa45022d833efaf06400f088169f3947113def2e5f953c7b2be1e84bdfe0f41e97f76a38b5b17c46774c99bbab253347348a1b155571911e0cf4d551f2b579992d4102440e6d43a27eddf9e8ccf22ae5311febd796b0d", 0xb8, 0xffffffffffffffff) keyctl$instantiate(0xc, r1, &(0x7f00000001c0)="5269b39e1c4cbdf4a814262005a704bcb786aa493917064cb68909b8bb4401c1982f37b6c49ee572b4ce4f3bbd50d209b8f862f6a03e2b316a8891b16b48a1514ab432c062631d06c3c40b", 0x4b, r2) 2033/05/18 03:38:42 executing program 5: r0 = getpgrp(0x0) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, r0, 0x0, 0xffffffffffffffff, 0x0) rt_sigtimedwait(&(0x7f0000448000), &(0x7f0000d31ff0), &(0x7f00007adff0)={0x77359400}, 0x8) r2 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x1, 0x10e00) sendmsg$unix(r2, &(0x7f0000001200)={&(0x7f0000000100)=@abs={0xdecacf97761939a, 0x0, 0x4e24}, 0x6e, &(0x7f00000011c0)=[{&(0x7f0000000180)="01d595e323269aac7e9f785734de8a9eb75f4e9775986010df", 0x19}, {&(0x7f00000001c0)="6858303365bd0011f43a23f9613333dee30b6b5ba14fc7ef723112cadd924e8080a9194fe709f7c6a362cf733562c3c04b9c4337c4653fd26245753aac9406e55b4a160813d32a4119f2d12fe2c5038d52c214a1952d15db13ae2dbabeee9584b6e852cfabed4e40b975331ce024c1d4724b26eec40d59ef097be290fe6880bb36d08fb44843dc729845beaf14a778608bb8eb4ef9577b9d50f3a905a1a53b744911a62c0b28b5aedb5a94a67499eb11752204d3f3ad9734686dd668398773b0b83e16111baf5d96303e171027faf027c9d81e820d06e8f9bf279d23d891fd623ca5be18f86c784e7ebbaabebf8e3a49508ff979ba7b1b9750c35f33fc2bba7f3c591e63a1b694e91cd55783e3887161b71999b58b41b199f4ddd5d8eb7822f86e28397b8803cea6cbd2392d6bf2d94c9c6160186713eedd48546910e2828e0d744ed7dc734b0cae9e576c731f929d706e42d192afe9299dfccad7d13db4323f0574e800c47fbf2e4f84adad40cd7912d8fc645408b0bd8dd2bc36db3004de05c514dc3cce570df5f89f1a348c88ec146ebf42bf342b914dc82e957eaef34e067725103d19a442c8696f1c52061e165b72cc9ae0ad5ef30a74ba74b03d3d0dcdf9e9a3377723eb9d8c993b841ac51058cf2519e5092678b5a5750763a2a31a5d2a689bd45e6173fb172d13f7353fbfed66b891725635e388203c2ed700dc12438664827af7174e575c763c490f2a0ef7c4d7bd055ef00f3e2d7e05dee67439af2cf4eaff5f14235539ac6422b384f75feb0fbac83872fcb9761c8b4be6b10eb88edd4b7a193da8d2016fee158f82fae64253d87693d39aa32336b87c52146006c99e753650affb1ed820c438047092154a71d089508c6e3260614e8b408e4df9bbf14c4b5eff7661f0a1306b3df3c429a2094ca0a20e29703a6ddac7c8926d475f85c856925e6cab409a5e7843b280a1c88bc7a66b2e7f55769629db419ca3cc43c59c46cdfb9eac7fa8d754d4ff127f181fd86845d013f4196e2a3aed9b8146295eda6128e59911fa64241c0a1a03a61516b7952bd9fec4eec032b49c70b409fe0de59c9a0ce3bee2b4e2a271ebed87668b3775278e4bb6c432de76d083dac736dae9d9b5bc873f7c448e2dd8d69b02874b77f705480de27cd7d03db4b1e63305a927b234b1c17b7520db4ada20fa5e47875605f635d5f89560a2ea404901374060b77a2d28bcb6797bb99b04c4751720625400780148effbaef8b0b02769013d83ed588d1e3239059a8eba7d1adbe95a1c09b45e4cddbeb559b213edcc0139787ae5c0ebaebcc7c8a6e1f9596603dc8930187740bcfb6975176b9b2c76f18616b18b8b262a5dceda24446aa9baaf7bc9a819a4f68a897169b5840758b304d793f45ca6bf53c60b9433a2b6c2d9b0f0066b1e0e8cba3362408fe2d30f59207acc2653d0396ea267330b1339d3b3cc27d698ed92fb8e165879566520e07eb8e67109c3af99132bd75000b6f93be1dba9ed4fbff2ff2e712cb484a831d0f233c66a221fd5597943250f8fce057d749e4deb961b7ee81739e2b7a4f8dc26ec6481c2c9014e1d458c316ed2a9b2144f41c50efe66156a3c66e9357f59a00f3d73a20c0a62b4159b57829b60d0ac34a8865410f74c25cb8ad8a95690e6756b8bd269c7a69623f1061fde2da36f4295e8b2448c50f079938652dffe8022340db96dcc7bff6768263bdad389394f700bbf8c3bf7e73bdc17955dbe3029af84f8f7b46a6d16f378a46cec79139921c1fb1cdda7e1df95feb5e9c400796efa6b4830210f75cec2b06df96673fc9e0826858ffbe90693ccbeffb9c418fe5de755d5767f10ec72deba8e993b960050ab3a1ff2fdd1064971087fad0844467a3aa494bd280407c7b0e8d899406b91d9a0b34bd39949dc21b84baf573e32e642446b76317e9c5ad033b68bccd61c979a4669c81474ca0dfa3f29dc68fc51644d487a35ee17779ff7d71cd1f27ce32ec3ac3276ab3ffaed840267fc237ed35a6c9e855e1adb8bfd38aa81d78c054dca32dbc09566ea19f01eab8c58c6ffb43fd08eb08b961ff3a443ca1da14f3ccb5bb81c27f883d18d2fcf00df6a6f2ad68181ea009774c1c9bfe53fc8fa4acf6358bfe32d9fd4e00e8676ca52c4822ba1d3c5ac0f8dfd555521c69f81ad71b18ca75b6754d24c0caa408e45026c6963db8a6739349d7715129a911ef3e95d879e3d42c8900f84f249b80617d445170ba44c845803ed24c991c663f0315c45b89c78e930fd7d44ad2e7025d53da30bfb80fb74adaf0d6c4e656f30f2f2b951bf713dfa7b171e4258543548632e44a1245073fcba26e781fbe5d3d0a9d93c08404c511a46845b119704c75fead74a421f3167d6f57c25aa72aa1d0d595be140488e6328711bf9fc67c72118b69399116ebdf2c30e02adfae8ace3f26cc9d1e5f76d86e983a2ffcd5c2ef10b59355a0839714ab4582c646c25dd979183157bc1f2c637522e1ea81dc9d1c10b0b0a52d2f425f33f344fb9713da8b41d9abb59e3615945420742f74041e2a6123f32070051af0dc990750d3f1888aaa8f76c3e473dec15dad845f429b20df9d56d3688471bb8c7edc7c187c3ef5f5fac7ebb4132911e3e6d465320cbcbaa705b62a51a2046310b7255792e9e5423fc33d64237097ef71e039a333f095654f83ceef1ab7d6abecf244f518e9e5345c61403f2c8803725a01e36d919e552012f45d92986444d87c68cbfdb4183169fcb7748c2708aaeb00a088a414fbef34fccd65809b31f722fd0a794e84d7799c29854ce415f702d0557382dd61622c4f5a7231c4932cd365bbacf63b9901745fb26c9272a27d7eb6735f7e7cfd7a46613619af97f38f9954c32d5d88c3883a9c6096c8de2975820bf58cf00cab5a38b2ec660aaf3815898a02ad3f293d81734e6267130e18243ccac682af188f8decc4757aa8761dc691ebf6effda6fbab5f371f2399e688157aa7477aa1a669568d276d629fe433e6dd364e4eb7cd4517620ed7110dc0f17cbaded8d73c727c53b4994b1423643ac9ae5095f583837aa541bf0e6162fd84f331ca70097b55fd680e70b4cdee9490ad32483aaf82224fee27619641f76356f3ee1c570f78a3c20eeb287c5a1b5ebcd6c0baa24b8b797ad9d23627fbfc8115a7391af294cbeb22ba6cccf0afc8213e384c0a102115f1458110798c651fc5951721a88760154becb281b0c5b10a1726d4608533e2a730c7a494f8420bbf6dac08187f875a4f1d289a04bcadec0ff26f30515128266d1adc49e506f20332a7bd979c51f89ad75f160344626f17fa68ae9bbb51661c15656f51ebc64d9dbc00323cf2f55119d1e828c8386b47dfd44f03b767d9eb4acfad3d7d211879370e557279fc618a6ec2d74159259c7ffb143e30f687bbbb71de8d467dec3f43ca8af748ae987fbe3379d2c605c6215c6534db71f6bebe395c8583c23c6df47b7ca9a2a7b9bf263f1f14c43efca8de774c6c59056b570ec38c671b8db7411afba9be4ecf44c6329adbfebf6a003f11b9f6eb1738fc53160d4799d4c507eeb93e30eee4a931baa60c039eb78faab1337dd9f7a839e9ffae11435dd9542e1c8e784a3d312fd1cf7135bc86bc2ca6d991b5a78c4aaf932b0579f0a8c3e4a2262e31fad025f96210b6d4bb03de7cf8894f7933d7c5c490fd580eeed670609a6306def19aace61d523ea0d48912dfa5b311effd25bf9fcb81c622aea295605364990210bdfdb495b35d56db477b0766300d8e83d6367afbf40f0eb987f058c49787f382f92c627dc15e3e5a9a6e1b334261b9fc40a8cdda8a8f6fbbda658e253ce544f64bcce0fcae0638eaf2eeea5f53cb571b60dd8984f00d64e6dc59eba10b7fff851d6dc5c03a3fe5fffee37f32509c3f1f0de9087da55c381e6f7954bbcf4d732ce4600a6ac6d32f889d874cc38893771cc58f81eb89f5459e35dea5b70c4775754d5e9c27f646ad89e72fd84f5688d88398fa07e08c61bcb13601960edd018da228a1f1d8be2daa35ebcb7e416f16ddfa2c0e6e457c20e7eabc495f8d7205a489096cece64984c8242ac322f24b28c7e908b17156a29621581540b7749e052d9f5ad1b7a83b191071bbcb2f6500128512032d3e15e6eb83b3e613b4ec7d2210b12b93de075deca9e618ae03ad26f6afedfba7c82dcf276a53bff9b006f99fff65fc72d5b0dfdba93193f33db69084c529355f7448c689410898306c0b67cd026560d34785e67a6c37be1da3013d8b7b03b35e645d7be5b1b48d45515b619456ba16469790ed538fa1f1257f2add1ba2b7f86666b919002fa51c6fb3aac8041020bf7d394101b9046a6264db4e958393e1ce52b9f336c9d314a574e7296a422286c2684ece13274dbb60a001d52096f878c951ae44eecb65341ab0d36d0aad57cceed54018eb782476a24bf400b0ffefac313346dc845ad8260d8ef13f70b363051a289340c7d852b80431f7910653acb9e9fa74d2bdb519b945a06d5593420d55480c9f4edcbba68792531c4e2bf655f886e034db6f6cdb7056893866b405e84a8ad1b52a5c700be3669f9f7328e98d25159c3e6777028a4bc70456a25f92957326f9e537a61d5488739fa69c18e640e8abdbdf4b84f533f43816d23a99210e643015cc25abba404c129878a3cd1b80a762d42122104d0f5a177f5abc002201ee84e95314bf51eb2293f6bf17762f1f710e48f2294e769fe0b44e05e6ce9508a15f9412f4331cb9c1f814a737b59961307fdad5e42a5b35ad24c56bd112a3b3ece8c3cc65181e4402bb57846bf081ba1d4c60b0ca1e31165a554803004836652cfadd5b4d2331e4cf45d5ce47c84946fbff22191fa2848998b9aa40d4929405d55bebd3230057faf584c3e1dc7c614c3963a6420b6fb4a652d0f1e09e53d07f5f5563d67e5027910633797b839f8beef0fc0c2857c08dc821341e143d784688e7f6cd34797097844606f66966b4d4b4a890550fcc2339d14aac287c13ce39976c7c79e33d283edb5ca23bc40931490efa0c08339b5d060df035c2af7233cc718d2a3885010db97e935d5525eb40c55b474df932299df05a8352f00216e47884805455cee8a3baae5dfe575f43623998cbffc3e18ee9f4c13707597018dc1c537777176bb337aa0d36d2a3e048ecc56bbc434f7ce56547b360627f024c6010b2799a75b1c273129b88cf3096a883ec28237fb4d08206f6468a342d0f3899fad019543df02c36e03ffa38cb7f716b9b0ccf36fa20c1ee758c05a66820fc79c42e2b0ea3cf2d83942b58aec4f2a18e337cb092ac405ac9284d9e8534b8ec46f28109298f4cf0301335dc532baf2a9124f062e26baff22e8a40c9e6744c0ca8c239fca52fa3ec87c9b173adc876a80a24221e5cb14542aa03bf21d5eaa2881f298399dbc122900b68f9649fd545c85bb0e1971968affc0388054597a3f7858de64872412320d846f288de12f99c1afd2551205c339153ddd7bed664d091f864709dd8d1cbe99d492a30e3df8ffd3d246cb3b64ba8398bf0370414a62d6fe07afea3e095a6543c37506a47671186786b8f91b0b29caef04912f34fc6d517553d9c8d87c782b9139eb0c84e9edb64b4c1fb2b4fe42a121a877c8d54bf949c92152f87e592f36f48d03278476d2ac4217e33e17a8bcf7ddd6e99fe7090b1d54ae7e360778dede9639cade79374537c71358dfe702b32aeff84b9abef76a3f041bea70a5c5eb58ea04a198fd59dd850b87de4fbad92f72b03913e2c92658e66ca78898", 0x1000}], 0x2, 0x0, 0x0, 0x20040000}, 0x40000) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000040)={0x5, 0x70, 0x9, 0x2, 0x100, 0x80000000, 0x0, 0xfffffffffffffe01, 0x4000, 0x0, 0x9, 0x6, 0x7, 0x7, 0x1000, 0xffc00, 0x200, 0x9, 0x40000000000000, 0x3, 0x10, 0x7, 0x81, 0xffff, 0x8, 0x4, 0xa5d, 0x8, 0x9, 0x20, 0x6, 0x8, 0xf8e5, 0x7, 0x13c, 0x2, 0x8000, 0x8001, 0x0, 0x89bf, 0x7, @perf_config_ext={0x6, 0x527}, 0x400, 0xffff, 0x497adbb5, 0x6, 0x48000, 0x8, 0x6}) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2400, 0x0) 2033/05/18 03:38:42 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x4000000000000000]}, 0x707000) 2033/05/18 03:38:42 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) getsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) getsockname$netrom(r1, &(0x7f0000000040)=@full, &(0x7f00000000c0)=0x48) 2033/05/18 03:38:42 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xffffdd86]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1073.392964] FAULT_INJECTION: forcing a failure. [ 1073.392964] name failslab, interval 1, probability 0, space 0, times 0 [ 1073.404345] CPU: 1 PID: 11316 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1073.412247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1073.421609] Call Trace: [ 1073.424216] dump_stack+0x1b9/0x294 [ 1073.427862] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1073.433061] ? __save_stack_trace+0x7e/0xd0 [ 1073.437404] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:43 executing program 2: openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x109040, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x1, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x10) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/pfkey\x00', 0x80000, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000040)="637075616370755f757345720063a2bccda37127a915c5f1bca89a40b4c95142c56f83000000000000b9000000000000", 0x0, 0x0) lseek(r2, 0x0, 0x4000000006) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000180)={0x200, 0x8009, 0x2, 0x0, 0x0}, &(0x7f00000001c0)=0x10) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000200)={r3, 0x37, "2cceb6ec80e7326e3e53fda0d026fd7e95934dd948c07ef54b5c05ac4fed64d5bf9352d80660371a1388861587517c26f71d11412a0689"}, &(0x7f0000000240)=0x3f) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000100), &(0x7f0000000140)=0x4) [ 1073.441480] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1073.446593] ? kasan_kmalloc+0xc4/0xe0 [ 1073.450525] ? kasan_slab_alloc+0x12/0x20 [ 1073.454732] ? kmem_cache_alloc+0x12e/0x760 [ 1073.459068] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1073.463924] ? kvm_mmu_load+0x21/0x10e0 [ 1073.467907] ? vcpu_enter_guest+0x3a83/0x6060 [ 1073.472416] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1073.477442] ? graph_lock+0x170/0x170 [ 1073.481256] ? do_syscall_64+0x1b1/0x800 [ 1073.485328] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1073.490715] ? find_held_lock+0x36/0x1c0 [ 1073.494793] ? __lock_is_held+0xb5/0x140 [ 1073.498866] ? od_init+0x200/0x2e0 [ 1073.502429] ? check_same_owner+0x320/0x320 [ 1073.506766] ? rcu_note_context_switch+0x710/0x710 [ 1073.511717] __should_failslab+0x124/0x180 [ 1073.515965] should_failslab+0x9/0x14 [ 1073.519779] kmem_cache_alloc+0x2af/0x760 [ 1073.523946] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1073.528804] mmu_topup_memory_caches+0xf7/0x3a0 [ 1073.533484] ? debug_check_no_locks_freed+0x310/0x310 [ 1073.538696] kvm_mmu_load+0x21/0x10e0 2033/05/18 03:38:43 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0xc00, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000100)={0x0, 0xec, "a829c902b34f05ad486c66871323e1463e0f55106c8a1208368c31a87001d8d15f983e82e83d5779027bd8c1365b1b686e6b22e51bfc9cca05af3a6154ace225b521af80e967d39338d182a930fa10128e393f2b84eccd5448d7736bac90b69dbb0418c19cc0a8af31a626305aad67e1b998b07a75ea06bcb3c1b0edfa95a13cc6495c7fca369238d5c9c67828bdb4866b7a1a736bbbe9df42ce41d2dd39acdc2220fcbe7177cc3a5d9184b1a68f1bd91bcb57a5e1d1cfbee0e81c2d432d3177b28944ad1bcc2edb773884bda0828986da0173501c3e3a32cabc9a099835cfe251685b8139621fa7c6e71849"}, &(0x7f0000000200)=0xf4) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000240)={r1, 0xffffffff, 0x80, 0x3fffc000000000, 0x20, 0xd2}, 0x14) r2 = socket$unix(0x1, 0x801, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) r4 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7, 0x80000) ioctl$BLKBSZGET(r4, 0x80081270, &(0x7f0000000080)) bind$unix(r3, &(0x7f0000003000)=@abs={0x1}, 0x8) listen(r3, 0x0) connect(r2, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8) unlink(&(0x7f00000002c0)='./file0\x00') openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x400000, 0x0) r5 = accept4(r3, 0x0, &(0x7f0000000040), 0x0) listen(r5, 0x0) [ 1073.542510] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1073.548060] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1073.552660] vcpu_enter_guest+0x3a83/0x6060 [ 1073.556998] ? __lock_acquire+0x7f5/0x5140 [ 1073.561242] ? print_usage_bug+0xc0/0xc0 [ 1073.565322] ? kvm_set_msr_common+0x2680/0x2680 [ 1073.569999] ? vmx_vcpu_load+0xadd/0xfe0 [ 1073.574094] ? vmx_vcpu_reset+0x1030/0x1030 [ 1073.578418] ? graph_lock+0x170/0x170 [ 1073.582224] ? graph_lock+0x170/0x170 [ 1073.586033] ? __lock_acquire+0x7f5/0x5140 2033/05/18 03:38:43 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000007000)={0x3b, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0063404000000000000000000000000000000700000000000000f8ffffffffffffff000000000003000000d69c7ae36760cc80", @ANYPTR=&(0x7f0000000140)=ANY=[]], 0x0, 0x0, &(0x7f0000002000)}) [ 1073.590287] ? __lock_is_held+0xb5/0x140 [ 1073.594359] ? show_sampling_rate+0x20/0x70 [ 1073.598692] ? lock_acquire+0x1dc/0x520 [ 1073.602669] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1073.607716] ? lock_release+0xa10/0xa10 [ 1073.611708] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1073.616993] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1073.621497] ? preempt_notifier_dec+0x20/0x20 [ 1073.626005] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1073.630850] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1073.635868] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1073.639930] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1073.645652] ? kasan_check_read+0x11/0x20 [ 1073.649808] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1073.653187] binder: 11336:11337 transaction failed 29201/-22, size -3026418949542641664-4647939529878239900 line 2971 [ 1073.654237] ? find_held_lock+0x36/0x1c0 [ 1073.654262] ? lock_downgrade+0x8e0/0x8e0 [ 1073.654283] ? kasan_check_read+0x11/0x20 [ 1073.654300] ? rcu_is_watching+0x85/0x140 [ 1073.654316] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1073.654340] ? __fget+0x40c/0x650 [ 1073.654359] ? expand_files.part.8+0x9a0/0x9a0 [ 1073.666196] binder_alloc: binder_alloc_mmap_handler: 11336 20001000-20004000 already mapped failed -16 [ 1073.669151] ? kasan_check_write+0x14/0x20 [ 1073.669169] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1073.669188] ? wait_for_completion+0x870/0x870 [ 1073.669207] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1073.669227] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1073.669245] do_vfs_ioctl+0x1cf/0x16a0 [ 1073.669266] ? ioctl_preallocate+0x2e0/0x2e0 [ 1073.669281] ? fget_raw+0x20/0x20 [ 1073.669297] ? schedule+0xef/0x430 [ 1073.677537] binder: BINDER_SET_CONTEXT_MGR already set [ 1073.677580] ? __schedule+0x1e30/0x1e30 [ 1073.682051] binder: 11336:11337 ioctl 40046207 0 returned -16 [ 1073.686883] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1073.686898] ? fput+0x130/0x1a0 [ 1073.686913] ? ksys_write+0x1a6/0x250 [ 1073.686933] ? security_file_ioctl+0x94/0xc0 [ 1073.686954] ksys_ioctl+0xa9/0xd0 [ 1073.686975] __x64_sys_ioctl+0x73/0xb0 [ 1073.686993] do_syscall_64+0x1b1/0x800 [ 1073.687008] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1073.687027] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1073.691282] binder_alloc: 11336: binder_alloc_buf, no vma [ 1073.695029] ? syscall_return_slowpath+0x30f/0x5c0 [ 1073.695047] ? retint_user+0x18/0x18 [ 1073.695067] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1073.695088] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1073.695106] RIP: 0033:0x455a09 [ 1073.695115] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1073.695131] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 2033/05/18 03:38:43 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xcc05000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:43 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0xffffffff00000000}]}, 0xfffffc53) [ 1073.695139] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1073.695148] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1073.695155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1073.695169] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000017 [ 1073.704681] binder: 11336:11338 transaction failed 29189/-3, size -3026418949542641664-4647939529878239900 line 2971 2033/05/18 03:38:43 executing program 2: sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) sched_yield() ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=0x0) getpgrp(r0) 2033/05/18 03:38:43 executing program 4 (fault-call:7 fault-nth:24): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:43 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xffffff7f00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1073.899522] binder: undelivered TRANSACTION_ERROR: 29189 [ 1073.910855] binder: undelivered TRANSACTION_ERROR: 29201 2033/05/18 03:38:43 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x200000]}, 0x707000) 2033/05/18 03:38:43 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='oom_score_adj\x00') getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e23, 0x10001, @mcast1={0xff, 0x1, [], 0x1}, 0x1ff}}}, &(0x7f00000000c0)=0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_value={r1, 0x3}, &(0x7f0000000140)=0x8) munmap(&(0x7f0000000000/0x600000)=nil, 0x600000) write$cgroup_pid(r0, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x1) 2033/05/18 03:38:43 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x400300]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1074.135234] FAULT_INJECTION: forcing a failure. [ 1074.135234] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.146616] CPU: 1 PID: 11355 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1074.153908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1074.163271] Call Trace: [ 1074.165881] dump_stack+0x1b9/0x294 [ 1074.169530] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1074.174736] ? __save_stack_trace+0x7e/0xd0 [ 1074.179081] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:43 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) [ 1074.183161] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1074.188370] ? kasan_kmalloc+0xc4/0xe0 [ 1074.192272] ? kasan_slab_alloc+0x12/0x20 [ 1074.196433] ? kmem_cache_alloc+0x12e/0x760 [ 1074.200769] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1074.205624] ? kvm_mmu_load+0x21/0x10e0 [ 1074.209620] ? vcpu_enter_guest+0x3a83/0x6060 [ 1074.214127] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1074.219156] ? graph_lock+0x170/0x170 [ 1074.223144] ? do_syscall_64+0x1b1/0x800 [ 1074.227220] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1074.232607] ? find_held_lock+0x36/0x1c0 [ 1074.236690] ? __lock_is_held+0xb5/0x140 [ 1074.240775] ? check_same_owner+0x320/0x320 [ 1074.245109] ? rcu_note_context_switch+0x710/0x710 [ 1074.250055] __should_failslab+0x124/0x180 [ 1074.254318] should_failslab+0x9/0x14 [ 1074.258135] kmem_cache_alloc+0x2af/0x760 [ 1074.262304] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1074.267169] mmu_topup_memory_caches+0xf7/0x3a0 [ 1074.271855] ? debug_check_no_locks_freed+0x310/0x310 [ 1074.277064] kvm_mmu_load+0x21/0x10e0 [ 1074.280885] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1074.286702] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1074.292507] vcpu_enter_guest+0x3a83/0x6060 [ 1074.296839] ? print_usage_bug+0xc0/0xc0 [ 1074.300903] ? kvm_set_msr_common+0x2680/0x2680 [ 1074.305571] ? vmx_vcpu_load+0xadd/0xfe0 [ 1074.309646] ? __lock_acquire+0x7f5/0x5140 [ 1074.313905] ? vmx_vcpu_reset+0x1030/0x1030 [ 1074.318241] ? graph_lock+0x170/0x170 [ 1074.322059] ? graph_lock+0x170/0x170 [ 1074.325864] ? __lock_acquire+0x7f5/0x5140 [ 1074.330096] ? debug_check_no_locks_freed+0x310/0x310 [ 1074.335294] ? __lock_is_held+0xb5/0x140 [ 1074.339364] ? lock_acquire+0x1dc/0x520 [ 1074.343360] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1074.348384] ? lock_release+0xa10/0xa10 [ 1074.352363] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1074.357638] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1074.362126] ? preempt_notifier_dec+0x20/0x20 [ 1074.366629] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1074.371473] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1074.376488] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1074.380543] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1074.386256] ? graph_lock+0x170/0x170 [ 1074.390154] ? find_held_lock+0x36/0x1c0 [ 1074.394226] ? lock_downgrade+0x8e0/0x8e0 [ 1074.398381] ? kasan_check_read+0x11/0x20 [ 1074.402522] ? rcu_is_watching+0x85/0x140 [ 1074.406664] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1074.411858] ? __fget+0x40c/0x650 [ 1074.415302] ? match_held_lock+0x841/0x8b0 [ 1074.419525] ? expand_files.part.8+0x9a0/0x9a0 [ 1074.424103] ? kasan_check_write+0x14/0x20 [ 1074.428773] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1074.433702] ? wait_for_completion+0x870/0x870 [ 1074.438272] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1074.443452] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1074.449165] do_vfs_ioctl+0x1cf/0x16a0 [ 1074.453056] ? ioctl_preallocate+0x2e0/0x2e0 [ 1074.457452] ? fget_raw+0x20/0x20 [ 1074.460896] ? __sb_end_write+0xac/0xe0 [ 1074.464861] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1074.470382] ? fput+0x130/0x1a0 [ 1074.473748] ? ksys_write+0x1a6/0x250 [ 1074.477551] ? security_file_ioctl+0x94/0xc0 [ 1074.481948] ksys_ioctl+0xa9/0xd0 [ 1074.485391] __x64_sys_ioctl+0x73/0xb0 [ 1074.489274] do_syscall_64+0x1b1/0x800 [ 1074.493161] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1074.497993] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1074.502908] ? syscall_return_slowpath+0x30f/0x5c0 [ 1074.507834] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1074.513186] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1074.518029] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1074.523201] RIP: 0033:0x455a09 [ 1074.526374] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:44 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x4, 0x100) getsockopt$bt_hci(r0, 0x0, 0xc, &(0x7f0000000080)=""/28, &(0x7f00000000c0)=0x1c) 2033/05/18 03:38:44 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x38000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:44 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x4000]}, 0x707000) 2033/05/18 03:38:44 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="f1000000c186cd862bf9efd281b064b032d9b5e6bef0845465979eee4f6b1e85fc3b829cdc31a0fca075da208875a836d854f1594be04a5ca37599c1611ebc248993c644e24263f44170039a3cfccf629d983ee943b3a8a173a566b73f460d97fdc19fea2750a8ca4237bde10463bf86358f9f8548b9dfec94a0309791825ba82390de5b565714e31c4206bc6856ec79b3262d42d39f2e3be8df3b5047356f5cfdc3f4804d0368f34e6435f45b50fbc74a970f4a54c88c46c89f69efa21039fcea4e1072a27f613268c784a0ebd8e639bcf24d66956bdd0780cc2233914b9d06e04287ca1c00000000000000000000000000000000"], &(0x7f0000000140)=0xf9) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={r1, 0x7ff}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000200)={r1, @in6={{0xa, 0x4e22, 0xffffffffffffffff, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0xd, &(0x7f0000000000), 0x10) 2033/05/18 03:38:44 executing program 4 (fault-call:7 fault-nth:25): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1074.534073] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1074.541326] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1074.548673] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1074.555926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1074.563194] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000018 [ 1074.623581] sctp: [Deprecated]: syz-executor2 (pid 11377) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1074.623581] Use struct sctp_sack_info instead [ 1074.695271] FAULT_INJECTION: forcing a failure. [ 1074.695271] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.706668] CPU: 1 PID: 11383 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1074.713951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1074.723315] Call Trace: [ 1074.725923] dump_stack+0x1b9/0x294 [ 1074.729575] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1074.735031] ? __save_stack_trace+0x7e/0xd0 [ 1074.736631] sctp: [Deprecated]: syz-executor2 (pid 11391) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1074.736631] Use struct sctp_sack_info instead [ 1074.739358] should_fail.cold.4+0xa/0x1a [ 1074.739379] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1074.739397] ? kasan_kmalloc+0xc4/0xe0 [ 1074.739419] ? kasan_slab_alloc+0x12/0x20 [ 1074.771757] ? kmem_cache_alloc+0x12e/0x760 [ 1074.776080] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1074.780926] ? kvm_mmu_load+0x21/0x10e0 [ 1074.784915] ? vcpu_enter_guest+0x3a83/0x6060 [ 1074.789420] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1074.794525] ? graph_lock+0x170/0x170 [ 1074.798322] ? do_syscall_64+0x1b1/0x800 [ 1074.802416] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1074.807800] ? find_held_lock+0x36/0x1c0 [ 1074.811863] ? __lock_is_held+0xb5/0x140 [ 1074.815924] ? azx_clear_irq_pending+0x20/0xe0 [ 1074.820515] ? check_same_owner+0x320/0x320 [ 1074.824827] ? rcu_note_context_switch+0x710/0x710 [ 1074.829748] __should_failslab+0x124/0x180 [ 1074.833977] should_failslab+0x9/0x14 [ 1074.837950] kmem_cache_alloc+0x2af/0x760 [ 1074.842100] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1074.846931] mmu_topup_memory_caches+0xf7/0x3a0 [ 1074.851587] ? debug_check_no_locks_freed+0x310/0x310 [ 1074.856770] kvm_mmu_load+0x21/0x10e0 [ 1074.860562] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1074.866090] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1074.870671] vcpu_enter_guest+0x3a83/0x6060 [ 1074.874983] ? print_usage_bug+0xc0/0xc0 [ 1074.879035] ? kvm_set_msr_common+0x2680/0x2680 [ 1074.883690] ? vmx_vcpu_load+0xadd/0xfe0 [ 1074.887740] ? __lock_acquire+0x7f5/0x5140 [ 1074.891961] ? vmx_vcpu_reset+0x1030/0x1030 [ 1074.896290] ? graph_lock+0x170/0x170 [ 1074.900086] ? graph_lock+0x170/0x170 [ 1074.903874] ? __lock_acquire+0x7f5/0x5140 [ 1074.908099] ? debug_check_no_locks_freed+0x310/0x310 [ 1074.913289] ? __lock_is_held+0xb5/0x140 [ 1074.917363] ? snd_hda_codec_proc_new+0x1d0/0x1e0 [ 1074.922207] ? lock_acquire+0x1dc/0x520 [ 1074.926184] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1074.931207] ? lock_release+0xa10/0xa10 [ 1074.935184] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1074.940465] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1074.944950] ? preempt_notifier_dec+0x20/0x20 [ 1074.949460] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1074.954296] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1074.959333] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1074.963405] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1074.969114] ? graph_lock+0x170/0x170 [ 1074.972909] ? find_held_lock+0x36/0x1c0 [ 1074.976966] ? lock_downgrade+0x8e0/0x8e0 [ 1074.981107] ? kasan_check_read+0x11/0x20 [ 1074.985253] ? rcu_is_watching+0x85/0x140 [ 1074.989404] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1074.994595] ? __fget+0x40c/0x650 [ 1074.998038] ? match_held_lock+0x841/0x8b0 [ 1075.002269] ? expand_files.part.8+0x9a0/0x9a0 [ 1075.006850] ? kasan_check_write+0x14/0x20 [ 1075.011085] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1075.016012] ? wait_for_completion+0x870/0x870 [ 1075.020589] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1075.025774] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1075.031481] do_vfs_ioctl+0x1cf/0x16a0 [ 1075.035374] ? ioctl_preallocate+0x2e0/0x2e0 [ 1075.039782] ? fget_raw+0x20/0x20 [ 1075.043865] ? __sb_end_write+0xac/0xe0 [ 1075.047838] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1075.053369] ? fput+0x130/0x1a0 [ 1075.056646] ? ksys_write+0x1a6/0x250 [ 1075.060454] ? security_file_ioctl+0x94/0xc0 [ 1075.064870] ksys_ioctl+0xa9/0xd0 [ 1075.068328] __x64_sys_ioctl+0x73/0xb0 [ 1075.072221] do_syscall_64+0x1b1/0x800 [ 1075.076108] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1075.080942] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1075.085863] ? syscall_return_slowpath+0x30f/0x5c0 [ 1075.090787] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1075.096183] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1075.101032] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1075.106226] RIP: 0033:0x455a09 [ 1075.109416] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1075.117133] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1075.124413] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1075.131708] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1075.138983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 2033/05/18 03:38:44 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x1000000}]}, 0xfffffc53) 2033/05/18 03:38:44 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x6558000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:44 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000140)="8d750ff4402283d34f69f1d6a449491dd9a4f60c992a924511228e9d331736aa9d115574693472a76b68ef22109a5f9edfed0a937357eda5179dc08a0b5c645f1e9c7cff23c91d3cd4769386ae0e00fe606817542baf760f1a72618899ed6588d4bb91193086ff7df981ee430c11562a2574fed49b484a360089fed895780dbcb350fd8c4808392eac67f77243220bd7be04d91f0fffa22bda1375a59271016d03c6e7fe069e3381bc0738c066c059752be1b6ed5efb4b3e4baf6156becbb7631568f776d15d62f263dbec4ca7cac0ffa415214bea7bc96cb67683fe50df53a1623d28df8cdb7d99f27642da54", 0xed, 0xfffffffffffffff9) keyctl$set_timeout(0xf, r1, 0x7ff) sendmsg$key(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x2, 0x8, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0xa0, 0x0, @in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}}]}, 0x28}, 0x1}, 0x0) 2033/05/18 03:38:44 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x2]}, 0x707000) 2033/05/18 03:38:44 executing program 2: setrlimit(0x9, &(0x7f0000000180)={0x2, 0x1}) mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x0, 0x1b071, 0xffffffffffffffff, 0x0) 2033/05/18 03:38:44 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:44 executing program 4 (fault-call:7 fault-nth:26): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:44 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x5], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1075.146252] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000019 2033/05/18 03:38:44 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x88caffff]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:44 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000080)=0x161, 0x0) getsockopt$ax25_buf(r1, 0x101, 0x19, &(0x7f00000000c0)=""/127, &(0x7f0000000040)=0x7f) sendmsg$nl_netfilter(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000002140)={0x14}, 0x14}, 0x1}, 0x0) [ 1075.376167] FAULT_INJECTION: forcing a failure. [ 1075.376167] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.387542] CPU: 1 PID: 11417 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1075.394830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1075.404193] Call Trace: [ 1075.406798] dump_stack+0x1b9/0x294 [ 1075.410446] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1075.415654] ? __save_stack_trace+0x7e/0xd0 [ 1075.420001] should_fail.cold.4+0xa/0x1a [ 1075.424077] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1075.429202] ? kasan_kmalloc+0xc4/0xe0 [ 1075.433107] ? kasan_slab_alloc+0x12/0x20 [ 1075.437267] ? kmem_cache_alloc+0x12e/0x760 [ 1075.441619] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1075.446472] ? kvm_mmu_load+0x21/0x10e0 [ 1075.450434] ? vcpu_enter_guest+0x3a83/0x6060 [ 1075.454914] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1075.459918] ? graph_lock+0x170/0x170 [ 1075.463707] ? do_syscall_64+0x1b1/0x800 [ 1075.467756] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1075.473110] ? find_held_lock+0x36/0x1c0 [ 1075.477161] ? __lock_is_held+0xb5/0x140 [ 1075.481207] ? reiserfs_commit_write+0xb0/0x860 [ 1075.485872] ? check_same_owner+0x320/0x320 [ 1075.490183] ? rcu_note_context_switch+0x710/0x710 [ 1075.495105] __should_failslab+0x124/0x180 [ 1075.499347] should_failslab+0x9/0x14 [ 1075.503137] kmem_cache_alloc+0x2af/0x760 [ 1075.507279] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1075.512123] mmu_topup_memory_caches+0xf7/0x3a0 [ 1075.516792] ? debug_check_no_locks_freed+0x310/0x310 [ 1075.521975] kvm_mmu_load+0x21/0x10e0 [ 1075.525783] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1075.531311] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1075.535886] vcpu_enter_guest+0x3a83/0x6060 [ 1075.540197] ? print_usage_bug+0xc0/0xc0 [ 1075.544251] ? kvm_set_msr_common+0x2680/0x2680 [ 1075.548907] ? vmx_vcpu_load+0xadd/0xfe0 [ 1075.552969] ? __lock_acquire+0x7f5/0x5140 [ 1075.557189] ? vmx_vcpu_reset+0x1030/0x1030 [ 1075.561496] ? graph_lock+0x170/0x170 [ 1075.565282] ? graph_lock+0x170/0x170 [ 1075.569065] ? __lock_acquire+0x7f5/0x5140 [ 1075.573287] ? debug_check_no_locks_freed+0x310/0x310 [ 1075.578466] ? __lock_is_held+0xb5/0x140 [ 1075.582514] ? reiserfs_write_begin+0x980/0xa70 [ 1075.587170] ? lock_acquire+0x1dc/0x520 [ 1075.591140] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1075.596146] ? lock_release+0xa10/0xa10 [ 1075.600108] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1075.605376] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1075.609859] ? preempt_notifier_dec+0x20/0x20 [ 1075.614348] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1075.619177] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1075.624187] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1075.628240] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1075.633937] ? graph_lock+0x170/0x170 [ 1075.637724] ? find_held_lock+0x36/0x1c0 [ 1075.641787] ? lock_downgrade+0x8e0/0x8e0 [ 1075.645924] ? kasan_check_read+0x11/0x20 [ 1075.650062] ? rcu_is_watching+0x85/0x140 [ 1075.654196] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1075.659380] ? __fget+0x40c/0x650 [ 1075.662825] ? match_held_lock+0x841/0x8b0 [ 1075.667048] ? expand_files.part.8+0x9a0/0x9a0 [ 1075.671622] ? kasan_check_write+0x14/0x20 [ 1075.675849] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1075.680767] ? wait_for_completion+0x870/0x870 [ 1075.685356] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1075.690534] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1075.696243] do_vfs_ioctl+0x1cf/0x16a0 [ 1075.700134] ? ioctl_preallocate+0x2e0/0x2e0 [ 1075.704541] ? fget_raw+0x20/0x20 [ 1075.707990] ? __sb_end_write+0xac/0xe0 [ 1075.711952] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1075.717473] ? fput+0x130/0x1a0 [ 1075.720739] ? ksys_write+0x1a6/0x250 [ 1075.724642] ? security_file_ioctl+0x94/0xc0 [ 1075.729040] ksys_ioctl+0xa9/0xd0 [ 1075.732481] __x64_sys_ioctl+0x73/0xb0 [ 1075.736359] do_syscall_64+0x1b1/0x800 [ 1075.740232] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1075.745070] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1075.749986] ? syscall_return_slowpath+0x30f/0x5c0 [ 1075.754903] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1075.760255] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1075.765086] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1075.770264] RIP: 0033:0x455a09 [ 1075.773437] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1075.781135] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1075.788401] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1075.795665] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1075.802920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1075.810184] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000001a 2033/05/18 03:38:45 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x7, 0x8, 0x1}, 0x1f3) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000040), &(0x7f00000001c0)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000040)={r0, &(0x7f0000000040), &(0x7f00000001c0)=""/118}, 0xffffffffffffffd3) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r0, &(0x7f0000000040), &(0x7f0000000100)=""/85}, 0x18) 2033/05/18 03:38:45 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x200000]}, 0x707000) 2033/05/18 03:38:45 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x43050000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:45 executing program 4 (fault-call:7 fault-nth:27): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x7a00000000000000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="000100000008000066000000c9030000ec000204000000000000000000000000002000000020000000010000000000006e5fbe5a0000ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000080)) rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00') pipe2(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f00000001c0)={0x2, 0x0, [0x0, 0x0]}) 2033/05/18 03:38:45 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xffffff7f], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:45 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x80000000000000, 0xffffffffffffffff) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000040)={0x4, [0x8, 0x7f, 0x5, 0x4]}, &(0x7f0000000080)=0xc) 2033/05/18 03:38:45 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x40000000}]}, 0xfffffc53) 2033/05/18 03:38:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) getsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, &(0x7f0000000100), &(0x7f0000000040)=0xffffffffffffffda) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000040)) [ 1076.144033] EXT4-fs error (device loop5): ext4_iget:4756: inode #2: comm syz-executor5: root inode unallocated 2033/05/18 03:38:45 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x5c8]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:45 executing program 6: r0 = socket(0x0, 0xfffffffffffffffe, 0x800) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x1) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0xfffffffffffffffe) fcntl$setstatus(r0, 0x4, 0x46000) syz_mount_image$ceph(&(0x7f0000000040)='ceph\x00', &(0x7f0000000080)='./file0\x00', 0xffffffff, 0x7, &(0x7f0000000700)=[{&(0x7f0000000280)="7dd865a552a8f9bd4c465a247d076859fafe8b3e14c55ad255fd14ea6cf7e50cad0a10930a02ae83515dcf37a4fd0a30f551de41dfada5066d7ff8686da8d23e8af5311f0d3a8d68d8aee893105dc297d4620ea5733298e10263e68b94145b8c7fdd55ca5ff5dd71f665855adb463bb823fd150e413e401a0c96847f0b6b27600c03c664daa54bfa4ac5d5b2f9b2be78a8ee88b6a67caaffe3336fc28719646c974f9edd61470d969bda63c2e4ccf455108dea16d7db69e6b7d4cfae0734a20a60ad5091d9c442a50cabdc55a298ebfcad28b1f96809a92f86ca75d7dd9dde92750434a24f731a6f8dd7716ba6672c04f83080a3f512", 0xf6, 0x3d22b35a}, {&(0x7f00000001c0)="5bc4437e074ec62b7a102bd016c0320d003594a9a7144129f4020af809f0bc36a935bcdc101e7e53354c9d52169e626d9e5f7559355c4d62b612c03355abc0cf3b6f1d8885ee757890c537942649d2610cc1861c34ddb13c7166a063", 0x5c, 0xffff}, {&(0x7f0000000380)="9e232091a77ebc93b4b8bb658d811fdb001d89c83b48d899ef340b22f811c7a6505ed81bc71722a861f651f44e115e1e3c4b743b4a82da1837d34eb0a932d84e49644a50dd10adef512c6a8745cb3f4ee3a157151705cef733f8aae63a09e1b1c996faeea3b6e3109886aa4595bcc415f84d8ede60bffe11c8eb3a9c520442c3d93756fe4fb2220e6ab2ad03d35cd86fc93d52b8fb5df920bfb866", 0x9b, 0x95a}, {&(0x7f0000000440)="04074735c70f1293c422e5cb34c15cee7fb6a8bd6b4f1d4c2a37ee7e47265b397f3f52f66ed1442f6c14aec319e9b67990cecce30c3f9611b48a403c8c7bf42e041292120f9ddf640e1372ae972abe3c6a49d5ab10aa3f50397167d9c52e9afd82cc8a1e6bc2646d5b6dc21161f9f6768fbc69288a9ac5696f9d152addaea1da26", 0x81, 0x3}, {&(0x7f0000000500)="0173d752a754f665459abf7f8f503335dce97f306c58cab44cea3316eb75f96b2313b8d74b81e1464cb4c39b4103adb8ea649a969e44c1124e7a9d5fa93e6eb0cde3501722f00ab007842835ee7cbfe7b6485b219fbb4348d8a33571f8c48763e38adbbae8", 0x65, 0x100}, {&(0x7f0000000580)="28cf1f4552723a39b6d7d3ee935e1fdeecb30d7677697a1527d8f5ba56d4b64e6a6919734015b3be90776768995c0c4b56564bca75dc305787f056e204f51730944d64b933a0b7fd3734594351013a734b38448f41342d354e122b40adc3bad15a93f93b29529179fd5e55394c9519ec6c43b83f85ce1b0eed07578f008dc5930e28f80da3174ad32fdf4c2bc32d0f7fc6ed0863c8e4f64a872a1158ece63dd42756caa170915fd795c9", 0xaa, 0x3}, {&(0x7f0000000640)="d92394419d6f9c65490a0626b38b9770f5e8554ca61054766fa173edcb70564ffabf12456b847597bccd8a4e9652364fde4991a9dfaaf66881c825781ea7d096e5cdb435c7a7795deb2f7f925b7d4da8cb13370d156329044c8ad41449dfafc5d69356641191c01edb0eecebf3615652d7969a4880581a44ab21c7997139e44ed514afae2f052aab0c1e55c727976dd43691f29eceb79f0a8fdeefa594260481e341513816", 0xa5, 0x7fff}], 0x807080, &(0x7f00000007c0)='$\x00') 2033/05/18 03:38:45 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x707000) [ 1076.226500] EXT4-fs (loop5): Remounting filesystem read-only [ 1076.232524] EXT4-fs (loop5): get root inode failed [ 1076.237511] EXT4-fs (loop5): mount failed [ 1076.315214] FAULT_INJECTION: forcing a failure. [ 1076.315214] name failslab, interval 1, probability 0, space 0, times 0 [ 1076.326697] CPU: 0 PID: 11453 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1076.334007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1076.343373] Call Trace: [ 1076.345986] dump_stack+0x1b9/0x294 [ 1076.349643] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1076.354856] ? __save_stack_trace+0x7e/0xd0 [ 1076.359208] should_fail.cold.4+0xa/0x1a [ 1076.363296] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1076.368420] ? kasan_kmalloc+0xc4/0xe0 [ 1076.372332] ? kasan_slab_alloc+0x12/0x20 [ 1076.376504] ? kmem_cache_alloc+0x12e/0x760 [ 1076.380848] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1076.385711] ? kvm_mmu_load+0x21/0x10e0 [ 1076.389706] ? vcpu_enter_guest+0x3a83/0x6060 [ 1076.394220] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1076.399260] ? graph_lock+0x170/0x170 [ 1076.403078] ? do_syscall_64+0x1b1/0x800 [ 1076.407166] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1076.412557] ? find_held_lock+0x36/0x1c0 [ 1076.416643] ? __lock_is_held+0xb5/0x140 [ 1076.420731] ? check_same_owner+0x320/0x320 [ 1076.425071] ? rcu_note_context_switch+0x710/0x710 [ 1076.430025] __should_failslab+0x124/0x180 [ 1076.434278] should_failslab+0x9/0x14 [ 1076.438101] kmem_cache_alloc+0x2af/0x760 [ 1076.442266] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1076.447135] mmu_topup_memory_caches+0xf7/0x3a0 [ 1076.451819] ? debug_check_no_locks_freed+0x310/0x310 [ 1076.457031] kvm_mmu_load+0x21/0x10e0 [ 1076.460852] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1076.466416] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1076.471020] vcpu_enter_guest+0x3a83/0x6060 [ 1076.475359] ? print_usage_bug+0xc0/0xc0 [ 1076.479441] ? kvm_set_msr_common+0x2680/0x2680 [ 1076.484126] ? vmx_vcpu_load+0xadd/0xfe0 [ 1076.488203] ? __lock_acquire+0x7f5/0x5140 [ 1076.492452] ? vmx_vcpu_reset+0x1030/0x1030 [ 1076.496782] ? graph_lock+0x170/0x170 [ 1076.500591] ? graph_lock+0x170/0x170 [ 1076.504403] ? __lock_acquire+0x7f5/0x5140 [ 1076.508653] ? debug_check_no_locks_freed+0x310/0x310 2033/05/18 03:38:46 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000000040), 0x100000a7, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x9, 0x200200) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000200)={r1, 0x80000, r0}) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e20, 0x3, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0xfff}}, 0x6, 0x6051}, &(0x7f0000000180)=0x90) 2033/05/18 03:38:46 executing program 2: r0 = msgget$private(0x0, 0x58c) msgctl$IPC_INFO(r0, 0x3, &(0x7f00000000c0)=""/16) munmap(&(0x7f0000000000/0x600000)=nil, 0x600000) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) acct(&(0x7f0000000000)='./file0\x00') r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = accept$ipx(0xffffffffffffffff, &(0x7f0000000380), &(0x7f00000003c0)=0x10) ioctl$sock_ipx_SIOCAIPXPRISLT(r2, 0x89e1, &(0x7f0000000400)=0xffffffffffff0000) fchmod(r1, 0x2) rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/file0\x00') r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x400, 0x0) getsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000240)={@empty, 0x0}, &(0x7f0000000280)=0x14) ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f00000002c0)={@remote={0xfe, 0x80, [], 0xbb}, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, @mcast1={0xff, 0x1, [], 0x1}, 0x20, 0x5fd, 0x1, 0x400, 0x4, 0x80, r4}) accept$packet(0xffffffffffffff9c, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000180)=0x14) ioctl$KDGKBMODE(r3, 0x4b44, &(0x7f0000000340)) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f00000001c0)={@local={0xfe, 0x80, [], 0xaa}, @dev={0xfe, 0x80, [], 0x1b}, @mcast2={0xff, 0x2, [], 0x1}, 0x2, 0xffff, 0x7fffffff, 0x100, 0xe7, 0x2400020, r5}) [ 1076.513858] ? __lock_is_held+0xb5/0x140 [ 1076.517933] ? lock_acquire+0x1dc/0x520 [ 1076.521918] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1076.526946] ? lock_release+0xa10/0xa10 [ 1076.530931] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1076.536220] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1076.540723] ? preempt_notifier_dec+0x20/0x20 [ 1076.545237] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1076.550096] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1076.555130] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1076.559193] ? kvm_uevent_notify_change.part.29+0x440/0x440 2033/05/18 03:38:46 executing program 2: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) ioctl$sock_inet_SIOCSIFBRDADDR(r1, 0x891a, &(0x7f0000000080)={'ip6gre0\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x84, r2, 0x20, 0x70bd28, 0x25dfdbfc, {0x6}, [@IPVS_CMD_ATTR_DAEMON={0x2c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x40000000000000}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7ff}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x8001}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}]}, 0x84}, 0x1, 0x0, 0x0, 0x4}, 0x4000080) clock_adjtime(0xffc99a3b, &(0x7f0000000200)={0x7ff}) [ 1076.564922] ? graph_lock+0x170/0x170 [ 1076.568734] ? find_held_lock+0x36/0x1c0 [ 1076.572808] ? lock_downgrade+0x8e0/0x8e0 [ 1076.576965] ? kasan_check_read+0x11/0x20 [ 1076.581173] ? rcu_is_watching+0x85/0x140 [ 1076.585332] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1076.590542] ? __fget+0x40c/0x650 [ 1076.594010] ? match_held_lock+0x841/0x8b0 [ 1076.598259] ? expand_files.part.8+0x9a0/0x9a0 [ 1076.602868] ? kasan_check_write+0x14/0x20 [ 1076.607104] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1076.612032] ? wait_for_completion+0x870/0x870 [ 1076.616610] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1076.621794] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1076.627498] do_vfs_ioctl+0x1cf/0x16a0 [ 1076.631380] ? ioctl_preallocate+0x2e0/0x2e0 [ 1076.635782] ? fget_raw+0x20/0x20 [ 1076.639228] ? __sb_end_write+0xac/0xe0 [ 1076.643198] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1076.648727] ? fput+0x130/0x1a0 [ 1076.652001] ? ksys_write+0x1a6/0x250 [ 1076.655806] ? security_file_ioctl+0x94/0xc0 [ 1076.660209] ksys_ioctl+0xa9/0xd0 [ 1076.663655] __x64_sys_ioctl+0x73/0xb0 [ 1076.667534] do_syscall_64+0x1b1/0x800 [ 1076.671419] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1076.676258] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1076.681180] ? syscall_return_slowpath+0x30f/0x5c0 [ 1076.686113] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1076.691472] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1076.696309] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1076.701486] RIP: 0033:0x455a09 [ 1076.704673] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1076.712373] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1076.719631] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1076.726889] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1076.734149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1076.741411] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000001b [ 1076.813910] EXT4-fs error (device loop5): ext4_iget:4756: inode #2: comm syz-executor5: root inode unallocated [ 1076.853349] EXT4-fs (loop5): Remounting filesystem read-only [ 1076.859367] EXT4-fs (loop5): get root inode failed [ 1076.864363] EXT4-fs (loop5): mount failed 2033/05/18 03:38:46 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xffffca88]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:46 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x3f000000}]}, 0xfffffc53) 2033/05/18 03:38:46 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x44000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:46 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x2000]}, 0x707000) 2033/05/18 03:38:46 executing program 2: r0 = eventfd2(0x6, 0x0) readv(r0, &(0x7f0000001600)=[{&(0x7f0000000100)=""/8, 0x8}, {&(0x7f0000001500)=""/231, 0x7}], 0x2) syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x8, 0x0) 2033/05/18 03:38:46 executing program 6: r0 = socket(0xa, 0x1, 0x0) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r0, 0x111, 0x2, 0x1, 0x4) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f0000000080)={0x3}, 0x8, 0x0) 2033/05/18 03:38:46 executing program 5: syz_fuseblk_mount(&(0x7f0000001800)='\x00', &(0x7f0000001840)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) 2033/05/18 03:38:46 executing program 4 (fault-call:7 fault-nth:28): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:46 executing program 6: r0 = socket(0xa, 0x1, 0x0) getsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000080)=0x4, &(0x7f00000000c0)=0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0336364ac6000000"], 0x8, 0x0) 2033/05/18 03:38:46 executing program 2: getpgrp(0x0) r0 = gettid() rt_tgsigqueueinfo(r0, r0, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x29}) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x400, 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f0000000040)={{0x200, 0x3}, {0x8, 0xfffffffffffffe28}, 0xfffffffffffffbff, 0x4, 0x5}) 2033/05/18 03:38:46 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x707000) [ 1077.065114] FAULT_INJECTION: forcing a failure. [ 1077.065114] name failslab, interval 1, probability 0, space 0, times 0 [ 1077.076473] CPU: 0 PID: 11513 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1077.083762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1077.093129] Call Trace: [ 1077.095744] dump_stack+0x1b9/0x294 [ 1077.099659] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1077.104867] ? __save_stack_trace+0x7e/0xd0 [ 1077.109209] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:46 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") socketpair(0xb, 0x6, 0x4a, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCGNAME(r1, 0x80404506, &(0x7f00000001c0)=""/107) r2 = msgget(0x2, 0x200) r3 = msgget$private(0x0, 0x34) msgrcv(r3, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0) msgrcv(r2, &(0x7f0000000080)={0x0, ""/230}, 0xee, 0x0, 0x1000) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0300000d2c510287a317b6d1b857b59300000058cdc718928b4410455e5c470d515d5cdd2ec52ff55de15e1e4c5980a2f92d341b7285d5e83f753eecd16a3bf3b9bfa2e9dd523043298f01fdd274d547f2923d0e2ec3f1929f83ae8f156fe752774b415b4593a889e0a28eed6963da610114cea7bfa76798356a6f1fd544fa6ce1091301a54782a9f247b341c83dd37d24e84c19779ba8106cfebcdacd936be9773acd2623bd5db25ab14230bf6bcf68675ad3022395165a8a9b846acaf7012d2f0d76c7e0c070b983c02a2102fcd2a731c107299ff24800000000000000"], 0x8, 0x0) [ 1077.113292] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1077.118412] ? kasan_kmalloc+0xc4/0xe0 [ 1077.122324] ? kasan_slab_alloc+0x12/0x20 [ 1077.126487] ? kmem_cache_alloc+0x12e/0x760 [ 1077.130830] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1077.135687] ? kvm_mmu_load+0x21/0x10e0 [ 1077.139671] ? vcpu_enter_guest+0x3a83/0x6060 [ 1077.144174] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1077.149202] ? graph_lock+0x170/0x170 [ 1077.153027] ? do_syscall_64+0x1b1/0x800 [ 1077.157168] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1077.162550] ? find_held_lock+0x36/0x1c0 [ 1077.166629] ? __lock_is_held+0xb5/0x140 [ 1077.170715] ? check_same_owner+0x320/0x320 [ 1077.175317] ? rcu_note_context_switch+0x710/0x710 [ 1077.180268] __should_failslab+0x124/0x180 [ 1077.184520] should_failslab+0x9/0x14 [ 1077.188336] kmem_cache_alloc+0x2af/0x760 [ 1077.192502] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1077.197361] mmu_topup_memory_caches+0xf7/0x3a0 [ 1077.202041] ? debug_check_no_locks_freed+0x310/0x310 [ 1077.207258] kvm_mmu_load+0x21/0x10e0 2033/05/18 03:38:46 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000024000)={0xfffffffffffffffe}, 0x0, 0x8) tkill(r1, 0x12) recvfrom$inet(r0, &(0x7f0000000080)=""/211, 0xd3, 0x10020, &(0x7f0000000180)={0x2, 0x4e22, @broadcast=0xffffffff}, 0x10) rt_sigprocmask(0x1, &(0x7f0000000000)={0xffffffff}, &(0x7f0000000040), 0x8) [ 1077.211865] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1077.217417] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1077.222018] vcpu_enter_guest+0x3a83/0x6060 [ 1077.226358] ? print_usage_bug+0xc0/0xc0 [ 1077.230432] ? kvm_set_msr_common+0x2680/0x2680 [ 1077.235117] ? vmx_vcpu_load+0xadd/0xfe0 [ 1077.239191] ? __lock_acquire+0x7f5/0x5140 [ 1077.243439] ? vmx_vcpu_reset+0x1030/0x1030 [ 1077.248292] ? graph_lock+0x170/0x170 [ 1077.252104] ? graph_lock+0x170/0x170 [ 1077.255915] ? __lock_acquire+0x7f5/0x5140 [ 1077.260160] ? debug_check_no_locks_freed+0x310/0x310 2033/05/18 03:38:46 executing program 5: r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x6, 0x40000) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='uid_map\x00') r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$TIOCEXCL(r0, 0x540c) writev(r1, &(0x7f0000001480)=[{&(0x7f0000001380)="b7", 0x1}], 0x1) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x7) [ 1077.265362] ? __lock_is_held+0xb5/0x140 [ 1077.269442] ? lock_acquire+0x1dc/0x520 [ 1077.273424] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1077.278454] ? lock_release+0xa10/0xa10 [ 1077.282437] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1077.287727] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1077.292318] ? preempt_notifier_dec+0x20/0x20 [ 1077.296841] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1077.301688] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1077.306981] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1077.311053] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1077.316775] ? graph_lock+0x170/0x170 [ 1077.320583] ? find_held_lock+0x36/0x1c0 [ 1077.324664] ? lock_downgrade+0x8e0/0x8e0 [ 1077.328827] ? kasan_check_read+0x11/0x20 [ 1077.332986] ? rcu_is_watching+0x85/0x140 [ 1077.337142] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1077.342355] ? __fget+0x40c/0x650 [ 1077.345817] ? match_held_lock+0x841/0x8b0 [ 1077.350062] ? expand_files.part.8+0x9a0/0x9a0 [ 1077.354696] ? kasan_check_write+0x14/0x20 [ 1077.358939] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1077.363890] ? wait_for_completion+0x870/0x870 [ 1077.368483] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1077.373687] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1077.379409] do_vfs_ioctl+0x1cf/0x16a0 [ 1077.383313] ? ioctl_preallocate+0x2e0/0x2e0 [ 1077.387730] ? fget_raw+0x20/0x20 [ 1077.391196] ? __sb_end_write+0xac/0xe0 [ 1077.395186] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1077.400731] ? fput+0x130/0x1a0 [ 1077.404018] ? ksys_write+0x1a6/0x250 [ 1077.407838] ? security_file_ioctl+0x94/0xc0 [ 1077.412251] ksys_ioctl+0xa9/0xd0 [ 1077.415694] __x64_sys_ioctl+0x73/0xb0 [ 1077.419569] do_syscall_64+0x1b1/0x800 [ 1077.423466] ? finish_task_switch+0x1ca/0x840 [ 1077.427946] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1077.432861] ? syscall_return_slowpath+0x30f/0x5c0 [ 1077.437786] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1077.443136] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1077.447973] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1077.453159] RIP: 0033:0x455a09 [ 1077.456329] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1077.464023] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1077.471291] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1077.478551] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1077.485826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1077.493091] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000001c 2033/05/18 03:38:47 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x8000000000000000]}, 0x707000) 2033/05/18 03:38:47 executing program 5: clone(0x0, &(0x7f0000000080), &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)) getpriority(0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2081, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000240)}, 0x400, 0x0, 0x4, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x2) userfaultfd(0x0) ptrace$poke(0x4, 0x0, &(0x7f00000003c0), 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x9) 2033/05/18 03:38:47 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x10}]}, 0xfffffc53) 2033/05/18 03:38:47 executing program 2: recvmsg(0xffffffffffffffff, &(0x7f000000e5b4)={&(0x7f000000b000)=@can, 0x10, &(0x7f0000002000)=[{&(0x7f0000000000)=""/237, 0x3c7}, {&(0x7f0000000fdb)=""/37, 0x9c}], 0x96b0cf4a6d2225a0, 0x0, 0xb5}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000002000)=ANY=[@ANYBLOB="180000000000000000010000feffffff250000000000000000000000000000009500000000000000"], &(0x7f000000a000)='syzkaller\x00', 0x1, 0x31b, &(0x7f0000011000)=""/195}, 0x48) 2033/05/18 03:38:47 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xffffffff00000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:47 executing program 6: r0 = socket(0xa, 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$KDSKBLED(r1, 0x4b65, 0x3) setsockopt$inet_buf(r0, 0x0, 0x2f, &(0x7f0000000040)="8291894ca267f937ef998b", 0xb) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:47 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x6200], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:47 executing program 4 (fault-call:7 fault-nth:29): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:47 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="b4000023000000002500ffff000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) 2033/05/18 03:38:47 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x40000000]}, 0x707000) 2033/05/18 03:38:47 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x800000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1078.300676] FAULT_INJECTION: forcing a failure. [ 1078.300676] name failslab, interval 1, probability 0, space 0, times 0 [ 1078.312068] CPU: 1 PID: 11562 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1078.319356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1078.328816] Call Trace: [ 1078.331439] dump_stack+0x1b9/0x294 [ 1078.335091] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1078.340304] ? __save_stack_trace+0x7e/0xd0 [ 1078.344656] should_fail.cold.4+0xa/0x1a [ 1078.348742] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1078.353862] ? kasan_kmalloc+0xc4/0xe0 [ 1078.357766] ? kasan_slab_alloc+0x12/0x20 [ 1078.361929] ? kmem_cache_alloc+0x12e/0x760 [ 1078.366266] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1078.371123] ? kvm_mmu_load+0x21/0x10e0 [ 1078.375116] ? vcpu_enter_guest+0x3a83/0x6060 [ 1078.379621] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1078.384650] ? graph_lock+0x170/0x170 [ 1078.388460] ? do_syscall_64+0x1b1/0x800 [ 1078.392533] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1078.398078] ? find_held_lock+0x36/0x1c0 [ 1078.402159] ? __lock_is_held+0xb5/0x140 [ 1078.406252] ? check_same_owner+0x320/0x320 [ 1078.410609] ? rcu_note_context_switch+0x710/0x710 [ 1078.415563] __should_failslab+0x124/0x180 [ 1078.419818] should_failslab+0x9/0x14 [ 1078.423640] kmem_cache_alloc+0x2af/0x760 [ 1078.427800] ? kvm_clock_read+0x25/0x30 [ 1078.431789] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1078.436819] ? ktime_get_with_offset+0x326/0x4a0 [ 1078.441591] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1078.446453] mmu_topup_memory_caches+0xf7/0x3a0 [ 1078.451136] kvm_mmu_load+0x21/0x10e0 [ 1078.454939] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1078.460470] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1078.465067] vcpu_enter_guest+0x3a83/0x6060 [ 1078.469390] ? kvm_set_msr_common+0x2680/0x2680 [ 1078.474066] ? vmx_vcpu_load+0xadd/0xfe0 [ 1078.478121] ? __lock_acquire+0x7f5/0x5140 [ 1078.482360] ? vmx_vcpu_reset+0x1030/0x1030 [ 1078.486675] ? graph_lock+0x170/0x170 [ 1078.490485] ? graph_lock+0x170/0x170 [ 1078.494274] ? __lock_acquire+0x7f5/0x5140 [ 1078.498505] ? debug_check_no_locks_freed+0x310/0x310 [ 1078.503689] ? __lock_is_held+0xb5/0x140 [ 1078.507750] ? lock_acquire+0x1dc/0x520 [ 1078.512417] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1078.517437] ? lock_release+0xa10/0xa10 [ 1078.521405] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1078.526676] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1078.531159] ? preempt_notifier_dec+0x20/0x20 [ 1078.535652] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1078.540482] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1078.545498] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1078.549558] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1078.555257] ? graph_lock+0x170/0x170 [ 1078.559050] ? find_held_lock+0x36/0x1c0 [ 1078.563109] ? lock_downgrade+0x8e0/0x8e0 [ 1078.567253] ? rcu_is_watching+0x85/0x140 [ 1078.571394] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1078.576598] ? __fget+0x40c/0x650 [ 1078.580041] ? match_held_lock+0x841/0x8b0 [ 1078.584267] ? expand_files.part.8+0x9a0/0x9a0 [ 1078.588840] ? kasan_check_write+0x14/0x20 [ 1078.593070] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1078.597990] ? wait_for_completion+0x870/0x870 [ 1078.602583] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1078.607781] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1078.613482] do_vfs_ioctl+0x1cf/0x16a0 [ 1078.617364] ? ioctl_preallocate+0x2e0/0x2e0 [ 1078.621763] ? fget_raw+0x20/0x20 [ 1078.625207] ? __sb_end_write+0xac/0xe0 [ 1078.629175] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1078.634702] ? fput+0x130/0x1a0 [ 1078.637982] ? ksys_write+0x1a6/0x250 [ 1078.641777] ? security_file_ioctl+0x94/0xc0 [ 1078.646177] ksys_ioctl+0xa9/0xd0 [ 1078.649623] __x64_sys_ioctl+0x73/0xb0 [ 1078.653513] do_syscall_64+0x1b1/0x800 [ 1078.657397] ? finish_task_switch+0x1ca/0x840 [ 1078.661900] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1078.666821] ? syscall_return_slowpath+0x30f/0x5c0 [ 1078.671745] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1078.677115] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1078.681953] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1078.687132] RIP: 0033:0x455a09 [ 1078.690322] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:47 executing program 2: r0 = syz_open_dev$tun(&(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"79616d300001178b00", 0x4012}) ioctl$TTUNGETFILTER(r0, 0x801054db, &(0x7f00000003c0)=""/145) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x20200, 0x0) openat(r1, &(0x7f00000000c0)='./file0\x00', 0x200000, 0x1) r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x40, 0x40) ioctl$EVIOCGABS2F(r2, 0x8018456f, &(0x7f0000000140)=""/232) 2033/05/18 03:38:48 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x300], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:48 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x4305000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:48 executing program 2: r0 = socket(0xa, 0x200000000001, 0x0) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000040)=0x3) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") socketpair$inet(0x2, 0x3, 0xff, &(0x7f0000000000)) 2033/05/18 03:38:48 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") syz_emit_ethernet(0x66, &(0x7f0000000140)=ANY=[@ANYBLOB="2b00000000002514cd92c4e683234500005800000000002f9078ac1414aaac1414aa042065580000000000000800000086dd88ca88be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000"], &(0x7f0000000000)) [ 1078.698028] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1078.705288] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1078.712551] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1078.719818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1078.727077] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000001d 2033/05/18 03:38:48 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000680)='cgroup\x00') getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000006c0), &(0x7f0000000700)=0xc) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001800090000000000000000001d0000000000000000000000afefdf"], 0x1c}, 0x1}, 0x0) 2033/05/18 03:38:48 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x4000]}, 0x707000) 2033/05/18 03:38:48 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:48 executing program 2: r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x6, 0x430400) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f000000affc)) openat$audio(0xffffffffffffff9c, &(0x7f0000009000)='/dev/audio\x00', 0x0, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x40400) io_setup(0x4, &(0x7f0000000000)=0x0) io_submit(r3, 0x1, &(0x7f0000001440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000040)}]) 2033/05/18 03:38:48 executing program 4 (fault-call:7 fault-nth:30): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:48 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x2]}, 0x707000) 2033/05/18 03:38:48 executing program 6: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x800, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x20}) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r2 = msgget(0x1, 0x204) msgrcv(r2, &(0x7f0000000280)={0x0, ""/140}, 0x94, 0xffffffffffffffff, 0x0) syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x800000000000000, 0x80) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) 2033/05/18 03:38:48 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x4000000000000000}]}, 0xfffffc53) 2033/05/18 03:38:48 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x88a8ffff]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:48 executing program 5: symlink(&(0x7f0000000200)='/\x00', &(0x7f0000000240)='./file0/file0\x00') mkdir(&(0x7f0000000040)='./file0/file0\x00', 0x70) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x8000, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x60000, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@known='system.posix_acl_default\x00', &(0x7f0000000100)=""/75, 0x4b) ioctl$DRM_IOCTL_INFO_BUFS(r0, 0xc0106418, &(0x7f00000001c0)={0x1ff, 0x2, 0xfff, 0x0, 0x1c, 0x8}) 2033/05/18 03:38:48 executing program 5: unshare(0x40000000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'raw\x00'}, &(0x7f0000000080)=0x54) r1 = fcntl$dupfd(r0, 0x0, r0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000280)={'filter\x00'}, &(0x7f0000000300)=0x54) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f00000000c0)={0x7, 0x6}) 2033/05/18 03:38:48 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xa000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:48 executing program 2: r0 = socket$inet6(0xa, 0x7fd, 0xb) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000080)=0x2, 0x4) 2033/05/18 03:38:48 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x4000000000000000]}, 0x707000) [ 1079.164965] FAULT_INJECTION: forcing a failure. [ 1079.164965] name failslab, interval 1, probability 0, space 0, times 0 [ 1079.176459] CPU: 0 PID: 11630 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1079.183867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1079.193229] Call Trace: [ 1079.195843] dump_stack+0x1b9/0x294 [ 1079.199587] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1079.204795] ? __save_stack_trace+0x7e/0xd0 [ 1079.209697] should_fail.cold.4+0xa/0x1a [ 1079.213780] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1079.218898] ? kasan_kmalloc+0xc4/0xe0 [ 1079.222799] ? kasan_slab_alloc+0x12/0x20 [ 1079.226958] ? kmem_cache_alloc+0x12e/0x760 [ 1079.231292] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1079.236148] ? kvm_mmu_load+0x21/0x10e0 [ 1079.240140] ? vcpu_enter_guest+0x3a83/0x6060 [ 1079.244643] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1079.249675] ? graph_lock+0x170/0x170 [ 1079.253519] ? do_syscall_64+0x1b1/0x800 [ 1079.257595] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1079.262979] ? find_held_lock+0x36/0x1c0 [ 1079.267141] ? __lock_is_held+0xb5/0x140 [ 1079.271237] ? check_same_owner+0x320/0x320 [ 1079.275575] ? rcu_note_context_switch+0x710/0x710 [ 1079.280522] __should_failslab+0x124/0x180 [ 1079.284779] should_failslab+0x9/0x14 [ 1079.288597] kmem_cache_alloc+0x2af/0x760 [ 1079.292765] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1079.296337] IPVS: ftp: loaded support on port[0] = 21 [ 1079.297622] mmu_topup_memory_caches+0xf7/0x3a0 [ 1079.297642] ? debug_check_no_locks_freed+0x310/0x310 [ 1079.297665] kvm_mmu_load+0x21/0x10e0 [ 1079.297685] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1079.297701] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1079.297720] vcpu_enter_guest+0x3a83/0x6060 [ 1079.297735] ? print_usage_bug+0xc0/0xc0 [ 1079.335032] ? kvm_set_msr_common+0x2680/0x2680 [ 1079.339722] ? vmx_vcpu_load+0xadd/0xfe0 [ 1079.343800] ? __lock_acquire+0x7f5/0x5140 [ 1079.348054] ? vmx_vcpu_reset+0x1030/0x1030 [ 1079.352388] ? graph_lock+0x170/0x170 [ 1079.356201] ? graph_lock+0x170/0x170 [ 1079.360012] ? __lock_acquire+0x7f5/0x5140 [ 1079.364274] ? debug_check_no_locks_freed+0x310/0x310 [ 1079.369506] ? __lock_is_held+0xb5/0x140 [ 1079.373582] ? lock_acquire+0x1dc/0x520 [ 1079.377569] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1079.382599] ? lock_release+0xa10/0xa10 [ 1079.386591] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1079.391897] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1079.396410] ? preempt_notifier_dec+0x20/0x20 [ 1079.400928] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1079.405779] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1079.410812] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1079.414884] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1079.420604] ? graph_lock+0x170/0x170 [ 1079.424409] ? find_held_lock+0x36/0x1c0 [ 1079.428486] ? lock_downgrade+0x8e0/0x8e0 [ 1079.432641] ? kasan_check_read+0x11/0x20 [ 1079.436790] ? rcu_is_watching+0x85/0x140 [ 1079.440935] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1079.446123] ? __fget+0x40c/0x650 [ 1079.449560] ? match_held_lock+0x841/0x8b0 [ 1079.453794] ? expand_files.part.8+0x9a0/0x9a0 [ 1079.458365] ? kasan_check_write+0x14/0x20 [ 1079.462604] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1079.467528] ? wait_for_completion+0x870/0x870 [ 1079.472124] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1079.477319] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1079.483036] do_vfs_ioctl+0x1cf/0x16a0 [ 1079.486919] ? ioctl_preallocate+0x2e0/0x2e0 [ 1079.491314] ? fget_raw+0x20/0x20 [ 1079.494756] ? __sb_end_write+0xac/0xe0 [ 1079.498736] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1079.504275] ? fput+0x130/0x1a0 [ 1079.507561] ? ksys_write+0x1a6/0x250 [ 1079.511365] ? security_file_ioctl+0x94/0xc0 [ 1079.515773] ksys_ioctl+0xa9/0xd0 [ 1079.519228] __x64_sys_ioctl+0x73/0xb0 [ 1079.523120] do_syscall_64+0x1b1/0x800 [ 1079.527009] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1079.531844] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1079.536763] ? syscall_return_slowpath+0x30f/0x5c0 [ 1079.541682] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1079.547038] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1079.551870] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1079.557046] RIP: 0033:0x455a09 [ 1079.560234] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1079.567937] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1079.575201] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1079.582471] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1079.589733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1079.597008] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000001e [ 1079.680254] IPVS: ftp: loaded support on port[0] = 21 2033/05/18 03:38:49 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002c12ae4a9fad"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x2, 0x400002) ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000080)={0x4ea, 0xff, 0xffffffffffff8000, 0xd9, 0x8, 0x10000}) 2033/05/18 03:38:49 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x65580000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:49 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x20000000000000]}, 0x707000) 2033/05/18 03:38:49 executing program 4 (fault-call:7 fault-nth:31): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:49 executing program 5: unshare(0x40000000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'raw\x00'}, &(0x7f0000000080)=0x54) r1 = fcntl$dupfd(r0, 0x0, r0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000280)={'filter\x00'}, &(0x7f0000000300)=0x54) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f00000000c0)={0x7, 0x6}) 2033/05/18 03:38:49 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x100000000000000}]}, 0xfffffc53) 2033/05/18 03:38:49 executing program 2: r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x1, 0x3, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3}, 0x20) sendto$ax25(r0, &(0x7f0000000080)="0c2378f462ef80590d531fb9ba1602eaab5e93c02083", 0x16, 0x1, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f000065ffa8)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000100), 0x0) 2033/05/18 03:38:49 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1080.095391] IPVS: ftp: loaded support on port[0] = 21 2033/05/18 03:38:49 executing program 2: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000001bff4)) r2 = gettid() readlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=""/111, 0x6f) signalfd(r0, &(0x7f0000392ff8), 0x8) rt_sigprocmask(0x0, &(0x7f0000024000)={0xfffffffffffffffe}, 0x0, 0x8) r3 = syz_open_procfs(r2, &(0x7f00000001c0)='autogroup\x00') ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r3, 0xc0305302, &(0x7f0000000200)={0xf58, 0xfffffffffffff800, 0x2, 0x0, 0x9, 0xfffffffffffffc01}) tkill(r2, 0x1c) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x4000, 0x0) setsockopt$bt_BT_POWER(r4, 0x112, 0x9, &(0x7f0000000140)=0x2, 0x1) r5 = getuid() ioctl$DRM_IOCTL_GET_CLIENT(r4, 0xc0286405, &(0x7f0000000180)={0x2, 0x80000001, r2, 0x40, r5, 0xffff, 0x7, 0x2}) 2033/05/18 03:38:49 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x707000) 2033/05/18 03:38:49 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xffffffc0]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1080.179981] FAULT_INJECTION: forcing a failure. [ 1080.179981] name failslab, interval 1, probability 0, space 0, times 0 [ 1080.191326] CPU: 0 PID: 11674 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1080.198606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1080.207959] Call Trace: [ 1080.210567] dump_stack+0x1b9/0x294 [ 1080.214219] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1080.219422] ? __save_stack_trace+0x7e/0xd0 [ 1080.223764] should_fail.cold.4+0xa/0x1a [ 1080.227851] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1080.232978] ? kasan_kmalloc+0xc4/0xe0 [ 1080.236881] ? kasan_slab_alloc+0x12/0x20 [ 1080.241040] ? kmem_cache_alloc+0x12e/0x760 [ 1080.245374] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1080.250228] ? kvm_mmu_load+0x21/0x10e0 [ 1080.254209] ? vcpu_enter_guest+0x3a83/0x6060 [ 1080.258712] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1080.263741] ? graph_lock+0x170/0x170 [ 1080.267551] ? do_syscall_64+0x1b1/0x800 [ 1080.271621] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1080.277000] ? find_held_lock+0x36/0x1c0 [ 1080.281078] ? __lock_is_held+0xb5/0x140 [ 1080.285155] ? check_same_owner+0x320/0x320 [ 1080.289482] ? rcu_note_context_switch+0x710/0x710 [ 1080.294418] __should_failslab+0x124/0x180 [ 1080.298661] should_failslab+0x9/0x14 [ 1080.302469] kmem_cache_alloc+0x2af/0x760 [ 1080.306621] ? kvm_clock_read+0x25/0x30 [ 1080.310599] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1080.315619] ? ktime_get_with_offset+0x326/0x4a0 [ 1080.320411] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1080.325262] mmu_topup_memory_caches+0xf7/0x3a0 [ 1080.329938] kvm_mmu_load+0x21/0x10e0 [ 1080.333744] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1080.339285] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1080.343879] vcpu_enter_guest+0x3a83/0x6060 [ 1080.348217] ? kvm_set_msr_common+0x2680/0x2680 [ 1080.352891] ? vmx_vcpu_load+0xadd/0xfe0 [ 1080.356955] ? __lock_acquire+0x7f5/0x5140 [ 1080.361192] ? vmx_vcpu_reset+0x1030/0x1030 [ 1080.365512] ? graph_lock+0x170/0x170 [ 1080.369314] ? graph_lock+0x170/0x170 [ 1080.373113] ? __lock_acquire+0x7f5/0x5140 [ 1080.377353] ? debug_check_no_locks_freed+0x310/0x310 [ 1080.382546] ? __lock_is_held+0xb5/0x140 [ 1080.386610] ? lock_acquire+0x1dc/0x520 [ 1080.390584] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1080.395602] ? lock_release+0xa10/0xa10 [ 1080.399575] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1080.404855] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1080.409353] ? preempt_notifier_dec+0x20/0x20 [ 1080.413859] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1080.418874] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1080.423899] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1080.427964] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1080.433768] ? graph_lock+0x170/0x170 [ 1080.437572] ? find_held_lock+0x36/0x1c0 [ 1080.441645] ? lock_downgrade+0x8e0/0x8e0 [ 1080.445802] ? kasan_check_read+0x11/0x20 [ 1080.449952] ? rcu_is_watching+0x85/0x140 [ 1080.454102] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1080.459387] ? __fget+0x40c/0x650 [ 1080.462842] ? match_held_lock+0x841/0x8b0 [ 1080.467082] ? expand_files.part.8+0x9a0/0x9a0 [ 1080.471665] ? kasan_check_write+0x14/0x20 [ 1080.475907] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1080.480840] ? wait_for_completion+0x870/0x870 [ 1080.485427] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1080.490626] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1080.496340] do_vfs_ioctl+0x1cf/0x16a0 [ 1080.500236] ? ioctl_preallocate+0x2e0/0x2e0 [ 1080.504649] ? fget_raw+0x20/0x20 [ 1080.508104] ? __sb_end_write+0xac/0xe0 [ 1080.512088] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1080.517623] ? fput+0x130/0x1a0 [ 1080.520903] ? ksys_write+0x1a6/0x250 [ 1080.524707] ? security_file_ioctl+0x94/0xc0 [ 1080.529119] ksys_ioctl+0xa9/0xd0 [ 1080.532579] __x64_sys_ioctl+0x73/0xb0 [ 1080.536469] do_syscall_64+0x1b1/0x800 [ 1080.540362] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1080.545207] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1080.550140] ? syscall_return_slowpath+0x30f/0x5c0 [ 1080.555074] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1080.560445] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1080.565290] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1080.570474] RIP: 0033:0x455a09 [ 1080.573658] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:50 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)={0x3}, 0x8, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x400000, 0x0) ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f0000000280)=""/153) msgget$private(0x0, 0x40) 2033/05/18 03:38:50 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0xffffff7f00000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1080.581369] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1080.588637] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1080.595904] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1080.603171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1080.610440] R13: 000000000000027e R14: 00000000006f7c70 R15: 000000000000001f 2033/05/18 03:38:50 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:50 executing program 5: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x4040, 0x0) accept$ax25(r0, 0x0, &(0x7f0000000080)) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x10000000004e24, @broadcast=0xffffffff}, 0x10) bind$inet(r1, &(0x7f0000dc7ff0)={0x2, 0x4e24}, 0x10) 2033/05/18 03:38:50 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000080)=0x3ff, 0x4) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f0000000040)={0x3, "92c73ca87738bd84d3aaee8d28e0b36ebf709e2877a90ca02c39f5f401180d97629c93ff"}, 0x2c, 0x0) 2033/05/18 03:38:50 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000028c0)="b7f2288a933d559166593ae164c990a0", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f00000022c0)=[{0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0x7fffffff}], 0x18, 0xfffffffffffffffe}], 0x1, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) readv(r1, &(0x7f0000000680)=[{&(0x7f0000000280)=""/129, 0x1f5}], 0x1f5) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000640)='/dev/sequencer2\x00', 0x800, 0x0) fcntl$getflags(r2, 0x40a) syz_mount_image$ceph(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000100)='./file0\x00', 0x9, 0x7, &(0x7f00000017c0)=[{&(0x7f00000006c0)="68d854aa61add898e53b1daba4d1354ae973bfadb75ba2f78f31b64b0ae62387832b5fb5eb35985e846a3d7078a38307be2ef0fb2cc56ee7e22e2ec20bdba2616650b6e67b60fe9910e7bc98b791d0bca3d98de049564ceaba500b027588e89a2124df029528398fb17714640a3fc4d6f845594a8dfc3eedac1e0b6c4b401e530b830d757f40c92dffcdd5414ba050237d9ab4155a4ec7dbb083e5717a86d5f535e8c24c32cd6d6188ab40e32471ffb161019b0548ca338e91c180d1955cefc863f1855319a04bb643d658e7e810d85d55e52248d362b51084c74149b06118531dc5b720426303f507d2bd62a7dc68dc37163e3fcbc730dcb21503ecd5db1cebaa8fdef6ba32741f2fd0ea79271efaa4b292406cec7469098237f9415ba04bcf41cd7a6d4574b1114d2a5d2ca77c86c8dfb3ea92197d52f9bc31a97c9370a4b8f273595e4579a9dbe0341f15952ffd4625abc384126499cf81eba0f9ada88ab6513627f039fa9a47d88f51adceace32fdf0725d92ed98ac7bc5049daac0083e6f3e8d0b125a4086165a181fbeca44d7173c43e24786aeb27c0c0ed588d836c75e562eb5c87a364b4cd66e354a449a9730ad9007abb58abc40e5d8e3ad73603d4331de82a2781ad11a38d04b95d26abb1b7943af25a7c23d69e00c2ff6ac555d36d752431843d42185e183a65d200af3e84d41697cc5299eec3ad0e5ce691823feebcb349fcfb9d52b767b2697457f0ef21ae289374368ac8144baefeae70ba08d60e1ded730c1838b31db08aea1e30b8a0a4edf77159c3fa93b12945874507e5e20806a2f2f5b274ffcf8dcd5c89ea3621cb4fc03a110008cf39b2945bb207661e79552432ebfd7f0a9f9745cbe3f3742911e4df4bdcf129798fda5b93f134665b3fbd100ec6380f31f9c0c27e2f084115e4e3fc76948ceb9093638cd68e06b4c12aabb9847604fc0f7d58a4ea5d40104e724335b2d48d1f05d86959dd8ce4cb98e9db96a3f4e85d3b22c298799c0dfb198d677626656f5a2faff94ff97b7ab634c40aba3223a923a373420da0bae9d26d228a7f7f4b19f39b4489b4eba8f5e5264620486439b3229a039132cee642e3418ac2fb14308a2e14373847c6642054e0a6014234c0edce9f6c32970f87ce0feef957f04f281d9d00f46660ec02724d7d57c42f5a744ecbcd5113d121ef213ffc2047d26923d2658903bc62a9787495c500c209f3af312fd9bab2d9b25556b9f85ee641999cf47fb604e0f3e517b23441a47e2953fdee3f54d7bc82d81aba131a46d2d68e61c0f541da75543223e7fbb56e4329751f6f6c1fb0a9f9bcd4d52b6085aebe1d1d4586e7b077054d7513924675637d2f4d1b66ae57863706c0bcc3d2bdc30a6f2dbba4ad85fc6e99fc8300e3e93f8d1a2fc7d4fbb0aae6f447edee7a72e982241e4b69e391cccf910d2fce35587e1222e400e65a7f982efd951c00be27c1dca110fdc17f293e6969d1ba76002ab4ea7dc1412dbb18f1966e7115d7e81b995bbe57968ccf616c9c5d645b3b84122adc2d92407cb53a5a39609b40f62293ef9081f3631278dbaefa62a32f10fcaf6a44ce077689cd3b6c31ba99689643ed9437407d78457a87b8614a6d5e2dc8154c594eb2d5a89c668fca1116cf53d92e9bef8316f882f07e1c43c7df009c1c20e8c4cc41d5bfc5cea8d1de1d5909c6042f7e3b76283fa5d24404abc43bf3a5b6aae1a91a9c50267ff542e940e93da32a55af59207695f689b21a293a2617038fced1d0a83cec9d6e477b9ea23e98e5c6e6b522a61a58685e3d8175fafcae18262b6df8291a5ae63b36b62dd21d7e40788d31e6b00306bec3d875bbe260b4ea9abd65d08a6d38e441c2b70676ccd30468a0da50ec1b71ddb568ea12e827499cf2d5cb7e677a3aff116f0c564637c85d0f92aa284785dcc03fef46e15580673d43dc53c93516fe160a0e7ce0a587719abeaa7e7458368ac005833295daed493c442fc9f82d4b17b2ad1fc8e9187c4c2620069c826c4fd59d03c77bcd83644dab9e5df564d1e2c5d4044f3e32e91efcbd63f352e89ea65ec38131524a53b21e0a890e222d6da601f958abf75a027d34528cf7437d9e9a53550772db5a9b752ae12154a8ac485fcb6cb20b8a34e44e415ed5665c32919e7ec713c27a9e869df30728f05cd591123a081257fa564a265c33c7e4498b3eaf020b5d41832b416464f4a4f5bd7e0216b25d45fbdf3677a53271ada42d938c2e1bbee1b05bb48976afbc43f6ba0a17c11722889b5c32ffd7a2bc8575faeac9d05dcbcce1011a86146d21dc21b58e282de05b596deddbfd553f8fff1f7e64c7f795275474774d9b1c889b4ea82740b686f2a3b19cf2a4aab2d664d5a0ed208eb91a791e497c2c4454005f51fc342ec3e80410f73c27160e7a86e19a2edfe9c7e45aa182feb2e162f91aab27a8c1595e27739a2fb2ebecb3e9f50b9ec04ea0a6b22189b2baf564b82f46499fe546f5524636bae4d284f12aee4e587d11d7bfa5ca504988f5d36a34806a61469a329d0850634c70e4a197f79064f836a62cd2fed1b80c4d1703be913ecb12dea88e64288ed58201a02ac4157f078e49544fddf5970c3b0f5f24195c8fa9c13f7e75d6d078cc89065c4efef2215b76a3f91861247029755f0911572fadefc8e7f36d240424b79902820ed3370455e5af0d0765922eeca333ce28cf3bb23fd94d64ef08d100dbd6e90c7aee196e20f03b29f8145b2763a70b9caedbcbf44ec93aa11e549bc9b92ce82ba0c2640db210f1fb247bb49fa944ff3d1e7c9776b8c9bdedf815ffc5fb65affedf5769d393d955a51d1a8fe9e7791e6248c6dafc263a3a67b97cebbd64cea87aa30ee1055666503b68b24428e339815f9f08567799ecb67275a9a16a9f5499c728bd88313ece559982d1436713e57dc22ff44a169aed0658d49979ffca10b84571053cc590570a21252cfe7ce3dcf4dcfbc5393f6129e3f100973dc004be479a9408679ded7e289bb106754e40df4c81fbd59be6288466ffceaa745f783ccd595f5b7d8be1b6ad317fabd3072f15da85ae4f379bf8f9db6c8b0a7b448b319e1205a0756d23ec7e7af77c37edbebc8745c10365c82b64e6f63310d57349eb4368ceadb26db0d43e358be825f995860de94527d6d12e8e31a68a4ca894fa02b1ed181cd2d705b7e83c51c00c95ec50d9274c7a74f16ee2817de5d3a0828c99151006f278b061fbda288848360636831825a7e862e264a86384692b9b4938da76a976ae82dc58331b965c3c8efc0c21534ba88bb6a3dc657617f3e1f8b702439869afe2dd402139ae55f87a4b9a897ccbaeaa2a35820f2f3d511778723537c8ae79ce25b48898de3abab0a6628d0a8db41b04c989d2ff34185b39ba57d99ab0c4ed18f365ffde5f2b92d1cc7b2d6bc653d118f199489ebf5f3b96a83aa98930b60449c3ce3f2a414d2a4980a188809b91c32c622f1e2f636bf351c7f40377c519d543b325c13fce5dfe585880ffe9a8f554bffd5ba13698c8ac59900cdd9297081bbc7c2b2cb7dd9b380c1d7b95382ed1dabd53ce11b1521cd84423c0e86bd55d531665e995e1aa0b7a9141fa04299835c4ebd1e6c77a9b9df97c2411f0321eaeb8e70bf615f255a387001ecb458e381894260e243aa5162114ab5b028961bc2033a3125e4a7c320b933182cae03020a5e02f89de037a5ca167d2e438b06832f76fbc8b2f8ce9606ba5045ca0566fb8274e81249d4e744f50b064511001e2a354dcd88dfac7a055cd9b2c7c216abe1873f4e1620900ede4b7ff2c4acc453d240bc4d754b72aa0a9e1856794241e867e0db1ca83032f680d334ec28741a646c83525cc94001d9d57ff1df9c61535e3c34614abde994d45a5cd2ca8ccb7f93bb60255b03c893c58e3c947572d983cf36d1db76bf418242592492743876207c7d641d67a32c1f2fe2fcd13547c117fa4f21b1e577b2e14f9c8a13e8a67b444f06d0004729d3f979bb8d029e2a11ea6764008f3dfbedd24a323fc2ed4a9b3c647402630b1f8e52af28e5273d4b8f0efda3ae36dae1703cd2cfeaff166d20556794631acd3a83a40ff55842ab009eb6e3381589f571f6d93344ce4d5d19fa5d930e6629efd0401f58290e6adedf24d1c2336eefd678e30d62d166cc07c253423ae578122d6bfa32b3a9c3ab07a77e556c208d2b5ee0dd7c75addfaf8fddaca5be635f8dcd77f0b9c0ea3c8e3f424154b33fae33aef5666ff51b5b338d7519fb0e5a8b15e0711de78ac70389ff923f923c08e881a474a8427fcb71f60ef92d6226ca971667b3a33426673bd93a8e50fe3a3589a6d38a951f0556a231edb49808844bdc85ed17c3c6de357c7f9960b669dede6c1bf02cd3f762f64652ab9ee7fb13d7f5bc5700bea94013f5c084b503eebf4191ae3847f0a967d0e66979794a05cc5378efad398ace5773878413261d72eeeaf0b1c7dba6fb4db9c4f014ec1f91d8de23940ab4d345fe8d8d4e5f39ce53412497a88ac223fa70ba4a49108ef7cafd8446a910fc6d9ad0838a99e43470665435438b1acb5c31d88db040d95b2284e89ba788f411d99c027c683fe549e303a140e84790074cd7feb5f542d350526f7ee88d7bbc7e91d06551f51dfb5f8bc5ec8599c92c11111cb5d647064eac6693747cb535f6ffe7525d0dd3c87f514b15da1795b3cea7f6a9c5099c27f1ae98b56abd97e660238c7ee4855871de5f17e634b8ad2743c6bca8213b0836fc64e04a254ef3b71fb8b0a975af9abbc57522a721e5a37c7b9883010264b669f90ae5705c236f09515467109c64a22bb13a914454fe055e57501ada6ad197702a9e7a5c89befb37dbabd510b6dacc631a36c68705d96d519fe8872d883e506a88ea6622c7438792b81924d31355e18784af9df56e9bcb218a8129306abb8291071489d80ac75000b5ae6f5c2730c05b41680205ccfe159cfaeaeb0cd0d0c9b559efa78612077ac817d02695010d20c411f83224a2edc853f4af8c04b1cc1e0cd05e91c6ab64a7b7252653c4b679715eadccf1d2c401981416c46c5d003cbd63961bf709793995633bbf51b783f197db7a42f34bf518e136dbc683818a4fc8e5f6e85a1640cfde9da851ae377f24c507d93c071c431dc0a83bc80b3074e79599b4f2e74971c90c1b202eccb9684e3df0f84a091fa5e5ca3293e6737c773e969fd0493315803183e2762b26f90fd74120e0d108592ae5daeb64af934806fd2d77f20221da5f0b95b4525e91c7417dfee52f8cc9257468e1cfeab8c29ca409cf6af0deb55a48d78b685b055f70b3f23fa5c7148778c2fb7927ec6ca9bd15fc30e5375109dae3e0921041de30e99a5e1f18ef1832e8baa9bff59a4bca975f4b46414319b32fa8f986e950524a5c883c65f23140b4f60beeefc27281583c4266ba4aa9c051da6e7b8a8c35f0507ed9686c92ad892f984a6171257a7897507d79346b2bcca2722472949da56da6e8e37f5dc43572ae469bda890abeb96e641dc62b03a43fdf7b890843c798131a584e48a004eaf008c151178ccac326c881c304763f9f810f63cd3dcc3a56206557f1dfa064fef83f77de3d58c7b922d34834181e4d85c12b2da82eacfaa4255918e7a1b8f2ed14a953b00278114ce55fa43c07e7e7e0050d2548d362331441d95f015625809582130a584e25e2c875dfba524b626a3441711137ce2344c3b17d6087d25f4b1c0dd81fb441422208c90bc917fac8a7f3554b0a2c324c681ecf1eedfd40c2dae0d10f11cb741b017a8992a5181", 0x1000, 0x10001}, {&(0x7f0000000380)="befa560e1dd8f6d12c20bb2abd61ec874088577110d314f931db682451f41afb5399905911d985d9e3d56635de1555ffcd6894d316258b4f17c3e12d73949ab4381be21027e24dd8f14d8d09602a38d212c6a9c04701a850bac4620e20981fae67ab88a14de5c836adfe07292ccf48cae749800e9b1efa7cab5974d490e7037accaf119576a427cf91fe7898cdd7e3b78d6d8b2af55cdf08d3b7df5d46e2b1ccc2da830099ec7f279f8d031e924b30b1316062997be508d97e605c9d8a7a34bdc30ac0dff6eef91a37c433b3c9aabf702a987f466f", 0xd5, 0x1}, {&(0x7f0000000140)="d4de8371b59f59480aa904d3706dfe824cc7acf731", 0x15, 0x4a60}, {&(0x7f0000000480)="3b9963b57f946ec6616ca0a469757b0a4819e33fbbb2673cc020a9ee38badf8096cbc86ba0f5a945a63b80aa78f5eac0cdec53dc9fb5fbad3e4d0287ce3a3df8060267d9a5ee6d636db878dfa952af3bd8ed7cd45288b06043f893ec09b97d9be992260711f17bd525afc734972f1ae59cf507a43e37c1be52121755bc5c7d60bad2514f177114c1a05a7c2956f058efb19eb8faa4ac0a789ba87bb8808a80cc427690856868f307efbcd07a4169092267dfe95cf32a986e0cef89b5", 0xbc, 0x64}, {&(0x7f0000000540)="1f0d74d7c268eefb0203dfce4fe095075d0a493e9ded147a307aff10204666a32caa3fd4dad5d7fe12616b83775f691a849836b4279d04edc452efebffd31f1c392e5511678fa306d091d4d4155cca083a62f29b4dbf6846c91f9b1e4e602af6bb9de7b478d8f7b16c5eaf9141744cc3afb418c9d236f71129247f6af6229df6a0c37c7d992f3ce25bda67ec0617f48391e69f840b06e2ca60572980a88b7978a91183076e61d18abe35da38c5a6f4138f5279d3473682db2ec80b820aede922a092d1521764eb9c2ea031e39699", 0xce, 0xf11f}, {&(0x7f0000000180)="796eb3391d253353", 0x8, 0x1f}, {&(0x7f00000016c0)="9072d70dd5a3a0c9587a2e9cc737bd79cbfc2e6b308778090b5ad5211059d451eccac492c3b2e35d990657f4e55d87e977ae5d54a2dfc798822ab95bd413923c49c17977a9ee1d4a5ab918caffd031b706e6184ae0be421be64773b9b5c18a841563e0f30a911e50cd6a8eb8abe374abdf4ff230729fd7fec5fd6cb37a44ad616000e4cfd2180aea67e63667fbe8703d8dc104c4651ff7bd784f0e60d37c3bcb82972302b6bece942780e6ee8aafeb6a5e2697a2866acc7318ffad00f1acab4c3fdc62719a8cca342b", 0xc9, 0x9}], 0x8, &(0x7f0000000240)='skcipher\x00') socket$inet6(0xa, 0x5, 0x755b) bpf$OBJ_GET_PROG(0x7, &(0x7f0000001880)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10) getsockopt$netrom_NETROM_T4(r3, 0x103, 0x6, &(0x7f0000000040)=0x8000000, &(0x7f0000000080)=0x4) 2033/05/18 03:38:50 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x806000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:50 executing program 4 (fault-call:7 fault-nth:32): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:50 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, 0x707000) [ 1081.015698] FAULT_INJECTION: forcing a failure. [ 1081.015698] name failslab, interval 1, probability 0, space 0, times 0 [ 1081.027043] CPU: 0 PID: 11719 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1081.034324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1081.043683] Call Trace: [ 1081.046286] dump_stack+0x1b9/0x294 [ 1081.049923] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1081.055123] ? __save_stack_trace+0x7e/0xd0 [ 1081.059456] should_fail.cold.4+0xa/0x1a [ 1081.063519] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1081.068624] ? kasan_kmalloc+0xc4/0xe0 [ 1081.072512] ? kasan_slab_alloc+0x12/0x20 [ 1081.076659] ? kmem_cache_alloc+0x12e/0x760 [ 1081.080984] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1081.085825] ? kvm_mmu_load+0x21/0x10e0 [ 1081.089801] ? vcpu_enter_guest+0x3a83/0x6060 [ 1081.094469] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1081.099484] ? graph_lock+0x170/0x170 [ 1081.103291] ? do_syscall_64+0x1b1/0x800 [ 1081.107354] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1081.113010] ? find_held_lock+0x36/0x1c0 [ 1081.117078] ? __lock_is_held+0xb5/0x140 [ 1081.121227] ? btrfs_reloc_post_snapshot+0x1450/0x1730 [ 1081.126514] ? check_same_owner+0x320/0x320 [ 1081.130838] ? rcu_note_context_switch+0x710/0x710 [ 1081.135773] __should_failslab+0x124/0x180 [ 1081.140014] should_failslab+0x9/0x14 [ 1081.145377] kmem_cache_alloc+0x2af/0x760 [ 1081.149532] ? kvm_clock_read+0x25/0x30 [ 1081.153510] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1081.158355] mmu_topup_memory_caches+0xf7/0x3a0 [ 1081.163033] kvm_mmu_load+0x21/0x10e0 [ 1081.166931] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1081.172471] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1081.177060] vcpu_enter_guest+0x3a83/0x6060 [ 1081.181391] ? kvm_set_msr_common+0x2680/0x2680 [ 1081.186061] ? vmx_vcpu_load+0xadd/0xfe0 [ 1081.190133] ? vmx_vcpu_reset+0x1030/0x1030 [ 1081.194453] ? graph_lock+0x170/0x170 [ 1081.198273] ? graph_lock+0x170/0x170 [ 1081.202078] ? __lock_acquire+0x7f5/0x5140 [ 1081.206318] ? debug_check_no_locks_freed+0x310/0x310 [ 1081.212281] ? __lock_is_held+0xb5/0x140 [ 1081.216358] ? btrfs_reloc_post_snapshot+0xc20/0x1730 [ 1081.221552] ? lock_acquire+0x1dc/0x520 [ 1081.225527] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1081.230546] ? lock_release+0xa10/0xa10 [ 1081.234523] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1081.239798] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1081.244297] ? preempt_notifier_dec+0x20/0x20 [ 1081.248810] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1081.253655] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1081.258685] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1081.262749] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1081.268463] ? graph_lock+0x170/0x170 [ 1081.272266] ? find_held_lock+0x36/0x1c0 [ 1081.276337] ? lock_downgrade+0x8e0/0x8e0 [ 1081.280491] ? kasan_check_read+0x11/0x20 [ 1081.284641] ? rcu_is_watching+0x85/0x140 [ 1081.288793] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1081.293999] ? __fget+0x40c/0x650 [ 1081.297542] ? match_held_lock+0x841/0x8b0 [ 1081.301791] ? expand_files.part.8+0x9a0/0x9a0 [ 1081.306411] ? kasan_check_write+0x14/0x20 [ 1081.310654] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1081.315598] ? wait_for_completion+0x870/0x870 [ 1081.320196] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1081.325394] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1081.331111] do_vfs_ioctl+0x1cf/0x16a0 [ 1081.335003] ? ioctl_preallocate+0x2e0/0x2e0 [ 1081.339394] ? fget_raw+0x20/0x20 [ 1081.342843] ? __sb_end_write+0xac/0xe0 [ 1081.346818] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1081.352335] ? fput+0x130/0x1a0 [ 1081.355605] ? ksys_write+0x1a6/0x250 [ 1081.359392] ? security_file_ioctl+0x94/0xc0 [ 1081.363794] ksys_ioctl+0xa9/0xd0 [ 1081.367239] __x64_sys_ioctl+0x73/0xb0 [ 1081.371110] do_syscall_64+0x1b1/0x800 [ 1081.374983] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1081.379809] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1081.384725] ? syscall_return_slowpath+0x30f/0x5c0 [ 1081.389640] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1081.395005] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1081.399833] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1081.405014] RIP: 0033:0x455a09 [ 1081.408185] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:51 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4002, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f00000001c0)=""/4096) clock_nanosleep(0x3, 0x0, &(0x7f0000000100), &(0x7f0000000180)) 2033/05/18 03:38:51 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:51 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000380)='/dev/loop#\x00', 0x20, 0x4000) msgget$private(0x0, 0x400) r1 = msgget$private(0x0, 0x106) r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x0, 0x40000) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58) r4 = accept$alg(r3, 0x0, 0x0) r5 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) fallocate(r5, 0x0, 0x0, 0x3fd) sendfile(r4, r5, &(0x7f00007ed000), 0x2) ioctl$SNDRV_CTL_IOCTL_PVERSION(r2, 0x80045500, &(0x7f00000002c0)=""/74) msgsnd(r1, &(0x7f0000000040)={0x100000000000803, "418ee38bf1dd12fd6d93342446dcff0cb32bf37eb00113e4ed907e62ef2dc0f9c797293af96585206ef8e80e3305f4c1ce0aa53ebbd914583889daae99ce00e2e5e07b3d39c70c25a3dc"}, 0xfffffffffffffe9d, 0x800) ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f00000001c0)={0x3, {0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x16}}, {0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}, 0x110, 0x1, 0xc3, 0x4, 0x200, &(0x7f00000000c0)='bcsh0\x00', 0x1780, 0x20, 0x870}) 2033/05/18 03:38:51 executing program 5: r0 = add_key$keyring(&(0x7f00000005c0)='keyring\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) open$dir(&(0x7f0000000440)='./file0\x00', 0x0, 0x0) r1 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, r0) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000480)="620822455bef493632b8356e98bec15ab7efb1b1574c8551df1cf824fcf408366818f3799b8fd414957beab660fc200a74da3cc7bc9eccfd03dbed6e5d8d", 0x3e) r2 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000000)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) getsockname$ipx(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x10) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000b00)={0x73, 0x79, 0x7a}, &(0x7f00000000c0)="7f", 0x1, r2) r4 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x23e, r0) keyctl$dh_compute(0x17, &(0x7f0000000340)={r3, r4, r4}, &(0x7f0000000600)=""/132, 0xffffffffffffff98, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x200000, 0x0) setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000140)={0x84, @multicast2=0xe0000002, 0x4e23, 0x2, 'nq\x00', 0x12, 0x0, 0x3a}, 0x2c) ioctl$KVM_SET_GSI_ROUTING(r5, 0x4008ae6a, &(0x7f0000000180)={0x1, 0x0, [{0x4, 0x3, 0x0, 0x0, @adapter={0x80000000, 0x20, 0x49e9f4fa, 0x1, 0x9}}]}) 2033/05/18 03:38:51 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000]}, 0x707000) 2033/05/18 03:38:51 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x0, 0x10000000}]}, 0xfffffc53) 2033/05/18 03:38:51 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8100000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:51 executing program 4 (fault-call:7 fault-nth:33): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1081.415875] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1081.423125] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1081.430384] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1081.437644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1081.444893] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000020 2033/05/18 03:38:51 executing program 2: syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0) ioctl$int_out(r0, 0x2, &(0x7f0000000100)) 2033/05/18 03:38:51 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8847]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:51 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x707000) 2033/05/18 03:38:51 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:51 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x2, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000002c0)={0x1fb4, 0x3, 0xffffffffffffe03e, 0x725e}, 0x8) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setpipe(r1, 0x407, 0x7fff) mmap(&(0x7f00001bc000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x800000000) socket$kcm(0x29, 0x5, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000280)='/dev/full\x00', 0x400000000000001, 0x0) ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f0000000080)={'team0\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) ioctl$void(r2, 0xc0045c77) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000000000001000000020000008900000007000000e8030000f96b61703503d029d7569f627c5b1295a30f0000000000000000000000000000"]) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f00000000c0)={0x0, 0x9, 0x0, 0x0, 0x5}, &(0x7f0000000100)=0x18) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000001c0)={r3, 0x54, &(0x7f0000000440)}, &(0x7f0000000400)=0x3d) [ 1081.656530] FAULT_INJECTION: forcing a failure. [ 1081.656530] name failslab, interval 1, probability 0, space 0, times 0 [ 1081.667924] CPU: 0 PID: 11748 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1081.675234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1081.684597] Call Trace: [ 1081.687208] dump_stack+0x1b9/0x294 [ 1081.690855] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1081.696063] ? __save_stack_trace+0x7e/0xd0 [ 1081.700407] should_fail.cold.4+0xa/0x1a [ 1081.704495] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1081.709616] ? kasan_kmalloc+0xc4/0xe0 [ 1081.713607] ? kasan_slab_alloc+0x12/0x20 [ 1081.717766] ? kmem_cache_alloc+0x12e/0x760 [ 1081.722097] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1081.726961] ? kvm_mmu_load+0x21/0x10e0 [ 1081.730951] ? vcpu_enter_guest+0x3a83/0x6060 [ 1081.735461] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1081.740491] ? graph_lock+0x170/0x170 [ 1081.744311] ? do_syscall_64+0x1b1/0x800 [ 1081.748386] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1081.753769] ? find_held_lock+0x36/0x1c0 [ 1081.757849] ? __lock_is_held+0xb5/0x140 [ 1081.761936] ? check_same_owner+0x320/0x320 [ 1081.766290] ? rcu_note_context_switch+0x710/0x710 [ 1081.771241] __should_failslab+0x124/0x180 [ 1081.775581] should_failslab+0x9/0x14 [ 1081.779396] kmem_cache_alloc+0x2af/0x760 [ 1081.783563] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1081.788427] mmu_topup_memory_caches+0xf7/0x3a0 [ 1081.793108] ? debug_check_no_locks_freed+0x310/0x310 [ 1081.798342] kvm_mmu_load+0x21/0x10e0 [ 1081.802158] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1081.807710] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1081.812313] vcpu_enter_guest+0x3a83/0x6060 [ 1081.816653] ? print_usage_bug+0xc0/0xc0 [ 1081.820735] ? kvm_set_msr_common+0x2680/0x2680 [ 1081.825414] ? vmx_vcpu_load+0xadd/0xfe0 [ 1081.829491] ? __lock_acquire+0x7f5/0x5140 [ 1081.833740] ? vmx_vcpu_reset+0x1030/0x1030 [ 1081.838069] ? graph_lock+0x170/0x170 [ 1081.841879] ? graph_lock+0x170/0x170 [ 1081.845687] ? __lock_acquire+0x7f5/0x5140 [ 1081.849936] ? debug_check_no_locks_freed+0x310/0x310 [ 1081.855141] ? __lock_is_held+0xb5/0x140 [ 1081.859211] ? lock_acquire+0x1dc/0x520 [ 1081.863188] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1081.868213] ? lock_release+0xa10/0xa10 [ 1081.872195] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1081.877564] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1081.882063] ? preempt_notifier_dec+0x20/0x20 [ 1081.886573] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1081.891420] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1081.896448] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1081.900509] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1081.906223] ? graph_lock+0x170/0x170 [ 1081.910034] ? find_held_lock+0x36/0x1c0 [ 1081.914108] ? lock_downgrade+0x8e0/0x8e0 [ 1081.918266] ? kasan_check_read+0x11/0x20 [ 1081.922420] ? rcu_is_watching+0x85/0x140 [ 1081.926574] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1081.931785] ? __fget+0x40c/0x650 [ 1081.935240] ? match_held_lock+0x841/0x8b0 [ 1081.939467] ? expand_files.part.8+0x9a0/0x9a0 [ 1081.944048] ? kasan_check_write+0x14/0x20 [ 1081.948279] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1081.953198] ? wait_for_completion+0x870/0x870 [ 1081.957765] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1081.962944] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1081.968643] do_vfs_ioctl+0x1cf/0x16a0 [ 1081.972520] ? ioctl_preallocate+0x2e0/0x2e0 [ 1081.976916] ? fget_raw+0x20/0x20 [ 1081.980365] ? __sb_end_write+0xac/0xe0 [ 1081.984344] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1081.989878] ? fput+0x130/0x1a0 [ 1081.993147] ? ksys_write+0x1a6/0x250 [ 1081.996939] ? security_file_ioctl+0x94/0xc0 [ 1082.001336] ksys_ioctl+0xa9/0xd0 [ 1082.004774] __x64_sys_ioctl+0x73/0xb0 [ 1082.008658] do_syscall_64+0x1b1/0x800 [ 1082.012530] ? finish_task_switch+0x1ca/0x840 [ 1082.017010] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1082.021935] ? syscall_return_slowpath+0x30f/0x5c0 [ 1082.026869] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1082.032218] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1082.037047] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1082.042219] RIP: 0033:0x455a09 [ 1082.045400] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1082.053121] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1082.060386] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1082.067646] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1082.074903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1082.082168] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000021 2033/05/18 03:38:52 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000]}, 0x707000) 2033/05/18 03:38:52 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) close(r0) openat$cuse(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/cuse\x00', 0x121102, 0x0) io_setup(0x8, &(0x7f0000000100)=0x0) io_submit(r1, 0x1, &(0x7f0000000600)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f0000000000)="100000004ee793000000000000000000", 0x10}]) 2033/05/18 03:38:52 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x0, 0x40000000}]}, 0xfffffc53) 2033/05/18 03:38:52 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x6558]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:52 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4400], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:52 executing program 4 (fault-call:7 fault-nth:34): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:52 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") sendto$unix(r0, &(0x7f0000000040)="ff2c2bb977ef9a18d4cec58e91a5049cb9d4de2deed05004a47e6ac36984a24e05ab801ea6db6884507f6f5fe58be6d08cf4", 0x32, 0x20000004, &(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e) msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) msgsnd(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="d217b9510546fa208e47cd3e1ec989690fc413db771155cf579757436b0700000031955d4ab2f0b8b1037d8ac809e2af32d82328162070704aadc0"], 0x8, 0x0) 2033/05/18 03:38:52 executing program 5: r0 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, @multicast1}, &(0x7f0000000040)=0x10) ioctl(r0, 0x2, &(0x7f00000000c0)="c2f5dba6de80f6d48ffcfdc628e4f20e21188b81faf59dca85cc3ca5d8ae0f0270a8a4b4374ee85deb8a91c6be6919a85030") r1 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") ioctl$DRM_IOCTL_RES_CTX(r1, 0x40086607, &(0x7f0000000180)={0x0, &(0x7f0000000100)}) [ 1082.562322] EXT4-fs warning (device sda1): ext4_resize_begin:45: There are errors in the filesystem, so online resizing is not allowed 2033/05/18 03:38:52 executing program 2: r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0xffffffffffffffff, 0x7, 0x1, 0x569, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000200)=0x2, 0x4) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x8}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000340)=@assoc_value={r1, 0x80800000}, &(0x7f0000000380)=0x8) unshare(0x400) r2 = socket(0xa, 0x2, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r3 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r3, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000280)={0x2, 0x3, 0x3, 0xef, 0x6b, 0xfffffffffffffff8}) listen(r3, 0xffffffffffffff7f) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r4, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r4, 0x84, 0x6, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, &(0x7f0000000040)=0x100) 2033/05/18 03:38:52 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x4]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:52 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x707000) 2033/05/18 03:38:52 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x44], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1082.730528] FAULT_INJECTION: forcing a failure. [ 1082.730528] name failslab, interval 1, probability 0, space 0, times 0 [ 1082.741846] CPU: 0 PID: 11789 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1082.749138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1082.758502] Call Trace: [ 1082.761124] dump_stack+0x1b9/0x294 [ 1082.764781] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1082.769986] ? __save_stack_trace+0x7e/0xd0 [ 1082.774333] should_fail.cold.4+0xa/0x1a [ 1082.778412] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1082.783532] ? kasan_kmalloc+0xc4/0xe0 [ 1082.787439] ? kasan_slab_alloc+0x12/0x20 [ 1082.791606] ? kmem_cache_alloc+0x12e/0x760 [ 1082.795951] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1082.800810] ? kvm_mmu_load+0x21/0x10e0 [ 1082.804801] ? vcpu_enter_guest+0x3a83/0x6060 [ 1082.809322] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1082.814353] ? graph_lock+0x170/0x170 [ 1082.818163] ? do_syscall_64+0x1b1/0x800 [ 1082.822241] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1082.827621] ? find_held_lock+0x36/0x1c0 [ 1082.831706] ? __lock_is_held+0xb5/0x140 [ 1082.835791] ? check_same_owner+0x320/0x320 [ 1082.840128] ? rcu_note_context_switch+0x710/0x710 [ 1082.845081] __should_failslab+0x124/0x180 [ 1082.849333] should_failslab+0x9/0x14 [ 1082.853143] kmem_cache_alloc+0x2af/0x760 [ 1082.857303] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1082.862158] mmu_topup_memory_caches+0xf7/0x3a0 [ 1082.866833] ? debug_check_no_locks_freed+0x310/0x310 [ 1082.872046] kvm_mmu_load+0x21/0x10e0 [ 1082.875858] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1082.881409] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1082.886006] vcpu_enter_guest+0x3a83/0x6060 [ 1082.890342] ? print_usage_bug+0xc0/0xc0 [ 1082.894421] ? kvm_set_msr_common+0x2680/0x2680 [ 1082.899101] ? vmx_vcpu_load+0xadd/0xfe0 [ 1082.903174] ? __lock_acquire+0x7f5/0x5140 [ 1082.907419] ? vmx_vcpu_reset+0x1030/0x1030 [ 1082.911756] ? graph_lock+0x170/0x170 [ 1082.915559] ? graph_lock+0x170/0x170 [ 1082.919361] ? __lock_acquire+0x7f5/0x5140 [ 1082.923600] ? debug_check_no_locks_freed+0x310/0x310 [ 1082.928798] ? __lock_is_held+0xb5/0x140 [ 1082.932864] ? lock_acquire+0x1dc/0x520 [ 1082.936838] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1082.941858] ? lock_release+0xa10/0xa10 [ 1082.945840] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1082.951118] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1082.955621] ? preempt_notifier_dec+0x20/0x20 [ 1082.960131] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1082.964975] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1082.970007] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1082.974081] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1082.979795] ? graph_lock+0x170/0x170 [ 1082.983600] ? find_held_lock+0x36/0x1c0 [ 1082.987672] ? lock_downgrade+0x8e0/0x8e0 [ 1082.991830] ? kasan_check_read+0x11/0x20 [ 1082.995980] ? rcu_is_watching+0x85/0x140 [ 1083.000131] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1083.005332] ? __fget+0x40c/0x650 [ 1083.008803] ? match_held_lock+0x841/0x8b0 [ 1083.013827] ? expand_files.part.8+0x9a0/0x9a0 [ 1083.018410] ? kasan_check_write+0x14/0x20 [ 1083.022646] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1083.027578] ? wait_for_completion+0x870/0x870 [ 1083.032166] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1083.037362] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1083.043080] do_vfs_ioctl+0x1cf/0x16a0 [ 1083.046979] ? ioctl_preallocate+0x2e0/0x2e0 [ 1083.051390] ? fget_raw+0x20/0x20 [ 1083.054844] ? __sb_end_write+0xac/0xe0 [ 1083.058824] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1083.064362] ? fput+0x130/0x1a0 [ 1083.067640] ? ksys_write+0x1a6/0x250 [ 1083.071447] ? security_file_ioctl+0x94/0xc0 [ 1083.075860] ksys_ioctl+0xa9/0xd0 [ 1083.079317] __x64_sys_ioctl+0x73/0xb0 [ 1083.083296] do_syscall_64+0x1b1/0x800 [ 1083.087187] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1083.092030] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1083.096960] ? syscall_return_slowpath+0x30f/0x5c0 [ 1083.101897] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1083.107268] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1083.112115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1083.117302] RIP: 0033:0x455a09 [ 1083.120489] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:52 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f000044b000)='io\x00') fdatasync(r0) lseek(r0, 0x0, 0x1) 2033/05/18 03:38:52 executing program 5: r0 = socket(0x2, 0x1, 0x0) r1 = gettid() ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x1f4, &(0x7f0000000040)=""/139) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001300)={'team0\x00', 0x0}) connect$packet(r0, &(0x7f0000001340)={0x11, 0x1a, r2, 0x1, 0x3f, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x16}}, 0x14) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") r3 = socket$netlink(0x10, 0x3, 0x1f) getsockopt$netlink(r3, 0x10e, 0x3, &(0x7f00007e0000)=""/4, &(0x7f0000000000)=0x4) syslog(0x4, &(0x7f0000000100)=""/109, 0x6d) r4 = syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x101, 0x800) bind$inet(r4, &(0x7f00000001c0)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) ioctl$LOOP_GET_STATUS64(r4, 0x4c05, &(0x7f0000000280)) 2033/05/18 03:38:52 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x5865]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1083.128198] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1083.135466] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1083.142734] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1083.149999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1083.157268] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000022 2033/05/18 03:38:52 executing program 2: r0 = syz_open_dev$sndmidi(&(0x7f0000653fee)='/dev/snd/midiC#D#\x00', 0x200, 0x0) read(r0, &(0x7f0000001100)=""/197, 0xc5) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x2, 0x0) dup2(r0, r1) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem\x00', 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x80, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000180)={{0x10000, 0x200}, 'port1\x00', 0x20, 0x10, 0xfffffffffffffc00, 0x80000000, 0x0, 0x10001, 0x5, 0x0, 0x4, 0x7}) mincore(&(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/207) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={r1, 0x1, 0x1, 0x1, &(0x7f0000000240)=[0x0, 0x0], 0x2}, 0x20) 2033/05/18 03:38:52 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:52 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}, 0x707000) 2033/05/18 03:38:53 executing program 5: mkdir(&(0x7f0000000100)='./file0\x00', 0x100) r0 = inotify_init() creat(&(0x7f0000000140)='./file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x80000002) creat(&(0x7f0000000040)='./file0\x00', 0x0) read(r0, &(0x7f0000000000)=""/177, 0xb1) 2033/05/18 03:38:53 executing program 4 (fault-call:7 fault-nth:35): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:53 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x0, 0x4000}]}, 0xfffffc53) 2033/05/18 03:38:53 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:53 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x2000000802, 0x0) r3 = socket$inet_sctp(0x2, 0x5, 0x84) preadv(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/186, 0xba}], 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000f68000)={@mcast1={0xff, 0x1, [], 0x1}, 0x0, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f000089b000)=0xffffffffffffffff, 0x4) sendmmsg(r2, &(0x7f000000f140)=[{{&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000002540)}}, {{&(0x7f0000000400)=@in6={0xa, 0x4e21, 0xac2, @remote={0xfe, 0x80, [], 0xbb}}, 0x80, &(0x7f00000004c0)}}], 0x2, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00003bcfd0)="d3ab27191a01002356ba602dff05000bfef9b9d2a4b20079fffffffffffffe000225070097c11ed4c2c4dc42ffa86eb9", 0x30) sendmmsg$alg(r1, &(0x7f0000009ac0)=[{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000003400)="4e5ed7e2a78a281c753403b54003b480dedf63fcc30ee713b3500e335265775fe5a00c31b7ff3808a0d0a0229e3f103fac2dbfda850d2ae9ed499312ce8ae1b84be2fc46e9784f32dfbda9be3f87404d5cc20b0918e9237e16d023b01b745c14f5915f7d66a676fad06fc3a8e1a3f7400a43d30c9ffeb4b5183df9a396358fd76273e5eb1885f82ba9bb174399165cfa9b4a5a850e09d7cb9d42cb1bad884eb0322004754ef2acbbc8096d3e466041df519491224241be226d81c5ef1196139a", 0xc0}], 0x1, &(0x7f0000009cc0)=ANY=[]}], 0x1, 0x0) recvmsg(r1, &(0x7f0000158000)={&(0x7f00002fffa0)=@nfc_llcp, 0x60, &(0x7f0000b9c000)=[{&(0x7f000080f000)=""/4096, 0x1000}], 0x1, &(0x7f0000da2000)}, 0x0) 2033/05/18 03:38:53 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x707000) 2033/05/18 03:38:53 executing program 6: r0 = socket(0xa, 0x1, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000006edabc7500000000000000000000000000000000000000000000eaf8101b1176445deb0d3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x94, 0x0, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r3 = msgget$private(0x0, 0x0) msgsnd(r3, &(0x7f00000000c0)=ANY=[@ANYPTR64=&(0x7f00000014c0)=ANY=[@ANYRES32=r1, @ANYPTR64=&(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES64=r0, @ANYRES16, @ANYRES64=r2, @ANYPTR, @ANYRES32=r2, @ANYBLOB="af29bf9f8c3be8e33582108278608d53f752f879e42904ccbf07023b9e881563e8ed8bc74317776f23e72f4a888c0a2abbe6cb1870e70f3fc40c2f62cb6a7da2e9f2499e064486619dddb3142142d7aa727c303739193e01608a8a0e369c28aaf782ed7d88dd7f6deaadfabb3e0081bf2f36f82bf2aee418d0d33f", @ANYPTR], @ANYPTR64=&(0x7f0000000400)=ANY=[@ANYRES16=r2, @ANYRES64=r2, @ANYPTR64], @ANYRES64=r2, @ANYRES16=r0, @ANYPTR=&(0x7f0000000440)=ANY=[@ANYPTR64, @ANYBLOB="b629836ecfa05ed619b59e911071bd26774fc67f200b6b234284c68200d3fbe421fbddf2d77c303ef63263a6e8751b0d03cb10d9a47a860970b9844b3d5b73b55a7a5d9f18861c54a2e3f9261dc52d673ba137cc77b69d4936a417c7fc30e7baa79b37f92338bb24f0f6d2db18d9f8247cbaaae282b869716401a7ef6ef213fcda8115f518417e157e16445ca41f35cbedc7e429ef0504490bf9a9b8702ed15ea71930d2d006bb206bf5eb88a160454f8c06f5b7d2f38b39ad18bb6229e9be10ac06dcd644de378fe9f62d3330fbf2f3ac0dcd72e4686507c6564a35f3dfa94370b0a71e9c4846395764ab44c66d84cb150ba9d737b797446ffafc07709232d06ad106f524b4ea6ffb7306ae8560aaabc72052023b9816edc3de603cb62fdad360db17b2d02814c6c6ebc460e810a9ac48fbad579de0ef7c0fd903299eab6dd73091a643b846e84a92ed9dbc18cb560d88fd636d507c18601b1afaa6ab892af6fcb2de9f205a255d9d0ce402bcbfe1549462a2bc04f2a795e066f0837113efe21c8cd6bb59c715547e9eea330b8cf44aeec56070773b4f07c4f34451d95cde4c93fadb112f82881f98c9142a6d52b2457f25b934c284db647285c689913867a9c59f865633811c4ad83953a4455e6ccf9224676a293b312f09ce1f32fff002f52e4a96e3d6cd56f0cf0a6ec1a517c6d98ef93db249582e1251c84cba848a7ab32de076267921aae0e2763e82680e6fe6e48c14dd9f97301aa6358d44b0e6ea35b9febc7aad321a036a4cbce0aaa1ddd48f9edc9872005f0cf1b99aa878b8e3e9e25024667cc90709a44840256e07ce4a1f39f00d6a5ac139d2c163139110090d360c6c320eaf523115b9ab0a1869afa246c232feaa8b7e67e1648fe5d5b8a3025071557a3934319ec8440cd9f98d20f2ae2d667b36dfd1850e03ea288f7f414fc54b6578f7938ff2eabe19621606c419eecbc753c7cdccbec3af90115a540c59e0b71edd6d7da8cc5b4561df62895ce4646f81090e9cf3804c8029c296595b4650a81980aca851b0464d2bc45235bbf0bd127486e8da1661ea78c2deef76756ef2becc0db8047999083c50ed1bc9d906ba2397481a055a58f99dd8686c271f1bedc16258bcd7261a11d468be40a3d997438770a1e3123ae15ab482b0bf53e44d8437bc79e1b839b6719cfe6016fc84f8f48b275b1d130d7703a050b1b7a1d7391b262f15c254c9bdadd96fe9743bbbd12d890ea7ca259c161076f6623af23c0f7e5d750227bf514553a5c577f57f65ecfefdc8f35a28b14078cc6daa856665508354701ec11e2a6472abbf03f4e68cca4d28b9b6f40ff4ab0de464c5eb41fdc0cccc6ae7aded2a6acba8b24dd03ba9a0bc837323cf141389324cc9d2f2516c78703a2bdad123f1721e36b3354e8ba44a0cb11991bbfbaf15a38b9e042030814eea9924a30870f9ae2bfea23030a1bbf594acf28e919468ec1fcfc6e22583739fa54079caca364f33924d421ec6d8f6b240552b8c94ee072fe8300768af429808e1d96a466e390309ebc87627c7862c7246c2e906d10fcb8a7ebe5782ea90b0b2d86bb2a17cc8f4f0ed4222b9bf2788bcc52f04cfadf36f70f23b1e20cf5f7174cfea04bbdae5280662cd56a00317c6ccae5af6e70386cc42ffed4d3d30d968473c226344bc62325589b9f1dcb253b085897462da788358fc25d6bf5013fef3c3d6ba5bc76547400a64b9ef7c2e9be34383feca14722c550bce5a8e8706733ef91211fdac5701b3dbcd3e25c25f12441ba5d7b562baa3a9ff75095e42b48fda6995722910254bee99d3bdedb50be44a6f1ab2eceb71d52fbd5ebb0ffd843dfa9cacb3895f0b3a60c43180ae286c8167d70f274a8867bdb79bb3bb0fd877211f475a59d5d835e59e4e7d14f5599d6a33561b56605221859bed81aea6659e3df51f3112cfa10a4ba9d4c7cfab734cc4976ad570b3cca6d720ed8ec6aa8ee0df43757e2888c0a6d30e80455bf95ec3a8f6b4fb3f8be7ce14c683bbe57d16f4e8654b036ad3d7a03c3d3ddffd4e633ab5d15dd3637e8158cad936f5d96aa87d898dccabb88a252e424005d695bf348ccecf214de56126ec025d51805b1b296e6bab62a1f801f1d4c471a8b093d284076b603cf7db0458d508412ba73be9aa29c463c87015f57680e5071cab350c5328415a28924f281e1f19f6fc7e3882d8f608a5163b85999ad89b3ffa651009e0392ddeb61f20d659741fc39310fb52a07ad9fad8123a021cab582fd6d167f05d631b6c2cf873eb91d4e4fb41d91b18158a1fb91eef3ffa69c31a34c6ec24ded707593289cb23a161357337c8a38db1d1f7bf633dab4f3b7d03f50ab33bd0e47167d79183caaab51dafae03f7b14cc4a8a05cb0d88e6586f921d11db24b310c459c205bac0dec71a5e76cc7bbfc378038f4ea67aac88504fb4a4cbac67818922ad0054652fcaf8837199eb23341f4b58e93fe439e0c51a13c0b1509c01ed7fc1f41353759bc98df0478a0077196fed1035d6fb39c5f5a1fc1ba085ecbe499179bfed949ec3cd3f06ef9d9e22cf26b861f511c0430e2ed168e6660235bb56db5b073da4b281506990cc62da70d55f39810547727f0c81dcd2e5a28fa91d135bdb2b3bef4a0b0c79cbdbf5558a5df30a9a5ed3d85019e228310dcc27dcffec6d023fad48fd3d0db2a6b3ef2d89282fb22631402f5de3d5483ad9b9637694851b61e525f977364f6d7a33bba91be6e4aa85b93871eebdda082ea034dfd810ba7a66113d4b2cb2eeeb8a77fbcbe9f60f197aa82913f8cbedd8e7bf191408f8ba7aaccfd8b543c1b7c52abd26b3a498c23a77309137bc47a84702e0b271ef88e3b5279378ab33ede97386f50d298c4a69cedf007a6803ac4906f8041b5dde66ee4620bb82fcd8600dedc788b943e54a54f4295258ba6f5a5c7f81eb13adfb8c2b29f13ee203d521643140390c3b1a4b6d096241c1e3ced2017f86ed038d657a128789f7bb4b41ecbcd76a2379b53a2ccbbe0e777168764b5a53e1da2c77103dbeb83d2e647651750c740a32ad3befb08819fc72c9febca58697503067ded3da28bdc5b90f2b915ff13adf8cc5f2947649bf230f74d38a9ae671283fc6b9063255fa80b77ffb3165fc83256cefe8fd69d23bc3081cdf2a20b28577bc2b383aac43ec99e04b51b0baf603ec4ee2859e31c3d79a28c61c9ff8c57f955a1dd1e761971950e4a9a96466e30a11fdd0f1fd04452e4f3d6e76241a465915a416e84e4f6b2e28a1062528e26353657ec0971da1eef1d57f51fd9950b05d926c5465bb76c3879129b6bdea2a42dff12bc646d20ac7741331131bf49a3b7801f189984d07bb3efd8595378f985001b700ed7a96d56732bd50e2e511479eb8e31ab9567383ce457dfc1c103c337a51438f784f4646f610bd4efeb7848056755a6034e2e7469bd3213a177c800d1f2763c31ad8b42313a9b30d3b8e28133cc410720c7f0fb7d224da5efecede8714b24d2d854106f94cf049549fd015238e3d90e194cce8e9d6d47b70510a0c27d3694956e9b4505a6e6a1dda0fa94585f330dda5a2692a235d25bcc0123d42ef663fa350f329c8dc0c2cd2896698673e6f11aa46dda902a77ebb4f7c788b391305c0c1016ff0ee4d68e5d641c50ee116bb5b027e82d98fc82c9bc1be34a5cf5115db0ac910090e8db14ab822516305826155c0a39db5cfc5bfef178bdc4709de1dc26d0f2b15e2a6c68a3f77eda8e3c89f5815d26ecbe1852b97ee404dcb451f255631ac5e9e90c877e7a7c6a67b6a98b30c4c572d63cb6160f75faf52d3d8e8c1a6ae56ab4f2e545ffe14e32de65e817c960467508052d6baada17e588d6ae4ea96f78a37469bdb75d09c4bb7650a38daf69c7994a58ec5b17a2eaddaf155219798604e2d848d60f3d357357f0dbf92cf3399b135bd9e891834232cf590f936c0d2bd939846df73e2703521939cd829508e6f6a0a095c1ec69cd4528497fe53b1947e9a3fcb12d4e341b35c4b92bbfba88d8cfc49aaad3239f2d621a375b9e71a9799f504211b539fb6b487cac4ae84c0bb3518aaf76a9597023f61dbb5c9f88c8353a1a59aca14e3ff2c760200614037336673f769555dd4ef2b459d168b571c04c6d6698c6dd0770107403de71c056cc7c286120a05644009015e848095bd78a428129dff6e92e5842862bb476e0450c3a837fef856e9834d83ba2aad7eae9333a6f1e1e755ca0967fe946369c4f99ddda1a0e0aaca5a10e3cca85be3a8849a2e7604c8daec84d67ec91d555f71bb96e208952104cb1934150d6eb1ff1aceca2306b499e9e0a232db316ebb2db4260ad154ca12980eb198bcdf33f06213ecdbadabf4bb10f2991f1fe1742299bb8c815276135718a4f9b96eb2046657ba8f54e1e476a0a9f51bac57ccd5cae90bbd17f83d3c6e2e5468895c76c6c50da404c4740c283263d376b2698b95fa32e4390a36da214aa83238c0337b95013b1367110844d674e5b6be33bb30f0547e2d36a22e7359aff9448a6c38bf3be60d3831e06780d29f1087b6aef83b62b18a1307033957c5d85dc52e81fd0004b9c5258bc6cdd2c34dd1af1d63c2c561530e661df6b91615bdd37c8151f7a84c5fb878fa5fdf79f03f71734241b8aa7323c67c6b80d6759368944c5d7c361e2be12e3833524548a3e45f691b1758f83b5500809764de8a5734fcc09b5fd45999ec16029ebcf26b9c00ae637482350886a8fa9afed36817409a49d6b4133dbdbc6587bb4324e190a397e47998cd0094211215fa89c2eea31a343f331d5fcf84b276c42fcc8fd59bd5833da236e8ce8e1a539d37049333ee16219e829a0396bc002df886a5cd78c109ec6d8d258a739fb727bd36cbe4adf48e712217e0a109dce4660e6547de3c23878abb4ce43120c07a00949208ed15803bd9f9b62ec8de6a07188b72af8a66eafd509272b91dae6302151b155cbf2d41ca2c932f740c9f085277de558212cd8f7f921ba3e3826947e6237bbde5b212658c0a44e5b35b53073f03b973e50fb8f91392d72721d19498d9635f3298f6fa7d47ac3b38ec689b1322e8c3af13cb1bc07c4e9ab6ca034e78bcf3b11fa06c6ea34c46db0884585eed647a518f351d497ce02b86cebd32ec4b131bd73352352d86c1b852fdbdbdda7f46102ce4c4acc9a33d0414e165e8812e3fe03aea2aade49fae7d81ef3af3b7f27e8c778a12a23f289937243791b9e50aeea9d98517f8438c1822915736844c87f61ee24c8bbdc914a528664dc4487def97dd71cb8d300b6881a5ef23c630b7e79587a499567cf93dc29fad6068985464543a0cb48ce66488259592db32ec9933744d38823654f3f3c6bfe351633f4d8f5cd0a514f7a096273f78e696102c31952df36bad9e5d42f4f4ac920b84bb86b5c8c926b0872e577ec1715805a92ed1a942ae98eaf956d9cdbb294b58acbf2e0c66215ee1a5dcd1217e5fbb1c18c1bb9ac8657cab6f8fe66ed2cdba1d5a4d02d2012ae6bd000b82ecd57467e43ae341183c41441a85978dd16b11117e1516a615c45690b449933720d839c4b0314a322b1a45e2d9a72d1970a05cd0f671700c4eab6927665d7ac98fb2d31de85acf77a16066552caa0998e7240cac2a2447186d9a0c196c0f7a50e358e45b839d83cd20665bfd3e4b52cbe0ebcf48160c94bec24b22cea92c8a6b1f6f611247640f4464824cc0b281f5a77e749312b855b67c506b2173f466d4598274e8d7c4026d0c21f56b35ece323c41da1fac5cad730ecbb95c295749", @ANYRES16=r1, @ANYBLOB="0c463159dde444bd64aee0944df53e411235791e3be6db3e59a269893fa5e58cf553bb780844476d0f4635", @ANYRES64=r1, @ANYPTR, @ANYRES64=r0, @ANYRES64, @ANYRES64=r0, @ANYRES16=r1], @ANYBLOB="d5431d5caaedbccc904968fbc9b99b5cf8c2a7b9b83dd118004c58da64a0dd6b029c8fe97f5b48f5563a36f62e09eb38fb2ff1ecb65934615c065b78b55654ed06d60b8fce85c73a6e7a9bb49a1cb1b471a8abd47a9a761d7805aaf76fa59d7fec66e8dc6e0de18d91d9de76dd5c16c2eb1fd10914627ec3ff27a5e6dbe8319c4872d4ec2bcd15b6bb2f", @ANYPTR64]], 0x1, 0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40048003}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x259, r4, 0x0, 0x70bd26, 0x25dfdbfe, {0x11}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x200}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3a8}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}]}, @IPVS_CMD_ATTR_DEST={0x28, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@dev={0xfe, 0x80, [], 0x19}}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5862724c}]}, 0x94}, 0x1, 0x0, 0x0, 0x40041}, 0x800) r5 = syz_genetlink_get_family_id$team(&(0x7f00000015c0)='team\x00') accept4$packet(r0, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000016c0)=0x14, 0x800) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000017c0)={{{@in6=@mcast2, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f00000018c0)=0xe8) getpeername$packet(r0, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000001940)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001980)={'ip_vti0\x00', 0x0}) getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000002a80)={@broadcast, @dev, 0x0}, &(0x7f0000002ac0)=0xc) accept4$packet(r0, &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000002b40)=0x14, 0x80000) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000002b80)={'vcan0\x00', 0x0}) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000002bc0)={{{@in=@multicast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@local}}, &(0x7f0000002cc0)=0xe8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000034c0)={'ip_vti0\x00', 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000003500)={{{@in6=@ipv4={[], [], @multicast1}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@dev}}, &(0x7f0000003600)=0xe8) getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000003640)={@broadcast, @rand_addr, 0x0}, &(0x7f0000003680)=0xc) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000036c0)={'gretap0\x00', 0x0}) getpeername$packet(r0, &(0x7f0000004bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000004c00)=0x14) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000005040)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000005000)={&(0x7f0000004c40)={0x3b4, r5, 0x100, 0x70bd2c, 0x25dfdbfd, {0x1}, [{{0x8, 0x1, r6}, {0xf8, 0x2, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r7}}, {0x8, 0x7}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r9}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x100}}}]}}, {{0x8, 0x1, r10}, {0x218, 0x2, [{0x34, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x4, 0x4}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r12}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x81e4}}, {0x8, 0x6, r13}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r14}}, {0x8, 0x7}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1f}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}, {0x8, 0x6, r16}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xfffffffffffffffd}}}]}}, {{0x8, 0x1, r17}, {0x78, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r18}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x2}}}]}}]}, 0x3b4}, 0x1}, 0x20000000) 2033/05/18 03:38:53 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x8848000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1084.213374] FAULT_INJECTION: forcing a failure. [ 1084.213374] name failslab, interval 1, probability 0, space 0, times 0 [ 1084.224786] CPU: 1 PID: 11861 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1084.232070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1084.241434] Call Trace: [ 1084.244045] dump_stack+0x1b9/0x294 [ 1084.247698] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1084.252901] ? __save_stack_trace+0x7e/0xd0 [ 1084.257245] should_fail.cold.4+0xa/0x1a [ 1084.261326] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1084.266444] ? kasan_kmalloc+0xc4/0xe0 [ 1084.270349] ? kasan_slab_alloc+0x12/0x20 [ 1084.274508] ? kmem_cache_alloc+0x12e/0x760 [ 1084.278842] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1084.283694] ? kvm_mmu_load+0x21/0x10e0 [ 1084.287680] ? vcpu_enter_guest+0x3a83/0x6060 [ 1084.292187] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1084.297214] ? graph_lock+0x170/0x170 [ 1084.301028] ? do_syscall_64+0x1b1/0x800 [ 1084.305096] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1084.310474] ? find_held_lock+0x36/0x1c0 [ 1084.314552] ? __lock_is_held+0xb5/0x140 [ 1084.318638] ? check_same_owner+0x320/0x320 [ 1084.322983] ? rcu_note_context_switch+0x710/0x710 [ 1084.327931] __should_failslab+0x124/0x180 [ 1084.332180] should_failslab+0x9/0x14 [ 1084.336126] kmem_cache_alloc+0x2af/0x760 [ 1084.340303] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1084.345164] mmu_topup_memory_caches+0xf7/0x3a0 [ 1084.349848] ? debug_check_no_locks_freed+0x310/0x310 [ 1084.355058] kvm_mmu_load+0x21/0x10e0 2033/05/18 03:38:53 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x707000) 2033/05/18 03:38:53 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x0, 0x81000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1084.358876] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1084.364429] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1084.369029] vcpu_enter_guest+0x3a83/0x6060 [ 1084.373363] ? print_usage_bug+0xc0/0xc0 [ 1084.377445] ? kvm_set_msr_common+0x2680/0x2680 [ 1084.382122] ? vmx_vcpu_load+0xadd/0xfe0 [ 1084.386208] ? __lock_acquire+0x7f5/0x5140 [ 1084.390453] ? vmx_vcpu_reset+0x1030/0x1030 [ 1084.394778] ? graph_lock+0x170/0x170 [ 1084.398718] ? graph_lock+0x170/0x170 [ 1084.402522] ? __lock_acquire+0x7f5/0x5140 [ 1084.406764] ? debug_check_no_locks_freed+0x310/0x310 2033/05/18 03:38:54 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'veth1_to_bond\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="0c00000000000000009c7d9d6600000600f055b410000000"]}) socket(0xe, 0x0, 0xffff) close(r2) close(r1) [ 1084.411966] ? __lock_is_held+0xb5/0x140 [ 1084.416049] ? lock_acquire+0x1dc/0x520 [ 1084.420037] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1084.425066] ? lock_release+0xa10/0xa10 [ 1084.429052] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1084.434336] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1084.438840] ? preempt_notifier_dec+0x20/0x20 [ 1084.443361] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1084.448209] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1084.453243] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1084.457319] ? kvm_uevent_notify_change.part.29+0x440/0x440 2033/05/18 03:38:54 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000]}, 0x707000) [ 1084.463042] ? graph_lock+0x170/0x170 [ 1084.466852] ? find_held_lock+0x36/0x1c0 [ 1084.470935] ? lock_downgrade+0x8e0/0x8e0 [ 1084.475094] ? kasan_check_read+0x11/0x20 [ 1084.479248] ? rcu_is_watching+0x85/0x140 [ 1084.483413] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1084.488622] ? __fget+0x40c/0x650 [ 1084.492087] ? match_held_lock+0x841/0x8b0 [ 1084.496339] ? expand_files.part.8+0x9a0/0x9a0 [ 1084.500934] ? kasan_check_write+0x14/0x20 [ 1084.505178] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1084.510123] ? wait_for_completion+0x870/0x870 [ 1084.514719] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1084.519926] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1084.525652] do_vfs_ioctl+0x1cf/0x16a0 [ 1084.529550] ? ioctl_preallocate+0x2e0/0x2e0 [ 1084.533968] ? fget_raw+0x20/0x20 [ 1084.537434] ? __sb_end_write+0xac/0xe0 [ 1084.541426] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1084.546972] ? fput+0x130/0x1a0 [ 1084.550255] ? ksys_write+0x1a6/0x250 [ 1084.554067] ? security_file_ioctl+0x94/0xc0 [ 1084.558482] ksys_ioctl+0xa9/0xd0 [ 1084.561942] __x64_sys_ioctl+0x73/0xb0 [ 1084.565841] do_syscall_64+0x1b1/0x800 [ 1084.569735] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1084.574587] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1084.579521] ? syscall_return_slowpath+0x30f/0x5c0 [ 1084.584455] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1084.589815] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1084.594650] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1084.599833] RIP: 0033:0x455a09 [ 1084.603024] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1084.610740] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1084.618021] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1084.625293] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1084.632570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1084.639832] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000023 2033/05/18 03:38:54 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000]}, 0x707000) 2033/05/18 03:38:54 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:54 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x0, 0x1000000000000}]}, 0xfffffc53) 2033/05/18 03:38:54 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x0, 0xe00000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:54 executing program 6: r0 = socket(0xa, 0x1, 0x101) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005e5e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f000000000000000000"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r1 = msgget$private(0x0, 0x480) msgsnd(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="030000000000"], 0x1, 0x0) 2033/05/18 03:38:54 executing program 4 (fault-call:7 fault-nth:36): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:54 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(xtea-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000028c0)="b7f2288a933d66593ae164c990a0028e", 0x10) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x10000) accept$packet(0xffffffffffffff9c, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000300)=0x14) bind$bt_hci(r1, &(0x7f0000000340)={0x1f, r2, 0x2}, 0xc) r3 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r3, &(0x7f0000000040)={0x0, 0xffffff82, &(0x7f0000000680)=[{&(0x7f00000001c0)=""/81, 0x51}, {&(0x7f00000005c0)=""/175, 0xff98}], 0x2, &(0x7f0000000780)=""/4096, 0x1000}, 0x0) clock_gettime(0x0, &(0x7f0000000580)) recvmmsg(r3, &(0x7f0000001c80)=[{{0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f0000001a80)=""/155, 0x9b}], 0x1, &(0x7f0000001c00)=""/127, 0x7f}}], 0x1, 0x0, &(0x7f0000000740)) 2033/05/18 03:38:54 executing program 5: r0 = socket(0x40000000002, 0x3, 0x2) r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x3f, 0x4000) mkdirat(r1, &(0x7f00000000c0)='./file0\x00', 0x18) setsockopt$inet_int(r0, 0x0, 0x3, &(0x7f0000000100)=0x80, 0x4) sendto$inet(r0, &(0x7f0000000080)="2bcf463207501a4e473518e589c0586710b791d36f2e3b1d3f32cb54ce794da70169355e474cc08fcc95426f", 0x2c, 0x0, &(0x7f0000000180)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) [ 1085.429140] FAULT_INJECTION: forcing a failure. [ 1085.429140] name failslab, interval 1, probability 0, space 0, times 0 [ 1085.440550] CPU: 0 PID: 11910 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1085.447838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1085.457205] Call Trace: [ 1085.459811] dump_stack+0x1b9/0x294 [ 1085.463457] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1085.468660] ? __save_stack_trace+0x7e/0xd0 [ 1085.473004] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:55 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") fcntl$setstatus(r0, 0x4, 0x44004) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f000016b000)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(cast6)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5ad400000000000000000000000000000", 0x362) 2033/05/18 03:38:55 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, 0x707000) [ 1085.477084] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1085.482197] ? kasan_kmalloc+0xc4/0xe0 [ 1085.486092] ? kasan_slab_alloc+0x12/0x20 [ 1085.490252] ? kmem_cache_alloc+0x12e/0x760 [ 1085.494588] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1085.499445] ? kvm_mmu_load+0x21/0x10e0 [ 1085.503431] ? vcpu_enter_guest+0x3a83/0x6060 [ 1085.507939] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1085.512964] ? graph_lock+0x170/0x170 [ 1085.516775] ? do_syscall_64+0x1b1/0x800 [ 1085.520846] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1085.526247] ? find_held_lock+0x36/0x1c0 [ 1085.530323] ? __lock_is_held+0xb5/0x140 [ 1085.534406] ? check_same_owner+0x320/0x320 [ 1085.538740] ? rcu_note_context_switch+0x710/0x710 [ 1085.543688] __should_failslab+0x124/0x180 [ 1085.547937] should_failslab+0x9/0x14 [ 1085.551750] kmem_cache_alloc+0x2af/0x760 [ 1085.555914] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1085.560773] mmu_topup_memory_caches+0xf7/0x3a0 [ 1085.565450] ? debug_check_no_locks_freed+0x310/0x310 [ 1085.570655] kvm_mmu_load+0x21/0x10e0 [ 1085.574467] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 2033/05/18 03:38:55 executing program 5: r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = memfd_create(&(0x7f0000000000)="17", 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) execveat(r1, &(0x7f0000ff7000)='./file0\x00', &(0x7f0000000580), &(0x7f000034bff8)=[&(0x7f0000ff7000)="00000000000000060804002000fffc0c6565643b799365005f1b76"], 0x1000) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000100)=0x3, 0x4) r2 = socket(0x2000000011, 0x2, 0x0) ioctl(r2, 0x8916, &(0x7f0000000040)="c626262c8523bf012cf66fc37da69aae6e996edac7fc50b5a28f8ed552f8b85a9f1743717e8865ca0ba1803d081830030090") r3 = dup(r0) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty, 0x9}, 0x1c) r4 = semget$private(0x0, 0x0, 0x26b) semctl$SEM_INFO(r4, 0x1, 0x13, &(0x7f0000000140)=""/28) sendto$inet6(r0, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) r5 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'veth1\x00', 0x0}) ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r3) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0xe}, 0x10000000000f, r6}) ftruncate(r5, 0x7fff) pivot_root(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./bus\x00') sendfile(r3, r5, &(0x7f0000d83ff8), 0x8000fffffffe) [ 1085.580019] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1085.584620] vcpu_enter_guest+0x3a83/0x6060 [ 1085.588957] ? print_usage_bug+0xc0/0xc0 [ 1085.593035] ? kvm_set_msr_common+0x2680/0x2680 [ 1085.597709] ? vmx_vcpu_load+0xadd/0xfe0 [ 1085.601797] ? __lock_acquire+0x7f5/0x5140 [ 1085.606044] ? vmx_vcpu_reset+0x1030/0x1030 [ 1085.610375] ? graph_lock+0x170/0x170 [ 1085.614184] ? graph_lock+0x170/0x170 [ 1085.617989] ? __lock_acquire+0x7f5/0x5140 [ 1085.622237] ? debug_check_no_locks_freed+0x310/0x310 2033/05/18 03:38:55 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000]}, 0x707000) [ 1085.627460] ? __lock_is_held+0xb5/0x140 [ 1085.631529] ? lock_acquire+0x1dc/0x520 [ 1085.635508] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1085.640537] ? lock_release+0xa10/0xa10 [ 1085.644518] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1085.649801] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1085.654305] ? preempt_notifier_dec+0x20/0x20 [ 1085.658806] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1085.663647] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1085.668683] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1085.672758] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1085.678503] ? graph_lock+0x170/0x170 [ 1085.682320] ? find_held_lock+0x36/0x1c0 [ 1085.686396] ? lock_downgrade+0x8e0/0x8e0 [ 1085.690557] ? kasan_check_read+0x11/0x20 [ 1085.694714] ? rcu_is_watching+0x85/0x140 [ 1085.698880] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1085.704085] ? __fget+0x40c/0x650 [ 1085.707545] ? match_held_lock+0x841/0x8b0 [ 1085.711786] ? expand_files.part.8+0x9a0/0x9a0 [ 1085.716375] ? kasan_check_write+0x14/0x20 [ 1085.720618] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1085.725560] ? wait_for_completion+0x870/0x870 2033/05/18 03:38:55 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x707000) [ 1085.730153] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1085.735351] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1085.741072] do_vfs_ioctl+0x1cf/0x16a0 [ 1085.744980] ? ioctl_preallocate+0x2e0/0x2e0 [ 1085.749399] ? fget_raw+0x20/0x20 [ 1085.752868] ? __sb_end_write+0xac/0xe0 [ 1085.756863] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1085.762406] ? fput+0x130/0x1a0 [ 1085.765694] ? ksys_write+0x1a6/0x250 [ 1085.769506] ? security_file_ioctl+0x94/0xc0 [ 1085.773927] ksys_ioctl+0xa9/0xd0 2033/05/18 03:38:55 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000]}, 0x707000) [ 1085.777386] __x64_sys_ioctl+0x73/0xb0 [ 1085.781281] do_syscall_64+0x1b1/0x800 [ 1085.785172] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1085.790023] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1085.794964] ? syscall_return_slowpath+0x30f/0x5c0 [ 1085.799897] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1085.805272] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1085.810127] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1085.815315] RIP: 0033:0x455a09 [ 1085.818505] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 2033/05/18 03:38:55 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000]}, 0x707000) 2033/05/18 03:38:55 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x0, 0x1000000000000000}]}, 0xfffffc53) 2033/05/18 03:38:55 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x0, 0x8864000000000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1085.826219] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1085.833493] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1085.840763] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1085.848038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1085.855314] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000024 2033/05/18 03:38:55 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3800000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:55 executing program 5: r0 = socket$inet(0x10, 0x2000000000003, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x400000}, 0x0) 2033/05/18 03:38:55 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x800, 0x0) write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0', [{0x20, '/dev/rtc0\x00'}, {0x20, '/dev/rtc0\x00'}, {0x20, '/dev/rtc0\x00'}, {0x20, "255d2b656d316370757365749e5c"}, {0x20}, {0x20, '/dev/rtc0\x00'}, {0x20, '/dev/rtc0\x00'}, {0x20, '/dev/rtc0\x00'}, {0x20, ':bdevnodev'}, {0x20, '/dev/rtc0\x00'}], 0xa, "2786966f2a81ffd18104f7312d0b705333b227f177c9209f"}, 0x8b) preadv(r0, &(0x7f00000006c0)=[{&(0x7f00000005c0)=""/234, 0xea}], 0x1, 0x0) 2033/05/18 03:38:56 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x0, 0x1000000}]}, 0xfffffc53) 2033/05/18 03:38:56 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/tcp\x00') r1 = socket$inet(0x2, 0x4000000000000001, 0x0) writev(r1, &(0x7f00000026c0)=[{&(0x7f0000000140)="4982d331698722bf4b78d99b4acc1833bf8cd9520c27eeb86b46fac529f61931552eac8be7871a6048c7229d6b925f78600a41bd9f51353717ab99f3fb5119dc71335914f2a944d4ed88103ecc9d8e97d41ae44ba70dac868935865c26c21b071cfb44e5b702176d60e94692d32e13c5f468b83565b1b5f78b2de1aafc71386def559b309f794812f66e2fa72061646dac143383e9b4a156d71168885429307474f30c5747404a5fa5fe4c98b28756bf0586124490271ab792960ffb4fc2e9dc6450586579138e80ad4f92f0cf24672a1017d162f87c81", 0xd7}, {&(0x7f0000000280)="3de6438d69d8e12f7c2423a59f1bf58bf26efcf2ce95c7086168a65078acbfad8e7a2ae03a77b19cb23a743a7304acbb3a75ea8d372588e39dec1f848260619c48c06edaa36c680d41904c864d7b3cfb433d7c49d34830d167d144ea4d338817ef34edfbb266c70d714445f246eac0068146b6a7633dd226cb00a22612dad1f4b266421d195fa7e4916bc3f3fe6a5b56f436d2ea307d502dcb848df3312e2ffc7b45cb30ab927354f734b916513af43bd54450f977aa3f0fc37a2c4c403f229186d2a1b653217d57290d773720dc50ff5a678d9568ea514c141d6b1ab15168937006ebee89414af2889d03f201e2fc251c8379b393e724434f701b2fe2cb86080acef6ee35b11b1f36bf44b32eb9b4b1abd2f232f0d724b87eb4286564b45a634645e44d9c9b5fa3b84cd4afcb395b4b09e5f79798cf8e8dab7c4accbc48e93f8d97172ee07162528319d652c527e88ce3a32f9abc8176855cdc946dbc7f7c358c5b11613f172712a6a585298ddbf846d8db3f6dc9fec740388ab6e147fb4b2bd0bdf95d353b8655f9fc692949d1264acd4eb00e364d1e34bde377ebe1b6d6a151ba5fc80361d27eda566b150e9176f61f18b15e9024f27d96b5d40b4c88519fd4c940a113531b7268d76dd691152daaa1c59e3f45ebf6983b74b585e3a6668685b78e50b170074d91fad56d321fb251da02d919014e36b2abbe03b5a7f96e2a06c77febeb00d779df80109578f5c2f538b2ef5753a25d3052b9a9f8558490c51934271c62644b18c4d6fc69b0c45959afdff76ba35ba1e5b6fdddfcc982ccf25b0535b9817534dee611f65d5b3cf638d17d663b950a817a23e61253d485f82573273098729db1f3a97f823388b10a6ea3884de0f60620897a4df6fed64d8886c002bc7ae57b9b7a7aacc52ae5f3b686a1bb4a3182bd1e24421881ec8aab6d6f0b3b28537b9e5b60c40a69c5671eb21adfce04321134333a501e41b84997a8662a0c1464c5573164c2dca71af50c8ed3e68b70a4dee67ae7730afe7fb16209df10e4e3b89eedcf8703ff67b3ef3ffd5bbc58a1becd019ed2d11fee069c611c2d96a53385ab74a32de664d554ef9c34446f57c0f7952b0f9bf40bcc51d49a8749c7da684279d1fa863dcaf1c9d5a683ea2da7c99006b3b1603630f1aebb1857ca5f9bcd80aded4d2a83b9efdedfc6a8e875d4b9c8a1a5b8834f0240d928e2450107c86c9cedb12ab839689a400c8836a4f86659206f96562fa8d2e5e6e8e31551b488d6e97c55aad8d54ffdc2373299926cb89a5449730947f7c4798173cf32441db9e92ba2e510a13d196b4713723751133ad6e5d5f124b73d59772644e3533e75f12f43493847dae0d548ce9441dd81426a79dd628d9869ee79bdee1640385f90e0e8a5df653b73e3dc344751d7add72dc0f31906bd218d6a7bea4969c6e04f151c21a520a08078293d34fc9813583b464804c3a99ef239e2bb6f21dd413c090daff9d44bb19d787261e15d660144290e6619ae2e6f6a36fbf24fd5703b2c09a1bbf77a000d01425a0b9e23ce6d6931cc39b5cfcfe3a0f8e9866f96d74ef0afb0f5bfa5c8791f97035f97b8cfead77db3f620c03f4be17c71e360efc49c4d50d81f82bb85bbae1b06a43c96aa423cc530abf47a451d3a61d5b24cc6440324f498a1711bc97e51ef58ee22d5be690804c284f47f36246034884f6c3fcc0c98ab7843d3488386e4ce37bf8dffd84e52f7c7c3d1254a69c1c127d7d31e1c1cc89e84fee45e58fe071216b3a3a3e2ccc6d91ada116b63fd8a7e8c65c9bef2bf47b91356136eb8611de697d44052671be0c01d194f32d954dad0976af57d94417a83475bacc91bdb03b5158ad6652d6c1422947e53d8bac598108271e092c070e1550df11fb79cfdf66e3562a63f146e96e961427ac57c9ee0d26148113a85ea9b00d700bf61447311875dbedb5f320c93600671ed55d0d81413a2d0b06c5256339e571c39999139d21f4663ac369548867bf7a1af896f361be54bf753f7ae020c9c60fe2ca1689348bd1ac4912b8dedec9ac9516a13c18201a1f298c74bb7036a10cd2e20e23160dd999c228f78c802b19111d16443ded9b68ca01ca675e3eda006809dad4d7bf442971124990a51b5af34561e532ed26245ffd78f3516731511e4920405b450749fc797f8acdd312a105af3e93be960dc195a400efa8435bb5956b14d5d996b202ebaa5e03989bf71c2bcedc1380f56b345f12ed379eca565cba4027c24333ef6397cedb7b9316a6e470f15010b2574be8a60e920ab0f05f5bdac0683e79b65fc16090f9645a94ddd26e248dcc4680036adf342cde0b8a06e15a00f004538066d508774842e166e977f420471ca6708fb6fcd1295381d71c2522836ef1caf96717875f0ea1a21651834d9d616cdfc84088c32448a5b687a7e9c9c9089f6338ce0190500895097368e801d07eeee5f2d12dc4e7dfd125415165289b1948de9ff8df5bc31ddb250b820b3d0b17417f26bb55617495debde0e75aa47d6c83a1dac24519dedf964f3807b19d36887833bd8b1a82817043779eacad6889ec731be6f44aa501acd0ed2d387b320198272a7032de2559279fe55a6871046bbd220910d5ec65ba5d2765bb96c3fe67f13e88831c874c6e1b776acf1b1275b65296fc38792a422342a72132ae6b5dbc655b6c1ef40cdae730513d9eac7606e3df5a6df4303ecc37e18320d24b590aa1f63d8fffe9f7ed3f95517ef8750ec8d3324296665fe69a42fb8d44d8b08abb36bb1b5984e7743dabe01249f0c01180cd99577116f958fe9f01fe98e750ddea30d7ddec60ba1f4bcd6b0f6a3ed692dd83940878099ff3222b22933a79d9c914a2a601dfd201a7241b484d56153c4bc13cfde157f85b37370dcda8978cbfa10739940dbfb9faec54335b4451bf6eb8ce7028969b59cb54a444aa77d007b9b5be85a020b109825d14b6dc043f2c0748d33bec6cfee9c45c4f37a2b83500a56bc66640f01f2f4525d9debdae9e970ca51d2ea85c739fcd1900cbe8e94a8d7010c1b44a113cf9fa0ede5302eafa7ce843c662823ef21e11dfb728eac8fd24bad844e2f7604fd9388f51b96f705d873f0599327449617f6371b6c8bb287825ece5f028e3e499e25f05f53c5dbc7da4249b4b237534d1a946480537004ab727d32e361e89dfd77481d89d2b7d0d88afd8baeeda353b6e5345c29684104c7643a6dac324904a7907b08cc44b8ea47a46aefc4c83a4710b46e9890632bcea63b79889e932a9cda9a8811e5b8fb384303f76797a0fc8f7368dcb8b3c5cd864c7baa770893d5f0e997c77804c7415cfc9216ce240c7ce8ec0a9e8ee203282011fb1273453fa7d6b93ba3f25d0e51650992c5b49d932e9e2cad1645f04a974fce69658a9eba596ec1a0eaa4f9a711f6077e72ad8aaae3766082144af007b23f01832f81a555e89bcbf24fc4738deb8d02365a5cf440204f07125b5ae39aed0d53be45b3d6d9a60fcdc8df6bfefc23015e7834852ac42cfe02d030ca12937e38eef2c0f7247a08ed143c5b6113f45984dd963adda020578f7d407b35e008eae9defc3f8d35cd517c53b484b33022be58f34eb427fbe056726b0c8fe5adfcfd8d37d3ac16a3307aefdf5e2bb2734f654f6eb23c92947828a1ae493017fbd6d7e4c6b810d50aa51ddb567f0ad0758976c42939e5d74f42d35c708296fa9bb7f174049a2ea7184f6d9ae60c2411cf9688fe8164bfce87141dbd563fef17633ae8daded48dd52837d30a9acb5cdb8926ffdc6bc555f171a043c3235d5635e9434f8ef68319cd96e5acee87f9a8e6955ec7f631c1f7bdb5631cb889673814b7edb86fdd0c8c17c2584f2142fb65b9f8ce75d6f7c4889685c05e6d48c9996f78bc8bb7a9357940a16f653fcea1701eaf43c22de0bc76fc5e4c9df70ef65a56d4a1a1e8572944be2cd0965b8c11c970507700efc252ec99215c12e89349eb9f1fbbd545db521d13298a1e9f1190fdee3973d7c5677a1c61c8da83c70974c3ac06e35310c2ebe51ff47d152619f767bae9b2a7af6fc343bec3adf9d3c08bdc3339b68e3d2864a7910a99477bedec8b623e53a139196e89f36f52967e4f54a5b574fa652e39fbed5e62b1b1f757de51d5cf5f722cddd53c247625c7477376840fa157ac4b57163c5e8446902d5aebd55afd2aa04c210c523dda13cd99f825878be9be7ed9f143343cfc5c39d6f32d5a96220953c202a3c12aaaf1f77ccf59415504901e44405c4e2750df2e1f0e326e921789b393361ce304ea84e5c5c2e2eb61256282c3b10f3e1b5247e768ea5ebacee3c02ea31eb18538ff4d209e6ee86bac0a3d8454ae0705c372c76bdfb072b5e99c42bd33be0fd748d855882170415a0f82b8abc5b7287240dbd0c7980465d6d6a15f6731a7fcc986404b0c9367952d47c2d49c85acae51798c142a4c87453e0c56f70f828cdd8ba371600cb2887cd2385f3be0d90cc6842d24e94275dd7b071804d94ad4e1768e82d68a52604187f64caba74439e5edab46ca93001dc77d47f999171bd6853cee8ca058a301aff1e57011ee9fa5e650b46a8c48adb3a51d37572171bc003eb112bb5019198f15e244bed10be332968f79e9617efc92472b35cb7c046c8a09964ec0c794a2527c646758d66718a9164fea79e997736dbe6ac981c0ed58b484a8ccf47f6f0071d0237272bc9c300bb0aac848914e6f629ad3a2647b80147b18379e8b83d135b4a949e22da627fa6769384f79b73e9556c3e160095244e68b822e25d08d79c8d68f5ebbaa784248be5aecbbf657d6a799a530057dbfc2c45ed8994772d59efdbd9673e45ec82b3dead4aaf1b52d90001d43856b0cab3600485428274d07a8b14beaa0280dfc57ea0dbfc79582ffecb16c57a841dfff5356b3fd29ac6ef4c367c1a9a3b081af2855443b2dcef826e8d390ee3b5424c4b327b8146f4424bd23c6fd084bd2ab5187a0f5fc2b0f746c0211716e66b7141d4437c008d3b4ef0f28c56f09cc3bd6232950c4a046f4d30658c1fd3d52bf648277b33ab6688dc48db7306c9246f5b23f3fc749f7b8e5c850b945f39e2bba957b105e32af71d5723a89ca3ebbdc29a6f49ac455d8675eef6ab2f043e618dcf9b759ba30844d3c3afe9d035739af43866cd507979ac14a771775e2b3354a2c9e6ba6e66770e024ba437775158211dd10ba43177266de5cba3a417ead304b5d81a1865ffbf9acf2ca0ab5b1705f9d94edc457fcb870c669031ecf40b5b1c077c96c64889209894ed6ce0c7f180184f004b49bd903614ea238831e0fef06e7b00778bfaae222c6d03f58329a5c0dc174b35fa48d347f999d680eff99a3780f63d7859c5b826b8aade5ffbf6252f964b263bb617d1daeb3197e820f468dec50c6d5ee3e00d6018ed2952baa5a71ef22c2d153211c998b6ad31a0c3b6ad689c99d1724fb4005fa0a7436e26a495ad6e2e98ba15f42f4c1285b36f1361b126af0a7a5ab6124ceeb262825830d056da74e70b260d003d1806ec725d1710ac2c202300374c4898b4067b5c9e618e6b3d6a8bde83a9bb296123929b509b2d90fe824755990cfbf2fa90569e08b6ff528f7127804a99beec8344925a908a00b7451bfa7e731aae27ee79597f77de6a6d0136c6bf00bb522e37ec480a5ad75a625480702afc779fab19ca9c178d780dca662eb457832b6a97e8c137bfdcf5950dee178cd1fe960ede15ca7e6a510bf4b8344a01c5f2e6faa1b49010dadd1b02bbafb3a44b1b612147a465a210e42ea", 0x1000}, {&(0x7f0000001280)="319dd176fd43833b03cf86f87dff3a48ac434687847bda3009cf8f913dd33873215c75ef9ec5f13c30097fe138f4dbb7c08ef706cfd9204ac875176a5eb6a524dfa6c7cbcefc26c514dffa2e7d450b42bf66b3f32a130aba3a0d3354dc02de9d09b7b46f423b0d8144263006832b0c85de913d39f998ce6108e7ac633fd3f195eb12cb69f35525979707f4d4937cb2dc40d30c305e64cc7216708424470bf74423944513bd38427d40310daf6c609adb1a400bd696f21c93c4a37ec31c228a28362617bdf3deeb608ff964fbb9552d0df1c06de6ff91b2a32b7fdd86b381c9af7b75669277e5195da8c6aa05745174", 0xef}, {}, {&(0x7f0000001380)="89c3b702b3a497d8dcba51c92d3fec3ff94d8f1576c9e893a52c52d9d8d6e1a44a35a726a501d40fdf2b185b480a20f6a62b12af59caa6389d90d676b0828534fa8cf9475dc7deee7ea09b46d41c73f2b2684df6cffee1f49a7aa5449275a57bb50aced22753e77426", 0x69}, {&(0x7f0000001400)="b6fa658237071546ad95250d27408f47d96867a6cfd96b8240088cb95c1370cc85e267c81cde983b8d908a641d9d9a5ae65c8693b776cb182310bebf2d78e298e95a2bb1866d0062354ce0dd96569651ceba475497bad847c482e5f5fbf4c753137183d829467249892ecdee588776f632734cac7fa88cb30e9566f9d9f06aaf7d25206ac41682ed5ae6ec5029e627bef51b6f235d973c596400f33fbd28eb1b228869afac753ee69b8078243d855160761234419b06724741b2208b616a2509f83cc31c5ad601de26b2b97dd2df387bf63dc0d740e007", 0xd7}, {&(0x7f0000001500)="0c01b04b495ddc5abb519fe5636a3614915ed58bc02fcc55420f6125a9c47cc83c2a20ef36844b94752f471b78f98d0ad6f7dae0f2251320623dac09bc82ef77b665b49e6513c7bbfbc5dc956d9e5cbf70120b9a95074c8346715fcfecb7b9865506a1cf7c543f7fc6024d5e8672f1dd37f0b8eeaabdeddba9c0dea4b0810a1c70591332735874eed771fcc3daf5e6c809a815fb7e1fd3d8f202c11122df41ab91157951975b688b1d85171672fdb24ba59d5acd6c6d1d8bbef82c9a237a4e5f7057717470f11e0319afb5371ad07ed7a43101ee2a8886f63dc9748543685a7a6023f7e859a8dc88ad384bfe8fe45ea7d0ab8586", 0xf4}, {&(0x7f0000001600)="5216e9fc31035968b381513297048560022b72b22769b7c621769cd3acb5c09bd1d99d77ba29a91a6ceab92936b14511f8f9942e4e5a7238daf39225bdc51c885e246b56d392501f1f320baa07ba0b0a815c2a83345335ce3249425c9d522f3b8a783e80f9d72266e6b9864e008a3a304e20a0ba6411373aad888437fa3b4a2198d1f56b7d0368554519311e65dec78273e8412cf8e5b9f72ea0417d8154c2bb31dc557e40d52e5d35ee54c205286c4aa5b640ba1f9faa5e6dd135f63216ec", 0xbf}, {&(0x7f00000016c0)="c411b13d8ee18b21c20964cad2af045777b76f7f9a9a85b09b404eedc70bc1c0d84b6d476f10619501bc9a2df5b57e9cf77a15f2baf88cf188474e7c7f5f4fda50d55ab7f48b42f2f30dca8475f1ca3d773754c1478546c29a6ea25b7d2b44551d9b9510bea6112a216adb90d4a1dbbd5a424d24306790b6ed62de66bc03a6880b2ed6ca55ccb9798c131d8627ea26809ae888b1aa932e46d2ec897ce6f38700be1d02c3145b4ec23f4af2a7e6af0b9545c9dd665c41587b77185bdac1b90785903001df0dd6b403eab2a42731c095b60e013c86f5fcf55f1b100cfe5704dba3d625ed35b468a96fe405f61ce6678a762da13213ae748b1ca600605d9a2fb8ceec279f8a0c5763e4c3d8d6c5ae6b2b7108c75f0fc301d26858b3c25375909de0003895142f1ba5a120f45481611f7faf984a47312264f62a9ea9d196ab1588578efa3b2715993a37829dc0a014dbc7dbf8d6ed712af13d8d98916897f1e20e56fc7064eee5c1d4a633f2df17cb6f4a486fcd50cd2a8f25e9cf536bcabb5d28d1fa23b6d26798c20a17105ac7c064df2f36437ad45a3a2a614a3798a3a1e73d3d6a97198b0a1347b09704838d0146f5b37271446c7bdb7cc55f12f7a8688180e533bd84060f77ae4235a14f0d20d2b2001abf7f5b5145b0a79510706a44b91eba2165d5ced7151c286bc617c60a618637cd5a5a416b839bf2b141a2484c22f102b4ad9b0935155a44a2f401ea97cb7dd96fa68bb1c14705ec69fad2120fd004fd66744462781846eb9a7718a11af80485212c307bce274a46e39e76a8431c515c05168b1c607f99e57f61affa02f6bb3e974919dad273060b6d79d0d78c071e8ceda9137c52b5130097fd5c3b47f539860d6ceffe896a726fe682dfa6228c2f2293dc15c0dd8c2426a56980617f39f91f4c101671cbf4894b52658dd9260f3e300490fb6e609d2d1e6f15bc0e956c25b574be59601151d5e21f395f01b8459c134e088202128d059e303ba3cb4a433edb2780e1b46e9f2e9ba513080b10c65abe2ff08ad5280bbf3dbbb29698546a3ab8a2aa168062065cef15f442feba92624554cf1e6f9db946db3da4e989f758b837cc9213f74b8e90d25dfecfc2a49e510e0a70869987754af09e0e2203d3a58612ffa3fb3a5f6e7862fca6766fa6f59bdbaa0f62e5e477962e4bdaba5c0fce937efe382a3991eb9b40e6dfbe492abbc5a76637d326323557c9e4443f7f42b87826534cb9d77d251e6bb35a50d2cbe4d63abea3801f1a2f0c92643a0341c6a13cc86dda0e3724d4b6c3d077002c760890881987372b0a052c0ce91306a2b4edea3606f20126609d2ac5b0d7acadf1a3c22125d8ad3e22e5f808d4fe502a70028e0be09fd6ad913876d5f29c055f28721539fede53494d31aa45acffdbc86ff0f59001a9c5e40f536c0a745456387f91a7a450bb352193aab7f3f499824444af45d4b6993c994a1a7fa6ed344d510b783debf55099236efad1c674ac0cef95569f6bce89ccd7df381de0000e7866bdf160a877d472d2507c97e328146d80d12c2d69350551cd697f6a476fee22067e01d1472c99425f4eec303e35e7c95615a795344ef2e8956d3721c1c4b6564f5046b6df9b98af31f0c411b8e3ccfc6acbd069f767ef1e4e466475ef30dae2475d18fe42def9f66eb6beb935247f720323314628d13362099e11119985b9eb92a9d279d7e0196e54dc739ec2c20c13f4a22b2acf8d15d636a89454de8bb4a573b7a02521e8f55fb439b65f1b3f73fd859922926149144f1f3dd77cfdab3ad801d7ad20fa21fd1725813d72dc1f3062eca4a5471b63a91b4673688cd62d549a3a8ae1c294dd399b4f2650b8b0e1910097944a54646cd70508c39d9576da7cb71cb6f014ce5c585ff5e39f75d89397a6ccd0f7aa02528e54d4d9ac6cacd76b132713337182395374ee87af5aa8eb58771a5e36399dda40918deedfbf8d3d04aa6df566b69fa4d48b700bb828c0cfe6ba29f5d759b58396d20ea068260e5e593ba26066ab1406c9d502c6dc93c0c9eb36f215f097fc7a0832885952fe9f15e3c99cbee8d9ad60a559943ff6dbf5ddc5392e4b22f9cd2499f1eb79fadf511d13dfdfd87965e8720e35f165b427b9198ef56c14f36893fbf72c8488f07930933f9f748d2aaaace881405a2569e36510b1dc8deec2e426ec222477c3ac0322b4ccdd548f67c66df410e73e2c6b7161d57e7f0a3d18eca333b4e62d879d25aa4ce7f0290aaa835242c02053396ee24275b544260dac801677213d6e4850a9ea2dead0265e789cfabd88afe87f90a060465aaf57d75808281b75edbf08075548dd38aa82939c222eee74630087bfa6333949f43fc494d2842971ac6aa8289828cf474c781b557fd08af569238b374b4e23ccda0dce8dd0e01a57973e82312402aeecf2b5f4e638c395bc6881748a913387df3adf44541c279f493ac7cc61b7a0ac3414897501029465d3cbe1af8bb3c31d197daaaf4270cdd8915d7b55daa45893fbd653851336468cf265e34342269eb00542c3a5d4527cdf4b8bde6c3603691ffb448560689ac4405a7700eb616fc62fc7c1807fba365482cb4690d3814afc157bf136ab6339d59893681fe4e7b8641d496c894b9c0bcd6792e05e2ab56b8d7c4eb61cd42da6a2148f46bfabbb2cc91a90d674cba594ffa3d9cf23500b66cdb4e0953a389aece661b7c4140fc0b737daddd03fcce7008f06f47c279d1d3680aff166aa2fd9632edc88668f091e012bbf75131d6fc557d25edfca42cff7e423b936f3ed40401009348e461feedcd9105b260751ec2d841304274a56613317ce38314d2f45faf3c1fb2aba457ff4218686675e0960ceb7852b38e26b49d69a121d59bbde115a577796ad932458e89b6e43caeeeb441c0fb04ebf7abf3542e23b8279a101ab7f82b32139dfcad5472ce02e582a8fa75935be5d3145f1fbcab38cd90ea699f9e5a3a963b7bcac44fa3a638b0be7062a13f635ccc517f1105d174ca4bdbefab3f548f44ea7ec05c80d1b7c3f58dca5deb95492c53807096cafdde096f8e466db9212880f8b17fb8ec26c3c4c33ebd253253d209a47e54cb1356b031eca06dae9503a43502747b5957f60ab35f4187356b0f0db4f1af7aedfb3082e168f9c72950cbf155b0ec749d270572a7d698dcb4649682b7f214e4e264425b64906a99aed0e5c72876727d116076651182c7112c4187e1d32a795626e181df1ced3df795ee09f427b945b6da39524bddef767896ce13b71cf2eec16557ceb4a5a367fe2d27ce0a56db740ee49c775691abc59e555c8a621fd5c00ac2c8de7d81543e29f91a9ee9b922912f57cae8dd1a656b956dc6ab27b3ac0331187e953cd5f615e6c19605a832732a85b3436fcc751e68064cf06722840d986583ccb773a7883de3c0e797d94ec3c38f26bdb750da75778642012e79553561beb7cd9bf82b73e6a96368cfbd6b30367c9336a9a894d8b545277f51da1d53085716b000ddcfaeb10eda1fd52056a96d9a3690c7c22bfec046817290b63ee2a311855393d0c0b12a3c665332fc9e344355d0fdd7bff9419457682ee9e6367038ec4ef4c8716437fd7a1eb28465ba699379e816f44dd66e2f04f3fb6b3fe2146d72b6588b8def3d2e5a7ca7cea70ff154ddaf32e8c477162876b10578fe4ccb70da1216195ae9b68eb9fdf4989a24cb7a280a14e146e40734d426d492f19d375955ccb16c0ab2a6134cab033e14929cee48bfa235796984e4da2892911a842a1f1de9d16727e41f3e82ce351ba946120a45ca068aca693a21386954438dbc6322d34bd1e684e1c4ef17249c3bb4a4d100260e5b73d4b8d9f4494a92dc2c89bcbf477274ab63e470b850847bfea6c49c2354e7f867d4c35d691efa6f58f183d72a0455247ed131ba452e0fb2ab21aef0626c0dbc2758a40f6e5f6eca354ca11c890e7937be19aca9af42ec6bc31ee8aaeb924434ff8bd0a5bf32e51dc0396759d471651899e5a6c0354865bffcb0e0ce990aa9bbdb33647819e2cf132a86a924e64731f18e5d54d1bfd747a6dca164cf48924a987b3aedb0c7ab0b75e66bc49e11a1198be3fe2411fedab230c8baaae2fe339f1f0d49fa291eba0abeca4b17715e53907e56db2cd1731201f69ce7e6082903aa5137f8d3b9ad93df48973b7f062ccd1e98841c2e97541a52f84dfca04d928a9e24bef0ea5d5a4ceddfc3ef60b80218a4a38859cacec0b5ef504b0e9fa432628ae24120825c86f540fbae82a46cf1b7119f6c1f5cf14129f68248a7c5476650b21c755956b940872f2e2c005710bf1a39a9b442cc8aa8c1c83e77907cd7892c4512d042e251fed6b24e45e071e101f2424512cf2a91b49942ba4e16e2d4f40b123ceac5e46716b6caf6662ba393e01e5e3d9cabe49eb48035f20fc8baec8ac73509a1879ef92917f6219d0311adab87870309ef62db2ad66d8feba0c55807f9b80dd9ba6c4326e2c62d60badf0865a48c1aacec7718839b51d965da4c6c4f0d868942cdf1454834177af4d9b356e24b19c3bc11bf52639b9867e2bbf6e93e26e1ffdf6813636b8afee5e9eb23f9a35f4c0a3f61a70da9f5501be4568c5ef0b1bada1cf1debfa8f958706adf28beb22c33f20a253fc0df452a6ca4e494aeb2bbbd9c69c5597e39aa8e3a0ff51af81aa232a8a1571e35d075135ae2d0d15746bd75bd7e6d2cb0d3f364945af14d3c2f0b90f076c4c3aaa28352b0e50a7c9535e9faba19d61c93a0aef89bbbc1fe0cd9592f910e2c70299516696628152c160ffdda859630ab52fe234a7b3eb0d543faf3fee3134e214e3c1583c94075bdfd3fffcc868eda85220e0ff42db942faa9d97d1241f3708a919b9ca2b2de518968030f50675e0164910b52be8c500eff22a380ff14d6979fa12c9feaf41c5998fbe92cd394fea9c276fd7f017ed3b75a188a47b2d5ee038a123e2dbbc7a094ce122d327e5944299ac5c7a4a42a56fbc7eaa2913011b549d351c1aaefe56840d751b26c8d6beaeddedd54be9dc19813eab17bc15431b8886cbd988ca2cc26b042ad82b8c6e1a99ba46872be44d74a5388e37feb510e07493bfd76b343af92faa58faeb9edd21109114a9ff37ef13399777e5c578956d976c76dcd973141437119545d9b75a4ea54d5c0a0c44495767f35db3049978ec862bb4424b651c20bbb986e603006df3605a02014ee53c9a9b256bfff8234df45b96c39cb50ca3244ac17feb4fbb9fd17e7e79158569318ee81e56986614cfd0332a029113154ce451aeb79e9e89aa09c7590c8b912c178073e074483702fed746184ed5d5afeed1fa91f620232558c904a56b105044b2c727fad23c6b94d1b35cb422e61198e19f4a36816e8292a82dfa68f1b85e925d4cf2b97b99cdc20498daa304278ed26808d9f0d28e85db133a9dbebc83887728cb75ab9e60ccec3065340994e6dd2ca293dd6b289a53ab57e0fd5f8d4e6df33ae7ebbb957bbd2abf80750c9e09fca6023d5d8382a2a09e3e32c22e501085bd131365e7923f68034170c088aa635c42f376647d67c88a5f705ebf5238f37894abcc358f7b76a01308d9409a042a367af48d426579c99ea3c5ea5625d1ce8b3fc760432a8f157d49cb81998018cb7c1ccbb3e0a97f56750e6d32dae859e4c6bbc837f1a5ed67dd8dbbdfecdb3ccee4cec01edb52b47344ff6aec8098392fd4188b8301a52e8df1484590d1aebe24da7c7297dfbe7b03327109b2caa5c4d711f95de18e3c61b97e74df12a7f47bbbb70dd323e581", 0x1000}, {&(0x7f0000000040)="670711ee340113dc18a6bfa47e", 0xd}], 0xa) r2 = socket(0xb, 0x7, 0xfffffffffffffffe) ioctl(r2, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendto$inet(r1, &(0x7f0000000280), 0x3ce, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) write(r1, &(0x7f0000000040), 0xff13) sendfile(r1, r0, &(0x7f0000000080), 0x80000003) 2033/05/18 03:38:56 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000066a2defa008a989900000000000000000000000000000000000000000000000000004aede2bd305cdf000000000000000000000000000000000000000000000000000000001500000000000000000000000000000000000000000000000001"], 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="efff00000000d125"], 0x8, 0x0) 2033/05/18 03:38:56 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x0, 0x86ddffff00000000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:56 executing program 4 (fault-call:7 fault-nth:37): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:56 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000e00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5a5, 0x0, 0x5}) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x80) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040)=0x0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r2, 0x10, &(0x7f0000000080)={0xfffffffeffffffff}) r3 = syz_open_pts(r0, 0x0) ioctl$TCSETAF(r3, 0x5412, &(0x7f00000000c0)={0x5}) 2033/05/18 03:38:56 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x62000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:56 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x707000) [ 1086.457518] Unknown ioctl 44613 [ 1086.487290] Unknown ioctl 44613 2033/05/18 03:38:56 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x0, 0x65580000]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:56 executing program 2: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000c67000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x1000008000) r1 = socket$inet_dccp(0x2, 0x6, 0x0) r2 = request_key(&(0x7f0000000000)='trusted\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000080)='\x00', 0xfffffffffffffffc) keyctl$set_timeout(0xf, r2, 0x1) connect$inet(r1, &(0x7f00002f7ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) sendmmsg(r1, &(0x7f0000d1bf10)=[{{&(0x7f0000000140)=@ax25={0x3, {"a976372427d807"}}, 0x80, &(0x7f0000d73fb0), 0x0, &(0x7f00000001c0)}}], 0x1, 0xc3ff) 2033/05/18 03:38:56 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, 0x707000) 2033/05/18 03:38:56 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="4626262c8523bf012cf66f") mremap(&(0x7f000097b000/0x1000)=nil, 0x1000, 0xf000, 0x3, &(0x7f00000bb000/0xf000)=nil) mlock2(&(0x7f00000c5000/0x2000)=nil, 0x2000, 0x0) pipe(&(0x7f0000000580)={0xffffffffffffffff}) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/rfkill\x00', 0x101002, 0x0) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000600)={0x1, r2}) mlockall(0x4) r3 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x7ff, 0x2000) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000080)={{0x1, 0x5, 0x7, 0xffffffffffffffc0, "8fdf197f642fc4e7ee2fa198ca8f18296932d1459dcce123738aaf1be68d1be430e8f5049ad22390093266d2", 0x1}, 0x8, [0x80000000, 0x8, 0x40, 0x3ff, 0x9, 0x2, 0x0, 0x7, 0x1, 0x16d, 0x7ff, 0x1, 0xa138000000000000, 0x5, 0x2, 0x9e89, 0x40, 0x70000000000000, 0xdc, 0x10001, 0xb4b4, 0x8, 0x4, 0x5, 0x3, 0xfffffffffffffffc, 0x7, 0x0, 0x6, 0x1ad, 0xfffffffffffffffe, 0x1, 0x4, 0x8, 0x3, 0x1, 0x7, 0x81, 0x6, 0xb2, 0x5, 0x6, 0x3, 0x2, 0x9, 0x1f, 0xb89b, 0x1ff, 0x75cd, 0x3, 0xffffffffffffff9b, 0x100000000, 0x97, 0xfd, 0x7, 0x2, 0x1, 0x80000000, 0x1166, 0x162, 0x87, 0x9, 0x7fff, 0x7fffffff, 0x3, 0x8, 0x7fffffff, 0x6, 0xffff, 0x2, 0x1, 0x4, 0x3, 0x1b6d, 0x1, 0x7, 0x1000, 0x101, 0x5, 0x0, 0x6, 0x7, 0x6, 0x8, 0x8, 0x7, 0x9, 0x1f, 0x8001, 0x659, 0x10001, 0x3606, 0x1000, 0x5, 0x4, 0x3, 0x3, 0x100, 0x101, 0x7, 0x7f, 0x6, 0x1, 0x8001, 0x9, 0xac, 0x6, 0x0, 0x10000, 0x80000001, 0x4, 0x1, 0x8, 0x800000000, 0x1, 0x401, 0x7f, 0xfffffffffffffffc, 0x80000000, 0x2, 0x3c2, 0x1, 0x3, 0x0, 0xa81, 0x80, 0x401, 0x5]}) 2033/05/18 03:38:56 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3800], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) [ 1086.612292] FAULT_INJECTION: forcing a failure. [ 1086.612292] name failslab, interval 1, probability 0, space 0, times 0 [ 1086.623639] CPU: 0 PID: 11992 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #54 [ 1086.630919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1086.640277] Call Trace: [ 1086.642877] dump_stack+0x1b9/0x294 [ 1086.646516] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1086.651719] ? __save_stack_trace+0x7e/0xd0 [ 1086.656060] should_fail.cold.4+0xa/0x1a 2033/05/18 03:38:56 executing program 2: r0 = syz_open_dev$loop(&(0x7f000002c000)='/dev/loop#\x00', 0x0, 0x0) r1 = socket(0x2, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") clone(0x0, &(0x7f0000000040), &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000080)) ioctl(r0, 0x4400000000001260, &(0x7f0000000140)) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000140)="800000000002000019000000e60100006c000000002800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x1, &(0x7f0000000080)) creat(&(0x7f0000000000)='./file0\x00', 0x1) 2033/05/18 03:38:56 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]}, 0x707000) [ 1086.660134] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1086.665247] ? kasan_kmalloc+0xc4/0xe0 [ 1086.669140] ? kasan_slab_alloc+0x12/0x20 [ 1086.673297] ? kmem_cache_alloc+0x12e/0x760 [ 1086.677627] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1086.682480] ? kvm_mmu_load+0x21/0x10e0 [ 1086.686466] ? vcpu_enter_guest+0x3a83/0x6060 [ 1086.690973] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1086.696002] ? graph_lock+0x170/0x170 [ 1086.699817] ? do_syscall_64+0x1b1/0x800 [ 1086.703896] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1086.709275] ? find_held_lock+0x36/0x1c0 [ 1086.713353] ? __lock_is_held+0xb5/0x140 [ 1086.717435] ? check_same_owner+0x320/0x320 [ 1086.721769] ? rcu_note_context_switch+0x710/0x710 [ 1086.726714] __should_failslab+0x124/0x180 [ 1086.730965] should_failslab+0x9/0x14 [ 1086.734782] kmem_cache_alloc+0x2af/0x760 [ 1086.738946] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 1086.743806] mmu_topup_memory_caches+0xf7/0x3a0 [ 1086.748494] ? debug_check_no_locks_freed+0x310/0x310 [ 1086.753701] kvm_mmu_load+0x21/0x10e0 [ 1086.757511] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 2033/05/18 03:38:56 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000]}, 0x707000) [ 1086.763056] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 1086.767650] vcpu_enter_guest+0x3a83/0x6060 [ 1086.771980] ? print_usage_bug+0xc0/0xc0 [ 1086.776054] ? kvm_set_msr_common+0x2680/0x2680 [ 1086.780727] ? vmx_vcpu_load+0xadd/0xfe0 [ 1086.784798] ? __lock_acquire+0x7f5/0x5140 [ 1086.789046] ? vmx_vcpu_reset+0x1030/0x1030 [ 1086.793378] ? graph_lock+0x170/0x170 [ 1086.797182] ? graph_lock+0x170/0x170 [ 1086.800985] ? __lock_acquire+0x7f5/0x5140 [ 1086.805230] ? debug_check_no_locks_freed+0x310/0x310 [ 1086.810437] ? __lock_is_held+0xb5/0x140 [ 1086.814514] ? lock_acquire+0x1dc/0x520 [ 1086.818495] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 1086.823525] ? lock_release+0xa10/0xa10 [ 1086.827514] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 1086.832805] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 1086.837317] ? preempt_notifier_dec+0x20/0x20 [ 1086.841838] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1086.846690] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 1086.851726] kvm_vcpu_ioctl+0x79d/0x12e0 [ 1086.855802] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1086.861530] ? graph_lock+0x170/0x170 [ 1086.865340] ? find_held_lock+0x36/0x1c0 [ 1086.869420] ? lock_downgrade+0x8e0/0x8e0 [ 1086.873582] ? kasan_check_read+0x11/0x20 [ 1086.877733] ? rcu_is_watching+0x85/0x140 [ 1086.881888] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1086.887094] ? __fget+0x40c/0x650 [ 1086.890557] ? match_held_lock+0x841/0x8b0 [ 1086.894802] ? expand_files.part.8+0x9a0/0x9a0 [ 1086.899397] ? kasan_check_write+0x14/0x20 [ 1086.903639] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1086.908583] ? wait_for_completion+0x870/0x870 [ 1086.913174] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1086.918371] ? kvm_uevent_notify_change.part.29+0x440/0x440 [ 1086.924094] do_vfs_ioctl+0x1cf/0x16a0 [ 1086.927997] ? ioctl_preallocate+0x2e0/0x2e0 [ 1086.932414] ? fget_raw+0x20/0x20 [ 1086.935882] ? __sb_end_write+0xac/0xe0 [ 1086.939868] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1086.945410] ? fput+0x130/0x1a0 [ 1086.948699] ? ksys_write+0x1a6/0x250 [ 1086.952507] ? security_file_ioctl+0x94/0xc0 [ 1086.956919] ksys_ioctl+0xa9/0xd0 [ 1086.960372] __x64_sys_ioctl+0x73/0xb0 [ 1086.964246] do_syscall_64+0x1b1/0x800 [ 1086.968121] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1086.972961] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1086.977885] ? syscall_return_slowpath+0x30f/0x5c0 [ 1086.982806] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1086.988182] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1086.993021] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1086.998197] RIP: 0033:0x455a09 [ 1087.001383] RSP: 002b:00007f4809bb7c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1087.009086] RAX: ffffffffffffffda RBX: 00007f4809bb86d4 RCX: 0000000000455a09 [ 1087.016338] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 1087.023591] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1087.030851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 1087.038107] R13: 000000000000027e R14: 00000000006f7c70 R15: 0000000000000025 2033/05/18 03:38:56 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000080)="c626262c8523bf012cf66f") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) write$binfmt_elf32(r0, &(0x7f0000000600)={{0x7f, 0x45, 0x4c, 0x46, 0xfffffffffffff431, 0x4c, 0x2, 0x100, 0x5, 0x3, 0x3f, 0x8, 0x2f5, 0x38, 0x37e, 0x7ff, 0x100000001, 0x20, 0x2, 0x8, 0x873e, 0x3}, [{0x60000000, 0x5, 0x387, 0xffffffffffffffe2, 0x8, 0x5, 0x8000, 0x1733}], "da921359d293c77c039cd3312abfde77b21ca5d9ae95cee4d8ad6038c54de7da89ffdf6e182164432926f97ee8b285751e6b5482146e278caa58587b908f258e559f430a9baa9304595c5a9271b3eb0242b33f595213376ab5dfcd77390300eac61790bfb7a6c8a52d1da819207a2291aaf1fff9dac0a5b450589de82bad3a0e1e89c2dd6facdabac9d7ab8883eafa063f92d8bc7a109b2590d936776cdac8f0b4ab8f0f7a5f3d4026c3bb3920bcc3d20fe36f9d33aee0f61e24730eb78ce223d40a3d7ce488dfbbedcdeb8574bf2068c81d8ad3be9f236d738b59d03127ea9a0995ed140c2afac5cdad56d8745d005e583d4b894b075e65a3ae89d56313a9fcdd71d00c14c1b6575a82b71fa82bb164067ae9e33f0ccc4055ba162e5a96722799f499c4424872c3909e83d5e0de26ba3aef7e4febe825520453952183a5d51d0b3bd2ceea9d124016b8c28b76595941eb479dce1c27e5e41df9e6f640ef8cbd5cf865c413ae9799056072cea698566a4fbdf98159caaeb1dd79d8e17b0e2690116c87b58dc0b23632f9afa2de432962a000c63897d215f6de32e2ab35cadbdf5a4528489c02340f65535fd99027f59c85b457248553871c0245b9c9953af75f55b5ef1dfe9c1126f0d521f05464d9d8eb627a5d14bc177910a4d3ab7df9a3c48e93c4b61997a950443db877fc223a77f681255013bacf62f32b93222a851a250bc490fbf18b027d58f9bd6c1cff05709d9b87228ba43a2c1b1943af960144637e70b1d9334f4b42b2008ca22accf0dfabf5b474a5f641408a60d2fea6345d1cd97f1130f2b2a08ee94fb59c78590d7411b1e18fe6f86ae60464a6b37142e133d3ffa17062e3a4e880f02a11b51e673eda01d11459e19370476598381b8d73df692f2c11a3be0ed8d8d7f8c194018444fc66ee9c23b44c5c8e8b75403104d27f01e40b62e22ad66e5238c4545f21cd1e92999e7a5bd46ceaee33cb98dc9111bcb315730ecb4df8b43aab5fda44b7cca25054afc9dda351627e8dbd4c9e8e72f861ae3fe90aee77e050bb2d569577ffe35767503ec7b4bc392a7bb52451c413ee238690a0af51faf525af65b3dfed572a087a61c3aad18221a2cc0874f8ff23d97adb186bab6a6028f9069fb76eb66a0d8108446f7856bdbece0bd0bec91466fa74990ac19f9fbb0eede039465ca693b65a24095c375118433c722418b02155eae6e2bef6509d4fc568bc844fde22a6e8aebce3e17d2e24faa3961f85a72845003373c6145dcca4240eca3b79174248aecfe87e18fac810122b6df97b66691e8f7fce35d93936f563145016eb998a45bdc79fb32789c80ef468392f0543ecde2916f75eb129f36d714b6102723132fc6179ac96cdd979ffd62d138ddbe96a47dd0fd70a3c8a90d9845b2e309c90c8f013f828e6d6bc1fe4551233676220715759287fafec40fcc4228d8954464b476098a27aab16f3376dfd3bdf79faeed74cace0f8975f5fbbf772f6c4bc5cd8d2d70f3bf5392c28c2e371cdccb21cb0127bf8a145bf5d0722a702fc8682cde1048c5c7b9ae91d7b6e02af3a810363cb77cb9e7aea20fae83acf703df9df4118b592f3856e04499a8bca6adeac6c1a502386245860961630c871d6fa303949519707f1f6e8e76b0a9e0d2f85e1c9e1ae755f212ee01871ca9b56f961e10a71d473dd3041615d1cd1a41dfac8bb03882d7bbe19bd680f150b2eb18ee5934ae423aa2bb92be70cb893bd63b4d7e49a1d00a4126590a6be398be751d7ad25d421dd6daf4444fd732df1d7ec670fd06e61a16247f2f7038ac900938e378ed787c783ee8fe9f3c7fa0bc0ade6b255582230d85d0314ae16897664eceba8a99bb9bdb2ba799c018fc17502b11e7500b3105bea4aca39bd7adf431aa0a3332dfa234794b0f6d25ff2848612c35bd17db2aad392f4f2afe20c3a996f7564285e9f34e25123a1d418dbadcacb6a5b713c456dd8403c8f0cce9ddaafb3fbb4c3707d63dbd1ba30082d9ccf0e6dee8640e2caee025db8917c8a00a9870bc6adfa0fbe272688422bb946373d50c3e3df926b86faba922a5ec412ff57aeb9206986b64c0ae1aad4636dd6a0498d442f2854250418f10c69ab5e2cf1fb698438e1727f125eb1604853e14e0fbeb9019cf97d45a7a03a8afbfc2f1279d7ad64e63b01b726bc08ece7200e91aa2b13910f87f670bddccbb36117a5e1517824ff2e1f321457cb5363d4be7dc044e362ef63c219bb3676a328f99888740bcc4c06dc3579a33050a023db5dc361a4519b62fff6b566955c43b9eb0a1e520fdec482d6e5e95ad1f8f61af38d95298d222ed0dc73a008d89a23b99dcf81ccb03b0d85c2dd5135f9a246aa184bca0207ca0372976c8190229914ed4cb3d24decf9d63114f083c66498d006ea140c16741d24f50e76e77b1222f39d54e0a5a36631268b92531c8c4bc71270251de4321748f239838a473222675b0531f9bccd6cb77a55b60622855e4d6a88145aa146145d06079167665449f40d26bf6a81c16681895458955b5e4f1875ae682c3e906f95a85181e103bdbbaeea83ab00dd77a1c03642429e6c89baa20075df1a438ded090ce163e3f717ae75cbf8753a4f237f7e6e4a413a703e8f575310d73ddd86e839bd23f243454a1292f1036bcd54c7eb6d522ef036858dee5cdf3148d5fde54d1a9f7269893a417c02d1531e073babb303861bbb851c3bc1954cde333ad1118e263ebea338de0546558d9075510845e14ae5a315ca997bb36a2ec5e31f12c4d1720b9a8ce56d3571382ac5f999f718510d8c9a5a36d487b0f573163f28f9815030fd91e6049062fa23084fff31ec820cc7fceeee47fbc496fd3815353926589d7b2468dcf6e8ed7361ab221a90e5a1ef9b68ccb58c76257c6f7c4f5179b0b8ffb7446c33eb01e1590aab9f0c2d3e3de81e4ec9ba07974fc79d59bfe719d67ec02e05666a97c471a2acaf69213e473489578d44c3d66209755fd5134b57885ee238800b44bf7f17dfcae24f0d0650565d969da45ef4fb6b061a7fd8237a5ffff2ffff61b6e7a6426ab9104149eeb74e5e711ace919c9d910dd066a5119bc7808e15f3eaded44052b165bd4676bcafdcddda2c1af41ddc0f55e77968ee39b2ac967dade49acb312fd8f72419cf027221a396f5e27f75403f2d67521d528ec3853b80dd690dfa3ead21d3ae11e6c0f4aabd5eb6c06e37398a0540ce209ac933f44c0f39935a6fd71e5eaaeb85c90787135274ac38595fbc4c854468953626a659bf149176429d0889476f0cd030f71c16ea2542d7c050774da96c7ad0bdf05f5686da58d154023abab623a28ab8a3e643353a84bb6d8d1c22be0c35c3c4c2855c918f5f1fac2a2aabfe8386957dcc19efdf6c8dd8a19f1dcf3055784b7b4b96c0eb06e71f8562b1b719f19e2bd901f100bf294142ff237061e56a2fef5c8c7ca5576b537db188b34b07d8c8dce061bf47fffd6035244e13d0aa05769584544298169afe1f5e3967eea246eae43643009e1ae8ac9d1a1f581f8bb7296cefcce8bf3c42095e6bbab7bc42ffba71248e3a7689c19b99ef2a3500426db1e24cb7d183d1fb1c5af84c3d80df92d14372a30f153f31b34f5ef4eb8b898c70cfa5dbcb59855d0e391dc7942e84af09612f2e3ff8664caeecad1724b87ebb864cf82a796d47e7b629db51b37170b1bb7902a9726c1d82c946184fc6d0b8ef39d8c4defc84be59a361b2557a9084692f4f54a96475f8fa5c14ab224fa61b7ad2d80e2e8518a724d8c1c3a28177d9dcf48478ba897fde3acfa2271db1795472b08544b07fb12fc590acdac394130d94d4502ea4c105fce5af1653149229abdcec133368bfa2807f09a4f4a466f39a8c54849bd4aaa02eb43e5d135aa46e08221f0d5e9542f39d1a4a6284c162c3d89cf9725ba61b473157119afa084cc58da8a5cc0cec0fc98c7cab796e2f7de66500b3289efb94af5efe161178d45c926758fbc07c244fa692ec154e1a9023c383ada63fd117fd6ff07b3f8eae5e06c295d7cc5bf0f3b37a7844b6bce6ebc4468b2dcc6c0cedd437cbfea8256114dbb8b23ed25543369ebe7c571623b5f06e257ba37402e04bf14ef86a92fcc06fa2ffd4edff6676fa0323898a719fb2b3ac9715284a02d02b45703de9fb99113bef2be353acb275d8100f59360c24a461d7689cf7fd68292bf3b5ecb380fd39f7e6532043589912b30153955c045c407ebf90ac32726ae04c589f0e0d57aa441274964813d8cfd0329495a616d3c4bfc511bd60a64df80f4f95021ddf5d4a86f522482d078c55fed74b72b284d4c223ae54539d5585852dcc340ec7ecb2d0c8820028ecdc95377ce093aa495c1e754adfc3fed9513d31037dc26a8f3e8a2f6e73afaf7aac1a950cbad73ab2f9d9ab49661b49c25048f1ea2b6a3c3c14dea5e71bec07b43d0f1824de70a632e858a0729e94ba4b848244f8524bddf030a67418a07cf7b1eb7219ddaca577ac07a4b0c3559d27afde4e2e94b5f36a6f38761eb7d66c2a529b74432c49998d58f412d6eac4ad60dd9ecdaf5ce7452d92237d25746b318f58d5cfc14725afb20f8f143353b3886bbc4f92ac427728f94df270b07e8f24db0b7f0a81996564ffc4e7ce1b4cc6894e733d97508a59b173d076b8fae1713e662f102c92a88f01c5c7ad8b380e1b0930dd0258bafabfdd4858629a28d7b6d700308a69b8eeed6eb48dd091a6752e769ab54060310c2681c25f88ba32cfef4ecb20f85f9bc646716085d9a10ef1d136884b741e753c27010891c393d4b4952ba8f2671d55def9f4f6b9e88d4dd5640251086765ad14b88dcea549f9d075ce31fc134644ff6948f8deca057fc1053c63ffa5582b4431da1b95f2ec96520eca1833ff7c393f21482f6cae25f45c097c1df8581f0880300180648b001973ebc57d5f9eaff410e5faa6c184a9473215e290ac33ccd7af0d3973a81da28bd5a2f6b35c58bbb608a7459ab184be9122642b273a035581daadded6a2e8bf80e0563cf16da21fef0d289a690baadc9a5c5cb9dada5d2d7955bd9b44ed7948abc52ff56e2973359b6b6dfb1273a45dbedba696468432a3f44905468d7dc1e57ad5b9eac5bfad8d103064a0bc27d8324d7af7e0acaf726ef16eeb5c498e3fe323270413196490d7ca1d4d879ab48d6686b78208e9c9fd77ec4b221207bce36bb955d0d58dee2e9e9fe28ea863d72bc3be44b038cc0a4d5077477c2bb3871c5435ed34b4ecdeacbfed37fe0815cd8ecc97dfb92913da83486d246b8c846c808dcbdb78f684d13567372c5fa1a8b34de3a18b128080c8e421f4ed6231d797f22b1e5fd392da4298a5e6b45bb2b11fafc1524e2b3f1d623ba7ea4abd9ab00ae9fadd48f9d0557ad67799ae24466b2e96fb956ba5039cce0c6fcf4bf56dc8fc2e27010ec78d4832af2ceec17a6d4d547c8e7bfe79b7602a7906e2dee295f56065150d3d6bcb7251033d248daf6a4551649000c79c423838fc45dd9a8a15148c9e902d2eec3546dcc09e0099fdec21103cca1b31420d44f766e892c4dd2bd0f216288e5d6d5a091953662fda3891c6958c75122f844670422f8ecfab09106ac260e6f58d33ff04ec03acec3e8eee8c3960bd6226bf6b3d3853ca35295eff10a69022a04b75e5d10541a19d4b1d60833e540ddba0407b488c399b154ce5ed704dfd46b41659437c940f28205e355b0fa29d71ec239c3792809ac3e9178f7648a40b4614611843731cde74e70c92ed065f30de57e7c517c8ad99def8c9b0a4aa", [[], [], [], [], [], [], [], [], []]}, 0x1958) r2 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x3, 0x2000) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f00000000c0)={0x7, 0xfffffffffffffff9, 0xffffffff00000001, 0x0, 0xd}) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@broute={'broute\x00', 0x20, 0x2, 0x2a8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, &(0x7f0000000240), &(0x7f0000000280)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x11, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xa8, 0x128, 0x178, [@cluster={'cluster\x00', 0x10, {{0x2c}}}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x0, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x320) 2033/05/18 03:38:56 executing program 4 (fault-call:7 fault-nth:38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000004c0)="b9800000c00f3235004000000f300f091e0fc76ff50f060ff369002e0f01c866b8bc008ec8b9800000c00f3235000100000f3066ba4300ed", 0x38}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff}) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r3, 0x1000000000000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2033/05/18 03:38:56 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x707000) 2033/05/18 03:38:56 executing program 7: r0 = socket(0x200000000000011, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2, @empty={[0x0, 0x88a8ffff]}}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 2033/05/18 03:38:56 executing program 6: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") msgrcv(0x0, &(0x7f0000000100)={0x0, ""/140}, 0x94, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r1 = msgget$private(0x0, 0x200) msgsnd(r1, &(0x7f00000000c0)=ANY=[@ANYRES32], 0x1, 0x0) 2033/05/18 03:38:56 executing program 0: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000001480)={@void, @hdr={0x3, 0x0, 0x0, 0x0, 0x60}, @ipv6={0x0, 0x6, "6525d6", 0x44, 0x84, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6200], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0x76) 2033/05/18 03:38:56 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f0000000080)=0x80) write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{0x0, 0x3f00000000000000}]}, 0xfffffc53) 2033/05/18 03:38:56 executing program 2: r0 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) r2 = socket(0xa, 0x1, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000040), &(0x7f0000000080)=0x4) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 1087.334462] protocol 0000 is buggy, dev sit0 [ 1087.339640] ================================================================== [ 1087.347322] BUG: KASAN: use-after-free in skb_release_data+0x19b/0x860 [ 1087.354007] Write of size 4 at addr ffff8801d64f73a0 by task syz-executor2/12038 [ 1087.361542] [ 1087.363189] CPU: 0 PID: 12038 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #54 [ 1087.370469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1087.379836] Call Trace: [ 1087.382445] dump_stack+0x1b9/0x294 [ 1087.386095] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1087.391299] ? printk+0x9e/0xba [ 1087.394598] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 1087.399372] ? kasan_check_write+0x14/0x20 [ 1087.403625] print_address_description+0x6c/0x20b [ 1087.408482] ? skb_release_data+0x19b/0x860 [ 1087.412826] kasan_report.cold.7+0x242/0x2fe [ 1087.417252] check_memory_region+0x13e/0x1b0 [ 1087.421672] kasan_check_write+0x14/0x20 [ 1087.425743] skb_release_data+0x19b/0x860 [ 1087.429900] ? refcount_inc_not_zero+0x2d0/0x2d0 2033/05/18 03:38:57 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, 0x707000) 2033/05/18 03:38:57 executing program 5: r0 = creat(&(0x7f0000000000)='./file0\x00', 0xb) ioctl$KDSETMODE(r0, 0x4b3a, 0x2c1) r1 = socket$inet6(0xa, 0x2, 0x0) getsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000040)=0x6, &(0x7f0000000080)=0x4) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x2d, &(0x7f0000000180)={{{@in6=@mcast2={0xff, 0x2, [], 0x1}, @in=@multicast1=0xe0000001}}, {{@in=@rand_addr}, 0x0, @in=@loopback=0x7f000001}}, 0xe8) [ 1087.434670] ? skb_tx_error+0x2f0/0x2f0 [ 1087.438667] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1087.444213] ? sock_wfree+0xcc/0x180 [ 1087.447940] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1087.453492] skb_release_all+0x4a/0x60 [ 1087.457395] kfree_skb+0x195/0x560 [ 1087.460946] ? sit_tunnel_xmit+0x16b/0x30b0 [ 1087.465281] ? __kfree_skb+0x20/0x20 [ 1087.469004] ? alloc_skb_with_frags+0x760/0x760 [ 1087.473685] ? vprintk_emit+0x3e5/0xdd0 [ 1087.477671] ? graph_lock+0x170/0x170 [ 1087.481480] ? console_unlock+0x1100/0x1100 [ 1087.485824] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1087.491028] sit_tunnel_xmit+0x16b/0x30b0 [ 1087.495191] ? find_held_lock+0x36/0x1c0 [ 1087.499269] ? ipip6_rcv+0x1d30/0x1d30 [ 1087.503168] ? lock_downgrade+0x8e0/0x8e0 [ 1087.507344] ? vprintk_default+0x28/0x30 [ 1087.511419] ? vprintk_func+0x81/0xe7 [ 1087.515229] ? kasan_check_read+0x11/0x20 [ 1087.519385] ? rcu_is_watching+0x85/0x140 [ 1087.523540] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 1087.528303] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1087.533502] ? graph_lock+0x170/0x170 [ 1087.537306] ? dev_queue_xmit_nit+0x8ec/0xb90 [ 1087.541821] ? __lock_is_held+0xb5/0x140 [ 1087.545888] dev_hard_start_xmit+0x264/0xc10 [ 1087.550289] ? validate_xmit_skb_list+0x120/0x120 [ 1087.555124] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1087.560652] ? netif_skb_features+0x696/0xb40 [ 1087.565136] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1087.570320] ? validate_xmit_xfrm+0x1ef/0xdc0 [ 1087.574802] ? lock_acquire+0x1dc/0x520 [ 1087.578763] ? validate_xmit_skb+0x704/0xd90 [ 1087.583157] ? netif_skb_features+0xb40/0xb40 [ 1087.587642] __dev_queue_xmit+0x2724/0x34c0 [ 1087.591957] ? netdev_pick_tx+0x2d0/0x2d0 [ 1087.596089] ? __update_load_avg_blocked_se.isra.33+0x460/0x460 [ 1087.602131] ? graph_lock+0xb0/0x170 [ 1087.605836] ? update_load_avg+0x2d9/0x2570 [ 1087.610148] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1087.615670] ? refcount_add_not_zero+0x216/0x320 [ 1087.620428] ? refcount_dec_if_one+0x170/0x170 [ 1087.624998] ? alloc_skb_with_frags+0x4fe/0x760 [ 1087.629652] ? update_load_avg+0x2d9/0x2570 [ 1087.633959] ? lock_repin_lock+0x410/0x410 [ 1087.638185] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1087.643714] ? refcount_add+0x2f/0x70 [ 1087.647501] ? skb_set_owner_w+0x24e/0x360 [ 1087.651723] ? sock_alloc_send_pskb+0x7d1/0xae0 [ 1087.656390] ? kasan_check_read+0x11/0x20 [ 1087.660529] ? rcu_is_watching+0x85/0x140 [ 1087.664661] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1087.669838] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1087.675359] ? cap_capable+0x1f9/0x260 [ 1087.679237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1087.684767] ? security_capable+0x99/0xc0 [ 1087.688902] dev_queue_xmit+0x17/0x20 [ 1087.692689] ? dev_queue_xmit+0x17/0x20 [ 1087.696647] packet_sendmsg+0x40f8/0x6070 [ 1087.700784] ? debug_check_no_locks_freed+0x310/0x310 [ 1087.705972] ? packet_getname+0x5f0/0x5f0 [ 1087.710102] ? graph_lock+0x170/0x170 [ 1087.713887] ? futex_wait_setup+0x279/0x400 [ 1087.718193] ? update_load_avg+0x2570/0x2570 [ 1087.722589] ? __enqueue_entity+0x10d/0x1f0 [ 1087.726897] ? find_held_lock+0x36/0x1c0 [ 1087.730959] ? lock_downgrade+0x8e0/0x8e0 [ 1087.735096] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1087.740625] ? rw_copy_check_uvector+0x2d3/0x3a0 [ 1087.745370] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1087.750893] ? import_iovec+0x24b/0x420 [ 1087.754852] ? dup_iter+0x270/0x270 [ 1087.758468] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1087.763988] ? _copy_from_user+0xdf/0x150 [ 1087.768135] ? move_addr_to_kernel.part.18+0x100/0x100 [ 1087.773393] ? trace_hardirqs_on+0xd/0x10 [ 1087.777535] ? security_socket_sendmsg+0x94/0xc0 [ 1087.782274] ? packet_getname+0x5f0/0x5f0 [ 1087.786413] sock_sendmsg+0xd5/0x120 [ 1087.790116] ___sys_sendmsg+0x525/0x940 [ 1087.794073] ? lock_repin_lock+0x410/0x410 [ 1087.798304] ? copy_msghdr_from_user+0x560/0x560 [ 1087.803049] ? __schedule+0x809/0x1e30 [ 1087.806925] ? __sched_text_start+0x8/0x8 [ 1087.811061] ? lock_downgrade+0x8e0/0x8e0 [ 1087.815202] ? check_same_owner+0x320/0x320 [ 1087.819509] ? __might_sleep+0x95/0x190 [ 1087.823470] __sys_sendmmsg+0x240/0x6f0 [ 1087.827434] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1087.831753] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1087.837272] ? fput+0x130/0x1a0 [ 1087.840540] ? __sys_bind+0x1d1/0x440 [ 1087.844326] ? __ia32_sys_socketpair+0xf0/0xf0 [ 1087.848905] ? do_futex+0x27d0/0x27d0 [ 1087.852690] ? fput+0x130/0x1a0 [ 1087.855958] __x64_sys_sendmmsg+0x9d/0x100 [ 1087.860182] do_syscall_64+0x1b1/0x800 [ 1087.864057] ? finish_task_switch+0x1ca/0x840 [ 1087.868538] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1087.873452] ? syscall_return_slowpath+0x30f/0x5c0 [ 1087.878372] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1087.883725] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1087.888558] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1087.893732] RIP: 0033:0x455a09 [ 1087.896904] RSP: 002b:00007fa1cb984c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1087.904600] RAX: ffffffffffffffda RBX: 00007fa1cb9856d4 RCX: 0000000000455a09 [ 1087.911851] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000013 [ 1087.919104] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1087.926357] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1087.933621] R13: 000000000000057c R14: 00000000006fc440 R15: 0000000000000000 [ 1087.940879] [ 1087.942489] Allocated by task 12038: [ 1087.946192] save_stack+0x43/0xd0 [ 1087.949631] kasan_kmalloc+0xc4/0xe0 [ 1087.953328] __kmalloc_node_track_caller+0x47/0x70 [ 1087.958243] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1087.962984] __alloc_skb+0x14d/0x780 [ 1087.966684] alloc_skb_with_frags+0x137/0x760 [ 1087.971168] sock_alloc_send_pskb+0x87a/0xae0 [ 1087.975649] packet_sendmsg+0x1b98/0x6070 [ 1087.979779] sock_sendmsg+0xd5/0x120 [ 1087.983480] ___sys_sendmsg+0x525/0x940 [ 1087.987438] __sys_sendmmsg+0x240/0x6f0 [ 1087.991395] __x64_sys_sendmmsg+0x9d/0x100 [ 1087.995625] do_syscall_64+0x1b1/0x800 [ 1087.999498] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1088.004663] [ 1088.006273] Freed by task 12038: [ 1088.009627] save_stack+0x43/0xd0 [ 1088.013067] __kasan_slab_free+0x11a/0x170 [ 1088.017285] kasan_slab_free+0xe/0x10 [ 1088.021070] kfree+0xd9/0x260 [ 1088.024160] skb_free_head+0x99/0xc0 [ 1088.027859] skb_release_data+0x690/0x860 [ 1088.031997] skb_release_all+0x4a/0x60 [ 1088.035871] consume_skb+0x18b/0x550 [ 1088.039570] packet_rcv+0x16a/0x1810 [ 1088.043268] dev_queue_xmit_nit+0x891/0xb90 [ 1088.047572] dev_hard_start_xmit+0x16b/0xc10 [ 1088.051964] __dev_queue_xmit+0x2724/0x34c0 [ 1088.056266] dev_queue_xmit+0x17/0x20 [ 1088.060050] packet_sendmsg+0x40f8/0x6070 [ 1088.064182] sock_sendmsg+0xd5/0x120 [ 1088.067881] ___sys_sendmsg+0x525/0x940 [ 1088.071838] __sys_sendmmsg+0x240/0x6f0 [ 1088.075798] __x64_sys_sendmmsg+0x9d/0x100 [ 1088.080019] do_syscall_64+0x1b1/0x800 [ 1088.083889] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1088.089066] [ 1088.090675] The buggy address belongs to the object at ffff8801d64f72c0 [ 1088.090675] which belongs to the cache kmalloc-512 of size 512 [ 1088.103315] The buggy address is located 224 bytes inside of [ 1088.103315] 512-byte region [ffff8801d64f72c0, ffff8801d64f74c0) [ 1088.115167] The buggy address belongs to the page: [ 1088.120082] page:ffffea0007593dc0 count:1 mapcount:0 mapping:ffff8801d64f7040 index:0xffff8801d64f7540 [ 1088.129508] flags: 0x2fffc0000000100(slab) [ 1088.133727] raw: 02fffc0000000100 ffff8801d64f7040 ffff8801d64f7540 0000000100000005 [ 1088.141596] raw: ffffea0006b73de0 ffffea0007402060 ffff8801da800940 0000000000000000 [ 1088.149457] page dumped because: kasan: bad access detected [ 1088.155150] [ 1088.156755] Memory state around the buggy address: [ 1088.161666] ffff8801d64f7280: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 1088.169006] ffff8801d64f7300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1088.176347] >ffff8801d64f7380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1088.183686] ^ [ 1088.188074] ffff8801d64f7400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1088.195425] ffff8801d64f7480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 1088.202761] ================================================================== [ 1088.210101] Disabling lock debugging due to kernel taint [ 1088.215631] Kernel panic - not syncing: panic_on_warn set ... [ 1088.215631] [ 1088.222989] CPU: 0 PID: 12038 Comm: syz-executor2 Tainted: G B 4.17.0-rc5+ #54 2033/05/18 03:38:57 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}, 0x707000) [ 1088.231644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1088.240992] Call Trace: [ 1088.243586] dump_stack+0x1b9/0x294 [ 1088.247223] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1088.252417] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1088.257178] ? skb_release_data+0xc0/0x860 [ 1088.261413] panic+0x22f/0x4de [ 1088.264605] ? add_taint.cold.5+0x16/0x16 [ 1088.268753] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1088.273166] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1088.277577] ? skb_release_data+0x19b/0x860 [ 1088.281902] kasan_end_report+0x47/0x4f [ 1088.285887] kasan_report.cold.7+0x76/0x2fe [ 1088.290214] check_memory_region+0x13e/0x1b0 [ 1088.294628] kasan_check_write+0x14/0x20 [ 1088.298694] skb_release_data+0x19b/0x860 [ 1088.302847] ? refcount_inc_not_zero+0x2d0/0x2d0 [ 1088.307606] ? skb_tx_error+0x2f0/0x2f0 [ 1088.311586] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1088.317125] ? sock_wfree+0xcc/0x180 [ 1088.320845] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1088.326389] skb_release_all+0x4a/0x60 [ 1088.330276] kfree_skb+0x195/0x560 [ 1088.333827] ? sit_tunnel_xmit+0x16b/0x30b0 2033/05/18 03:38:57 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000680)={&(0x7f0000000000)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=' ', 0x1}], 0x1}, 0x20004001) r1 = socket(0x2, 0x6, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") shutdown(r0, 0x2) recvfrom$inet(r0, &(0x7f0000000040)=""/75, 0x4b, 0x40000001, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, 0x707000) [ 1088.338145] ? __kfree_skb+0x20/0x20 [ 1088.341856] ? alloc_skb_with_frags+0x760/0x760 [ 1088.346520] ? vprintk_emit+0x3e5/0xdd0 [ 1088.350502] ? graph_lock+0x170/0x170 [ 1088.354304] ? console_unlock+0x1100/0x1100 [ 1088.358643] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1088.363838] sit_tunnel_xmit+0x16b/0x30b0 [ 1088.367997] ? find_held_lock+0x36/0x1c0 [ 1088.372055] ? ipip6_rcv+0x1d30/0x1d30 [ 1088.375927] ? lock_downgrade+0x8e0/0x8e0 [ 1088.380056] ? vprintk_default+0x28/0x30 [ 1088.384101] ? vprintk_func+0x81/0xe7 [ 1088.387884] ? kasan_check_read+0x11/0x20 [ 1088.392012] ? rcu_is_watching+0x85/0x140 [ 1088.396139] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 1088.400876] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1088.406047] ? graph_lock+0x170/0x170 [ 1088.409830] ? dev_queue_xmit_nit+0x8ec/0xb90 [ 1088.414310] ? __lock_is_held+0xb5/0x140 [ 1088.418354] dev_hard_start_xmit+0x264/0xc10 [ 1088.422747] ? validate_xmit_skb_list+0x120/0x120 [ 1088.427582] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1088.433101] ? netif_skb_features+0x696/0xb40 [ 1088.437580] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1088.442753] ? validate_xmit_xfrm+0x1ef/0xdc0 [ 1088.447230] ? lock_acquire+0x1dc/0x520 [ 1088.451186] ? validate_xmit_skb+0x704/0xd90 [ 1088.455579] ? netif_skb_features+0xb40/0xb40 [ 1088.460056] __dev_queue_xmit+0x2724/0x34c0 [ 1088.464361] ? netdev_pick_tx+0x2d0/0x2d0 [ 1088.468493] ? __update_load_avg_blocked_se.isra.33+0x460/0x460 [ 1088.474534] ? graph_lock+0xb0/0x170 [ 1088.478233] ? update_load_avg+0x2d9/0x2570 [ 1088.482550] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1088.488085] ? refcount_add_not_zero+0x216/0x320 [ 1088.492826] ? refcount_dec_if_one+0x170/0x170 [ 1088.497391] ? alloc_skb_with_frags+0x4fe/0x760 [ 1088.502047] ? update_load_avg+0x2d9/0x2570 [ 1088.506350] ? lock_repin_lock+0x410/0x410 [ 1088.510568] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1088.516090] ? refcount_add+0x2f/0x70 [ 1088.519871] ? skb_set_owner_w+0x24e/0x360 [ 1088.524086] ? sock_alloc_send_pskb+0x7d1/0xae0 [ 1088.528743] ? kasan_check_read+0x11/0x20 [ 1088.532873] ? rcu_is_watching+0x85/0x140 [ 1088.537001] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1088.542173] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1088.547692] ? cap_capable+0x1f9/0x260 [ 1088.551562] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1088.557079] ? security_capable+0x99/0xc0 [ 1088.561211] dev_queue_xmit+0x17/0x20 [ 1088.564994] ? dev_queue_xmit+0x17/0x20 [ 1088.568952] packet_sendmsg+0x40f8/0x6070 [ 1088.573086] ? debug_check_no_locks_freed+0x310/0x310 [ 1088.578270] ? packet_getname+0x5f0/0x5f0 [ 1088.582398] ? graph_lock+0x170/0x170 [ 1088.586186] ? futex_wait_setup+0x279/0x400 [ 1088.590498] ? update_load_avg+0x2570/0x2570 [ 1088.594888] ? __enqueue_entity+0x10d/0x1f0 [ 1088.599192] ? find_held_lock+0x36/0x1c0 [ 1088.603238] ? lock_downgrade+0x8e0/0x8e0 [ 1088.607372] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1088.612893] ? rw_copy_check_uvector+0x2d3/0x3a0 [ 1088.617635] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1088.623154] ? import_iovec+0x24b/0x420 [ 1088.627111] ? dup_iter+0x270/0x270 [ 1088.630721] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1088.636240] ? _copy_from_user+0xdf/0x150 [ 1088.640374] ? move_addr_to_kernel.part.18+0x100/0x100 [ 1088.645630] ? trace_hardirqs_on+0xd/0x10 [ 1088.649776] ? security_socket_sendmsg+0x94/0xc0 [ 1088.654519] ? packet_getname+0x5f0/0x5f0 [ 1088.658649] sock_sendmsg+0xd5/0x120 [ 1088.662345] ___sys_sendmsg+0x525/0x940 [ 1088.666299] ? lock_repin_lock+0x410/0x410 [ 1088.670516] ? copy_msghdr_from_user+0x560/0x560 [ 1088.675255] ? __schedule+0x809/0x1e30 [ 1088.679125] ? __sched_text_start+0x8/0x8 [ 1088.683257] ? lock_downgrade+0x8e0/0x8e0 [ 1088.687393] ? check_same_owner+0x320/0x320 [ 1088.691699] ? __might_sleep+0x95/0x190 [ 1088.695658] __sys_sendmmsg+0x240/0x6f0 [ 1088.699614] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1088.703920] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1088.709436] ? fput+0x130/0x1a0 [ 1088.712704] ? __sys_bind+0x1d1/0x440 [ 1088.716486] ? __ia32_sys_socketpair+0xf0/0xf0 [ 1088.721054] ? do_futex+0x27d0/0x27d0 [ 1088.724835] ? fput+0x130/0x1a0 [ 1088.728096] __x64_sys_sendmmsg+0x9d/0x100 [ 1088.732315] do_syscall_64+0x1b1/0x800 [ 1088.736186] ? finish_task_switch+0x1ca/0x840 [ 1088.740662] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1088.745572] ? syscall_return_slowpath+0x30f/0x5c0 [ 1088.750486] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1088.755831] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1088.760658] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1088.765825] RIP: 0033:0x455a09 [ 1088.768996] RSP: 002b:00007fa1cb984c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1088.776684] RAX: ffffffffffffffda RBX: 00007fa1cb9856d4 RCX: 0000000000455a09 [ 1088.783935] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000013 [ 1088.791183] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1088.798431] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1088.805679] R13: 000000000000057c R14: 00000000006fc440 R15: 0000000000000000 [ 1088.813396] Dumping ftrace buffer: [ 1088.816921] (ftrace buffer empty) [ 1088.820605] Kernel Offset: disabled [ 1088.824206] Rebooting in 86400 seconds..