[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c.
[   81.185355][   T28] audit: type=1800 audit(1579796897.620:25): pid=9264 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   81.208524][   T28] audit: type=1800 audit(1579796897.620:26): pid=9264 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   81.262324][   T28] audit: type=1800 audit(1579796897.620:27): pid=9264 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.177' (ECDSA) to the list of known hosts.
2020/01/23 16:28:27 fuzzer started
2020/01/23 16:28:28 dialing manager at 10.128.0.26:37177
2020/01/23 16:28:28 syscalls: 2896
2020/01/23 16:28:28 code coverage: enabled
2020/01/23 16:28:28 comparison tracing: enabled
2020/01/23 16:28:28 extra coverage: enabled
2020/01/23 16:28:28 setuid sandbox: enabled
2020/01/23 16:28:28 namespace sandbox: enabled
2020/01/23 16:28:28 Android sandbox: /sys/fs/selinux/policy does not exist
2020/01/23 16:28:28 fault injection: enabled
2020/01/23 16:28:28 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/01/23 16:28:28 net packet injection: enabled
2020/01/23 16:28:28 net device setup: enabled
2020/01/23 16:28:28 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/01/23 16:28:28 devlink PCI setup: PCI device 0000:00:10.0 is not available
16:30:56 executing program 0:

16:30:56 executing program 1:

syzkaller login: [  239.970324][ T9433] IPVS: ftp: loaded support on port[0] = 21
[  240.148496][ T9433] chnl_net:caif_netlink_parms(): no params data found
[  240.218659][ T9433] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.226324][ T9433] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.236638][ T9436] IPVS: ftp: loaded support on port[0] = 21
[  240.245219][ T9433] device bridge_slave_0 entered promiscuous mode
16:30:56 executing program 2:

[  240.270417][ T9433] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.287328][ T9433] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.297361][ T9433] device bridge_slave_1 entered promiscuous mode
[  240.372993][ T9433] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  240.410651][ T9433] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  240.477608][ T9433] team0: Port device team_slave_0 added
[  240.485538][ T9433] team0: Port device team_slave_1 added
[  240.529371][ T9433] batman_adv: batadv0: Adding interface: batadv_slave_0
[  240.536340][ T9433] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.569392][ T9433] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  240.593492][ T9438] IPVS: ftp: loaded support on port[0] = 21
[  240.610248][ T9433] batman_adv: batadv0: Adding interface: batadv_slave_1
16:30:57 executing program 3:

[  240.623583][ T9433] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.656409][ T9433] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
16:30:57 executing program 4:

[  240.869767][ T9433] device hsr_slave_0 entered promiscuous mode
[  240.917593][ T9433] device hsr_slave_1 entered promiscuous mode
[  241.043351][ T9436] chnl_net:caif_netlink_parms(): no params data found
[  241.065624][ T9441] IPVS: ftp: loaded support on port[0] = 21
[  241.206214][ T9443] IPVS: ftp: loaded support on port[0] = 21
16:30:57 executing program 5:

[  241.270205][ T9436] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.278204][ T9436] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.287074][ T9436] device bridge_slave_0 entered promiscuous mode
[  241.323323][ T9438] chnl_net:caif_netlink_parms(): no params data found
[  241.365053][ T9436] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.374319][ T9436] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.383662][ T9436] device bridge_slave_1 entered promiscuous mode
[  241.463043][ T9436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.487914][ T9438] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.495038][ T9438] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.502991][ T9438] device bridge_slave_0 entered promiscuous mode
[  241.511387][ T9438] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.518577][ T9438] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.526389][ T9438] device bridge_slave_1 entered promiscuous mode
[  241.543084][ T9436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.567719][ T9433] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  241.630663][ T9446] IPVS: ftp: loaded support on port[0] = 21
[  241.639589][ T9438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.650837][ T9433] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  241.704085][ T9436] team0: Port device team_slave_0 added
[  241.720984][ T9438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.730483][ T9433] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  241.780585][ T9433] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  241.843921][ T9436] team0: Port device team_slave_1 added
[  241.898102][ T9443] chnl_net:caif_netlink_parms(): no params data found
[  241.922366][ T9438] team0: Port device team_slave_0 added
[  241.946559][ T9438] team0: Port device team_slave_1 added
[  241.955077][ T9441] chnl_net:caif_netlink_parms(): no params data found
[  241.974958][ T9436] batman_adv: batadv0: Adding interface: batadv_slave_0
[  241.982288][ T9436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.008437][ T9436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  242.025340][ T9436] batman_adv: batadv0: Adding interface: batadv_slave_1
[  242.032450][ T9436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.058731][ T9436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.123558][ T9438] batman_adv: batadv0: Adding interface: batadv_slave_0
[  242.133656][ T9438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.161288][ T9438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  242.175126][ T9438] batman_adv: batadv0: Adding interface: batadv_slave_1
[  242.182162][ T9438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.209147][ T9438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.250594][ T9441] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.257880][ T9441] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.265613][ T9441] device bridge_slave_0 entered promiscuous mode
[  242.320137][ T9436] device hsr_slave_0 entered promiscuous mode
[  242.367655][ T9436] device hsr_slave_1 entered promiscuous mode
[  242.417531][ T9436] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  242.425328][ T9436] Cannot create hsr debugfs directory
[  242.453748][ T9441] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.461304][ T9441] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.470205][ T9441] device bridge_slave_1 entered promiscuous mode
[  242.477173][ T9443] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.484634][ T9443] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.493209][ T9443] device bridge_slave_0 entered promiscuous mode
[  242.507025][ T9443] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.517301][ T9443] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.525035][ T9443] device bridge_slave_1 entered promiscuous mode
[  242.610446][ T9438] device hsr_slave_0 entered promiscuous mode
[  242.647713][ T9438] device hsr_slave_1 entered promiscuous mode
[  242.687671][ T9438] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  242.695270][ T9438] Cannot create hsr debugfs directory
[  242.782942][ T9441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.801979][ T9441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.815654][ T9443] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.853660][ T9446] chnl_net:caif_netlink_parms(): no params data found
[  242.871848][ T9443] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.889613][ T9433] 8021q: adding VLAN 0 to HW filter on device bond0
[  242.909340][ T9443] team0: Port device team_slave_0 added
[  242.934040][ T9441] team0: Port device team_slave_0 added
[  242.956718][ T9443] team0: Port device team_slave_1 added
[  242.964678][ T9441] team0: Port device team_slave_1 added
[  243.043380][ T9443] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.053813][ T9443] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.080029][ T9443] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.091689][ T9441] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.099117][ T9441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.125837][ T9441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.147877][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  243.156564][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  243.168220][ T9446] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.175293][ T9446] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.184119][ T9446] device bridge_slave_0 entered promiscuous mode
[  243.192778][ T9443] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.203655][ T9443] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.230036][ T9443] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.244189][ T9441] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.254167][ T9441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.284263][ T9441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.312826][ T9433] 8021q: adding VLAN 0 to HW filter on device team0
[  243.325839][ T9446] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.333890][ T9446] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.342421][ T9446] device bridge_slave_1 entered promiscuous mode
[  243.400557][ T9441] device hsr_slave_0 entered promiscuous mode
[  243.457741][ T9441] device hsr_slave_1 entered promiscuous mode
[  243.497360][ T9441] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.504941][ T9441] Cannot create hsr debugfs directory
[  243.521672][ T9446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.532536][ T2762] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  243.541876][ T2762] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  243.550894][ T2762] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.558173][ T2762] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.566286][ T2762] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  243.613719][ T9446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.679343][ T9443] device hsr_slave_0 entered promiscuous mode
[  243.737742][ T9443] device hsr_slave_1 entered promiscuous mode
[  243.777468][ T9443] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.785146][ T9443] Cannot create hsr debugfs directory
[  243.830796][ T9446] team0: Port device team_slave_0 added
[  243.837184][ T9436] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  243.884156][ T2762] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  243.893387][ T2762] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  243.904626][ T2762] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.911810][ T2762] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.922290][ T9446] team0: Port device team_slave_1 added
[  243.942237][ T9436] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  243.992926][ T9436] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  244.063657][ T9436] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  244.129735][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  244.166071][ T9446] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.173401][ T9446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.199558][ T9446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.217370][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  244.229308][ T9446] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.236279][ T9446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.263956][ T9446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.276118][ T9438] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  244.334619][ T9438] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  244.383613][ T9438] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  244.461385][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  244.470500][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  244.479633][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  244.488671][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  244.498911][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  244.507366][ T9438] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  244.621227][ T9446] device hsr_slave_0 entered promiscuous mode
[  244.667966][ T9446] device hsr_slave_1 entered promiscuous mode
[  244.727352][ T9446] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.734933][ T9446] Cannot create hsr debugfs directory
[  244.758725][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  244.767086][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  244.850521][ T9433] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  244.862481][ T9433] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  244.875727][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  244.884224][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  244.948807][ T9436] 8021q: adding VLAN 0 to HW filter on device bond0
[  244.985628][ T9443] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  245.048213][ T9441] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  245.090619][ T9441] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  245.164634][ T9441] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  245.220475][ T9441] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  245.289781][ T9436] 8021q: adding VLAN 0 to HW filter on device team0
[  245.296881][ T9443] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  245.349847][ T9443] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  245.389551][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  245.397075][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  245.408966][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  245.417122][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  245.461154][ T9443] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  245.548194][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  245.556820][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  245.565811][ T2770] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.573072][ T2770] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.580923][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  245.589747][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  245.598381][ T2770] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.605494][ T2770] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.613744][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  245.628297][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  245.671427][ T9433] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.691271][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  245.700945][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  245.710111][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  245.739176][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  245.747881][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  245.756639][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  245.765561][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  245.774480][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  245.783535][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  245.792324][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  245.802251][ T9446] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  245.881863][ T9436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  245.897541][ T9446] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  245.922686][ T9446] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  246.020337][ T9438] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.030777][ T9446] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  246.109004][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  246.116556][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  246.149579][ T9436] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.168108][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  246.176007][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  246.185371][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  246.195342][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  246.208888][ T9438] 8021q: adding VLAN 0 to HW filter on device team0
[  246.238252][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  246.247081][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  246.256435][ T2770] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.263597][ T2770] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.289321][ T9441] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.311473][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  246.320050][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  246.329236][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  246.337951][ T2766] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.345041][ T2766] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.383770][ T9441] 8021q: adding VLAN 0 to HW filter on device team0
[  246.396729][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  246.406086][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  246.414849][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  246.423573][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  246.432753][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  246.442226][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  246.450432][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  246.459083][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  246.466970][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  246.475929][ T9433] device veth0_vlan entered promiscuous mode
[  246.497036][ T9433] device veth1_vlan entered promiscuous mode
[  246.528826][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  246.536940][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  246.546888][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  246.555759][ T2757] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.562950][ T2757] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.570581][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  246.579108][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  246.588397][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  246.596395][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  246.604364][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  246.633507][ T9436] device veth0_vlan entered promiscuous mode
[  246.653951][ T9436] device veth1_vlan entered promiscuous mode
[  246.661975][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  246.671911][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  246.680829][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  246.689916][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  246.699561][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  246.708676][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  246.717345][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  246.725760][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  246.734791][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  246.743939][ T2771] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.751040][ T2771] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.759295][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  246.770407][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  246.794542][ T9443] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.821358][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  246.830572][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  246.841071][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  246.850251][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  246.859022][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  246.867567][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  246.876133][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  246.884941][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  246.893951][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  246.905868][ T9438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  246.920489][ T9433] device veth0_macvtap entered promiscuous mode
[  246.945711][ T9446] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.953933][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  246.962773][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  246.984477][ T9443] 8021q: adding VLAN 0 to HW filter on device team0
[  247.000449][ T9433] device veth1_macvtap entered promiscuous mode
[  247.016413][ T9436] device veth0_macvtap entered promiscuous mode
[  247.039805][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  247.052004][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  247.060303][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  247.068877][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  247.080932][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  247.089660][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  247.098831][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  247.107540][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  247.115041][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  247.132229][ T9436] device veth1_macvtap entered promiscuous mode
[  247.151637][ T9438] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.160044][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  247.175890][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  247.184182][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  247.193045][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  247.201905][ T2771] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.209149][ T2771] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.216764][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  247.225470][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  247.244385][ T9433] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.269218][ T9446] 8021q: adding VLAN 0 to HW filter on device team0
[  247.276753][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  247.286018][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  247.295961][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  247.304877][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  247.314737][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  247.323802][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  247.331867][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  247.340889][ T9441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  247.365796][ T9436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  247.379049][ T9436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.390757][ T9436] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.414911][ T9433] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.430597][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  247.443037][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  247.452360][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  247.461374][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  247.470671][ T2766] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.477921][ T2766] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.485506][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  247.495129][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  247.503711][ T2766] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.510798][ T2766] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.518929][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  247.527688][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  247.536361][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  247.545284][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  247.560321][ T9436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  247.573341][ T9436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.585201][ T9436] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.602494][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  247.611930][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  247.620868][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  247.629788][ T2766] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.636870][ T2766] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.645071][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  247.653935][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  247.662668][ T2766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  247.704213][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  247.733215][ T9438] device veth0_vlan entered promiscuous mode
[  247.753347][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  247.766169][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  247.782286][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  247.792316][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  247.801323][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  247.810794][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  247.818938][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  247.828085][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  247.836056][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  247.844167][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  247.861924][ T9441] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.883443][ T9443] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  247.894059][ T9443] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  247.917572][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  247.926920][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  247.936449][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  247.946211][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  247.955825][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  247.964909][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  247.973500][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  247.982263][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  247.993013][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  248.003409][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  248.011798][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  248.029523][ T9438] device veth1_vlan entered promiscuous mode
16:31:04 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x4b, &(0x7f0000000ac0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x158, 0x158, 0x158, 0x0, 0x0, 0x248, 0x248, 0x248, 0x248, 0x248, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'veth0_to_bond\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)

16:31:04 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="080db5055e0bcfe8697071")
r1 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0xf, &(0x7f0000000400), 0x8)
sendmsg$kcm(r1, &(0x7f0000000a80)={0x0, 0x0, 0x0}, 0x0)

[  248.128365][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  248.136627][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  248.159228][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  248.212949][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  248.254357][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
16:31:04 executing program 1:
syz_mount_image$hfsplus(&(0x7f00000004c0)='hfsplus\x00', &(0x7f0000000500)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='session=0x0000000000000400,part=0x0'])

[  248.318474][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  248.327059][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  248.336285][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  248.344884][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  248.354332][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  248.392080][ T9446] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  248.407021][ T9443] 8021q: adding VLAN 0 to HW filter on device batadv0
[  248.429183][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
16:31:04 executing program 0:
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
shutdown(r0, 0x500)

[  248.453945][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  248.469385][ T9464] hfsplus: invalid session number or type of track
[  248.487420][ T9464] hfsplus: unable to find HFS+ superblock
16:31:04 executing program 0:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00')
lseek(r3, 0x42a, 0x1)

[  248.515005][ T9438] device veth0_macvtap entered promiscuous mode
[  248.567373][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  248.576169][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  248.591077][ T9464] hfsplus: invalid session number or type of track
[  248.612774][ T9464] hfsplus: unable to find HFS+ superblock
[  248.643425][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  248.681760][ T9438] device veth1_macvtap entered promiscuous mode
16:31:05 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x0, 0xfec0000000000000], [], @local}}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e22, @dev}], 0x20)

[  248.715914][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  248.731051][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  248.757918][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  248.765461][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  248.797756][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
16:31:05 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00')
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)={0x14, r1, 0xb03, 0x0, 0x0, {0x7}}, 0x14}}, 0x0)

[  248.814033][ T9441] device veth0_vlan entered promiscuous mode
[  248.838807][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  248.846720][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
16:31:05 executing program 1:
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
shutdown(r0, 0x0)

[  248.932473][ T9446] 8021q: adding VLAN 0 to HW filter on device batadv0
[  248.972058][ T9438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  248.990636][ T9438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.001463][ T9438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  249.012715][ T9438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.025466][ T9438] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.068461][ T9441] device veth1_vlan entered promiscuous mode
[  249.076290][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  249.093563][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  249.124983][ T9438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  249.136273][ T9438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.148962][ T9438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  249.161253][ T9438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.173822][ T9438] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.194914][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  249.215563][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  249.298667][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  249.312776][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  249.341188][ T9443] device veth0_vlan entered promiscuous mode
[  249.351641][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  249.362181][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  249.371459][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  249.380943][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  249.391901][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  249.400504][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  249.418312][ T9441] device veth0_macvtap entered promiscuous mode
16:31:05 executing program 2:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, 0x0, &(0x7f0000000340))

[  249.447185][ T9443] device veth1_vlan entered promiscuous mode
[  249.482103][ T9441] device veth1_macvtap entered promiscuous mode
[  249.509794][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  249.525053][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  249.534334][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  249.543092][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  249.553002][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  249.602534][ T9446] device veth0_vlan entered promiscuous mode
[  249.612734][ T9441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  249.624778][ T9441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.635816][ T9441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  249.646885][ T9441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.656790][ T9441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  249.667649][ T9441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.680164][ T9441] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.690482][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  249.699800][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  249.710031][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  249.719454][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  249.729008][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  249.741419][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  249.749938][ T2770] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  249.760961][ T9441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  249.772672][ T9441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.783230][ T9441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  249.795014][ T9441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.804950][ T9441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  249.815768][ T9441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.828138][ T9441] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.846667][ T9443] device veth0_macvtap entered promiscuous mode
[  249.860659][ T9443] device veth1_macvtap entered promiscuous mode
[  249.890783][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  249.899500][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  249.909442][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  249.918601][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  249.927126][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  249.935304][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  249.946593][ T9446] device veth1_vlan entered promiscuous mode
[  250.015141][ T9446] device veth0_macvtap entered promiscuous mode
[  250.025206][ T9443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  250.040997][ T9443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.051093][ T9443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  250.061794][ T9443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.072637][ T9443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  250.083593][ T9443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.093900][ T9443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  250.104420][ T9443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.116715][ T9443] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.125741][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  250.134515][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  250.143706][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  250.152650][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  250.162372][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  250.180784][ T9443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  250.210100][ T9443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.223700][ T9443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  250.241745][ T9443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
16:31:06 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
io_setup(0x1000000000000003, &(0x7f00000000c0)=<r1=>0x0)
io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x12f}])

[  250.254155][ T9443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  250.276122][ T9443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.294411][ T9443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  250.307146][ T9443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.325658][ T9443] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.342510][ T9446] device veth1_macvtap entered promiscuous mode
[  250.352163][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  250.363325][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  250.372389][ T2771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  250.404900][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  250.415831][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.426707][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  250.440576][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.450840][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  250.461768][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.472350][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  250.483381][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.493506][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  250.504136][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.515623][ T9446] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.525866][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  250.535665][ T2757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  250.548259][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  250.560272][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.571005][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  250.581518][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.591455][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  250.602091][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.612205][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  250.623369][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.633419][ T9446] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  250.643926][ T9446] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.655379][ T9446] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.678090][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  250.712108][ T3230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
16:31:07 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
poll(0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x3c1, 0x3, 0x510, 0x0, 0x0, 0x0, 0x248, 0x248, 0x440, 0x440, 0x440, 0x440, 0x440, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x220, 0x248, 0x0, {}, [@common=@inet=@hashlimit2={{0x150, 'hashlimit\x00'}, {'hsr0\x00', {0x0, 0x7, 0x0, 0x0, 0x0, 0x5, 0x9}}}, @inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@ipv6header={{0x28, 'ipv6header\x00'}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'unconfined_u:system_r:insmod_t:s0-s0:c0.c1023\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570)

16:31:07 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
lgetxattr(0x0, 0x0, &(0x7f0000000740)=""/4096, 0x1000)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x5000000, 0x0)
prctl$PR_SET_DUMPABLE(0x4, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000002dc0), 0x2d3, 0x0)

16:31:07 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
openat$dlm_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x2000000000000074, 0x4)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3)
sendto$inet(r0, &(0x7f0000000100)="bd", 0x1, 0x0, 0x0, 0x0)
sendto$inet(r0, &(0x7f00000012c0)="20268a927f1f6588b967481241ba7860f46ef65ac623ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a92825a3a07e758044ab4ea6f7ae55d88fecf9221a7511bf746bec66ba", 0x104eb, 0x8, 0x0, 0xffffffffffffff1a)

16:31:07 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000400)='overlay\x00', 0x0, &(0x7f0000000800)={[], [{@subj_role={'subj_role', 0x3d, '+vmnet0*vmnet1vboxnet1eth0!\\*,[md5sum*'}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}]})
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)

16:31:07 executing program 2:
execveat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x400)

[  250.866949][    C1] hrtimer: interrupt took 80435 ns
[  250.882531][ T9522] xt_TCPMSS: Only works on TCP SYN packets
[  250.970100][ T9529] overlayfs: unrecognized mount option "subj_role=+vmnet0*vmnet1vboxnet1eth0!\*" or missing value
[  251.014470][ T9532] overlayfs: missing 'lowerdir'
16:31:07 executing program 2:
r0 = inotify_init()
r1 = epoll_create(0x3ff)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)

[  251.047478][ T9535] overlayfs: unrecognized mount option "subj_role=+vmnet0*vmnet1vboxnet1eth0!\*" or missing value
[  251.058923][ T9536] overlayfs: missing 'lowerdir'
16:31:07 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000000)='team0\x00')
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)

16:31:07 executing program 5:
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000000)={{0x6, @rose}, [@rose, @bcast, @default, @netrom, @netrom, @rose, @rose]}, 0x48)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000000)={{0x6, @rose}, [@rose, @bcast, @default, @netrom, @netrom, @rose, @rose]}, 0x48)
listen(r1, 0x0)

16:31:07 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
poll(0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x3c1, 0x3, 0x510, 0x0, 0x0, 0x0, 0x248, 0x248, 0x440, 0x440, 0x440, 0x440, 0x440, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x220, 0x248, 0x0, {}, [@common=@inet=@hashlimit2={{0x150, 'hashlimit\x00'}, {'hsr0\x00', {0x0, 0x7, 0x0, 0x0, 0x0, 0x5, 0x9}}}, @inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@ipv6header={{0x28, 'ipv6header\x00'}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'unconfined_u:system_r:insmod_t:s0-s0:c0.c1023\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570)

16:31:07 executing program 2:
pipe(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$inet(0x10, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="7800000030004ff6000000000000000a0000000064000100600001000800010062706600500002800600030005000000180002"], 0x1}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

16:31:07 executing program 0:

16:31:07 executing program 3:

16:31:07 executing program 0:

[  251.456550][ T9562] xt_TCPMSS: Only works on TCP SYN packets
[  251.477978][ T9564] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  251.508840][ T9564] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
16:31:08 executing program 3:

16:31:08 executing program 1:

16:31:08 executing program 0:

16:31:08 executing program 3:

16:31:08 executing program 4:

16:31:08 executing program 5:

16:31:08 executing program 3:

16:31:08 executing program 0:

16:31:08 executing program 2:
pipe(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$inet(0x10, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="7800000030004ff6000000000000000a0000000064000100600001000800010062706600500002800600030005000000180002"], 0x1}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

16:31:08 executing program 1:

16:31:08 executing program 5:

16:31:08 executing program 4:

16:31:08 executing program 0:

16:31:08 executing program 3:

16:31:08 executing program 4:

16:31:08 executing program 3:

16:31:08 executing program 5:

16:31:08 executing program 1:

16:31:08 executing program 0:

16:31:08 executing program 5:

[  252.493811][ T9596] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  252.508401][ T9596] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
16:31:09 executing program 2:
pipe(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$inet(0x10, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="7800000030004ff6000000000000000a0000000064000100600001000800010062706600500002800600030005000000180002"], 0x1}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

16:31:09 executing program 1:

16:31:09 executing program 4:

16:31:09 executing program 0:

16:31:09 executing program 5:

16:31:09 executing program 3:

16:31:09 executing program 4:

16:31:09 executing program 1:

16:31:09 executing program 3:

16:31:09 executing program 5:

16:31:09 executing program 0:

[  253.328293][ T9624] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
16:31:09 executing program 3:

[  253.388973][ T9624] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
16:31:10 executing program 2:

16:31:10 executing program 5:

16:31:10 executing program 4:

16:31:10 executing program 1:

16:31:10 executing program 3:

16:31:10 executing program 0:

16:31:10 executing program 3:

16:31:10 executing program 1:

16:31:10 executing program 0:

16:31:10 executing program 4:

16:31:10 executing program 5:

16:31:10 executing program 2:

16:31:10 executing program 1:

16:31:10 executing program 2:

16:31:10 executing program 4:

16:31:10 executing program 5:

16:31:10 executing program 3:

16:31:10 executing program 0:

16:31:11 executing program 1:

16:31:11 executing program 2:

16:31:11 executing program 3:

16:31:11 executing program 5:

16:31:11 executing program 0:

16:31:11 executing program 4:

16:31:11 executing program 1:

16:31:11 executing program 2:

16:31:11 executing program 0:

16:31:11 executing program 4:

16:31:11 executing program 3:

16:31:11 executing program 5:

16:31:11 executing program 1:

16:31:11 executing program 2:

16:31:11 executing program 4:

16:31:11 executing program 1:

16:31:11 executing program 5:

16:31:11 executing program 0:

16:31:11 executing program 3:

16:31:11 executing program 2:

16:31:11 executing program 4:

16:31:11 executing program 0:

16:31:11 executing program 1:

16:31:12 executing program 5:

16:31:12 executing program 3:

16:31:12 executing program 2:

16:31:12 executing program 4:

16:31:12 executing program 0:

16:31:12 executing program 1:

16:31:12 executing program 5:

16:31:12 executing program 2:

16:31:12 executing program 3:

16:31:12 executing program 4:

16:31:12 executing program 0:

16:31:12 executing program 1:

16:31:12 executing program 5:

16:31:12 executing program 3:

16:31:12 executing program 2:

16:31:12 executing program 4:

16:31:12 executing program 0:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0x0, 0xc7a6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00')
renameat2(r1, &(0x7f0000000100)='./file0/file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x4)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff})
pipe(0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x4ff60, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000005c0)={0x2, 0x0, [{0xf000, 0x34, &(0x7f00000001c0)=""/52}, {0x0, 0xcf, &(0x7f00000004c0)=""/207}]})
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4ff60, 0x0)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000180)={'ipvlan1\x00', {0x2, 0x0, @rand_addr=0xddfdffff}})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)

16:31:12 executing program 1:
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x6000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})

16:31:12 executing program 3:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb8, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000}, 0x30420}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0x0, 0xc7a6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00')
renameat2(r1, &(0x7f0000000100)='./file0/file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x4)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff})
pipe(&(0x7f0000000180)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
splice(r3, 0x0, r4, 0x0, 0x4ff60, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000005c0)={0x4, 0x0, [{0xf000, 0x34, &(0x7f00000001c0)=""/52}, {0x0, 0xcf, &(0x7f00000004c0)=""/207}, {0x3000, 0x20, &(0x7f0000000280)=""/32}, {0x2, 0x0, &(0x7f0000000400)}]})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
close(r5)
renameat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
splice(r2, 0x0, r5, 0x0, 0x4ff60, 0x0)
r6 = fcntl$dupfd(0xffffffffffffffff, 0x406, r2)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
open(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000180)={'ipvlan1\x00', {0x2, 0x0, @rand_addr=0xddfdffff}})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

16:31:12 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
r1 = gettid()
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0xffffffffffffffda, 0x0}, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
close(r0)
tkill(r1, 0x1000000000016)

16:31:12 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x4b37, 0x0)

16:31:12 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x117fcfce)
setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, 0x0, 0x100000104)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x29, 0x14, 0x0, 0xbe)

[  256.488909][ T9764] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
16:31:13 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:13 executing program 5:
epoll_create1(0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000000), 0x200)
ftruncate(r0, 0x800799c)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa603, 0x2012, r0, 0x0)

16:31:13 executing program 0:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0x0, 0xc7a6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00')
renameat2(r1, &(0x7f0000000100)='./file0/file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x4)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff})
pipe(0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x4ff60, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000005c0)={0x2, 0x0, [{0xf000, 0x34, &(0x7f00000001c0)=""/52}, {0x0, 0xcf, &(0x7f00000004c0)=""/207}]})
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4ff60, 0x0)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000180)={'ipvlan1\x00', {0x2, 0x0, @rand_addr=0xddfdffff}})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)

16:31:13 executing program 1:
socket$inet6(0xa, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x46802)
sendmmsg(0xffffffffffffffff, &(0x7f0000004040)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000280)="13ba58346a02a23ab6e8220db5377a06531507bd4d079b8e35e0c44477098d279330020c90d26a4392620b6a90895341695c7ad1efa49c563a44a7d0fa69aded64c96b78342c50c9022d1c5c0245952bb8b765eb423509899371c7acd4c4d2d4c13f4ed3", 0x64}, {&(0x7f0000000080)}, {&(0x7f0000000300)="df116ea09e12c66c72e0dfc0a093cc4d844af24179afbc6ebd9033b886d1def8bc601ed0741c20db6e9899de0db11ded048400a63967e38e1e06491a2e6a47cc4b5929df99da85950b6c13a59a0aab087fcdf761cc24", 0x56}], 0x3}}, {{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000900)}, {0x0}, {0x0}], 0x3, &(0x7f00000026c0)=ANY=[@ANYBLOB="500000000201000000000000250ec7981a866e19ffa2db234ff370a56e26b7bfa76a38e2b489485022054ef6f0067f8dd045dd42c07ef85949608d8863f4bd75e030c446e7f23a2810d64ee17580a8000c000000000000007f0000007788e859cf9754f5f74f2c000000190100007f0000005fa916c4f63a1265d0845c7681df13efa09894ce4bccbd998f735e631259eace5c0000000000000009000000c687e1ce420ce16a19b5d8a2569f15c1a5ef276d9c0cb1702d30b98394d0f34575a308c6e84b7b8c42391bf052a06cae9ea0800f73f3da3263776a0297ff1010ec338c6acfdefa7c351142ae38000000d4000000010000000000000013512db3d49149f1d5b177b6af996f8c67c19371346e58080578242e49d7ba5cc2f952c342ec3e707293dba3ff1e0377ca6eb4fb602ad14d536c9619a33ef316b60707e0afe0aa13f36b4ef01d0b3ca4da539bf1eb374e843b1bcace06ba12e08c9a6a5659e7e1cf65c04bae3231157e6b08eba2b702af040f72583bc361cff3656b0dbbd2d0fff101770f59264415f26e6d2dc5d0ded031def95587cffb1a627dd6050c4110a6997018484e6906405288612c4ef15b6222375398630b65753c47420e5dd2d4f5000c0f00003a0000000800000096c4aaafd7a1d7267e5f5eb64a95e16aadc7ca3f38244070faca1cf51fe8a40734947895fd0596ca5a213ab76c6dae4a3365bd1a4d28938d8b9f22cdb66f53636a1898c928223c08450c7138643ed5d3cbc65e0a2b98626b981f17a9618e8a95f44da627455716a8e8096ee86899c2a1a9195132090045f4b34e11f48f49570b4d75f151e9b5447853f5c18f70dbfcd678c63419eed8a31204d6eea0a754ebff9499b3c519375cc744005ec73f1b4724b4b319b352601c8f62929adbb860d34a2fb968694491b02faac5282747aa73f6b744a40f3e7947a3ef909934cc9ebff457e41f30b13e2d3e63150c0396b4b1eb748539bf49e64c666be2a1777d974a66fcb3dc06b58a0eaebbe26912ede480106f3fa45030c1baa686922a1a1d101dc239f0d4abaa51da1812516a31b6c4d7cc74d0a12a052a364f4deff22efde211b7111bb139a68f62ae7ddd408e7c5410d472de0c72fc8c99a70bdd0b82485172613e9ba4588761a9a419d1a5deffcb7d4c2a4742094ab1c1903daa39f3ac8b3ee709a8ea9949c330820cd1b031bca39a84bf22073b42bf66bb2f028f301bd89c9047ac358c21f450c7414dada8fc6a4d3ec3d786f1358bca376a441f613f098afb2014deea00a6cdb3a805d18df16e68da2bde9a137c37fcfe20c8d164cb22fe0ee8a27cf29379951172f64bac145939294bb1cc01ff16ff79ed9547228101bc9c8e2b88e8c35858a5a22f44716ae2025721cf83dcf8b7011e07e2277e045c51add63f1e74810fba102d568e447d9be722cf7a017a451a6a23677c57ab833e25041b662c034d3d7dceb35854676a45251f14e4efa62488b2add79549c3657882a7981d8ee414d3b217066a9356182abb202909dbdd7dc7d2a46f35c6c4c7a3d2b1e0a2dd400ee07b1cb27862a5605ad6714cc7c237c1dc50bb212f9e66a11007049d57ec2f5d7fc8acc8a03bf46ff0ac6856a5b760258360e9e758f70f3687ff418b69fecb494b34b341d92c88fb01aa33157147e7ea469a8101bafa61d64879b6501d2f83c8c1af50f4e157413fc8f876d51cbb6bca378c9ae76097f3000059cec3fe76e6395bde43794b5d863ec9267150a7dfdb49e0e7ba373c0afcd23e2c31118a38c86da8e7ace32f096f29775208f27a4f5ceec9b3aaa0c78b5ae33d8f3f07efaab2b97359cd38747fed60342a9989542675e99aa4e9b155d0d1feb4ab22d2f00700000000000000a736a8e588f2e63c6ebea5ce7a39aa3085b16635edf411fdb5852e58dfe4f5da677d889e70478181cde26b4530c90ba4a65f887111e78dfd0068c6248bcd9962be1bbbb1e479e2a9c9e8bcf626d389d4228445e251ea03fbfe3ec2cf2879ba8c37f6dbb3d32989cd72487c0adc725e7accd81439e8b4dcff0a90aa1bc8a752b2ebb60470cd39d9575872432f7dde5283127219dc583f230aa9dd601bffcee79509945d4e3e1ca549f0ac710393488799ac9c90c9c546852e92df81179390c009cafc6b3a185810ac9db5ff6aa70774b494d49127863bab6f6ce3d683da25a1ec74a0b31c67daf0d4f1aac9b8ec46637f9601ef1dd1b8c5123de9cd413f4618f6c63bb3010ccdf156cde25d33513d4fb7bfac93f9935f3205b0f0ce60dea88f3874024c4d58bd6f1278fa9f997b47614d85eabcada28baead841a20e814e3225f0c11a4ad9026cb7da425f079d16263e22623933e587d97708dddbb6e0e2c3d1d2a3aae00037bf3dfd87c06957397af8150fe9aae64b3cc660e8129f8268eeac0202d33eaab357b9e36cc6cfbd7ead6f1198dc70b756a90c587b5f10bdc467f8d778262c544afe5da6bce61c004e626dea53f1b5d8fc985a41539f7a6b7d422b421a79d3bfddab7cd167c261b99954aba6aa144e5f168753f2f6677afba9be9ccf6d39c899d5c5767da371a621dc28538df74a00cea2ad967ba2a05a7fc6692c006d4ca158e2160a4ed87c9b5fc768323f29979e0331d57291e3b8b45e0346d5926e923e50285d981629eb9810a7f6f1b935840dc8d60ac19c5326df966b3bbe03ae61fe6472ce0d4236db4c5d2c539f2300ac650cf6217b622d65827e761a30b19ce081c303fba052f33ac36a7b85cc2ce91709cf51478a86407d4e679697216fed89d0af6e6359a4979c659c131329120a89e45d138327c07fdf0f8c9704d940cd43fac85571459ad43ac17df651aa111bc64b4af48aae4192e9d8939bf735ed580f3ef871997f8ec9244d418154fef8d35e186efd9dac25dc198eec3eb4736716f12121ecac0cdb17296f48e0d1efb3e0faff5c8c16600453a521a3005588fcc3cc2de299074ca142c2e99f084ff3e5c969d905c1350f2846e9f5d46bc7f4e1f5dd3923943c9f5df1da5324c55e9012db711aa20aef44664382294a6ac6be3bb4775a7b77e349ec38eea593fc93352e22a03f19f0c3f1dbdf1aff30cebbb002de40cd31dc0b8e498800aa965371863b7acc79b7b62446bf5fd938ade37f0d1c51bdfc9596426f1a204a04f2ddbb6f801ba864096a494b9b46a62db3de3903ea3c5552e6c9db5d7a1f877c25a2c5373b8a01398291cc8a23769b1ba441c8345dcc0bd6730a327826020c31121e940c45c6f2f58a3537fa57a168a6a6203d66f1cc0208cbb6b77118ecabc6fd999dd60c4387b877dae8f4783a37e723a0d9b967da1d5f4a4ae9bd2cfa6fa570157e4fdcee89952a7af348a040bd2e56d133820e6fad19a6a14e0666faa8a38f29177eaef6442c5fbae83f95b56cd60ce3621e0d5c940ae067815ce7d7f9b40572ce44a585b5460d290e5efc9c935e7bfd18a3926ad40911200b02da487a6ab6a900eae99a7c53ff175ead61f24c5eaded2903f4cdb92ca2154e4a70aaf7e9e0a4e52832905f76c29067eeb2310fd0603e9bcf1de21a1cd6d7678b727692f34a076d5c149691524918353d8aef91f5e23fd386c41c1bc43d7e322f7d5e39f5972a0df52d64c5cb27ba84b8c8934063d7a93ff3e9dfa7a253fd8eec91e416f4b9c9594f617bb06f2c5eee77f0e7fc285df262ee93503e400df91083d8a2fbb5dd855aead52e256853d4e92b5006d2f341674b6b97ec2d7206c3fa7211c48e0eafbbc02c656c780c17444d63e2707994d2439c7e8590176618fbb7c356cf24b5b6dec3160ef85be09706d795b09d099cc46afbbb1871b3a7df0475bfa1bf762256bbf10e6d0c43d9da562f2359c43e4ed68eade2d0c6d39fe83bb6ac9f4c556113fc7d4bdf65d85b378159a48df2c43254a76310dca9fadaeea5da441790e6a3dd0363b9e1ce11241daac9336a9d75c3b1f5c7703a6563c33e54968ec58b8a284953c61f019095d37a61c4e17f5686e7e916372a56db616b517a28b01f9233a11c9d492a233801cac2e2dd438bb6de9728f7bc5887786411db23299e78a489b0e1da7333fa73ceaff7a5b9a8b6d104a862865d0f3d5c47e511d57381329ad1a7a74ebe42137a6b243edd12c1f8777543b2deb556509e47672e7019a8c21d489f30f1f02ffd8eb6586680883af02c57963b70b3f480104289a242aad8a99206de22c24d15f06eeddd038a4e0f7e1a25fa8b186c962df267cd77edfd4ce914f3234ac06b4c620c125254861a7a987360c8c2b8ee418c87b6d9b522fc18a691eff7f3fd04c6d0baff52a0f5a70624b5c7325418bd938be5083c7cb2d0b10ab6b962ea8cf2088101da28057257badcbabd37e8c8bc359c7730779cce4e69cab65223fbc958dbdff8e30871dd4226a229bf1a887428cba0b63b4bd2304ee1ea1d1917bf6e353738297e4641bea9edba8468c73f23f9f082247965ca059ae71d8cac2c52f74f25a28dc01f9e41d96d50da4d25a5362b50263a7f24fd882c743da8d691a29146b64e4cc69559816ebcf8f06d56884175d8d2f93483ddb17b6d592584ab7b14a4f40b631383f0fdae42c4d7141da21d445eda7e6d9d88d3b6a36be6164d3ed87c4f1697974a01146c82ecf07b0c1f0283c21b96c1c931179c1972e463f7cf9a4e9eee96147b34a0ee049a5a39cefc69bca68656dd461e92041402789fa188834c0767ca33debb1aa5a177de46919e91399144d672fe2482ce3710b515e4c9427d3a3850a9951effef2b13b58140d9d60d707cb69cc01be58733f4c34dccb551b793591689ed4199a089474de0576c45ecfac2c241b7aa17cdab8e4057d32904057947191c527bf12ff1c27ee80da68c9628284ac101a2b701e8ff948b59c2ee505e8827f53217cadba83b0c4fff995ef9de2eb25e91c8832fd75172a14f310b85704ca1a93c29976a223e6dcdf731d82f704d8ffd027bdb8a64cacbf9cdcbc3d97043582559648ed0ed968ecb6c605f67d945a29c7aab95af1ad139d91bf43edced5e0ec5ca1abd2e90359fbbfe1f328140c1ef2859c9529c45da8a9f78839edebf211fc6bdef8987a691385c81497fad056423d0d06c91722e38631ab9e5196a09df97abbcb8678ec66af1916209edabad6738c7743f0d56ba818dd89da783f9b1ef3a5eb80b1885bd03ad854ddeacee2b6c193db5b2ebbbf9cbf5a1e562f54388514306a0124abb3000b0cae46e5e6dfcacea5739f1d2aa663b8830abd53991f08780a910ba6aeaa81492d3c6ff6876111b5342def4ddb402aeaf03ddfba9f114b373c77266bcb5c55423ff6dce8631f79cf8a0506270da5bba39e0733afc17a4b6076331c47e77aeea8a20ee70fdd6573062e67732c1efab2acc23f187b07592487a9024972fd347f172dc7a62aa8d19a3f3584728c7b62f0d9c180d73e8058a8555bce9c526bbb1ca7605b414a79a31c2a500b45c224e6ecabeda69d5a85a2b6301bcb487000d684475a1f336343001911998c0293b448f316710a3f5cbf9326f3069ef1058804b1e894d72ec46728fd66a7f0f961fa2efe6d2a9fefa852334f8b237dfb9d6fe24896d7e25217a5d1dbc200e1145c3c28986a24f5c1dffa3447fab1ee9f838f35f7c105173191f71f29a2cafa8ffd58e9039656ca9c46fd52cbddb6f286628d277507b6455959ef317aea0b56122e00403b5ab90354ab948f4495492b81e1dff2aa39d62e478b44320b108836461b640e696e830ad84a926112842059d791bc17426849f0241e648ad878a826af04f5adf97e10c2b6430d93f6845bbeb77002928d05cdd2382e424a723c17f5443e765197fc1a7ddd7ee27ed89e80e65432d1fe4ed861b3ab93d719fce0f7c684a262aee922d91962203119e0056e3b37d47db8a1efd653fd6871ccb11878a3331bc9e5ac5bdf1d111baf5939fad185e992dc644184363e37e978a9768d98294613c052697a417633e9b742ca567ecb678d48a2d8b28044939b99d0a7d471f5de75ee374dd54be090702d1613cf8d4bab18592924dbea34b56a28b4145fb91220412129e6cf250d74ad917445aa550d7abde2004b"], 0x10d0}}], 0x2, 0x48041)
io_setup(0x100000000000c333, &(0x7f0000000180)=<r1=>0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
io_setup(0x5, &(0x7f0000000080)=<r4=>0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = eventfd2(0xb5, 0x180002)
r7 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000500)='/dev/vcs\x00', 0x0, 0x0)
r8 = syz_open_procfs(0x0, 0x0)
preadv(r8, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/58, 0x3a}], 0x1, 0x6)
io_submit(r4, 0x6, &(0x7f00000007c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x2, 0x8, r5, &(0x7f0000000180)="cad8ff5ed8286ff9b4ff8e41d45d0c29027483896c49827a4a48b801aebcab6375f4fc885ff5b2b3f8bb022b01fcc919845f964f97f49a4d8efe8d856d2f4aead24f9d8ee8ac7a30416c8696f8b230f426fd6f5eeb76d2272b69c4d0b2976dc61e67cc706b2695d5518a018843f591da7adcc07c0b12de736ec413f090aae1adbd614ee84ec0d9e3f99441a5a59f29d6316f64682ae688404c4caa49e8b522318c9cdb65b3d61c50f46fd1d8f0e8113d37c6a0f83ea23915a09da9a2734d217e7f5cc5718a17c603ceca0011cdb930", 0xcf, 0xfffffffffffffff7, 0x0, 0x0, r3}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x3f, 0xffffffffffffffff, &(0x7f00000002c0)="afb260af0665e7ff7a5c96e67b3f73d3d59784e2bf9c3667666f3906fdb193285ab56a86cf720c8acf2c004744a69259edb5404a", 0x34, 0x11f, 0x0, 0x1, r6}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0xe, 0x80, r2, &(0x7f0000000340)="5bc0d2", 0x3, 0x1}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x8, r2, &(0x7f0000000580)="5a55d30ef8e7b72f66f23094b5a7a50c16a203c2350e603312e5a50c2bbbe2bb4cafc304d5f26a511699faa2339023b42ba20842852e12f8f080f23fbdf37a6e1716a024c4f67356af0fb71b8660c54ab6bfa163851d11f402e25019ebbcccd24dc07f198d489e86076deac98a36bbbcfe9d518ca87fad8a416a", 0x7a, 0x8000, 0x0, 0x2, r7}, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x7, 0x9, r8, &(0x7f0000000700)="95ed53a2901d", 0x6, 0x8, 0x0, 0x2}])
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x80000, 0x0)
r10 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x220380, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
r12 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r11, 0x107, 0xf, &(0x7f0000002180)=0xfc, 0x3c3)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r13=>0x0})
bind$packet(r11, &(0x7f0000000100)={0x11, 0x0, r13, 0x1, 0x0, 0x6, @local}, 0x14)
sendto$inet6(r11, &(0x7f0000000080)="030400306c00573a00000000fff57b016d2763bd56373780398d537500e50602591f031ee616d5c0184374a7ffe4ec55e0654786a70100935ba514d40808efa000801600002fd08d49a47eff71bc4131fe4c1f99bf00a900000008d1843e770afd6e9ef5837dbd0000000053", 0xfd82, 0x4000002, 0x0, 0x2ff)
r14 = dup(0xffffffffffffffff)
sendfile(r14, 0xffffffffffffffff, 0x0, 0x8000fffffffe)
io_submit(r4, 0x2, &(0x7f00000007c0)=[&(0x7f0000000500)={0x0, 0x0, 0x0, 0x6, 0x1ff, r9, &(0x7f00000001c0)="69287e20999b5ab68bbefcc4a18e09cf30bf87f94392a98344fe2db02da7f4db", 0x20, 0x80000001, 0x0, 0x1, r10}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3, 0x80, r11, &(0x7f00000006c0)="1229cf05c48ce51af974873991873caa619b9869abb44e7424679d729523913c83481c822b9f47d340be499f4947b16f61878e5d4faa91571cdb48e21c1ff772d5dde9512448283915c9c50729fb98f9125a6dcbc7391f14a71aa5c94eee7ceb1b8d52ee0e928482a7408826e67a3bbef4bec9c5d307befd3507bb5a78c35a56298a36a7df24e58b0e6f481939a9f821829eb43b5aa9b77271f3623f29026ec170d28dce60481df879f8736fbe854a5f216a34c055747af5c064f1b7d3b0399416ceb74e21e07f791344763a6199558e1df11dbff820c664f4b006e9b8d8e7ca09766b36ee35f50166bcbc98f16c4ce841c64db731bbac85698103f7", 0xfc, 0x1f, 0x0, 0x1, r14}])
r15 = creat(&(0x7f00000004c0)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
epoll_create1(0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={<r16=>0xffffffffffffffff})
sendmsg$xdp(0xffffffffffffffff, 0x0, 0x0)
r17 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r17, &(0x7f00000003c0)={&(0x7f0000000240), 0xc, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1800000031005fa4000000000000000000000000040001009153bdbc6833598418f5b148e21205a0f9a1b94d18c90000000000000000149490cc178ed16b45fbd018b5d007859a15fb3efb2f3dcdbcd00e6ffd1257be847f76975b21183d1d37e647434a933b679e3e6633e0f0db66cdad0b2af1e20aa1e26000000000fda08cc7c367cd6b3dc207c8a9126968f49b8db787a7b315f9c39239e47abe433cb0c32a8867e92e233016f846d364c55996d6adec7a861a8e9b4b5421d1d8cbffd48d4023e10607499317b8b3cb35fde200080000bcea50107e3605b86b762732c2edcf878f0f204a0a"], 0x18}}, 0x0)
sendmmsg$unix(r16, &(0x7f0000002680)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
ioctl$FS_IOC_SETFLAGS(r15, 0x40046602, &(0x7f0000000000))
io_setup(0x0, &(0x7f0000000200))
write$FUSE_NOTIFY_RETRIEVE(r15, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x0, 0xfffffffffffffff7}}, 0x30)
r18 = socket$caif_stream(0x25, 0x1, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r18, 0x6612)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_submit(r1, 0x82, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])
r19 = socket(0x0, 0x800000003, 0x0)
getsockname$packet(r19, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14)

16:31:13 executing program 3:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb8, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000}, 0x30420}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0x0, 0xc7a6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00')
renameat2(r1, &(0x7f0000000100)='./file0/file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x4)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff})
pipe(&(0x7f0000000180)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
splice(r3, 0x0, r4, 0x0, 0x4ff60, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000005c0)={0x4, 0x0, [{0xf000, 0x34, &(0x7f00000001c0)=""/52}, {0x0, 0xcf, &(0x7f00000004c0)=""/207}, {0x3000, 0x20, &(0x7f0000000280)=""/32}, {0x2, 0x0, &(0x7f0000000400)}]})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
close(r5)
renameat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
splice(r2, 0x0, r5, 0x0, 0x4ff60, 0x0)
r6 = fcntl$dupfd(0xffffffffffffffff, 0x406, r2)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
open(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000180)={'ipvlan1\x00', {0x2, 0x0, @rand_addr=0xddfdffff}})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

16:31:13 executing program 5:
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x8}, [@ldst={0x3, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd98, 0x10, &(0x7f0000000000), 0x176}, 0x48)

16:31:13 executing program 0:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@getnetconf={0x14, 0x52, 0x501, 0x0, 0x25dfdbff, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

16:31:13 executing program 5:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb8, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000}, 0x30420}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00')
renameat2(r1, &(0x7f0000000100)='./file0/file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x4)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff})
pipe(&(0x7f0000000180)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
splice(r3, 0x0, r4, 0x0, 0x4ff60, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000005c0)={0x4, 0x0, [{0xf000, 0x34, &(0x7f00000001c0)=""/52}, {0x0, 0xcf, &(0x7f00000004c0)=""/207}, {0x3000, 0x20, &(0x7f0000000280)=""/32}, {0x2, 0x0, &(0x7f0000000400)}]})
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
close(0xffffffffffffffff)
renameat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x4ff60, 0x0)
r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
open(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000180)={'ipvlan1\x00', {0x2, 0x0, @rand_addr=0xddfdffff}})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)

16:31:13 executing program 3:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb8, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000}, 0x30420}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0x0, 0xc7a6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00')
renameat2(r1, &(0x7f0000000100)='./file0/file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x4)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff})
pipe(&(0x7f0000000180)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
splice(r3, 0x0, r4, 0x0, 0x4ff60, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000005c0)={0x4, 0x0, [{0xf000, 0x34, &(0x7f00000001c0)=""/52}, {0x0, 0xcf, &(0x7f00000004c0)=""/207}, {0x3000, 0x20, &(0x7f0000000280)=""/32}, {0x2, 0x0, &(0x7f0000000400)}]})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
close(r5)
renameat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
splice(r2, 0x0, r5, 0x0, 0x4ff60, 0x0)
r6 = fcntl$dupfd(0xffffffffffffffff, 0x406, r2)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
open(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000180)={'ipvlan1\x00', {0x2, 0x0, @rand_addr=0xddfdffff}})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

16:31:14 executing program 5:
epoll_create1(0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000000), 0x200)
ftruncate(r0, 0x800799c)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa603, 0x2012, r0, 0x0)
ftruncate(0xffffffffffffffff, 0x800799c)

16:31:14 executing program 5:
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
creat(0x0, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:16 executing program 4:
socket$inet(0x10, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000000), 0x200)
ftruncate(r0, 0x800799c)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa603, 0x2012, r0, 0x0)
ftruncate(0xffffffffffffffff, 0x800799c)

16:31:16 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:16 executing program 3:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
finit_module(r0, &(0x7f0000000200)='\x00', 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x396d83c14c71e77a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array]}}, &(0x7f0000000240)=""/191, 0x32, 0xbf, 0x8}, 0x20)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)

16:31:16 executing program 5:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000}, 0x30420}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0x0, 0xc7a6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00')
renameat2(r1, &(0x7f0000000100)='./file0/file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x4)
pipe(&(0x7f0000000180))
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
close(0xffffffffffffffff)
renameat(0xffffffffffffff9c, 0x0, r1, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
r2 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
open(0x0, 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

16:31:17 executing program 0:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb8, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000}, 0x30420}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0x0, 0xc7a6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00')
renameat2(r1, &(0x7f0000000100)='./file0/file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x4)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff})
pipe(&(0x7f0000000180)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
splice(r3, 0x0, r4, 0x0, 0x4ff60, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000005c0)={0x4, 0x0, [{0xf000, 0x34, &(0x7f00000001c0)=""/52}, {0x0, 0xcf, &(0x7f00000004c0)=""/207}, {0x3000, 0x20, &(0x7f0000000280)=""/32}, {0x2, 0x0, &(0x7f0000000400)}]})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
close(r5)
renameat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
splice(r2, 0x0, r5, 0x0, 0x4ff60, 0x0)
open(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

16:31:17 executing program 1:
r0 = memfd_create(&(0x7f0000000080)='\x15\b\xedrZ\xfbd\xdf0\xe1\xbf\xb8c\x13\x021A{\x1e\xb1|!\xf6\xac\x8cu\x95\xac50\xe9\xd7HNv;\xbb\\%\xe9\x90\xc7w\xeeV\xefm\x11,\xee\xccO\x1e\x0f~;\x80B\xa2)c\xd05Q', 0x4)
ftruncate(r0, 0x800799c)

[  260.581240][ T9836] BPF:[1] ARRAY (anon) 
[  260.599820][ T9836] BPF:type_id=0 index_type_id=0 nr_elems=0
[  260.635680][ T9836] BPF: 
[  260.677424][ T9836] BPF:Invalid elem
[  260.697485][ T9836] BPF:
[  260.697485][ T9836] 
16:31:17 executing program 4:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb8, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000}, 0x30420}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0x0, 0xc7a6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00')
renameat2(r1, &(0x7f0000000100)='./file0/file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x4)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff})
pipe(&(0x7f0000000180)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0x4ff60, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000005c0)={0x3, 0x0, [{0xf000, 0x34, &(0x7f00000001c0)=""/52}, {0x0, 0xcf, &(0x7f00000004c0)=""/207}, {0x2, 0x0, &(0x7f0000000400)}]})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
close(r5)
renameat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
splice(r2, 0x0, r5, 0x0, 0x4ff60, 0x0)
r6 = fcntl$dupfd(0xffffffffffffffff, 0x406, r2)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
open(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

16:31:17 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

[  260.779251][ T9840] BPF:[1] ARRAY (anon) 
[  260.783462][ T9840] BPF:type_id=0 index_type_id=0 nr_elems=0
16:31:17 executing program 5:
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002600)=ANY=[@ANYBLOB="800000001000050700000000000000a5b0612e76", @ANYRES32, @ANYBLOB="0004010000000000600012800e0001006970366772657461700000004c000280060002003f000000060003000700000008000100", @ANYRES32, @ANYBLOB="0800140000000000cc000000001400070000000000000000000000ffff00004727"], 0x80}}, 0x0)

[  260.848443][ T9840] BPF: 
[  260.851321][ T9840] BPF:Invalid elem
[  260.881032][ T9840] BPF:
[  260.881032][ T9840] 
16:31:17 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000040)="9f8194be5ace602f096d07ff9bcd66299667b7059b342623b372d82fefa01f9a2d830f7f99b4e597f4e9fad324868e83f474d0c35449712f00c51c638e6aea4a8dee825286b31a260e60482bb0b4179b3163", 0x3b7}], 0x1)

16:31:17 executing program 3:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
finit_module(r0, &(0x7f0000000200)='\x00', 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x396d83c14c71e77a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array]}}, &(0x7f0000000240)=""/191, 0x32, 0xbf, 0x8}, 0x20)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)

16:31:17 executing program 0:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x22502, 0x0)
write$P9_RREAD(r0, &(0x7f0000000100)=ANY=[@ANYBLOB='E'], 0x1)

[  261.017614][ T9871] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'.
16:31:17 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

[  261.148813][ T9875] BPF:[1] ARRAY (anon) 
[  261.171589][ T9875] BPF:type_id=0 index_type_id=0 nr_elems=0
16:31:17 executing program 5:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

[  261.219919][ T9875] BPF: 
[  261.243744][ T9875] BPF:Invalid elem
[  261.263038][ T9875] BPF:
[  261.263038][ T9875] 
16:31:17 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newlink={0xfc, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0xd4, 0x1a, 0x0, 0x1, [@AF_INET6={0x54, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5400}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}, @IFLA_INET6_TOKEN={0x14, 0x7, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_ADDR_GEN_MODE={0x5}]}, @AF_MPLS={0x4}, @AF_BRIDGE={0x4}, @AF_INET={0xf, 0x2, 0x0, 0x1, {0xc, 0x1, 0x0, 0x1, [{0x8}]}}, @AF_INET={0x10, 0x2, 0x0, 0x1, {0xc, 0x1, 0x0, 0x1, [{0x8}]}}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x26}, {0x8}, {0x8}]}}, @AF_BRIDGE={0x4}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}]}, @IFLA_PROTO_DOWN={0x5}]}, 0xfc}}, 0x0)

16:31:17 executing program 1:
socket$inet6(0xa, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x46802)
io_setup(0x100000000000c333, &(0x7f0000000180)=<r1=>0x0)
r2 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000500)='/dev/vcs\x00', 0x0, 0x0)
r4 = syz_open_procfs(0x0, 0x0)
preadv(r4, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/58, 0x3a}], 0x1, 0x6)
io_submit(0x0, 0x6, &(0x7f00000007c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x2, 0x8, 0xffffffffffffffff, &(0x7f0000000180)="cad8ff5ed8286ff9b4ff8e41d45d0c29027483896c49827a4a48b801aebcab6375f4fc885ff5b2b3f8bb022b01fcc919845f964f97f49a4d8efe8d856d2f4aead24f9d8ee8ac7a30416c8696f8b230f426fd6f5eeb76d2272b69c4d0b2976dc61e67cc706b2695d5518a018843f591da7adcc07c0b12de736ec413f090aae1adbd614ee84ec0d9e3f99441a5a59f29d6316f64682ae688404c4caa49e8b522318c9cdb65b3d61c50f46fd1d8f0e8113d37c6a0f83ea23915a09da9a2734d217e7f5cc5718a17c603ceca0011cdb930", 0xcf, 0xfffffffffffffff7, 0x0, 0x0, r2}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x3f, 0xffffffffffffffff, &(0x7f00000002c0)="afb260af0665e7ff7a5c96e67b3f73d3d59784e2bf9c3667666f3906fdb193285ab56a86cf720c8acf2c004744a69259edb5404a", 0x34, 0x11f, 0x0, 0x1}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x80, 0xffffffffffffffff, &(0x7f0000000340)="5bc0d2", 0x3, 0x1}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffffff, &(0x7f0000000580)="5a55d30ef8e7b72f66f23094b5a7a50c16a203c2350e603312e5a50c2bbbe2bb4cafc304d5f26a511699faa2339023b42ba20842852e12f8f080f23fbdf37a6e1716a024c4f67356af0fb71b8660c54ab6bfa163851d11f402e25019ebbcccd24dc07f198d489e86076deac98a36bbbcfe9d518ca87fad", 0x77, 0x8000, 0x0, 0x2, r3}, 0x0, 0x0])
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x80000, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x220380, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000002180)=0xfc, 0x3c3)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r9=>0x0})
bind$packet(r7, &(0x7f0000000100)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @local}, 0x14)
sendto$inet6(r7, &(0x7f0000000080), 0x0, 0x4000002, 0x0, 0x0)
r10 = dup(0xffffffffffffffff)
sendfile(r10, 0xffffffffffffffff, 0x0, 0x8000fffffffe)
io_submit(0x0, 0x2, &(0x7f00000007c0)=[&(0x7f0000000500)={0x0, 0x0, 0x0, 0x6, 0x1ff, r5, &(0x7f00000001c0)="69287e20999b5ab68bbefcc4a18e09cf30bf87f94392a98344fe2db02da7f4db", 0x20, 0x80000001, 0x0, 0x1, r6}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3, 0x80, r7, &(0x7f00000006c0)="1229cf05c48ce51af974873991873caa619b9869abb44e7424679d729523913c83481c822b9f47d340be499f4947b16f61878e5d4faa91571cdb48e21c1ff772d5dde9512448283915c9c50729fb98f9125a6dcbc7391f14a71aa5c94eee7ceb1b8d52ee0e928482a7408826e67a3bbef4bec9c5d307befd3507bb5a78c35a56298a36a7df24e58b0e6f481939a9f821829eb43b5aa9b77271f3623f29026ec170d28dce60481df879f8736fbe854a5f216a34c055747af5c064f1b7d3", 0xbd, 0x1f, 0x0, 0x1, r10}])
r11 = creat(&(0x7f00000004c0)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
epoll_create1(0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={<r12=>0xffffffffffffffff})
sendmsg$xdp(0xffffffffffffffff, 0x0, 0x0)
r13 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f00000003c0)={&(0x7f0000000240), 0xc, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1800000031005fa4000000000000000000000000040001009153bdbc6833598418f5b148e21205a0f9a1b94d18c90000000000000000149490cc178ed16b45fbd018b5d007859a15fb3efb2f3dcdbcd00e6ffd1257be847f76975b21183d1d37e647434a933b679e3e6633e0f0db66cdad0b2af1e20aa1e26000000000fda08cc7c367cd6b3dc207c8a9126968f49b8db787a7b315f9c39239e47abe433cb0c32a8867e92e233016f846d364c55996d6adec7a861a8e9b4b5421d1d8cbffd48d4023e10607499317b8b3cb35fde200080000bcea50107e3605b86b762732c2edcf878f0f204a0a"], 0x18}}, 0x0)
sendmmsg$unix(r12, &(0x7f0000002680)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
ioctl$FS_IOC_SETFLAGS(r11, 0x40046602, &(0x7f0000000000))
write$FUSE_NOTIFY_RETRIEVE(r11, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x0, 0xfffffffffffffff7}}, 0x30)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
io_submit(r1, 0x82, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}])
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14)

16:31:17 executing program 4:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000c00fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:17 executing program 3:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct, @enum={0x0, 0x0, 0x0, 0xd, 0x2}]}}, &(0x7f0000000280)=""/245, 0x32, 0xf5, 0x8}, 0x20)

[  261.435597][ T9894] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  261.471163][ T9894] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.0'.
16:31:18 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.current\x00', 0x26e1, 0x0)
write$cgroup_int(r0, &(0x7f0000000080), 0x87f1a7)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000240)={0x0, 0x8, 0x1})

16:31:18 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:18 executing program 0:
r0 = syz_open_dev$rtc(0x0, 0x0, 0x0)
close(r0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rename(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x5000000, &(0x7f00000004c0))
prctl$PR_SET_DUMPABLE(0x4, 0x0)
syz_open_procfs(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
writev(r1, &(0x7f0000000380)=[{0x0}, {&(0x7f00000001c0)="8db98220baf2d8fe4fe29365f8b5caff0266c5b9561278b1837dba7d64d02bbfa0e896d3f31c3236f8dff084e545d1cfddcab089eb2e9293982307eccb9f60a6b8ec72efb8216e6186286ace2805cd77eb8a2a5241b637e2aae02695640a290b7880d435fd4c0258005aad8fa0b0227cda7070df610ca6e2a24c3ba123292bdafe39", 0x82}, {&(0x7f0000000540)}], 0x3)
ioctl$KDFONTOP_COPY(r1, 0x4b72, &(0x7f0000000080)={0x3, 0x0, 0xd, 0xd, 0xc9, &(0x7f0000000500)})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r2, 0x0, 0x0)

[  261.582784][ T9904] BPF:[2] FUNC_PROTO (anon) 
16:31:18 executing program 5:
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @random="96c1e9574b31", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x0, 0x0, 0x8, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @empty}, "400000e3ff000000"}}}}}, 0x0)

[  261.650698][ T9904] BPF:return=2 args=(
[  261.670113][ T9904] BPF:void
[  261.673326][ T9904] BPF:)
[  261.737849][ T9904] BPF: 
[  261.747357][ T9904] BPF:Invalid return type
[  261.757495][ T9904] BPF:
[  261.757495][ T9904] 
[  261.785283][ T9904] BPF:[2] FUNC_PROTO (anon) 
[  261.796446][ T9904] BPF:return=2 args=(
[  261.829079][ T9904] BPF:void
[  261.851862][ T9904] BPF:)
[  261.854752][ T9904] BPF: 
16:31:18 executing program 5:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000040)='trusted.overlay.opaque\x00', 0x0, 0x0, 0x1)

16:31:18 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:18 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000000), 0x0)
ftruncate(r0, 0x800799c)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xa603, 0x2012, r0, 0x0)
memfd_create(0x0, 0x0)

[  261.908614][ T9904] BPF:Invalid return type
[  261.908622][ T9904] BPF:
[  261.908622][ T9904] 
16:31:18 executing program 5:
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
creat(0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)

16:31:18 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:18 executing program 1:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
finit_module(r0, &(0x7f0000000200)='\x00', 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x10000000, 0x0, 0x396d83c14c71e77a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x0, 0x4}}]}}, &(0x7f0000000240)=""/191, 0x32, 0xbf, 0x8}, 0x20)
ioperm(0x3, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)

16:31:18 executing program 0:

16:31:18 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

[  262.556267][ T9947] BPF:[1] ARRAY (anon) 
[  262.580450][ T9947] BPF:type_id=0 index_type_id=4 nr_elems=0
16:31:19 executing program 4:

16:31:19 executing program 0:

[  262.621586][ T9947] BPF: 
[  262.633231][ T9947] BPF:Invalid elem
[  262.644492][ T9947] BPF:
[  262.644492][ T9947] 
16:31:19 executing program 2:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:19 executing program 5:

[  262.749915][ T9960] BPF:[1] ARRAY (anon) 
16:31:19 executing program 0:

[  262.771098][ T9960] BPF:type_id=0 index_type_id=4 nr_elems=0
[  262.803011][ T9960] BPF: 
[  262.826904][ T9960] BPF:Invalid elem
16:31:19 executing program 5:

[  262.862559][ T9960] BPF:
[  262.862559][ T9960] 
16:31:19 executing program 3:

16:31:19 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:19 executing program 1:

16:31:19 executing program 0:

16:31:19 executing program 4:

16:31:19 executing program 5:

16:31:19 executing program 4:

16:31:19 executing program 0:

16:31:19 executing program 5:

16:31:19 executing program 2:
r0 = socket$inet6(0x10, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:19 executing program 1:

16:31:19 executing program 3:

16:31:19 executing program 4:

16:31:20 executing program 1:

16:31:20 executing program 0:

16:31:20 executing program 2:
r0 = socket$inet6(0x10, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:20 executing program 3:

16:31:20 executing program 5:

16:31:20 executing program 4:

16:31:20 executing program 1:

16:31:20 executing program 3:

16:31:20 executing program 0:

16:31:20 executing program 2:
r0 = socket$inet6(0x10, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:20 executing program 5:

16:31:20 executing program 1:

16:31:20 executing program 3:

16:31:20 executing program 1:

16:31:20 executing program 4:

16:31:20 executing program 5:

16:31:20 executing program 0:

16:31:20 executing program 2:
socket$inet6(0x10, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:20 executing program 3:

16:31:20 executing program 1:

16:31:20 executing program 0:

16:31:20 executing program 4:

16:31:20 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

16:31:20 executing program 2:
socket$inet6(0x10, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:20 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$cgroup_type(r1, &(0x7f00000009c0)='threaded\x00', 0x3f551f4)
r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x4002, 0x0)
sendfile(r2, r2, 0x0, 0x8800000)

16:31:20 executing program 1:
r0 = memfd_create(&(0x7f0000000640)='\x97&\x89\\\xd0\xe7\xca\x16ZO\x94:\xe1\x01\xe5`iq@Nse;\xa8Fpj\x0e\x04!\xd5\xc5YBz\x94\xaf\x13\xe9\xd2\x0f\xc2G\x86\x06\x00\xf1/V\x8cvS\xa6K&u\x9dX\xcc\r\x12\x11\x99\xe7\xce\xaeA\xb8-E\xa1\xf8\xe4~IS\xc1\x04\xf78\xf1\'\xdfv\x90\xbc\xd1\xda\x88j\x16\xeb>\x8c\xa1\x03\xf3\xaf\xfd\xf4&a?\xcaG\n\xe5j\x9b}\xc6G\x86\xb2\xdeY\x17yX $\xfcU\x9d\x80dX\xcc\xab\x84\xd1\x01_\x7f\xf4tW.\x81\n\xf3\v\x8d\x12pa\x91\x9b\x8cxd\x06\xa7k\n\x86\xc3\xb6\x910\xf2L\xf0\xaf\xe1jd\xda\x1f\x8bVrd\xa4\xb34\xfcUj\x1ad:#\x96\xf9\xd3\x1c]ImZlU\".\x18)\xcf\x1am\xd5\xe0\xdb\xdc\xd7\x8e\xe0\xa3\x82\xec\x9b\xfb\xc9\x81\x9c\xdc\xb7\x0f\xdd\xd3\xd7\xbe\x89\x7f3\x1d\x1c@\x8eu\x85\xces\x89\x95&3FX\xb1\xaf\xa6\x96\xa2\x13\x1f-\b\xcf1J\xd9\x13Q\x94R/\xdf\x1e\x9e\xe57\xda{\xe1D+\xf35\xcbH\xe6\x0f\xe0]\xef\x8b\xcdk\xfe\xf6\xcc+rp\xd5\b~\xf6\xa2\x87\xed<\xc2bO\x88\x03n% ', 0x0)
execveat(r0, &(0x7f0000000500)='\x00', 0x0, 0x0, 0x1000)

16:31:21 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
flock(r0, 0x2)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
lseek(r1, 0x3, 0x0)
dup2(r1, r0)

16:31:21 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x2000000, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xd}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

[  264.651529][T10056] device lo entered promiscuous mode
16:31:21 executing program 2:
socket$inet6(0x10, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

[  264.685497][T10066] ERROR: Domain '<kernel> /sbin/init /etc/init.d/rc /sbin/startpar /etc/init.d/ssh /sbin/start-stop-daemon /usr/sbin/sshd /usr/sbin/sshd /bin/bash /root/syz-fuzzer /root/syz-executor.1 proc:/self/fd/3' not defined.
16:31:21 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
flock(r0, 0x2)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
lseek(r1, 0x3, 0x0)
dup2(r1, r0)

16:31:21 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
flock(r0, 0x2)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
lseek(r1, 0x3, 0x0)
dup2(r1, r0)

16:31:21 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000040)={<r2=>0xffffffffffffffff})
fsmount(r2, 0x0, 0x87)

16:31:21 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, 0x0, 0x0)

16:31:21 executing program 4:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000700)='./file1\x00', 0x0)
mknod$loop(&(0x7f0000000200)='./file1/file0\x00', 0x228c, 0xffffffffffffffff)

[  265.512192][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  265.512207][   T28] audit: type=1800 audit(1579797081.950:31): pid=10077 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16606 res=0
[  265.542220][T10056] device tunl0 entered promiscuous mode
[  265.580350][   T28] audit: type=1804 audit(1579797081.950:32): pid=10064 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir648963669/syzkaller.zd4B5c/33/file0/file0" dev="sda1" ino=16606 res=1
[  265.668066][   T28] audit: type=1800 audit(1579797081.950:33): pid=10064 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.3" name="file0" dev="sda1" ino=16606 res=0
[  265.704123][   T28] audit: type=1804 audit(1579797081.950:34): pid=10103 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir648963669/syzkaller.zd4B5c/33/file0/file0" dev="sda1" ino=16606 res=1
[  265.733548][   T28] audit: type=1804 audit(1579797082.090:35): pid=10104 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir648963669/syzkaller.zd4B5c/33/file0/file0" dev="sda1" ino=16606 res=1
[  265.760248][   T28] audit: type=1800 audit(1579797082.100:36): pid=10104 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16606 res=0
[  265.847771][T10056] device gre0 entered promiscuous mode
[  265.978827][T10056] device gretap0 entered promiscuous mode
[  266.170303][T10056] device erspan0 entered promiscuous mode
[  266.344783][T10056] device ip_vti0 entered promiscuous mode
[  266.484553][T10056] device ip6_vti0 entered promiscuous mode
[  266.672066][T10056] device sit0 entered promiscuous mode
[  267.046648][T10056] device ip6tnl0 entered promiscuous mode
[  267.226528][T10056] device ip6gre0 entered promiscuous mode
[  267.418771][T10056] device syz_tun entered promiscuous mode
[  267.608306][T10056] device ip6gretap0 entered promiscuous mode
[  267.791659][T10056] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.799690][T10056] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.810119][T10056] device bridge0 entered promiscuous mode
[  267.993911][T10056] device vcan0 entered promiscuous mode
[  268.057436][T10056] device bond0 entered promiscuous mode
[  268.063038][T10056] device bond_slave_0 entered promiscuous mode
[  268.069458][T10056] device bond_slave_1 entered promiscuous mode
[  268.255298][T10056] device team0 entered promiscuous mode
[  268.261000][T10056] device team_slave_0 entered promiscuous mode
[  268.273163][T10056] device team_slave_1 entered promiscuous mode
[  268.436852][T10056] device dummy0 entered promiscuous mode
[  268.616180][T10056] device nlmon0 entered promiscuous mode
[  268.682706][T10056] device caif0 entered promiscuous mode
[  268.691268][T10056] device batadv0 entered promiscuous mode
[  268.919893][T10056] device vxcan0 entered promiscuous mode
[  268.976393][T10056] device vxcan1 entered promiscuous mode
[  269.037929][T10056] device veth0 entered promiscuous mode
[  269.213268][T10056] device veth1 entered promiscuous mode
[  269.288639][T10056] device xfrm0 entered promiscuous mode
[  269.394422][T10056] device veth0_to_bridge entered promiscuous mode
[  269.679751][T10056] device veth1_to_bridge entered promiscuous mode
[  269.975197][T10056] device veth0_to_bond entered promiscuous mode
[  270.205339][T10056] device veth1_to_bond entered promiscuous mode
[  270.437171][T10056] device veth0_to_team entered promiscuous mode
[  270.729055][T10056] device veth1_to_team entered promiscuous mode
[  271.015410][T10056] device veth0_to_batadv entered promiscuous mode
[  271.088322][T10056] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.196343][T10056] device batadv_slave_0 entered promiscuous mode
[  271.370962][T10056] device veth1_to_batadv entered promiscuous mode
[  271.448140][T10056] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.564472][T10056] device batadv_slave_1 entered promiscuous mode
[  271.740835][T10056] device veth0_to_hsr entered promiscuous mode
[  271.979589][T10056] device veth1_to_hsr entered promiscuous mode
[  272.318469][T10056] device hsr0 entered promiscuous mode
[  272.493493][T10056] device veth1_virt_wifi entered promiscuous mode
[  272.658179][T10056] device veth0_virt_wifi entered promiscuous mode
[  272.748269][T10056] device virt_wifi0 entered promiscuous mode
[  273.409222][T10056] device vlan0 entered promiscuous mode
[  273.415599][T10056] device vlan1 entered promiscuous mode
[  273.507369][T10056] device macvlan0 entered promiscuous mode
[  273.767431][T10056] device macvlan1 entered promiscuous mode
[  273.834786][T10056] device ipvlan0 entered promiscuous mode
[  273.857623][T10056] device ipvlan1 entered promiscuous mode
[  274.337443][T10056] device macvtap0 entered promiscuous mode
[  274.518506][T10056] device macsec0 entered promiscuous mode
[  274.705746][T10056] device geneve0 entered promiscuous mode
[  274.884296][T10056] device geneve1 entered promiscuous mode
[  275.073139][T10056] device netdevsim0 entered promiscuous mode
[  275.144762][T10056] device netdevsim1 entered promiscuous mode
[  275.315151][T10056] device netdevsim2 entered promiscuous mode
[  275.442465][T10056] device netdevsim3 entered promiscuous mode
[  275.517951][T10056] device ip6gretap1 entered promiscuous mode
[  275.524691][T10056] device syzkaller1 entered promiscuous mode
16:31:32 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00')
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="15930000000000000000150000000800178100000000"], 0x1c}}, 0x0)

16:31:32 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
flock(r0, 0x2)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
lseek(r1, 0x3, 0x0)
dup2(r1, r0)

16:31:32 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, 0x0, 0x0)

16:31:32 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00')
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="15930000000000000000150000000400178100000000"], 0x1c}}, 0x0)

16:31:32 executing program 4:
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$security_capability(0x0, &(0x7f0000000080)='security.capability\x00', 0x0, 0x0, 0x0)
getxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=ANY=[], 0x0, 0x304)

16:31:32 executing program 1:
syz_read_part_table(0x0, 0x1, &(0x7f0000000280)=[{&(0x7f0000000000)="0201a5ffffff01000000ff07000000000000550008000000000000000040000000006300000000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}])
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  275.868101][T10117] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
16:31:32 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, 0x0, 0x0)

16:31:32 executing program 4:
syz_emit_ethernet(0x14a9, &(0x7f00000001c0)=ANY=[@ANYBLOB="1fcffb37c458ffffffffffff86dd6061605d1473f400fe07000080ffffff000000000000f000ff0200006600000000000000000000018900907800000000ff020000000000000000000000000001000000000000000000000000000000000316abcd2ac5376a61ace70dbfed07d239cc113351a47067c96b4ab776723b716b099bd6eb56d6f5c141cde61be95f48c2075e87d22afd51e9e7e054305840816a325cf0721a777df03b5dcf13b8a74e4c47913bbd46660a24fb112ca277ea6b1eec0416150f9a155177475fddb12156a800eafe3ef56c5219f8d9d56f87c1e8d946bd1a220916a2f2d6cef1a8229385eb100de1d4ae534471e432209233f49346ccd5ec5fd553b1e6b054b9cbc9a974c9b4df041cd1f43887a53319d7664d8dc99faf275421189d7b35a2f6d6207b84156f215c1148e71f1f7dad8de13f3e835432af6a6c309560dc5d29dce9fdc6c0a0dceb2fbcb995229a2ca22a7cafdb4529a8efe0fd37d8e26a12ff024d1f60bbc8119184914d9423ddaefc28349bad1d1497257abcdfffaabd3d5cea6640bbeb777c7533e042cc7c2bfd403eed7a16d0340579fddfcc6fa5b2b4333910afb69a91cc05cda7d2bc75b0ee5b0c1b869430f5409f7219c875d8f3510e4a3f9ab234a2c89f8b3253570e14a6073af6c573dced8093e2f9ccfe831b9a163ee917cc9858f96e0504d0b674191c65e30cbf18692b7494b844d6739018058b9630c53a1539e2d2a1efaa251361110b89e3350a9b7cd55e8ec49aa4bb26fac16c2fc18d65d9d03df6de0fbe590249ed41e8881285955f6ee6ad3e7ba0e2f532fb5aeee5e01585f87587badbec46626a180eefb0060c345632edef7eaed02a2892e61561b3515197f319e9a0380697eef2a0e5950c5b62a1b9df1041f6c5b1ff02c6db804587910cbcc79b0683020589d29b053ce7840f1238edaed66bfb6c403257eb0dc1467d2e1df20feb3feabb7ce05fc93766798fe07b63b8c194d92cb9e6d466a769dd6480ec4b2ec37a54db709d8a79011eca41554c4506ead27dcada212edb5c1b807045083eb3d0775f41619fca2dd2d99f29d720232973c93c653ca136302f42927c1d1ca0a5cbdb8b8c8142b0521101ce134c0f497f5087239355aacd1686837d01e315e3764563803ca7c2e6197195aa690f2ac1f03bcc846ac880011aa2d2c26db7e192d0ae9fcb91693ec43e312ea5a126857af3be6994d8016dded7200956151db7f131963db5d46aee1328bce07759821c0361c141a7554381c1368d9d2336033553357545ec751df1e819f078ef81c9c52aae8734f8a11932ad6490d8521ad6b26ada47cb0af91e609930f111395e4a7645f2f14ec8b30eb2bd2a0300ce7dfae16448dd0e3e29a7192aba10c6e81900ac9ea2997c657038b2dc455726804b80e7b1493a7fd4e30f952b3026df990bb89d1f31fdd64fb888dff425bd081563c9e5e205db1594883f7a812c2e51bf6844560ddee48f56565a4bf8938628fdca123380f092d9c6682cc46c95cd7c6ddde44a6850f21cec706c54db8ecff2378008a5f7f9fe81c5d78d32eac7f84d12580bc3d8ae630b2e6f644490b6acaf69affd59e56a368f32797cdc2f50d68ae6b2bffc17861161cd22e716e3c046c4048b7447d707c32a2f00b12d7f1868ff90411a555a716e9278a2f5ddbf51ebe1d4195f8e412df84b1f9ce33ea87c426898803cfa1d5c91117a83d02918d04c3c162a88feaa2b55c792cd6b56a5a72e8910a9fd3f68f65499d5d9302b1b2f44e262ed56e731adb5d16a1346a3ad4985897e6c59412e2f785871e3cf4f80e7ac073f63431e17ae12783908791db821dfa4dd7b0b32c34685c761c34cbace5d9dccdc3826a5230e185788ca45248d4de0cc2fe79c90fe5b12c1b52283ad34b29d0c2f3e55438bc9f0bc49be4a0c7db3aef31cab4a450a349a35b2f5191faf08e499f3dd3396505af0135d3f703358ddc6f62eb93721ec3b1404a5b8fdf9dd1366ba002c163f38be48f77a3fb7917ff3eb07b44058f9b1a087c444d2d2739a37fafbd03ee1e6e7c4b032d1a9d19b7ee5d665d59282f466429ad6233fa53954c634339a2fbdf2cf874aa43a376447829aec509ed86c2f53edac17fd1f6b8f8ca9dc82bf85efeab586e73cb3c6511face4f46e91e9224e884adf6235faec99be84fbef64c537643a4c8f118863f508adcb5df1fa31b10bd22561cfa299e86f4c3f6bae21d75c707ba155c4f108dc7675df2385e5dce5c447bc8a7dc7c17d2269e4736118afcf4eda38dae6a5c4b8afdd5a923718e7db747589a04075d29d3f313bbbc356e5912d4ae54a2ebef26f9b4cdd5aa3013834417534e9476ab78b68c6df06c3c141ecb7117f14db6cd17c698faa8fd398e5777e902bdb3568e79392204fe62288bde550f2b0214d9bd105bd3b93840c54db02b9944acfdfa135ee62512b953f15d2eb675e9dd1cc509f1cd58a2b501be6592bd479e1e918c6224d4708c95ef1dc121f44371717dc18af4deba8f5a96dc4d9db4a5b241860dfa8a3117197c6c887f077637b8196feff1939951600ed946fa1c055c0cb5e0995598d0dd9fa08741c82305b3728ecf39d0ef08e167bc87b581e17c566cf3a2b9d2133f8a6b9c186733cc41671fc8ef5910e642a6bef6ef1cd71f1fd7d53904cc9751339978a62d19a5b06f3238701d948efef556011df983f62185574d0acabf10aac3ef8eaa936db28dd574f8d8c7212afdb18b5a7ac35ab5ed2ea132341c9fdf07eb01c2db7be12ed28024880e824f3b3f31145cf4202cdd202f0858de6d342b5f1b4c61f2c78ea87725314855e2d1f1269463f1822c4f94cf4d8a273a176844d99f9e8f0e55048fd986393c1d863577eb4cd3af4d01331340cd1e4bedb5baeeb23e722a2f179aca5bfc20e0c56ea0ab04422f647fd9b5b09e5dea51557b93ea4538d5b4b3387c32d948fdd0b709941f9a110a8c64ba74c89b28348e340ea13089e7c38f3fe87004709cc4b4e0cedf1ef40e0dd9b28526f958a4d61515fc3f07da822af67dfd3b705d62c490d6419afbe7dc104f57c5c034c66d9188456a473305e3c94ccbf01709cd393f6c9949db4ce81211d1c6f8f13c1ec2414da0a53338fd145fd2908c5e57aadac23ed09e68eb6a05c0bae64cfa5ee629e8ce8c05ef790f2244c019399e85eff4cd5cfbca4c6b1503e9120c32eb01fc8e788fdcdc8e5aa7a2f2645dce406e5040557b64e0e4800b728a477c47d35bf7b288f6ef6414aea11d51c211658d01784fe81060b772db4a85e7aa7af4554ae5f540ddeebf81ff913964d8c87126e4671437b77e1a7595a7addb8ab6719e0ee020d71c62336bc8e40a9d907b727ba6bcde99a60c0589960f44672e160c261dc9165f164afec969400b177a364b043e7f906cef8505edd2913be239cfb4f74785b96f7a817fa723dcc57bc0d6999df33a79d010578f4b363bf75b75d47172088613a6230f432bee8c727dbdfa2e3cbd8d85e21a2cf9b6298ba3d346b1bd637d7772a00b43ad35ba1ef37e66d80ff2aace185268ec2084de6e653352c9ad2fc00b3731d817aaeaf72f048283a579e568d7718751470df78c0c330d7d27b8743d8d0172998804cffc7b1d3555b35d66b5ec2c4a97793eaf43dfb57a45f23e42bd307098c67da4e2d1e686f7ea71f9accc70173da6b0b0a0a884052ae7050805e621e14b71dee66f5f25462ce9efcaf16795295cf4a297ab5705b7b9da91ae95bc63db2a876bc6f43bc4816e9635b0c68219fa071484eba9cdab6f7f9743fbfba28c69f1c26b28e0330b76e0a5623be7c080838a1674158f3134d751e07b4b62291b6f08142ef8bfc52e0f768b6e4485e2955ac886f1ee522ffc8a4c303321278562539b08066c0190abb69a4133ed3db0d03c13764cdea92d963f42d63ca834b9185fa097d323539ac227b1ff52e0b6ecf93aa3db11f2e7c31940e6598ca6b6042b28bf38068a36f4a06c05adf976101f085f404327f0e029f23bc81ba2adbc4cdfd4eac6ad58a7be762485837f80b432b1fddd9480ca0ff7d5dfa8f41d5d0b995af8971a734f0b585b866978a545666626776ca052c3666ac1af8d9931c326e92a2e104c58b7465c645789cb402eb01e0c5beb8b4eee923ec1bc3be98a8afbbc875ac7e5d406eb3af7004838186ad052b6c4116fece0be97d0e701a717004ad7f1679ffc49efde634bd267cd62e6e22f07b5151429a89ebf19852d9c8794624ef8e4611385bb47a22b13f4827b475f9715df43200df43e92cc8de06a062b34b36a3fb694e5e3f275f30200197fca9b6f32f87008171e699f921dad8660c4e93d009f6da32e4de1744596fed077b954338a1d32ec31cca3b29873a2b75b5ce38791a85a83f06dab0f2d70a2a01b95487a65223dc6e732370613a9875f209f40cf79e3d5f53f7bb13f0c68535e7e02b5d31ae249ee187acb179b590391211982f3679900f4b522bfd187f70530f6a879030574b5998b080b2611de9d7c0992ebe09ea512693021b088c5b996add327577bd3c50178a684bf7f3021f74d401e50f243f235f0464c3fd3ddfdd0e1620877dff15e5c3283f546e42b05bd097bf8a345fa224c80db1de45340781b634d5e167c48f008e5ff2f88f301aabb487e66e9ebf10791ae48fe274a09bd335295fdfbc546f4563aba7525374d44e27b64d1e3b6de3b1c9ef0d6e3879f08990bdaf6a78e87d9265f91806dddfe81c731f19f3eb69715154948335d4f7922c4e6a4991dc3b3a52ea762998b313e6046df48405e50da05ca00fa4accf93dd598da4fd78c39fa1dcef7e8273eda7fe2b1dff52406e10bda1a40685f6f6b7390f70d0731388b42a7ec38e5955cb21d4012a7dea2f558e7f03b52e222b6814aa7621d0ccdc59dee6c39a333302986586ebdb3faeec0a2647adf84c7b1ed1af5999aac92a6747769a0a298b3bcb6f1735b9702a488f1a1fe119ab4f9da41ab3bb4d0fd382c16af91e5bd8b6f6d5ca60f7c6195ee491aadd700e5dcfcda5a800359d2c3b34eb9a0a012778e8ef795f8210b544a62e0c5ed2cd6e0a01a98d86109b50255624700eb7bf34f36379f95fd1ccca520903d35a062e8ecac0ad92298f1f314327951365485da45134d86d619dd599cdb01e95c87f36a4a149b550f7e433e89b695c2335fb94a1dd11f53da5f16eb5c099f29149cd957c0ed35d99b84616eb33989595790fe4eb64c0d0c11f7ef26585269fac8ca33ad3bdca680947a22bff02e4d272d5a8b15b722952938da2ac1f682bc4d8d4f81b461791ef47f25feabbd2bc6b0b1db84ae58f7ff82c97864093acbb615a9ec107a9567bb639e4ef8889c8dbb2d9c0716a3ab15bcf4f06389d920da90141cb544b45efdad1ff6126fa61a44cd45b4ee62d8898c61bc499aa1faa722e204310da2e612cdcacedb63f601fcb652eab0c73b79097495617d0366b6ce8e5e059cfb1db8742a541be2d675282fe28eb6a98ea06bcedbcb93dc3433ad3b9299633d375c27788e1164d0dfc700bc22c90dae937c59950489b08c5cc335b9ee988d9a8dbc65d91ea802eb7967bfe726f046b79c65ffb7526da3b79a1628a0b4c8b81feea603880e8f6a5b8b2ab40d0ceb77be7c7f62549e6621c1d2da799f387e9b87f7604526a17d521276afc3ac466a4887776d40bc49905dceef08b08bb24fdd91bda5aefeb1576efe4d196b06320cfea0ec93fcb37afd1815ab8f0b206b30a07673f752069d4873764b0aebf62d9865b20b118e57823dc6a64e812d6a15239de81969425d413e4ec74f344c9749c9568baaae458ed68a81b04ecf8d14914f548caed8d62e034ee70cb8b837b3f6ba64b53ee0db33e387a0c1f242d6ce1e3b9954708f8648cbb62613df8e1660fed15303ed49d3a60785a76cf1eb2b5b1f038eeacb6a5cf9bf9d62219611c58b1c35a97916810bac00ae3dfff8460cd0876435e71a85429bc23b803ca98d2a5b1a05ff1ca5b8fb26d595558428e4b78f1ee647ffb1e6c976eff375a005116430292c3e1cd1417e16460557b139520bdd3b6f8ed560df2e3de2233bd2205dcbea050ba76e900c6bfb0bcd6966dd7371cd603cd5b8d499dfc95a0b9182486b8f396d826e0af199ae849bb6814da10d017ea27b15a533bf72f76676aceca4fa4e4930c5d5697cc7c23a5cd407c73b486f185d5f63429c2533ad3a4a18c0b8c75c1acfceeb5ba35273fbeaf84f4a9691e912441ac71a09e33fc8e1037dc331a86d1b8b53f087c7590912aa77ffb0b5da353942f31250a6d36c9170c6510b6303e7e1adf9c446264473c19f110a75984cd053d921d2a486cef525f02c8114752075ff5f4e0db49786542e575607c47046b8bcf48d432678cd3179383a66355b3990ea481c84db7c0b8bce00a08fd2634acb42d8b6c6cbd9371a8cce48f0c128e94932cd82271b3b5086809b85dac5e848fe70a2cd1b961493846a7a6618e49191807eb8d7fb423836ee6e3f8bcd646cc1fac7b7f90a657b36b05ff1fdd8f7fd64a947e8eb029d02847bcc87b4358bf55575f0990e67931f2bc68381bbc254d0a64ea1254c005fe688e8beaa425fc45fc3f7c75b70455f52f56911345e7e8a55728816aaa9dcc23b884ab206a7b9cc545f12723f294c09e109a65a40f93f4ee502617f02a98ecd0efc52331bf286afdaf0188920f286631efc728710862db32dcff0d70e4dd701856202e8bda0fe83574bee843af8a28e441dcf1fd48d69e75296b7b79e578120704c7348fedfa768207684bffdd6f75045c8f53b5b62c215f438c5e788722fdd4cd4d32b2b0c48f91735b9d097037931907dec58bc2bc2744302a41876a1d9b15f0fca69ffcfea41d959109f54f0d7ad38f1bdde51b53bd275c0f223e3e615eba6e95d066549bf024a0941e4b767b0637c30b25defc38665d9b14f7afc406cf79f7b16c240fb12afc84263aeddfb04e4f9b65242ca4bd4a83fdf0d6559b97b36f9017a04c7c59c1f8756e12a91c05f0081be7fa138a3945ec692a843481482c8d1b334032e58b07a87541acede75fc1af242a99c7d34c33f67370ad8480c5e39c592e85d7f5fd0b45516e244f1d557d0f4b53ae3ec3b74302bb46779e82b7069d74d207987d43e2fb187d00abab0b837f3dcede41f5feb0a6c085832b9c21d218185d85a52c48caf095b16b69c420ad357bc10be198d35192ea4c800b7e4ac43aec3f032cb0bcf9895b9c8428e8089029465f5358b7a3368abe9dc43b8b4bfbe7ee187af2d4113dadaaab1ef22b1762b4f561ad7eb933c1f66de72ebb402c15de3ba997eaed821e24817d6819b23d5812869efa43148b11c86c94d4d1bd82481de97a0316a2a96b55e641ef67db9517c0290bd9984309eca05a46d6194fd7b07657e2f89b43c934141afb791e49836c5bef0ad8110d5f5300aded5d2a3daf153eedcf923036f00402f2eb42cabfdda2636dd2d9ceecea793693f7"], 0x0)

[  275.910190][T10128] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  275.945286][T10118]  loop1: p1 p2[EZD] p3 p4
16:31:32 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000001a00))
sendmsg$unix(0xffffffffffffffff, 0x0, 0xd4)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001c80)={0x6, 0x70, 0x0, 0xff, 0x1, 0x10, 0x0, 0x0, 0x1008, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x20, 0x6, 0x0, 0x0, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x4)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0)
getpid()
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x3, 0x8, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x20000c, 0x0, 0x0, 0x0)

16:31:32 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

[  276.012702][T10129] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[  276.046722][T10118] loop1: partition table partially beyond EOD, truncated
16:31:32 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
flock(r0, 0x2)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
lseek(r1, 0x3, 0x0)
dup2(r1, r0)

[  276.076071][T10118] loop1: p1 start 1 is beyond EOD, truncated
[  276.113426][T10118] loop1: p2 size 1073741824 extends beyond EOD, truncated
16:31:32 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/tty/drivers\x00', 0x0, 0x0)
pread64(r0, 0x0, 0x0, 0x100000000)

[  276.122462][T10139] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[  276.194259][T10118] loop1: p3 size 1912633224 extends beyond EOD, truncated
16:31:32 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000780)={0x0, 0x6, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r3, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xf}}, [@filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0x14, 0xe, [@TCA_BASIC_EMATCHES={0x10, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}}, 0x0)

16:31:32 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

[  276.264487][T10118] loop1: p4 size 32768 extends beyond EOD, truncated
[  276.336124][T10148] mmap: syz-executor.3 (10148) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
16:31:32 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
flock(r0, 0x2)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

16:31:32 executing program 4:
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@mcast2, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x21)

16:31:32 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

[  276.458206][T10157] netlink: 'syz-executor.5': attribute type 14 has an invalid length.
[  276.552524][T10118]  loop1: p1 p2[EZD] p3 p4
[  276.575468][T10165] netlink: 'syz-executor.5': attribute type 14 has an invalid length.
[  276.617293][T10118] loop1: partition table partially beyond EOD, truncated
[  276.677693][T10118] loop1: p1 start 1 is beyond EOD, truncated
[  276.695704][T10118] loop1: p2 size 1073741824 extends beyond EOD, truncated
[  276.724131][T10118] loop1: p3 size 1912633224 extends beyond EOD, truncated
[  276.773420][T10118] loop1: p4 size 32768 extends beyond EOD, truncated
16:31:33 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
readv(r0, &(0x7f0000395000)=[{&(0x7f00004d2000)=""/4096, 0x1000}], 0x1)
ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)

16:31:33 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)}, 0x0)

16:31:33 executing program 4:
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r1 = dup2(r0, r0)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, 0x0, 0x0)

16:31:33 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000001a00))
sendmsg$unix(0xffffffffffffffff, 0x0, 0xd4)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001c80)={0x6, 0x70, 0x0, 0xff, 0x1, 0x10, 0x0, 0x0, 0x1008, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x20, 0x6, 0x0, 0x0, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x4)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0)
getpid()
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x3, 0x8, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x20000c, 0x0, 0x0, 0x0)

16:31:33 executing program 1:
futex(&(0x7f000000cffc)=0x1, 0x8b, 0x1, 0x0, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x100000000000031, 0xffffffffffffffff, 0x0)
tkill(r0, 0x1000000000016)

16:31:33 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)}, 0x0)

16:31:33 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
flock(r0, 0x2)
dup2(0xffffffffffffffff, r0)

16:31:33 executing program 4:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
r4 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
write$binfmt_script(r4, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292bdfe740aba82d39d236ab243347a178fb1fb08609f55c860b7274ce37fba681b500d0c814f800b8011a484e65b37e866369e0751b310c2e4c24e0ef4ea10fc5291793ea975cc22ca7c07ced93b665d9e45871f7687d63f44d4d478a28d5bdc30bcb73665b0a0fe52f521c2b6241c75c103043263620a87d6440942d8d8e6c926f97a05d8fe5a761f815f8bff0425985fc1e405eba43b4b1850f976e4f1c37b661fce5d4d9fde8598aac734c0afdd143c93f743e059fafb9eb5650e00e9a4e9715922738e89de8f4aa62fe469b2298752d9eb870004e5079ef8bacae5e95ea57d03802a3ed92ddda517b3d1e15090000003dd14021edaaf57edc53633131d0c87565c0b4e255f09a25146805d2e9417ad59c16feb58ae77093c1362051ed8a18d4d2b7418b3e4b57849a7cac2423a763e1d9f1ec3c64fdc1e014"], 0xfc7c)
fallocate(r3, 0x8, 0x0, 0x8000)

16:31:33 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
flock(r0, 0x2)
dup2(0xffffffffffffffff, r0)

16:31:34 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)}, 0x0)

16:31:34 executing program 1:
getpid()
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001c80)={0x6, 0x70, 0x0, 0xff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x4)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0)
getpid()
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x3, 0x8, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x20000c, 0x0, 0x0, 0x0)

16:31:34 executing program 4:
getpid()
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4)
bind$llc(r0, &(0x7f0000000280)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f00000001c0), 0x400000000000150, 0x0)
r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x0)

16:31:34 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
readv(r0, &(0x7f0000395000)=[{&(0x7f00004d2000)=""/4096, 0x1000}], 0x1)
ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)

16:31:34 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
flock(r0, 0x2)
dup2(0xffffffffffffffff, r0)

16:31:34 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)

16:31:34 executing program 3:

16:31:34 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

16:31:34 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
keyctl$reject(0x13, 0x0, 0x0, 0x0, 0x0)

16:31:34 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)

16:31:34 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
fallocate(r1, 0x0, 0xd89, 0x8000)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000180)=0x84008)
fallocate(r0, 0x8, 0x0, 0x8000)

16:31:35 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)

16:31:35 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r0, 0xffffffffffffffff)

16:31:35 executing program 1:

16:31:35 executing program 4:

16:31:35 executing program 5:

16:31:35 executing program 3:

16:31:35 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)}], 0x1}, 0x0)

16:31:35 executing program 4:

16:31:35 executing program 1:

16:31:35 executing program 3:

16:31:35 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r0, 0xffffffffffffffff)

16:31:35 executing program 5:

16:31:35 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)}], 0x1}, 0x0)

16:31:35 executing program 1:

16:31:35 executing program 4:

16:31:35 executing program 3:

16:31:35 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x74, 0x200087bd, &(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10)
sendto$inet(r0, &(0x7f00000000c0)="ec", 0x1, 0x41801, 0x0, 0x0)
shutdown(r0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffe6a, 0x0, 0x0, 0xb84608a41099d4b8)

16:31:35 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r0, 0xffffffffffffffff)

16:31:35 executing program 1:
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @random="5776c856384b", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x88, 0x0, @remote, @broadcast}, {0x0, 0x0, 0x3}}}}}, 0x0)

16:31:35 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)}], 0x1}, 0x0)

16:31:35 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x3c)
close(0xffffffffffffffff)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={0x0, 0x0})
getpid()
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180), 0x127)
ioctl$ASHMEM_GET_NAME(0xffffffffffffffff, 0x81007702, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0xff00)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x0, 0x26})
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket(0xa, 0x3, 0x6)
connect$bt_rfcomm(r1, &(0x7f0000000000), 0xa)
bind$inet6(r1, 0x0, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000680)={{{@in6=@mcast1, @in=@dev}}, {{@in=@loopback}}}, &(0x7f0000000140)=0xe8)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
setuid(0x0)
setuid(0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f00000000c0))
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000640), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x0, 0x1000, &(0x7f0000015000/0x1000)=nil})
fstat(0xffffffffffffffff, &(0x7f0000000580))
request_key(0x0, &(0x7f0000001300)={'syz', 0x2}, 0x0, 0xfffffffffffffff8)
r4 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r4, 0x2285, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)
r5 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f4", 0x2b}], 0x1)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c", 0x31}, {&(0x7f0000000100)}], 0x2)

16:31:35 executing program 3:
socket(0x0, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)

16:31:35 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

16:31:36 executing program 1:
socket$netlink(0x10, 0x3, 0x8400000004)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0200cb513a25de0b608088ed10ecd8f255705addfd40df1c69c796b0f81a11ab4971f9166617ce6ddcd387151c14b93d20ca8f83d9cced9e34e7d843976e19ffffffffffffff21de80451b383f21435cb49840b0f61274420a5d97b4485529"], 0x48}}, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000014009ff300000000000000000a000000", @ANYRES32=r4, @ANYBLOB="14000100fe80000000007291050c00000000000014000200e7693653d520c048f85afc34d511c9ac"], 0x40}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="2000000011003b0e00"/20, @ANYRES32=r4, @ANYBLOB="ca521c3fc94a6667323e00000000000020009ae06f99d54b4afa8226d9b33f6d6fc85d6098c61f114e4b68a78e30143d921c578fcd56e94c80b9428b9fbe3bbfd2d250400ef0f371597a45b5"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0)

16:31:36 executing program 5:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00004c0000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x10000200003)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0x2, 0x0, 0x0, @empty={[0x500, 0x0, 0x54, 0x0, 0x6b, 0x0, 0x0, 0x0, 0x4, 0x500000000000000, 0x0, 0x0, 0x0, 0x0, 0x2]}}}, 0x0, 0x0, 0x0, 0x0, 0x85}, 0x9c)

16:31:36 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d5", 0x2b}], 0x1}, 0x0)

[  279.617539][T10309] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[  279.617539][T10309]    program syz-executor.3 not setting count and/or reply_len properly
[  279.754970][T10318] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[  279.754970][T10318]    program syz-executor.3 not setting count and/or reply_len properly
16:31:36 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

[  279.805081][T10303] sg_write: process 81 (syz-executor.4) changed security contexts after opening file descriptor, this is not allowed.
16:31:36 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d5", 0x2b}], 0x1}, 0x0)

16:31:36 executing program 3:
socket(0x0, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000003c0)='/dev/sg#\x00', 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d766a83cf89441cb69d952f41bdd2ac8bb8c43b460", 0x34}, {&(0x7f0000000100)="aa1d484e24002000a84d4583671e120755272bb736be94d9fc56c9953fbd80630600097704a71e023a27b2", 0x2b}], 0x2)

[  279.950688][T10329] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[  279.950688][T10329]    program syz-executor.4 not setting count and/or reply_len properly
16:31:36 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

16:31:36 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d5", 0x2b}], 0x1}, 0x0)

[  280.130123][T10343] sg_write: data in/out 2097152/1 bytes for SCSI command 0x4-- guessing data in;
[  280.130123][T10343]    program syz-executor.3 not setting count and/or reply_len properly
16:31:36 executing program 4:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000500)=@newsa={0x104, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@dev}, {@in=@multicast1=0xe0000008, 0x0, 0x2b}, @in=@rand_addr=0x6, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in=@multicast2}]}, 0x104}}, 0x0)

16:31:36 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup2(r1, r0)

16:31:36 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2", 0x40}], 0x1}, 0x0)

16:31:36 executing program 3:
write(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xb, 0x11, r2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000200)="240000001a", 0x5)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000100)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}}, 0x78)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write$P9_RSYMLINK(0xffffffffffffffff, 0x0, 0x0)

16:31:37 executing program 1:
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100))
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
close(0xffffffffffffffff)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080)='threaded\x00', 0xfffffc61)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
r1 = inotify_init1(0x0)
fcntl$getownex(r1, 0x10, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffff7fff, 0x2}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x20000000021)
openat$autofs(0xffffffffffffff9c, 0x0, 0x400502, 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6)
r3 = socket(0x11, 0x80002, 0x0)
setsockopt$packet_int(r3, 0x107, 0x0, &(0x7f0000000000)=0x2, 0x4)
bind$packet(r3, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
setsockopt(r3, 0x107, 0x0, &(0x7f0000001000), 0xc5)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
sendto$inet6(r2, &(0x7f0000000000), 0xff77, 0x0, 0x0, 0x4d97)

16:31:37 executing program 4:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000500)=@newsa={0x104, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@dev}, {@in=@multicast1=0xe0000008, 0x0, 0x2b}, @in=@rand_addr=0x6, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in=@multicast2}]}, 0x104}}, 0x0)

16:31:37 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup2(r1, r0)

16:31:37 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2", 0x40}], 0x1}, 0x0)

16:31:37 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
write(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000001800)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="19000000000000001c0012000c00010062726964676500000c0002000800050001000000"], 0x3c}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x14, 0x2, @ipv4}]}, 0x2c}}, 0x0)

16:31:37 executing program 5:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
semctl$GETVAL(0x0, 0x0, 0xc, &(0x7f00000002c0)=""/102)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6(0xa, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fdd000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
r5 = syz_open_dev$mouse(0x0, 0x100, 0x18000)
socket$inet_sctp(0x2, 0x0, 0x84)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x84, 0x80, 0x0, &(0x7f0000000100))
socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

16:31:37 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2", 0x40}], 0x1}, 0x0)

16:31:37 executing program 4:
r0 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
io_setup(0x100000000000c333, &(0x7f0000000180)=<r1=>0x0)
ftruncate(r0, 0x0)
io_submit(r1, 0x0, &(0x7f0000000540))
dup(0xffffffffffffffff)

16:31:37 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup2(r1, r0)

16:31:38 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060c", 0x4b}], 0x1}, 0x0)

16:31:38 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(0xffffffffffffffff, r0)

16:31:38 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
write(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000001800)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="19000000000000001c0012000c00010062726964676500000c0002000800050001000000"], 0x3c}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x14, 0x2, @ipv4}]}, 0x2c}}, 0x0)

16:31:38 executing program 1:
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100))
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
close(0xffffffffffffffff)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080)='threaded\x00', 0xfffffc61)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
r1 = inotify_init1(0x0)
fcntl$getownex(r1, 0x10, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffff7fff, 0x2}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x20000000021)
openat$autofs(0xffffffffffffff9c, 0x0, 0x400502, 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6)
r3 = socket(0x11, 0x80002, 0x0)
setsockopt$packet_int(r3, 0x107, 0x0, &(0x7f0000000000)=0x2, 0x4)
bind$packet(r3, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
setsockopt(r3, 0x107, 0x0, &(0x7f0000001000), 0xc5)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
sendto$inet6(r2, &(0x7f0000000000), 0xff77, 0x0, 0x0, 0x4d97)

16:31:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_XCRS(r2, 0x81a0ae8c, &(0x7f0000000040)={0x1, 0x0, [{}]})

16:31:38 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000000)={0x67})

16:31:38 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060c", 0x4b}], 0x1}, 0x0)

16:31:38 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(0xffffffffffffffff, r0)

16:31:38 executing program 5:
syz_emit_ethernet(0x7a, &(0x7f00000004c0)={@random="47fc4d3fbc4a", @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "e2c38b", 0x44, 0x2c, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, {[], {{0x0, 0x0, 0x1, 0x1, 0x3}}}}}}}, 0x0)

16:31:38 executing program 3:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={<r0=>0x0, <r1=>0x0})
close(r0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x127)
sendmsg$tipc(r1, &(0x7f0000000500)={&(0x7f0000000280), 0x10, 0x0}, 0x0)

16:31:38 executing program 5:
syz_emit_ethernet(0x46, &(0x7f0000000740)={@broadcast=[0xff, 0xff, 0xff, 0x0], @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a4f008", 0x10, 0x3a, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @local, {[], @ndisc_ra}}}}}, 0x0)

16:31:38 executing program 0:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(0xffffffffffffffff, r0)

16:31:38 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060c", 0x4b}], 0x1}, 0x0)

16:31:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:39 executing program 0:
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r0, 0xffffffffffffffff)

16:31:39 executing program 1:
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/mdstat\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x400000000803, 0x5f)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
creat(&(0x7f0000000080)='./file1\x00', 0x0)
recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0)
pipe(&(0x7f0000000140))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
r2 = open(&(0x7f0000000100)='./file1\x00', 0x143042, 0x0)
ftruncate(r2, 0x200004)
sendfile(r0, r2, 0x0, 0x80001d00c0d0)

16:31:39 executing program 3:

16:31:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_XCRS(r2, 0xc018ae85, &(0x7f0000000040)={0x2, 0x0, [{}, {}]})

16:31:39 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d4", 0x50}], 0x1}, 0x0)

16:31:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:39 executing program 0:
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r0, 0xffffffffffffffff)

16:31:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_XCRS(r2, 0x41a0ae8d, &(0x7f0000000040)={0x3, 0x0, [{}, {}, {}]})

16:31:39 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d4", 0x50}], 0x1}, 0x0)

16:31:39 executing program 0:
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r0, 0xffffffffffffffff)

16:31:39 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:39 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d4", 0x50}], 0x1}, 0x0)

16:31:40 executing program 1:

16:31:40 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

16:31:40 executing program 3:

16:31:40 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:40 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d4000000", 0x53}], 0x1}, 0x0)

16:31:40 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:40 executing program 3:

16:31:40 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d4000000", 0x53}], 0x1}, 0x0)

[  283.983582][T10522] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
[  284.015560][T10522] device gretap0 entered promiscuous mode
[  284.043892][T10522] device macsec1 entered promiscuous mode
16:31:40 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:40 executing program 1:

[  284.152727][T10522] device gretap0 left promiscuous mode
16:31:40 executing program 3:

16:31:40 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:40 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d4000000", 0x53}], 0x1}, 0x0)

16:31:41 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

16:31:41 executing program 1:

16:31:41 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000", 0x54}], 0x1}, 0x0)

16:31:41 executing program 3:

16:31:41 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:41 executing program 3:

16:31:41 executing program 1:

16:31:41 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000", 0x54}], 0x1}, 0x0)

16:31:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

[  285.101034][T10571] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
16:31:41 executing program 1:

[  285.168196][T10571] device gretap0 entered promiscuous mode
16:31:41 executing program 3:

[  285.219732][T10571] device macsec1 entered promiscuous mode
[  285.276396][T10571] device gretap0 left promiscuous mode
16:31:42 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

16:31:42 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl(0xffffffffffffffff, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:42 executing program 2:
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000", 0x54}], 0x1}, 0x0)

16:31:42 executing program 1:

16:31:42 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:42 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, 0x0, 0x0)

16:31:42 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="080db5055e0bcfe8479071")
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/nf_conntrack\x00')
preadv(r1, &(0x7f0000000600)=[{&(0x7f0000000080)=""/163, 0xa3}], 0x1, 0x0)

16:31:42 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

[  286.010333][T10603] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
16:31:42 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl(0xffffffffffffffff, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:42 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

[  286.088145][T10603] device gretap0 entered promiscuous mode
[  286.112364][T10603] device macsec1 entered promiscuous mode
16:31:42 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4340100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
r0 = getpid()
tkill(r0, 0x9)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ptype\x00')
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendfile(r2, r1, &(0x7f0000000180)=0x74000026, 0x5)

[  286.162225][T10603] device gretap0 left promiscuous mode
16:31:42 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x49, 0x0, 0x0)

16:31:43 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

16:31:43 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:43 executing program 2 (fault-call:1 fault-nth:0):
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:43 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl(0xffffffffffffffff, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:43 executing program 3 (fault-call:2 fault-nth:0):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

16:31:43 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
epoll_create1(0x80000)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000280)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000002000000030000003802000000000000e8000000000000000000000000000000a0010000a0010000a0010000a0010000a001000003000000000000000000000000000000000048000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000b800e8000000000000000000000000000000000000000000480068656c70657200000000000000000000000000000000000000000000000000000000482e32343500000000000000000000000000000000000000000000000000000000000000300053455400000007000000000000000000000000000000000000000000000200000000000000000000000000000000ac1e00017f00000100000000000000006873723000000000000000000000000069703667726574617030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000b8000000000000000000000000000000000000000000480049444c4554494d45520000000000000000000000000000000000000000000000000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff0000"], 0x1)

[  286.950186][T10639] FAULT_INJECTION: forcing a failure.
[  286.950186][T10639] name failslab, interval 1, probability 0, space 0, times 1
[  287.001249][T10649] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
[  287.016205][T10639] CPU: 1 PID: 10639 Comm: syz-executor.2 Not tainted 5.5.0-rc6-next-20200116-syzkaller #0
[  287.026193][T10639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  287.036307][T10639] Call Trace:
[  287.039865][T10639]  dump_stack+0x197/0x210
[  287.044314][T10639]  should_fail.cold+0xa/0x10
[  287.048980][T10639]  ? release_sock+0x156/0x1c0
[  287.053666][T10639]  ? setup_fault_attr+0x220/0x220
[  287.058876][T10639]  ? ___might_sleep+0x163/0x2c0
[  287.063798][T10639]  __should_failslab+0x121/0x190
[  287.068804][T10639]  should_failslab+0x9/0x14
[  287.073385][T10639]  kmem_cache_alloc_node+0x268/0x740
[  287.078718][T10639]  __alloc_skb+0xd5/0x5e0
[  287.083073][T10639]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  287.088680][T10639]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  287.095036][T10639]  ? netlink_autobind.isra.0+0x22c/0x310
[  287.100682][T10639]  netlink_sendmsg+0xa1b/0xea0
[  287.105455][T10639]  ? netlink_unicast+0x7e0/0x7e0
[  287.110455][T10639]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  287.116027][T10639]  ? apparmor_socket_sendmsg+0x2a/0x30
[  287.121495][T10639]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  287.127811][T10639]  ? security_socket_sendmsg+0x8d/0xc0
[  287.133317][T10639]  ? netlink_unicast+0x7e0/0x7e0
[  287.138318][T10639]  sock_sendmsg+0xd7/0x130
[  287.142743][T10639]  ____sys_sendmsg+0x753/0x880
[  287.147530][T10639]  ? kernel_sendmsg+0x50/0x50
[  287.152263][T10639]  ? __fget_files+0x337/0x520
[  287.156997][T10639]  ? find_held_lock+0x35/0x130
[  287.161794][T10639]  ___sys_sendmsg+0x100/0x170
[  287.166476][T10639]  ? sendmsg_copy_msghdr+0x70/0x70
[  287.171673][T10639]  ? __kasan_check_read+0x11/0x20
[  287.176729][T10639]  ? __fget_files+0x359/0x520
[  287.181428][T10639]  ? do_dup2+0x4f0/0x4f0
[  287.185678][T10639]  ? __fget_light+0x1ad/0x270
[  287.190352][T10639]  ? __fdget+0x1b/0x20
[  287.194443][T10639]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  287.200694][T10639]  __sys_sendmsg+0x105/0x1d0
[  287.205283][T10639]  ? __sys_sendmsg_sock+0xc0/0xc0
[  287.210403][T10639]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  287.215895][T10639]  ? do_syscall_64+0x26/0x790
[  287.220621][T10639]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.226736][T10639]  ? do_syscall_64+0x26/0x790
[  287.231428][T10639]  __x64_sys_sendmsg+0x78/0xb0
[  287.236198][T10639]  do_syscall_64+0xfa/0x790
[  287.240726][T10639]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.246644][T10639] RIP: 0033:0x45b349
[  287.250556][T10639] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  287.270181][T10639] RSP: 002b:00007fe768c31c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  287.278707][T10639] RAX: ffffffffffffffda RBX: 00007fe768c326d4 RCX: 000000000045b349
[  287.286709][T10639] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  287.294712][T10639] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  287.302690][T10639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  287.310680][T10639] R13: 00000000000008af R14: 00000000004ca095 R15: 0000000000000000
[  287.329748][T10649] device gretap0 entered promiscuous mode
[  287.335868][T10649] device macsec1 entered promiscuous mode
[  287.344924][T10649] device gretap0 left promiscuous mode
[  287.369124][T10652] Cannot find add_set index 0 as target
16:31:43 executing program 2 (fault-call:1 fault-nth:1):
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:43 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:43 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

16:31:43 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r0, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

[  287.576298][T10662] FAULT_INJECTION: forcing a failure.
[  287.576298][T10662] name failslab, interval 1, probability 0, space 0, times 0
[  287.604557][T10662] CPU: 1 PID: 10662 Comm: syz-executor.2 Not tainted 5.5.0-rc6-next-20200116-syzkaller #0
[  287.614507][T10662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  287.624575][T10662] Call Trace:
[  287.627941][T10662]  dump_stack+0x197/0x210
[  287.632323][T10662]  should_fail.cold+0xa/0x10
[  287.636985][T10662]  ? setup_fault_attr+0x220/0x220
[  287.642051][T10662]  ? ___might_sleep+0x163/0x2c0
[  287.646933][T10662]  __should_failslab+0x121/0x190
[  287.651898][T10662]  should_failslab+0x9/0x14
[  287.656693][T10662]  kmem_cache_alloc_node_trace+0x274/0x750
[  287.662591][T10662]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  287.668597][T10662]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  287.674441][T10662]  __kmalloc_node_track_caller+0x3d/0x70
[  287.680101][T10662]  __kmalloc_reserve.isra.0+0x40/0xf0
[  287.685498][T10662]  __alloc_skb+0x10b/0x5e0
[  287.689941][T10662]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  287.695514][T10662]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  287.701781][T10662]  ? netlink_autobind.isra.0+0x22c/0x310
[  287.707443][T10662]  netlink_sendmsg+0xa1b/0xea0
[  287.712235][T10662]  ? netlink_unicast+0x7e0/0x7e0
[  287.717188][T10662]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  287.722757][T10662]  ? apparmor_socket_sendmsg+0x2a/0x30
[  287.728245][T10662]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  287.734502][T10662]  ? security_socket_sendmsg+0x8d/0xc0
[  287.739982][T10662]  ? netlink_unicast+0x7e0/0x7e0
[  287.744942][T10662]  sock_sendmsg+0xd7/0x130
[  287.749385][T10662]  ____sys_sendmsg+0x753/0x880
[  287.754178][T10662]  ? kernel_sendmsg+0x50/0x50
[  287.758884][T10662]  ? __fget_files+0x337/0x520
[  287.763571][T10662]  ? find_held_lock+0x35/0x130
[  287.768361][T10662]  ___sys_sendmsg+0x100/0x170
[  287.773061][T10662]  ? sendmsg_copy_msghdr+0x70/0x70
[  287.778200][T10662]  ? __kasan_check_read+0x11/0x20
[  287.783344][T10662]  ? __fget_files+0x359/0x520
[  287.788059][T10662]  ? do_dup2+0x4f0/0x4f0
[  287.792331][T10662]  ? __fget_light+0x1ad/0x270
[  287.797022][T10662]  ? __fdget+0x1b/0x20
[  287.801117][T10662]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  287.807390][T10662]  __sys_sendmsg+0x105/0x1d0
[  287.811995][T10662]  ? __sys_sendmsg_sock+0xc0/0xc0
[  287.817060][T10662]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  287.822548][T10662]  ? do_syscall_64+0x26/0x790
[  287.827259][T10662]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.833350][T10662]  ? do_syscall_64+0x26/0x790
[  287.838073][T10662]  __x64_sys_sendmsg+0x78/0xb0
[  287.839189][T10670] Cannot find add_set index 0 as target
[  287.842864][T10662]  do_syscall_64+0xfa/0x790
[  287.842887][T10662]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.842906][T10662] RIP: 0033:0x45b349
[  287.862754][T10662] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  287.882490][T10662] RSP: 002b:00007fe768c31c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  287.890919][T10662] RAX: ffffffffffffffda RBX: 00007fe768c326d4 RCX: 000000000045b349
[  287.898909][T10662] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  287.906894][T10662] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  287.914881][T10662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
16:31:44 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r0, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:44 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

[  287.922884][T10662] R13: 00000000000008af R14: 00000000004ca095 R15: 0000000000000001
16:31:44 executing program 0:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

16:31:44 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

16:31:44 executing program 2 (fault-call:1 fault-nth:2):
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:44 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r0, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:44 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:44 executing program 1:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140), 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)='cpuset.memory_spread_page\x00', 0x2, 0x0)
r0 = syz_open_dev$vcsn(0x0, 0x3f, 0x0)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
r2 = accept$netrom(r0, &(0x7f0000000000)={{0x3, @rose}, [@rose, @default, @bcast, @netrom, @netrom, @remote, @rose, @rose]}, &(0x7f0000000080)=0x48)
recvfrom$netrom(r2, &(0x7f00000000c0)=""/117, 0x75, 0x40000000, &(0x7f0000000200)={{0x3, @default, 0x4}, [@default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
syz_open_dev$midi(0x0, 0x1, 0x280000)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={r0, 0x8, 0x0, 0x8, &(0x7f0000000340)=[0x0, 0x0], 0x2}, 0x20)
r3 = getegid()
fchown(r0, 0xee00, r3)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000280), 0x13f, 0x1}}, 0x20)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup(r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = socket(0x10, 0x800000000080002, 0x10)
sendmmsg$alg(r6, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)
recvfrom(r6, &(0x7f00000003c0)=""/207, 0xcf, 0x22120, 0x0, 0x0)
ioctl$CAPI_GET_MANUFACTURER(r5, 0xc0044306, &(0x7f0000000140)=0x3)

[  288.321366][T10693] FAULT_INJECTION: forcing a failure.
[  288.321366][T10693] name failslab, interval 1, probability 0, space 0, times 0
16:31:44 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

[  288.373417][T10693] CPU: 1 PID: 10693 Comm: syz-executor.2 Not tainted 5.5.0-rc6-next-20200116-syzkaller #0
[  288.383351][T10693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  288.393539][T10693] Call Trace:
[  288.396856][T10693]  dump_stack+0x197/0x210
[  288.401206][T10693]  should_fail.cold+0xa/0x10
[  288.405822][T10693]  ? setup_fault_attr+0x220/0x220
[  288.410879][T10693]  __should_failslab+0x121/0x190
[  288.415948][T10693]  should_failslab+0x9/0x14
16:31:44 executing program 5:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:44 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

[  288.420494][T10693]  kmem_cache_alloc+0x47/0x710
[  288.425271][T10693]  ? lock_acquire+0x190/0x410
[  288.429971][T10693]  ? netlink_deliver_tap+0x145/0xbf0
[  288.435339][T10693]  skb_clone+0x154/0x3d0
[  288.439609][T10693]  netlink_deliver_tap+0x94f/0xbf0
[  288.444748][T10693]  netlink_unicast+0x655/0x7e0
[  288.449538][T10693]  ? netlink_attachskb+0x870/0x870
[  288.454679][T10693]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  288.460501][T10693]  ? __check_object_size+0x3d/0x437
[  288.465705][T10693]  netlink_sendmsg+0x91c/0xea0
[  288.470470][T10693]  ? netlink_unicast+0x7e0/0x7e0
[  288.475407][T10693]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  288.480962][T10693]  ? apparmor_socket_sendmsg+0x2a/0x30
[  288.486425][T10693]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  288.492798][T10693]  ? security_socket_sendmsg+0x8d/0xc0
[  288.498275][T10693]  ? netlink_unicast+0x7e0/0x7e0
[  288.503251][T10693]  sock_sendmsg+0xd7/0x130
[  288.507679][T10693]  ____sys_sendmsg+0x753/0x880
[  288.512486][T10693]  ? kernel_sendmsg+0x50/0x50
[  288.517202][T10693]  ? __fget_files+0x337/0x520
[  288.521900][T10693]  ? find_held_lock+0x35/0x130
[  288.526738][T10693]  ___sys_sendmsg+0x100/0x170
[  288.531478][T10693]  ? sendmsg_copy_msghdr+0x70/0x70
[  288.536600][T10693]  ? __kasan_check_read+0x11/0x20
[  288.541649][T10693]  ? __fget_files+0x359/0x520
[  288.546339][T10693]  ? do_dup2+0x4f0/0x4f0
[  288.550590][T10693]  ? __fget_light+0x1ad/0x270
[  288.555263][T10693]  ? __fdget+0x1b/0x20
[  288.559334][T10693]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  288.565590][T10693]  __sys_sendmsg+0x105/0x1d0
[  288.570232][T10693]  ? __sys_sendmsg_sock+0xc0/0xc0
[  288.575269][T10693]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  288.580727][T10693]  ? do_syscall_64+0x26/0x790
[  288.585548][T10693]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  288.591619][T10693]  ? do_syscall_64+0x26/0x790
[  288.596287][T10693]  __x64_sys_sendmsg+0x78/0xb0
[  288.601056][T10693]  do_syscall_64+0xfa/0x790
[  288.605588][T10693]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  288.611472][T10693] RIP: 0033:0x45b349
[  288.615371][T10693] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  288.634979][T10693] RSP: 002b:00007fe768c31c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  288.643428][T10693] RAX: ffffffffffffffda RBX: 00007fe768c326d4 RCX: 000000000045b349
[  288.651426][T10693] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  288.659400][T10693] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
16:31:45 executing program 0:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

[  288.667381][T10693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  288.675360][T10693] R13: 00000000000008af R14: 00000000004ca095 R15: 0000000000000002
16:31:45 executing program 0:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

16:31:45 executing program 2 (fault-call:1 fault-nth:3):
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:45 executing program 0:
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

16:31:45 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/consoles\x00', 0x0, 0x0)
dup2(r1, r0)
r2 = socket(0x28, 0x800, 0xd)
r3 = socket(0x10, 0x800000000080002, 0x10)
sendmmsg$alg(r3, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)
r4 = accept4$llc(r3, &(0x7f0000000100)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000180)=0x10, 0x0)
ioctl$sock_SIOCDELRT(r4, 0x890c, &(0x7f0000000200)={0x0, @l2={0x1f, 0xc000, @fixed={[], 0x12}, 0x4}, @tipc=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x2}}, @ax25={0x3, @default, 0x7}, 0x9, 0x0, 0x0, 0x0, 0x9, &(0x7f00000001c0)='tunl0\x00', 0x4, 0x20, 0x9})
sendmmsg$alg(r2, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x5}, &(0x7f0000000080)=0x8)

16:31:45 executing program 5:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:45 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:45 executing program 0:
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

[  289.058815][T10718] FAULT_INJECTION: forcing a failure.
[  289.058815][T10718] name failslab, interval 1, probability 0, space 0, times 0
[  289.153603][T10718] CPU: 1 PID: 10718 Comm: syz-executor.2 Not tainted 5.5.0-rc6-next-20200116-syzkaller #0
[  289.163539][T10718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  289.173612][T10718] Call Trace:
[  289.176923][T10718]  dump_stack+0x197/0x210
[  289.181279][T10718]  should_fail.cold+0xa/0x10
[  289.185899][T10718]  ? setup_fault_attr+0x220/0x220
[  289.190948][T10718]  ? ___might_sleep+0x163/0x2c0
[  289.195822][T10718]  __should_failslab+0x121/0x190
[  289.200786][T10718]  should_failslab+0x9/0x14
[  289.205311][T10718]  kmem_cache_alloc_trace+0x2d3/0x790
[  289.210716][T10718]  ? __kasan_check_read+0x11/0x20
[  289.215873][T10718]  fib6_info_alloc+0xb6/0x1b0
[  289.220578][T10718]  ip6_route_info_create+0x2ff/0x1570
[  289.225976][T10718]  ip6_route_add+0x27/0x110
[  289.230504][T10718]  inet6_rtm_newroute+0x16c/0x180
[  289.235552][T10718]  ? ip6_route_multipath_add+0x1c60/0x1c60
[  289.241411][T10718]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  289.247698][T10718]  ? ip6_route_multipath_add+0x1c60/0x1c60
16:31:45 executing program 5:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:45 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:45 executing program 1:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1)
write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="d6c07d3f595131008901"], 0xa)
close(r2)
socket$kcm(0x10, 0x2, 0x10)
r3 = socket(0x10, 0x80002, 0x0)
r4 = socket(0x10, 0x800000000080002, 0x10)
sendmmsg$alg(r4, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x60, 0x2, 0x3, 0x600, 0x0, 0x0, {0x0, 0x0, 0x7}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0xffff7fff}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x3571}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x1e}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x16}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x1e}}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x1d}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x18}, @NFQA_CFG_MASK={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0xc012}, 0x0)
ioctl(r3, 0x1000008912, &(0x7f00000001c0)="080db5055e0bcfe8696071")
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0)
splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0)

[  289.253814][T10718]  rtnetlink_rcv_msg+0x45e/0xaf0
[  289.258797][T10718]  ? rtnl_bridge_getlink+0x910/0x910
[  289.264104][T10718]  ? netlink_deliver_tap+0x226/0xbf0
[  289.269412][T10718]  ? find_held_lock+0x35/0x130
[  289.274206][T10718]  netlink_rcv_skb+0x177/0x450
[  289.278992][T10718]  ? rtnl_bridge_getlink+0x910/0x910
[  289.284299][T10718]  ? netlink_ack+0xb50/0xb50
[  289.288910][T10718]  ? __kasan_check_read+0x11/0x20
[  289.293965][T10718]  ? netlink_deliver_tap+0x248/0xbf0
[  289.299284][T10718]  rtnetlink_rcv+0x1d/0x30
[  289.303720][T10718]  netlink_unicast+0x59e/0x7e0
[  289.308505][T10718]  ? netlink_attachskb+0x870/0x870
[  289.313640][T10718]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  289.319382][T10718]  ? __check_object_size+0x3d/0x437
[  289.324614][T10718]  netlink_sendmsg+0x91c/0xea0
[  289.329394][T10718]  ? netlink_unicast+0x7e0/0x7e0
[  289.334348][T10718]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  289.339915][T10718]  ? apparmor_socket_sendmsg+0x2a/0x30
[  289.345399][T10718]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  289.351670][T10718]  ? security_socket_sendmsg+0x8d/0xc0
[  289.357154][T10718]  ? netlink_unicast+0x7e0/0x7e0
[  289.362117][T10718]  sock_sendmsg+0xd7/0x130
[  289.366554][T10718]  ____sys_sendmsg+0x753/0x880
[  289.371345][T10718]  ? kernel_sendmsg+0x50/0x50
[  289.376043][T10718]  ? __fget_files+0x337/0x520
[  289.380737][T10718]  ? find_held_lock+0x35/0x130
[  289.385529][T10718]  ___sys_sendmsg+0x100/0x170
[  289.390237][T10718]  ? sendmsg_copy_msghdr+0x70/0x70
[  289.395372][T10718]  ? __kasan_check_read+0x11/0x20
[  289.400426][T10718]  ? __fget_files+0x359/0x520
[  289.405130][T10718]  ? do_dup2+0x4f0/0x4f0
[  289.409400][T10718]  ? __fget_light+0x1ad/0x270
[  289.414096][T10718]  ? __fdget+0x1b/0x20
[  289.418319][T10718]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  289.424587][T10718]  __sys_sendmsg+0x105/0x1d0
[  289.429196][T10718]  ? __sys_sendmsg_sock+0xc0/0xc0
[  289.434283][T10718]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  289.439766][T10718]  ? do_syscall_64+0x26/0x790
[  289.444460][T10718]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  289.450549][T10718]  ? do_syscall_64+0x26/0x790
[  289.455248][T10718]  __x64_sys_sendmsg+0x78/0xb0
[  289.460042][T10718]  do_syscall_64+0xfa/0x790
[  289.461035][T10738] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.1'.
[  289.464558][T10718]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  289.464595][T10718] RIP: 0033:0x45b349
[  289.464608][T10718] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
16:31:45 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:45 executing program 5:
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

[  289.464623][T10718] RSP: 002b:00007fe768c31c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  289.513105][T10718] RAX: ffffffffffffffda RBX: 00007fe768c326d4 RCX: 000000000045b349
[  289.521299][T10718] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  289.529375][T10718] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  289.537359][T10718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  289.545352][T10718] R13: 00000000000008af R14: 00000000004ca095 R15: 0000000000000003
16:31:46 executing program 0:
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000050700000000dfdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000001c0012000b0001006d616373656300e10b00020005000900010000000a000500040000000000000008000a0009d35b587e27a8b0b9cad4a128c1aa7cf68a72e18b043723262ef1db55855e9b9c3c4f3d85375cfa53566d1becb85f7297cb072cd567309e4df2d41485c9b6a83c953a21aa4f22f55716d40a207530362bc729067a2c1827fb817eec56022b28d49a32965d048e336c6476967ed3c425b32265056d7425271b24a7a00c7f44c83d98fd505c6a5bed", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

16:31:46 executing program 2 (fault-call:1 fault-nth:4):
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:46 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

[  289.735091][T10736] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.1'.
[  289.820898][T10752] FAULT_INJECTION: forcing a failure.
[  289.820898][T10752] name failslab, interval 1, probability 0, space 0, times 0
[  289.850956][T10752] CPU: 1 PID: 10752 Comm: syz-executor.2 Not tainted 5.5.0-rc6-next-20200116-syzkaller #0
[  289.860895][T10752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  289.870979][T10752] Call Trace:
[  289.874295][T10752]  dump_stack+0x197/0x210
[  289.878653][T10752]  should_fail.cold+0xa/0x10
[  289.883397][T10752]  ? setup_fault_attr+0x220/0x220
[  289.888455][T10752]  ? ___might_sleep+0x163/0x2c0
[  289.893349][T10752]  __should_failslab+0x121/0x190
[  289.898307][T10752]  should_failslab+0x9/0x14
[  289.902830][T10752]  kmem_cache_alloc_trace+0x2d3/0x790
[  289.908317][T10752]  ? fib6_info_alloc+0xb6/0x1b0
[  289.913192][T10752]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  289.918761][T10752]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  289.924837][T10752]  ip_fib_metrics_init+0xd5/0x780
[  289.929902][T10752]  ? gre_gro_complete+0x500/0x500
[  289.934954][T10752]  ? __kasan_check_write+0x14/0x20
[  289.940098][T10752]  ? fib6_info_alloc+0x157/0x1b0
[  289.945068][T10752]  ip6_route_info_create+0x36a/0x1570
[  289.950493][T10752]  ip6_route_add+0x27/0x110
[  289.955019][T10752]  inet6_rtm_newroute+0x16c/0x180
[  289.960103][T10752]  ? ip6_route_multipath_add+0x1c60/0x1c60
[  289.965977][T10752]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  289.972238][T10752]  ? ip6_route_multipath_add+0x1c60/0x1c60
[  289.978201][T10752]  rtnetlink_rcv_msg+0x45e/0xaf0
[  289.983174][T10752]  ? rtnl_bridge_getlink+0x910/0x910
[  289.988487][T10752]  ? netlink_deliver_tap+0x226/0xbf0
[  289.993801][T10752]  ? find_held_lock+0x35/0x130
[  289.998597][T10752]  netlink_rcv_skb+0x177/0x450
[  290.003620][T10752]  ? rtnl_bridge_getlink+0x910/0x910
[  290.008942][T10752]  ? netlink_ack+0xb50/0xb50
[  290.013554][T10752]  ? __kasan_check_read+0x11/0x20
[  290.018586][T10752]  ? netlink_deliver_tap+0x248/0xbf0
[  290.023899][T10752]  rtnetlink_rcv+0x1d/0x30
[  290.028335][T10752]  netlink_unicast+0x59e/0x7e0
[  290.033120][T10752]  ? netlink_attachskb+0x870/0x870
[  290.038259][T10752]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  290.044055][T10752]  ? __check_object_size+0x3d/0x437
[  290.049362][T10752]  netlink_sendmsg+0x91c/0xea0
[  290.054150][T10752]  ? netlink_unicast+0x7e0/0x7e0
[  290.059106][T10752]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  290.064673][T10752]  ? apparmor_socket_sendmsg+0x2a/0x30
16:31:46 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/schedstat\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)

16:31:46 executing program 5:
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:46 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)

16:31:46 executing program 1:
r0 = fsopen(&(0x7f0000000240)='cgroup\x00', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x200, 0x0)
ioctl$KDSETMODE(r2, 0x4b3a, 0x0)
r3 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

16:31:46 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

[  290.070243][T10752]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  290.076511][T10752]  ? security_socket_sendmsg+0x8d/0xc0
[  290.082018][T10752]  ? netlink_unicast+0x7e0/0x7e0
[  290.086981][T10752]  sock_sendmsg+0xd7/0x130
[  290.091435][T10752]  ____sys_sendmsg+0x753/0x880
[  290.096224][T10752]  ? kernel_sendmsg+0x50/0x50
[  290.100920][T10752]  ? __fget_files+0x337/0x520
[  290.105619][T10752]  ? find_held_lock+0x35/0x130
[  290.110550][T10752]  ___sys_sendmsg+0x100/0x170
[  290.115256][T10752]  ? sendmsg_copy_msghdr+0x70/0x70
[  290.120389][T10752]  ? __kasan_check_read+0x11/0x20
[  290.125439][T10752]  ? __fget_files+0x359/0x520
[  290.130145][T10752]  ? do_dup2+0x4f0/0x4f0
[  290.134410][T10752]  ? __fget_light+0x1ad/0x270
[  290.139117][T10752]  ? __fdget+0x1b/0x20
[  290.143224][T10752]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  290.149483][T10752]  __sys_sendmsg+0x105/0x1d0
[  290.154194][T10752]  ? __sys_sendmsg_sock+0xc0/0xc0
[  290.159268][T10752]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  290.164779][T10752]  ? do_syscall_64+0x26/0x790
16:31:46 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)

16:31:46 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

[  290.169484][T10752]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  290.175577][T10752]  ? do_syscall_64+0x26/0x790
[  290.180293][T10752]  __x64_sys_sendmsg+0x78/0xb0
[  290.185091][T10752]  do_syscall_64+0xfa/0x790
[  290.189646][T10752]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  290.195562][T10752] RIP: 0033:0x45b349
[  290.199504][T10752] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  290.219145][T10752] RSP: 002b:00007fe768c31c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  290.227578][T10752] RAX: ffffffffffffffda RBX: 00007fe768c326d4 RCX: 000000000045b349
[  290.235662][T10752] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  290.243697][T10752] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  290.251687][T10752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  290.259694][T10752] R13: 00000000000008af R14: 00000000004ca095 R15: 0000000000000004
16:31:46 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000480)={0x0, 0x9, 0x9, 0x94})
r2 = dup(r1)
ioctl$KVM_TRANSLATE(0xffffffffffffffff, 0xc018ae85, &(0x7f0000000700)={0x10000, 0x5000, 0x3, 0x40, 0xf0})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000080)={"ce9dcfcd53f3fa52aceb74ef71f79421c3d2460f997c36a5024eec65a2f71e9937243e8a098ebdefe18bd6677b7023de2b464d410dd0c68035c429eb2f15cd945b4f2cddb0e8899bdf086484a44856d7fab1dfa17b4269fb0936e793d16d0f5a964f9dc28f11aba7de0b06315c33b10c849cd9757137f580291bf27cce08ef0c9f491c7dc67afcaa0008ce43fea12e9e212e37db73c231bf44c1ca2bf491dc4def568f94334126011c692fbba6c2c7d688e66ed2fcedf620eeea1fa989be2c984c1d93f65e584aed3d2c46f28a2d69a5a70dec52662e4c2ab8591fb73f78ab2813a70749fd01b499d9210dc62faa30e2ebfac94680b4248accbd24c8823e420487fb5dbc3ced34a458f18c33b910ea2daad61716323de876ea4cf70e6b49ab21e3b85ac229c85c056a41c97624fc572d293843bd2b4a86f856ff1659fef80b9a14a614101e20421fa3eecc1db94c45b89cb6e207b63deea2ab602274a6679f76f7f50099c0706f290ca85a59875a2b7e05608f33155d74f4e71a0338ed996192d4f9058383c8b5f91734e674d478614603dc117f284415a1dc96de86f689b4ddb53dc6c4784a0687b0889c7dd55e8f2a8626a3ac575c82d496d6d9f3894b4881a9639fc84205226cc4752f8f881033c14e77e399658440b5e3f1ef615f0bfa05a7e8b58c2c5cbb3a82782935f4643dccf6135c153f3e8bf2e2f2503fd9bd5df730305b07fde648eae7ecfdab5a6768cc6bf769bbf396bdbbc66fadd597ae2ed6642bde51e588ce183495d5e487b6bba085f86029c4424efdc9a3411347e5ba4706297dde86c8baad3bdd43154cef1f034bbe9c77b1acd9513476ff36ec101114566b8335fbb0909a8e1f4f936b3a8962493d049a16f7167177f80efc51a6f362a344ea99c2d34d5680bd827ea911778cd8213b13534949ebbd401f158aa10cbd9530bac268b2dff5aa401b82ce4c60ae8e95df4107e24610be971b6debe5b9257923e833bd020460df9c0736263a58cd1e82d810ff38864b87b6f2fd97771cd20a6bf5a914612e40bdb235ed028ea91c33dfc3294e5d1b00fb4ca41dc6d0b12d2385a88f576640a85c11adf601a193e6dd9e0257f5f40636d50696866a8600b5eafeeec8133e83fbe70c6138030153d5e4517d458031b38772534c145d33dece488c425d2b78db281fd66971be77c8a641cf6ffd92aa53876a5fa6c5538ff4a7fea97bd964e6513142c1aab847d63dbcea6e81b672e3267ae6862dbbdd175c6c1ba4ff2e6272fc80b3406f32f9a9d31d9be60115e448cca35596178076b4ab8b33ed325a339669ecd98a5ed961d05aa873773870ff56548b55cdb5c1e96ec357a48f2f9fb1760b52b818f1a2c71663bf850956fe9132f7eb7ae2d5f4d087cc2cc723065cd9b5319d7f6e2bc676f9bd20af1ceb1ded29030ad79b382c76b76b5f"})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r4 = socket(0x10, 0x800000000080002, 0x10)
sendmmsg$alg(r4, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)
sendmsg$NFNL_MSG_CTHELPER_DEL(r4, &(0x7f0000000680)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000640)={&(0x7f0000000500)=ANY=[@ANYBLOB="1801000002090300000000000000000001000009b800020006000300000100000c0002800d0001003a0000000c00028005000100012000002c00018014000300fe8000000000000000000000000000bb14000400fe0000000000000000000000000000bb14000180080001000000000008000200ac1414aa2c000180140003000000000000f6ff000000ffff00000000140004001bfd372d6f83b13a6eb8f3b40a66b24206000300000200000c00028005000100840000000c000280050001000134000006000300000200000c0002000600030000030000400002000c00028005000100880000001400018008000100ac1414aa0800020000000002060003000000000006000300000100000c0002800500010001000000"], 0x118}, 0x1, 0x0, 0x0, 0x4000000}, 0x40800)
r5 = socket(0x10, 0x800000000080002, 0x10)
sendmmsg$alg(r5, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)
setsockopt$netrom_NETROM_T1(r5, 0x103, 0x1, &(0x7f00000006c0)=0x3, 0x4)
dup2(r3, r0)

16:31:46 executing program 5:
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:46 executing program 2 (fault-call:1 fault-nth:5):
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:46 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)

16:31:46 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0)
r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_PCM_IOCTL_READI_FRAMES(r1, 0x80184151, &(0x7f0000000000)={0x0, &(0x7f00000000c0)="63a56ac5a2b2500ee5ccf363f76cc8f0923f0f86ec6c61b86e14fc2693b2b7bff79242f55233fc733810c6464c05024dc35a2f18df3ffa6bfabb3f1170b83296c52e5eeef93174d657cd8bb7c629f249c3ef1ed143e679f45addbe93a2a312eb35ff01a788fd027a3e964ba749bd762969c571c7b9116ad0a4a1cd0d4f440776e45b1596c6bb76710a838612f6a391e8d0abe1083a720047ec3a4a06cd7b63704d77127a8da0c08b284874dc49d7d13fe225a2f532d920ef9b02839f4faf14633a0394555d974efc4ef7de1ea42a2e2988829393921fd835bd381656a94c8f249037bfae7de1bd0b8bc4807dc6fd9a1c7f1e9d4fbdfef327299be081f016058e1301cd4508018d723069428cfd59d21646f1402a78178dc4efe323ca3776b65c142667ceb705c10a8076a320cac022eb72e1ebad49562e475462fbea200d3543050ea6d79f5cb6eac354ba85812c5a74ab425e649335f70f52858a380802f970c5f09fb091cea3c10c7a5051b5ff76a9b5944d2dd54e3aeca1f3a13cf4d29895773b3b16d00df9a0d7c97cb9f6cee34f4bc14c27b0201fbafd544ea519307486db35cdade882b9b806964cbe158a48c27c9f7fe1a4e1ae8adc310f62196c44a3d969ffd8a71b2e93d3e11c42fccfa01032fdb1bef8bfc00ba2bd7e6d317ad8aa1e29210edffa08592b874ce27c1f53c0861aa49615919ed9b92d66169813461ce935b977c3c90b92e14ac046a6b5b03c0c3a3383b1daf2d61cd38669d6bebf568fc1a51ca4c6d3e9d99b3092dda689363719993bced0513a2c73ab429d6079f5bac6a4e37421629355065b0e281f3a8404f3faca8324ab9a8f6662ef2865a2bd1a16070017e443dcdc45e982a5d0f28bb0d4768b1cf38712d609a1e4046cbf6d3bf78a9f61d2c272fd683aed41f7205cefa7531a55ca78f35c17daec712864a87ea9b0465924f67788890b14ce0b793775f907109462761396c429ef6227757ec27d4707dea65cec2127d9581f9096ae694b30b9e912ebd234a0ef6c860445856b489477796f31cb8e29cf7510c263a95600315c81df42f493768d1a5edf90a13899943137d61cc7222d09b0ed695329428c2aeb51e3b9a69564e90ff6ba18eb40a090911bffd640cefbf22a9404e748d82255383b7dfc9021f0f2d9de6cca1a6df6c7161c8cdcddfeadf1713f377df914581661e168498b2e36874b252dad4e86d23802cc1197dc03d1f26049fb7be8af5a408018a4a932c0ff0f20f85c2c06b217a22e91defe078879296ca42658314f26a4d3f58f1916d4f8525afa773a256a967ef3760cb53c48169c5c19cc9d10eadd0e437c503448fd13c21316c87c3e2815aa98df3724838ee616dfeed9d02b120fab1c561993fddfc263ce2bb8260de9a46100c6e3b2c39cb15ae53a6a549147b86f4497992a2f1fdccee8a585493ede23ad1ade3a98488bdf34a3a4a7a20c40b87a3813e561f9f83190231c320d2c924165d2077f778d88b2a7e6df97cb4be8f15f8951dc0b79fe4c6823a46caf0671fa31343344d628186ed36ef8322d5034118ddda7ba66950a65c489858554672eced0da2becfb2bd6ef7d2e00d569ba89ba56eadcbfe8b4b0893bc91e08510baa5476e546ec8d82cef092edc68292641f4b5271fee2182a7a34bcc6cc1e1c12f8f30a19f557226f1d30077b7a35fc3f186460021822a644a2aa06c5c1bb89b726f2dd2627bf2d108de69567e409542c139fa1c68c6649fa8c2fcb1a4cad470b239cae0cee198b90651aafa5c54b1416b53dbeb7cb3fd70fda779dcc0e9f12d23af7ffc8698e10b2b82bf19df41ebcbf38e534427d554e2e0db5ce97ca1a25648a88bf58df6fd18220d28aafb3b3e17678c3fb4ee4f252ac2d771f2dea241c36937c69d8f982a799a2cdc179e607150606a356b2147538699ea688324e89d366e9c943c4b3c48288c31415b2f3d8af96f459ba21bde493908fc0ff73e919c1a95a194b71eab3ffb6afa2b4cfce05502a2dff8db262427daf73c0ca7159919d005be7626efedac017d86ca6fbfe4a18306b0f54eb823ee351a5a57b2ca82883821151672d13affeaa16950b4fc03ca439126672f6cad0f2ee109d068ec3100f0644b6cd32a48a6ed274b69c7041a4df9632c870a49c08306089b875aa1cff707eac333135c3817b1f2677d3b698abb0fdaf493b7b199ed60dc57a3f0865715de4d5e27e1479a1d8dc152494bd719a45387436a41672726cb14483a0b567dac1cb1ad9c4c13297b6ef5d885d59973fb563ee03c1017123b1c77671b667fe3046f429b4bd35ecacbec449d3492dd9f195141e630256aa14bd7bba533732e5000542d8592cc1a135711b4337a6de0ab464aa9bbaa39d4ef52dfd0317c6583c7d0bc2245e34c0f6386a951d472fc3a387e1d211e8c40a296470ca7d9df52b8152b246ff3be97fd87d69ba4122d37c0212e20c3d683b44ecfb63ae34515e295711484e8e894cb8e25853c0dea28acd1156752f529627cc15bcb5e906307c698e5db6d7893ce265fcbf774d909034efdf193f89e30d3649576ac61eca2c3d95712263d6ef8d6f623a47af64f45be22311b99e718376a90b7ac29b650ce03ee06ab8a669d42342932ffd03d2ccf42965017cf07608d991900109a69166fa546bf9aa11f05bedcc2b8f81d66af2680fab85baf07fd95ef63a8b3adbcb79186a1347fe56209cddbce2c57c97de4d4503ebe5c7777e05d4a811b3f4e19f936264910327ebf82604929c1ff58fd0cbc590ad60528312657b1149352fa1083ba5797e4c76edcb9b55ad78ceabed34df924fe80430e9a6a0b95da7646b0ef97a4096bd95c3bc3d2689da26f7ecb21251e8212c2fa83b754e1b3baefb6007c781a813e45eae56d016b40526a7d5d38e55ac2b7bb3a78e21e6de2864a4df101cf20cbddc18639c51da4a3a4af85515dcb3d57bfdd2165b753d62843a332c35bf01faeaa53321c0e22751a84d96e895101ba8508085494ed93145c7de9c5f5d8d8b419e456571fa9daa3a0e55127c29cd083ab1ec17a9a8c13a9668e6ca668f9ce43170751ce39fc56258726fdb6317f0ef0dd5dcae8d36ca5741f42e54322edb61edfb6bc6a7929257ca96daa86ae33e27f0bcfcd0b88bd9fbe80503c0d1bc0541812c8edda746adc623b1fef6f3f3ebdb84d2526fe28b0b2f9eab578d8c27a78716c535e90a72c2ffcc7afedcd6875131201ea071f96d57f7c926281b25eab62a17415daa3b6b60d482db32e665f5250eb16bb66b408068b8dabe2f8a18a0502b4ad8adcd66ee8e5dcf5e00e10e99513fc688bfeffa70d9b9168e27455c04492e11fed30f1a64e9fe891b679387ed14618cc8fcfba85013794f1ebe094bd19b409811dfde3c21d81613abc39e13aded1dbf317e5fa4fbdeabe08365bfd89bf3f945d0230e7b80974faaf9a32d79cb83f8c754812eba54233b0b63ed3277c923d12eee409455f70bed9ad5232c5805fad08a53fce7b71d9b6be95b97e34ffb4a397c5cb6a7e2a9e6c7c7149585963baf6e512cb249cd26200cbc5d3c39d1bf6c0346981a51c50327e9ec8071d3246a74ec8a02abfc60887897a8dd2ef3bd751ab495b121c85cf2945c8966461daaf5b57bbbc5a2b02e4dd0dce6cc1161886e30ca872fb82d580c1cbd66538ddb774c80e37b33ddddb70c8e47ba77c26cf0081491d5831d83ab389663933c8613f86f55324f3d2d7b4b90b2043a3716c79a4e6fbc757027aa517967c77e75c594ddda26486c13c5876d5e08b63e774fa3ae309ffadb9c49e2fbf6d529e52a7cbbd4b44ec87443a2396af1bdf9d4e42cd06338cd7ee36c88a2ef9d7b74e458f9d6c788e5cc22af7389e32e2850b578718389e5913c6ed0b96ee254c7d57a3e6d140c1c0485eb6874604fa3e47d30addefb153320e1dec64996e89388787f2c39a050c2ae7ad82246a8878f5a69dd1bd5a402ffcc62e7f6c8528ef3e0432d828698d6fc9d0b709282da5336ed7d618d2717dab03737a84aa349f6dc13f38de4c20454734ab59dda9e9ab9643cba69bde019021ed397a9b01ce7507a0c5bc1b95398f3423934b076f517f0032f6089bb58abfdae9a6d73ade869e6ab6435e06c1d7cbcbf5d20282cdb682bb9324286adffdd342e0571201ae12b75fbbbd8143f595e3d007066829a8b4452d4afecb70c70d8c01ee25fc74852bc9e53f046143b77b4be779a5947df6831f30216cb92a26245a763c87ddd028db0abbc443cfb781684307703516eed2f5e69c0ffa758e0fe45af00164a550f77f0e0e6f38e76d3db58c6992be73660f504ea0cce94dc6d5eb1697494dd6918b79b9f937df43f01472daafcd057b6e4dd806f295ec99ec566d69321361968273a64833afdb591f713bd538a1e88645b93717016e8cf51c91d94c3c176914db82b649de14d293bdb910484760b5e9954ac7d6fc911b438efac110e0ef6cfe6d13e5109855fb9c6d0d903a0b32a5532155d16b6b7884b02f1cda6eaed8ae44fe05934744777989514887729b41280a4fdf798380342764fd7ab4967519245e99f1d367de83743293e2068481550329df5c49e4c51582a7d2b0312022d340fc96e8abaab5aca94405837401fceab3591a389fb0eb37283b44b1cc5b5d071deedb8cf2a543fe9e5d2d59bd3fafec88b8df748e1e19de0c872a3a33e9093180e54bf03e4a16680b3edd64326394e41b68cdda29bcac8e4326db084d1123b393e276f52bfd437ffd8080cd973f397a62182dc87890868b72e6370f229f1746bfd4eadf17c04f88f68fc8b696e57723b4fb49361b2f4f74a2b44107f930450d8f35462a73a70500c3e37bf87830eab19676268ab9288f702c147ede7b4b3d8ead39fd65f54f2c9ab152fc4f6221935a228beee7b1298b102e055752e8a96fd4bbb30c0e54813455f032fa36f9f8ba08643bcdeb70e3aac48c1fe82e91d16e283c4e0855eaa4ab18639979ba7c0d25f4d5c3ba5d6b573dd9c514240356b6e253fcc4f72cefef6c98b87c20daa5ac62536f47979fc21ff032ba1f242ae5bf1dd5e8fd3e0b3e734d1e3f503ea5762b52bed5fedbcf1f6e7b7311356501beb8902cc1eb91a8d4d570e04e0ab8435b549168ca72c57cdbb7fd4de57b80652897309e1fc31f9cc6770fcf62e013ec8b9c21c5ba25d43b1dc88d28d6bd55a3dd3e3eb50a4676b2f014671eb892c8c3d2990d4a78ed732e21764ce1aab049d951aa545c5828e9ccd2fcc86ad94b85bab3a3fd2604e2e3347cf6adb99fddf4d59b9e390c6f0e0e95218f3e6da3dbbe779b201a15ce510dd3d551124fa98f3dcb47eae82706c14fb30c19499660f91d8858ad14137b6da3d9c1462d2fc882a654192ad5c449d3d95da4bfdeb753166cab85f2080a5e4ca470b0702393fda5e6e5711ac596b1f9497b0790a374655df13aaf6714210fc84977eff388dfc612007fc5a8fe93bb7ce77769c51b24c726b8d903bb934385dc242159b01c992b82bc84aea85bbf47a5ffb8222fa69bab02d54da4d883b946ef379daae0451c468d2a57d594dda2ab0616128534209867a411881772224a2dc810a06f9c92aa4593ab15e5065c913cffe29f1b74e63a722b8de1088b24c66475e1525d59884b41005ab849cafabd0affc20af4bc8fa43958848bcb02c1fe07b84429c47103e111e4e3b7b7d03da95b148b718ada51e6331577a60c32ac8e9d2d5c08db8b9965aaefd798d3962bb14d78c39928ede0de72b4d21875bc75084038bb9a872fc00cbcaa794554e5d6c3cd6a4af901e4c613d", 0x1000})
r2 = socket(0x10, 0x800000000080002, 0x10)
sendmmsg$alg(r2, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)
splice(0xffffffffffffffff, &(0x7f0000000040)=0xfffffffffffffff7, r2, &(0x7f00000010c0)=0x522, 0x8a8, 0x0)
read$rfkill(r0, 0x0, 0xff02160)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000007, 0x30, r0, 0xdd428000)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000014c0), 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_KVMCLOCK_CTRL(0xffffffffffffffff, 0xaead)

16:31:46 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:46 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

[  290.585332][T10789] FAULT_INJECTION: forcing a failure.
[  290.585332][T10789] name failslab, interval 1, probability 0, space 0, times 0
[  290.598407][T10789] CPU: 0 PID: 10789 Comm: syz-executor.2 Not tainted 5.5.0-rc6-next-20200116-syzkaller #0
[  290.608345][T10789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  290.618634][T10789] Call Trace:
[  290.621951][T10789]  dump_stack+0x197/0x210
[  290.626312][T10789]  should_fail.cold+0xa/0x10
[  290.630933][T10789]  ? setup_fault_attr+0x220/0x220
[  290.636156][T10789]  ? mark_held_locks+0xf0/0xf0
[  290.641738][T10789]  __should_failslab+0x121/0x190
[  290.647337][T10789]  should_failslab+0x9/0x14
[  290.651959][T10789]  kmem_cache_alloc_trace+0x4b/0x790
[  290.657781][T10789]  nsim_fib_event_nb+0x899/0x2600
[  290.662871][T10789]  ? __rhashtable_remove_fast.constprop.0+0x1060/0x1060
[  290.670021][T10789]  ? call_fib_notifiers+0x140/0x2a0
[  290.675299][T10789]  notifier_call_chain+0xc2/0x230
[  290.680356][T10789]  __atomic_notifier_call_chain+0xa6/0x1a0
[  290.686185][T10789]  atomic_notifier_call_chain+0x2e/0x40
[  290.691760][T10789]  call_fib_notifiers+0x173/0x2a0
[  290.697053][T10789]  call_fib6_notifiers+0x4b/0x60
[  290.702027][T10789]  call_fib6_entry_notifiers+0xfb/0x150
[  290.707601][T10789]  ? fib6_tables_seq_read+0x270/0x270
[  290.713140][T10789]  fib6_add+0x33c3/0x3ec0
[  290.717570][T10789]  ? do_raw_spin_lock+0x139/0x2f0
[  290.722645][T10789]  __ip6_ins_rt+0x54/0x80
[  290.726999][T10789]  ip6_route_add+0x5e/0x110
[  290.731521][T10789]  inet6_rtm_newroute+0x16c/0x180
[  290.736562][T10789]  ? ip6_route_multipath_add+0x1c60/0x1c60
[  290.742411][T10789]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  290.748688][T10789]  ? ip6_route_multipath_add+0x1c60/0x1c60
[  290.754520][T10789]  rtnetlink_rcv_msg+0x45e/0xaf0
[  290.759509][T10789]  ? rtnl_bridge_getlink+0x910/0x910
[  290.764828][T10789]  ? netlink_deliver_tap+0x226/0xbf0
[  290.770131][T10789]  ? find_held_lock+0x35/0x130
[  290.774920][T10789]  netlink_rcv_skb+0x177/0x450
[  290.779710][T10789]  ? rtnl_bridge_getlink+0x910/0x910
[  290.785017][T10789]  ? netlink_ack+0xb50/0xb50
[  290.789656][T10789]  ? __kasan_check_read+0x11/0x20
[  290.794712][T10789]  ? netlink_deliver_tap+0x248/0xbf0
[  290.800051][T10789]  rtnetlink_rcv+0x1d/0x30
[  290.804485][T10789]  netlink_unicast+0x59e/0x7e0
[  290.809270][T10789]  ? netlink_attachskb+0x870/0x870
[  290.814554][T10789]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  290.820293][T10789]  ? __check_object_size+0x3d/0x437
[  290.825528][T10789]  netlink_sendmsg+0x91c/0xea0
[  290.830324][T10789]  ? netlink_unicast+0x7e0/0x7e0
[  290.835374][T10789]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  290.840941][T10789]  ? apparmor_socket_sendmsg+0x2a/0x30
[  290.846430][T10789]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  290.852694][T10789]  ? security_socket_sendmsg+0x8d/0xc0
[  290.858177][T10789]  ? netlink_unicast+0x7e0/0x7e0
[  290.863152][T10789]  sock_sendmsg+0xd7/0x130
[  290.867607][T10789]  ____sys_sendmsg+0x753/0x880
[  290.872405][T10789]  ? kernel_sendmsg+0x50/0x50
[  290.877106][T10789]  ? __fget_files+0x337/0x520
[  290.881814][T10789]  ? find_held_lock+0x35/0x130
[  290.886609][T10789]  ___sys_sendmsg+0x100/0x170
[  290.891313][T10789]  ? sendmsg_copy_msghdr+0x70/0x70
[  290.896452][T10789]  ? __kasan_check_read+0x11/0x20
[  290.901632][T10789]  ? __fget_files+0x359/0x520
[  290.906339][T10789]  ? do_dup2+0x4f0/0x4f0
[  290.910607][T10789]  ? __fget_light+0x1ad/0x270
[  290.915304][T10789]  ? __fdget+0x1b/0x20
[  290.919391][T10789]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  290.925652][T10789]  __sys_sendmsg+0x105/0x1d0
[  290.930261][T10789]  ? __sys_sendmsg_sock+0xc0/0xc0
[  290.935319][T10789]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  290.940808][T10789]  ? do_syscall_64+0x26/0x790
[  290.945527][T10789]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  290.952229][T10789]  ? do_syscall_64+0x26/0x790
[  290.956932][T10789]  __x64_sys_sendmsg+0x78/0xb0
[  290.961840][T10789]  do_syscall_64+0xfa/0x790
[  290.966400][T10789]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  290.972309][T10789] RIP: 0033:0x45b349
[  290.976230][T10789] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  290.996071][T10789] RSP: 002b:00007fe768c31c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  291.004505][T10789] RAX: ffffffffffffffda RBX: 00007fe768c326d4 RCX: 000000000045b349
[  291.012842][T10789] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  291.020865][T10789] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  291.029136][T10789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
16:31:47 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="f0000000100001000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000085cb7221aa8a268a564b", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000080000000000000000000000000000000000000000ff01000000000000000008000000000100"/102], 0x4}}, 0x0)
fstat(r3, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000300)={{0x0, 0x0, r4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f})
write$FUSE_ATTR(r2, &(0x7f0000000080)={0x78, 0x0, 0x5, {0x401, 0x1, 0x0, {0x3, 0xfffffffffffffffd, 0x9e, 0xfffffffffffffffa, 0x401, 0xd2, 0x5, 0x400, 0x4, 0x8, 0x3ff, 0xffffffffffffffff, r4, 0x10001, 0x1}}}, 0x78)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r5, r0)

16:31:47 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:47 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0)
r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_PCM_IOCTL_READI_FRAMES(r1, 0x80184151, &(0x7f0000000000)={0x0, &(0x7f00000000c0)="63a56ac5a2b2500ee5ccf363f76cc8f0923f0f86ec6c61b86e14fc2693b2b7bff79242f55233fc733810c6464c05024dc35a2f18df3ffa6bfabb3f1170b83296c52e5eeef93174d657cd8bb7c629f249c3ef1ed143e679f45addbe93a2a312eb35ff01a788fd027a3e964ba749bd762969c571c7b9116ad0a4a1cd0d4f440776e45b1596c6bb76710a838612f6a391e8d0abe1083a720047ec3a4a06cd7b63704d77127a8da0c08b284874dc49d7d13fe225a2f532d920ef9b02839f4faf14633a0394555d974efc4ef7de1ea42a2e2988829393921fd835bd381656a94c8f249037bfae7de1bd0b8bc4807dc6fd9a1c7f1e9d4fbdfef327299be081f016058e1301cd4508018d723069428cfd59d21646f1402a78178dc4efe323ca3776b65c142667ceb705c10a8076a320cac022eb72e1ebad49562e475462fbea200d3543050ea6d79f5cb6eac354ba85812c5a74ab425e649335f70f52858a380802f970c5f09fb091cea3c10c7a5051b5ff76a9b5944d2dd54e3aeca1f3a13cf4d29895773b3b16d00df9a0d7c97cb9f6cee34f4bc14c27b0201fbafd544ea519307486db35cdade882b9b806964cbe158a48c27c9f7fe1a4e1ae8adc310f62196c44a3d969ffd8a71b2e93d3e11c42fccfa01032fdb1bef8bfc00ba2bd7e6d317ad8aa1e29210edffa08592b874ce27c1f53c0861aa49615919ed9b92d66169813461ce935b977c3c90b92e14ac046a6b5b03c0c3a3383b1daf2d61cd38669d6bebf568fc1a51ca4c6d3e9d99b3092dda689363719993bced0513a2c73ab429d6079f5bac6a4e37421629355065b0e281f3a8404f3faca8324ab9a8f6662ef2865a2bd1a16070017e443dcdc45e982a5d0f28bb0d4768b1cf38712d609a1e4046cbf6d3bf78a9f61d2c272fd683aed41f7205cefa7531a55ca78f35c17daec712864a87ea9b0465924f67788890b14ce0b793775f907109462761396c429ef6227757ec27d4707dea65cec2127d9581f9096ae694b30b9e912ebd234a0ef6c860445856b489477796f31cb8e29cf7510c263a95600315c81df42f493768d1a5edf90a13899943137d61cc7222d09b0ed695329428c2aeb51e3b9a69564e90ff6ba18eb40a090911bffd640cefbf22a9404e748d82255383b7dfc9021f0f2d9de6cca1a6df6c7161c8cdcddfeadf1713f377df914581661e168498b2e36874b252dad4e86d23802cc1197dc03d1f26049fb7be8af5a408018a4a932c0ff0f20f85c2c06b217a22e91defe078879296ca42658314f26a4d3f58f1916d4f8525afa773a256a967ef3760cb53c48169c5c19cc9d10eadd0e437c503448fd13c21316c87c3e2815aa98df3724838ee616dfeed9d02b120fab1c561993fddfc263ce2bb8260de9a46100c6e3b2c39cb15ae53a6a549147b86f4497992a2f1fdccee8a585493ede23ad1ade3a98488bdf34a3a4a7a20c40b87a3813e561f9f83190231c320d2c924165d2077f778d88b2a7e6df97cb4be8f15f8951dc0b79fe4c6823a46caf0671fa31343344d628186ed36ef8322d5034118ddda7ba66950a65c489858554672eced0da2becfb2bd6ef7d2e00d569ba89ba56eadcbfe8b4b0893bc91e08510baa5476e546ec8d82cef092edc68292641f4b5271fee2182a7a34bcc6cc1e1c12f8f30a19f557226f1d30077b7a35fc3f186460021822a644a2aa06c5c1bb89b726f2dd2627bf2d108de69567e409542c139fa1c68c6649fa8c2fcb1a4cad470b239cae0cee198b90651aafa5c54b1416b53dbeb7cb3fd70fda779dcc0e9f12d23af7ffc8698e10b2b82bf19df41ebcbf38e534427d554e2e0db5ce97ca1a25648a88bf58df6fd18220d28aafb3b3e17678c3fb4ee4f252ac2d771f2dea241c36937c69d8f982a799a2cdc179e607150606a356b2147538699ea688324e89d366e9c943c4b3c48288c31415b2f3d8af96f459ba21bde493908fc0ff73e919c1a95a194b71eab3ffb6afa2b4cfce05502a2dff8db262427daf73c0ca7159919d005be7626efedac017d86ca6fbfe4a18306b0f54eb823ee351a5a57b2ca82883821151672d13affeaa16950b4fc03ca439126672f6cad0f2ee109d068ec3100f0644b6cd32a48a6ed274b69c7041a4df9632c870a49c08306089b875aa1cff707eac333135c3817b1f2677d3b698abb0fdaf493b7b199ed60dc57a3f0865715de4d5e27e1479a1d8dc152494bd719a45387436a41672726cb14483a0b567dac1cb1ad9c4c13297b6ef5d885d59973fb563ee03c1017123b1c77671b667fe3046f429b4bd35ecacbec449d3492dd9f195141e630256aa14bd7bba533732e5000542d8592cc1a135711b4337a6de0ab464aa9bbaa39d4ef52dfd0317c6583c7d0bc2245e34c0f6386a951d472fc3a387e1d211e8c40a296470ca7d9df52b8152b246ff3be97fd87d69ba4122d37c0212e20c3d683b44ecfb63ae34515e295711484e8e894cb8e25853c0dea28acd1156752f529627cc15bcb5e906307c698e5db6d7893ce265fcbf774d909034efdf193f89e30d3649576ac61eca2c3d95712263d6ef8d6f623a47af64f45be22311b99e718376a90b7ac29b650ce03ee06ab8a669d42342932ffd03d2ccf42965017cf07608d991900109a69166fa546bf9aa11f05bedcc2b8f81d66af2680fab85baf07fd95ef63a8b3adbcb79186a1347fe56209cddbce2c57c97de4d4503ebe5c7777e05d4a811b3f4e19f936264910327ebf82604929c1ff58fd0cbc590ad60528312657b1149352fa1083ba5797e4c76edcb9b55ad78ceabed34df924fe80430e9a6a0b95da7646b0ef97a4096bd95c3bc3d2689da26f7ecb21251e8212c2fa83b754e1b3baefb6007c781a813e45eae56d016b40526a7d5d38e55ac2b7bb3a78e21e6de2864a4df101cf20cbddc18639c51da4a3a4af85515dcb3d57bfdd2165b753d62843a332c35bf01faeaa53321c0e22751a84d96e895101ba8508085494ed93145c7de9c5f5d8d8b419e456571fa9daa3a0e55127c29cd083ab1ec17a9a8c13a9668e6ca668f9ce43170751ce39fc56258726fdb6317f0ef0dd5dcae8d36ca5741f42e54322edb61edfb6bc6a7929257ca96daa86ae33e27f0bcfcd0b88bd9fbe80503c0d1bc0541812c8edda746adc623b1fef6f3f3ebdb84d2526fe28b0b2f9eab578d8c27a78716c535e90a72c2ffcc7afedcd6875131201ea071f96d57f7c926281b25eab62a17415daa3b6b60d482db32e665f5250eb16bb66b408068b8dabe2f8a18a0502b4ad8adcd66ee8e5dcf5e00e10e99513fc688bfeffa70d9b9168e27455c04492e11fed30f1a64e9fe891b679387ed14618cc8fcfba85013794f1ebe094bd19b409811dfde3c21d81613abc39e13aded1dbf317e5fa4fbdeabe08365bfd89bf3f945d0230e7b80974faaf9a32d79cb83f8c754812eba54233b0b63ed3277c923d12eee409455f70bed9ad5232c5805fad08a53fce7b71d9b6be95b97e34ffb4a397c5cb6a7e2a9e6c7c7149585963baf6e512cb249cd26200cbc5d3c39d1bf6c0346981a51c50327e9ec8071d3246a74ec8a02abfc60887897a8dd2ef3bd751ab495b121c85cf2945c8966461daaf5b57bbbc5a2b02e4dd0dce6cc1161886e30ca872fb82d580c1cbd66538ddb774c80e37b33ddddb70c8e47ba77c26cf0081491d5831d83ab389663933c8613f86f55324f3d2d7b4b90b2043a3716c79a4e6fbc757027aa517967c77e75c594ddda26486c13c5876d5e08b63e774fa3ae309ffadb9c49e2fbf6d529e52a7cbbd4b44ec87443a2396af1bdf9d4e42cd06338cd7ee36c88a2ef9d7b74e458f9d6c788e5cc22af7389e32e2850b578718389e5913c6ed0b96ee254c7d57a3e6d140c1c0485eb6874604fa3e47d30addefb153320e1dec64996e89388787f2c39a050c2ae7ad82246a8878f5a69dd1bd5a402ffcc62e7f6c8528ef3e0432d828698d6fc9d0b709282da5336ed7d618d2717dab03737a84aa349f6dc13f38de4c20454734ab59dda9e9ab9643cba69bde019021ed397a9b01ce7507a0c5bc1b95398f3423934b076f517f0032f6089bb58abfdae9a6d73ade869e6ab6435e06c1d7cbcbf5d20282cdb682bb9324286adffdd342e0571201ae12b75fbbbd8143f595e3d007066829a8b4452d4afecb70c70d8c01ee25fc74852bc9e53f046143b77b4be779a5947df6831f30216cb92a26245a763c87ddd028db0abbc443cfb781684307703516eed2f5e69c0ffa758e0fe45af00164a550f77f0e0e6f38e76d3db58c6992be73660f504ea0cce94dc6d5eb1697494dd6918b79b9f937df43f01472daafcd057b6e4dd806f295ec99ec566d69321361968273a64833afdb591f713bd538a1e88645b93717016e8cf51c91d94c3c176914db82b649de14d293bdb910484760b5e9954ac7d6fc911b438efac110e0ef6cfe6d13e5109855fb9c6d0d903a0b32a5532155d16b6b7884b02f1cda6eaed8ae44fe05934744777989514887729b41280a4fdf798380342764fd7ab4967519245e99f1d367de83743293e2068481550329df5c49e4c51582a7d2b0312022d340fc96e8abaab5aca94405837401fceab3591a389fb0eb37283b44b1cc5b5d071deedb8cf2a543fe9e5d2d59bd3fafec88b8df748e1e19de0c872a3a33e9093180e54bf03e4a16680b3edd64326394e41b68cdda29bcac8e4326db084d1123b393e276f52bfd437ffd8080cd973f397a62182dc87890868b72e6370f229f1746bfd4eadf17c04f88f68fc8b696e57723b4fb49361b2f4f74a2b44107f930450d8f35462a73a70500c3e37bf87830eab19676268ab9288f702c147ede7b4b3d8ead39fd65f54f2c9ab152fc4f6221935a228beee7b1298b102e055752e8a96fd4bbb30c0e54813455f032fa36f9f8ba08643bcdeb70e3aac48c1fe82e91d16e283c4e0855eaa4ab18639979ba7c0d25f4d5c3ba5d6b573dd9c514240356b6e253fcc4f72cefef6c98b87c20daa5ac62536f47979fc21ff032ba1f242ae5bf1dd5e8fd3e0b3e734d1e3f503ea5762b52bed5fedbcf1f6e7b7311356501beb8902cc1eb91a8d4d570e04e0ab8435b549168ca72c57cdbb7fd4de57b80652897309e1fc31f9cc6770fcf62e013ec8b9c21c5ba25d43b1dc88d28d6bd55a3dd3e3eb50a4676b2f014671eb892c8c3d2990d4a78ed732e21764ce1aab049d951aa545c5828e9ccd2fcc86ad94b85bab3a3fd2604e2e3347cf6adb99fddf4d59b9e390c6f0e0e95218f3e6da3dbbe779b201a15ce510dd3d551124fa98f3dcb47eae82706c14fb30c19499660f91d8858ad14137b6da3d9c1462d2fc882a654192ad5c449d3d95da4bfdeb753166cab85f2080a5e4ca470b0702393fda5e6e5711ac596b1f9497b0790a374655df13aaf6714210fc84977eff388dfc612007fc5a8fe93bb7ce77769c51b24c726b8d903bb934385dc242159b01c992b82bc84aea85bbf47a5ffb8222fa69bab02d54da4d883b946ef379daae0451c468d2a57d594dda2ab0616128534209867a411881772224a2dc810a06f9c92aa4593ab15e5065c913cffe29f1b74e63a722b8de1088b24c66475e1525d59884b41005ab849cafabd0affc20af4bc8fa43958848bcb02c1fe07b84429c47103e111e4e3b7b7d03da95b148b718ada51e6331577a60c32ac8e9d2d5c08db8b9965aaefd798d3962bb14d78c39928ede0de72b4d21875bc75084038bb9a872fc00cbcaa794554e5d6c3cd6a4af901e4c613d", 0x1000})
r2 = socket(0x10, 0x800000000080002, 0x10)
sendmmsg$alg(r2, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)
splice(0xffffffffffffffff, &(0x7f0000000040)=0xfffffffffffffff7, r2, &(0x7f00000010c0)=0x522, 0x8a8, 0x0)
read$rfkill(r0, 0x0, 0xff02160)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000007, 0x30, r0, 0xdd428000)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000014c0), 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_KVMCLOCK_CTRL(0xffffffffffffffff, 0xaead)

16:31:47 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

[  291.037836][T10789] R13: 00000000000008af R14: 00000000004ca095 R15: 0000000000000005
16:31:47 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

16:31:47 executing program 2 (fault-call:1 fault-nth:6):
r0 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="5500000018007f2501fe01b2a40080930a060000ffa84308910000023900080008000200fb7b00dc1338d54400009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d40000000000", 0x55}], 0x1}, 0x0)

16:31:47 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4080aebf, &(0x7f0000000040)={0x0, 0x1})

16:31:47 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

16:31:47 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

16:31:47 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r1, r0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x402100, 0x0)

16:31:47 executing program 1:
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000300)=@nullb='/dev/nullb0\x00', &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='udf\x00', 0x0, 0x0)

[  291.377076][T10824] FAULT_INJECTION: forcing a failure.
[  291.377076][T10824] name failslab, interval 1, probability 0, space 0, times 0
[  291.390059][T10824] CPU: 1 PID: 10824 Comm: syz-executor.2 Not tainted 5.5.0-rc6-next-20200116-syzkaller #0
[  291.400014][T10824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  291.410101][T10824] Call Trace:
[  291.413432][T10824]  dump_stack+0x197/0x210
[  291.417810][T10824]  should_fail.cold+0xa/0x10
[  291.422452][T10824]  ? setup_fault_attr+0x220/0x220
[  291.427929][T10824]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  291.434122][T10824]  __should_failslab+0x121/0x190
[  291.439073][T10824]  should_failslab+0x9/0x14
[  291.443596][T10824]  kmem_cache_alloc_trace+0x4b/0x790
[  291.448889][T10824]  nsim_fib6_rt_nh_add+0x51/0x2a0
[  291.453991][T10824]  nsim_fib_event_nb+0x99f/0x2600
[  291.459020][T10824]  ? __rhashtable_remove_fast.constprop.0+0x1060/0x1060
[  291.465968][T10824]  ? call_fib_notifiers+0x140/0x2a0
[  291.471191][T10824]  notifier_call_chain+0xc2/0x230
[  291.476223][T10824]  __atomic_notifier_call_chain+0xa6/0x1a0
[  291.482157][T10824]  atomic_notifier_call_chain+0x2e/0x40
[  291.487719][T10824]  call_fib_notifiers+0x173/0x2a0
[  291.492747][T10824]  call_fib6_notifiers+0x4b/0x60
[  291.497687][T10824]  call_fib6_entry_notifiers+0xfb/0x150
[  291.503250][T10824]  ? fib6_tables_seq_read+0x270/0x270
[  291.508638][T10824]  fib6_add+0x33c3/0x3ec0
[  291.512964][T10824]  ? do_raw_spin_lock+0x139/0x2f0
[  291.517983][T10824]  __ip6_ins_rt+0x54/0x80
[  291.522302][T10824]  ip6_route_add+0x5e/0x110
[  291.526835][T10824]  inet6_rtm_newroute+0x16c/0x180
[  291.531859][T10824]  ? ip6_route_multipath_add+0x1c60/0x1c60
[  291.537699][T10824]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  291.543955][T10824]  ? ip6_route_multipath_add+0x1c60/0x1c60
[  291.549913][T10824]  rtnetlink_rcv_msg+0x45e/0xaf0
[  291.554856][T10824]  ? rtnl_bridge_getlink+0x910/0x910
[  291.560165][T10824]  ? netlink_deliver_tap+0x226/0xbf0
[  291.565474][T10824]  ? find_held_lock+0x35/0x130
[  291.570274][T10824]  netlink_rcv_skb+0x177/0x450
[  291.575118][T10824]  ? rtnl_bridge_getlink+0x910/0x910
[  291.580428][T10824]  ? netlink_ack+0xb50/0xb50
[  291.585054][T10824]  ? __kasan_check_read+0x11/0x20
[  291.590096][T10824]  ? netlink_deliver_tap+0x248/0xbf0
[  291.595408][T10824]  rtnetlink_rcv+0x1d/0x30
[  291.599930][T10824]  netlink_unicast+0x59e/0x7e0
[  291.604685][T10824]  ? netlink_attachskb+0x870/0x870
[  291.609792][T10824]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  291.615494][T10824]  ? __check_object_size+0x3d/0x437
[  291.620900][T10824]  netlink_sendmsg+0x91c/0xea0
[  291.625667][T10824]  ? netlink_unicast+0x7e0/0x7e0
[  291.630608][T10824]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  291.636155][T10824]  ? apparmor_socket_sendmsg+0x2a/0x30
[  291.641966][T10824]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  291.648216][T10824]  ? security_socket_sendmsg+0x8d/0xc0
[  291.653667][T10824]  ? netlink_unicast+0x7e0/0x7e0
[  291.658599][T10824]  sock_sendmsg+0xd7/0x130
[  291.663007][T10824]  ____sys_sendmsg+0x753/0x880
[  291.667779][T10824]  ? kernel_sendmsg+0x50/0x50
[  291.672530][T10824]  ? __fget_files+0x337/0x520
[  291.677247][T10824]  ? find_held_lock+0x35/0x130
[  291.682035][T10824]  ___sys_sendmsg+0x100/0x170
[  291.686921][T10824]  ? sendmsg_copy_msghdr+0x70/0x70
[  291.692029][T10824]  ? __kasan_check_read+0x11/0x20
[  291.697078][T10824]  ? __fget_files+0x359/0x520
[  291.701754][T10824]  ? do_dup2+0x4f0/0x4f0
[  291.706269][T10824]  ? __fget_light+0x1ad/0x270
[  291.710955][T10824]  ? __fdget+0x1b/0x20
[  291.715014][T10824]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  291.721280][T10824]  __sys_sendmsg+0x105/0x1d0
[  291.725888][T10824]  ? __sys_sendmsg_sock+0xc0/0xc0
[  291.730919][T10824]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  291.737097][T10824]  ? do_syscall_64+0x26/0x790
[  291.741782][T10824]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  291.747860][T10824]  ? do_syscall_64+0x26/0x790
[  291.752552][T10824]  __x64_sys_sendmsg+0x78/0xb0
[  291.757306][T10824]  do_syscall_64+0xfa/0x790
[  291.761810][T10824]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  291.767708][T10824] RIP: 0033:0x45b349
[  291.771604][T10824] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  291.791532][T10824] RSP: 002b:00007fe768c31c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  291.799934][T10824] RAX: ffffffffffffffda RBX: 00007fe768c326d4 RCX: 000000000045b349
[  291.807904][T10824] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  291.815996][T10824] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
16:31:48 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

[  291.824074][T10824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  291.832043][T10824] R13: 00000000000008af R14: 00000000004ca095 R15: 0000000000000006
[  291.840204][T10824] BUG: unable to handle page fault for address: fffffffffffffff4
[  291.847928][T10824] #PF: supervisor read access in kernel mode
[  291.853911][T10824] #PF: error_code(0x0000) - not-present page
[  291.859896][T10824] PGD 9a70067 P4D 9a70067 PUD 9a72067 PMD 0 
[  291.865905][T10824] Oops: 0000 [#1] PREEMPT SMP KASAN
16:31:48 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

[  291.871126][T10824] CPU: 1 PID: 10824 Comm: syz-executor.2 Not tainted 5.5.0-rc6-next-20200116-syzkaller #0
[  291.881118][T10824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  291.891197][T10824] RIP: 0010:rhashtable_replace_fast.isra.0.constprop.0+0x3f5/0xfa0
[  291.899101][T10824] Code: fc ff df 8b 75 b8 48 89 d0 48 c1 e8 03 0f b6 0c 38 48 89 d0 83 e0 07 83 c0 03 38 c8 7c 08 84 c9 0f 85 83 0b 00 00 48 8d 7a 04 <8b> 02 49 ba 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 46 0f b6
[  291.918712][T10824] RSP: 0018:ffffc90017537048 EFLAGS: 00010246
[  291.924785][T10824] RAX: 0000000000000007 RBX: ffff8880511dc000 RCX: 0000000000000000
[  291.932765][T10824] RDX: fffffffffffffff4 RSI: 0000000000000007 RDI: fffffffffffffff8
[  291.940842][T10824] RBP: ffffc900175370c8 R08: ffff888053e224c0 R09: 0000000000000000
[  291.948924][T10824] R10: dffffc0000000000 R11: dffffc0000000000 R12: 0000000050036e13
[  291.956906][T10824] R13: 0000000050036e13 R14: fffffffffffffff4 R15: 0000000050036e13
[  291.964909][T10824] FS:  00007fe768c32700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
16:31:48 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000004c0)='TIPC\x00')
sendmsg$TIPC_CMD_SET_LINK_PRI(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)={0x68, r2, 0x21, 0x0, 0x0, {{}, {}, {0x4c, 0x18, {0x0, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0)
sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r2, 0x300, 0x70bd29, 0x25dfdbff, {{}, {}, {0x18, 0x18, {0x3, @bearer=@l2={'ib', 0x3a, 'syzkaller1\x00'}}}}, ["", "", "", "", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r3 = socket(0x10, 0x800000000080002, 0x10)
sendmmsg$alg(r3, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00')
sendmsg$TIPC_NL_NET_GET(r3, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xa0, r4, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x5c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x40}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffa7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8f4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x20000005}, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
dup2(r5, r0)

[  291.973859][T10824] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  291.980449][T10824] CR2: fffffffffffffff4 CR3: 000000009e749000 CR4: 00000000001426e0
[  291.988530][T10824] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  291.996525][T10824] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  292.004652][T10824] Call Trace:
[  292.008063][T10824]  nsim_fib_event_nb+0xc3a/0x2600
[  292.013113][T10824]  ? __rhashtable_remove_fast.constprop.0+0x1060/0x1060
[  292.020088][T10824]  ? call_fib_notifiers+0x140/0x2a0
[  292.025313][T10824]  notifier_call_chain+0xc2/0x230
[  292.030361][T10824]  __atomic_notifier_call_chain+0xa6/0x1a0
[  292.036204][T10824]  atomic_notifier_call_chain+0x2e/0x40
[  292.041770][T10824]  call_fib_notifiers+0x173/0x2a0
[  292.046815][T10824]  call_fib6_notifiers+0x4b/0x60
[  292.051768][T10824]  call_fib6_entry_notifiers+0xfb/0x150
[  292.057353][T10824]  ? fib6_tables_seq_read+0x270/0x270
[  292.062758][T10824]  fib6_add+0x33c3/0x3ec0
[  292.067119][T10824]  ? do_raw_spin_lock+0x139/0x2f0
[  292.072174][T10824]  __ip6_ins_rt+0x54/0x80
16:31:48 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffffffffbe, &(0x7f00000000c0))

[  292.076530][T10824]  ip6_route_add+0x5e/0x110
[  292.081061][T10824]  inet6_rtm_newroute+0x16c/0x180
[  292.086105][T10824]  ? ip6_route_multipath_add+0x1c60/0x1c60
[  292.091972][T10824]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  292.098352][T10824]  ? ip6_route_multipath_add+0x1c60/0x1c60
[  292.104179][T10824]  rtnetlink_rcv_msg+0x45e/0xaf0
[  292.109143][T10824]  ? rtnl_bridge_getlink+0x910/0x910
[  292.114457][T10824]  ? netlink_deliver_tap+0x226/0xbf0
[  292.119771][T10824]  ? find_held_lock+0x35/0x130
[  292.124545][T10824]  netlink_rcv_skb+0x177/0x450
[  292.129338][T10824]  ? rtnl_bridge_getlink+0x910/0x910
[  292.134667][T10824]  ? netlink_ack+0xb50/0xb50
[  292.139463][T10824]  ? __kasan_check_read+0x11/0x20
[  292.144650][T10824]  ? netlink_deliver_tap+0x248/0xbf0
[  292.150050][T10824]  rtnetlink_rcv+0x1d/0x30
[  292.154497][T10824]  netlink_unicast+0x59e/0x7e0
[  292.159374][T10824]  ? netlink_attachskb+0x870/0x870
[  292.164510][T10824]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  292.170249][T10824]  ? __check_object_size+0x3d/0x437
[  292.175492][T10824]  netlink_sendmsg+0x91c/0xea0
16:31:48 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)}, 0x0)

[  292.180277][T10824]  ? netlink_unicast+0x7e0/0x7e0
[  292.185224][T10824]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  292.190843][T10824]  ? apparmor_socket_sendmsg+0x2a/0x30
[  292.196319][T10824]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  292.202707][T10824]  ? security_socket_sendmsg+0x8d/0xc0
[  292.208180][T10824]  ? netlink_unicast+0x7e0/0x7e0
[  292.213137][T10824]  sock_sendmsg+0xd7/0x130
[  292.217575][T10824]  ____sys_sendmsg+0x753/0x880
[  292.222352][T10824]  ? kernel_sendmsg+0x50/0x50
[  292.227049][T10824]  ? __fget_files+0x337/0x520
[  292.231857][T10824]  ? find_held_lock+0x35/0x130
[  292.236734][T10824]  ___sys_sendmsg+0x100/0x170
[  292.241453][T10824]  ? sendmsg_copy_msghdr+0x70/0x70
[  292.246591][T10824]  ? __kasan_check_read+0x11/0x20
[  292.251656][T10824]  ? __fget_files+0x359/0x520
[  292.256347][T10824]  ? do_dup2+0x4f0/0x4f0
[  292.260617][T10824]  ? __fget_light+0x1ad/0x270
[  292.265308][T10824]  ? __fdget+0x1b/0x20
[  292.269405][T10824]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  292.275756][T10824]  __sys_sendmsg+0x105/0x1d0
[  292.280362][T10824]  ? __sys_sendmsg_sock+0xc0/0xc0
[  292.285415][T10824]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  292.290981][T10824]  ? do_syscall_64+0x26/0x790
[  292.295950][T10824]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  292.302045][T10824]  ? do_syscall_64+0x26/0x790
[  292.306762][T10824]  __x64_sys_sendmsg+0x78/0xb0
[  292.311534][T10824]  do_syscall_64+0xfa/0x790
[  292.316062][T10824]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  292.321967][T10824] RIP: 0033:0x45b349
[  292.325860][T10824] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  292.345575][T10824] RSP: 002b:00007fe768c31c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  292.354011][T10824] RAX: ffffffffffffffda RBX: 00007fe768c326d4 RCX: 000000000045b349
[  292.361992][T10824] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  292.369975][T10824] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  292.377944][T10824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  292.385927][T10824] R13: 00000000000008af R14: 00000000004ca095 R15: 0000000000000006
[  292.393931][T10824] Modules linked in:
[  292.397836][T10824] CR2: fffffffffffffff4
[  292.402003][T10824] ---[ end trace fcb5f8a051893001 ]---
[  292.407496][T10824] RIP: 0010:rhashtable_replace_fast.isra.0.constprop.0+0x3f5/0xfa0
[  292.415473][T10824] Code: fc ff df 8b 75 b8 48 89 d0 48 c1 e8 03 0f b6 0c 38 48 89 d0 83 e0 07 83 c0 03 38 c8 7c 08 84 c9 0f 85 83 0b 00 00 48 8d 7a 04 <8b> 02 49 ba 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 46 0f b6
[  292.435347][T10824] RSP: 0018:ffffc90017537048 EFLAGS: 00010246
[  292.441415][T10824] RAX: 0000000000000007 RBX: ffff8880511dc000 RCX: 0000000000000000
[  292.449375][T10824] RDX: fffffffffffffff4 RSI: 0000000000000007 RDI: fffffffffffffff8
[  292.457348][T10824] RBP: ffffc900175370c8 R08: ffff888053e224c0 R09: 0000000000000000
[  292.465328][T10824] R10: dffffc0000000000 R11: dffffc0000000000 R12: 0000000050036e13
[  292.473313][T10824] R13: 0000000050036e13 R14: fffffffffffffff4 R15: 0000000050036e13
[  292.481288][T10824] FS:  00007fe768c32700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  292.490207][T10824] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  292.496806][T10824] CR2: fffffffffffffff4 CR3: 000000009e749000 CR4: 00000000001426e0
[  292.504784][T10824] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  292.512747][T10824] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  292.520822][T10824] Kernel panic - not syncing: Fatal exception in interrupt
[  292.529236][T10824] Kernel Offset: disabled
[  292.533618][T10824] Rebooting in 86400 seconds..