[ 34.445593][ T26] audit: type=1800 audit(1554672850.957:27): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 34.470384][ T26] audit: type=1800 audit(1554672850.957:28): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 35.200424][ T26] audit: type=1800 audit(1554672851.787:29): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 35.221594][ T26] audit: type=1800 audit(1554672851.787:30): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.175' (ECDSA) to the list of known hosts. 2019/04/07 21:34:23 fuzzer started 2019/04/07 21:34:26 dialing manager at 10.128.0.26:34543 2019/04/07 21:34:26 syscalls: 2408 2019/04/07 21:34:26 code coverage: enabled 2019/04/07 21:34:26 comparison tracing: enabled 2019/04/07 21:34:26 extra coverage: extra coverage is not supported by the kernel 2019/04/07 21:34:26 setuid sandbox: enabled 2019/04/07 21:34:26 namespace sandbox: enabled 2019/04/07 21:34:26 Android sandbox: /sys/fs/selinux/policy does not exist 2019/04/07 21:34:26 fault injection: enabled 2019/04/07 21:34:26 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/04/07 21:34:26 net packet injection: enabled 2019/04/07 21:34:26 net device setup: enabled 21:36:26 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff03c}, {0x80000006}]}, 0x10) syzkaller login: [ 170.229824][ T7560] IPVS: ftp: loaded support on port[0] = 21 21:36:26 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000680), &(0x7f00000006c0)=0xc) syz_mount_image$ntfs(&(0x7f0000000280)='ntfs\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 170.335728][ T7560] chnl_net:caif_netlink_parms(): no params data found [ 170.385191][ T7560] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.394088][ T7560] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.402689][ T7560] device bridge_slave_0 entered promiscuous mode [ 170.411731][ T7560] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.419260][ T7560] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.427425][ T7560] device bridge_slave_1 entered promiscuous mode [ 170.449711][ T7560] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 170.461929][ T7560] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 170.486152][ T7560] team0: Port device team_slave_0 added [ 170.501037][ T7560] team0: Port device team_slave_1 added [ 170.514711][ T7563] IPVS: ftp: loaded support on port[0] = 21 21:36:27 executing program 2: socket$inet_udp(0x2, 0x2, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$KDSKBLED(0xffffffffffffffff, 0x4b65, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1e, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 170.572420][ T7560] device hsr_slave_0 entered promiscuous mode [ 170.661007][ T7560] device hsr_slave_1 entered promiscuous mode 21:36:27 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x200, 0x0) read(r0, 0x0, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000080)={0x5, 0x70, 0x0, 0x7, 0x4, 0x4, 0x0, 0x8, 0x20108, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x5, 0x595, 0x0, 0x7fffffff, 0x80000001, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1ff, 0x2cc1, 0x2, 0x1, 0x5, 0xe4a, 0x9, 0x6, 0x0, 0x0, 0x5017, 0x0, 0x7, 0x0, 0xfd, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0xfffffffffe75f9bb}, 0x0, 0xffffffffffffffff, 0xffffffffffffff9c, 0x8) dup2(r0, r1) socket$netlink(0x10, 0x3, 0x4) [ 170.748877][ T7560] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.756375][ T7560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 170.764578][ T7560] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.771983][ T7560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 170.797107][ T7565] IPVS: ftp: loaded support on port[0] = 21 [ 170.886062][ T7560] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.920560][ T7567] IPVS: ftp: loaded support on port[0] = 21 [ 170.938407][ T7560] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.986377][ T3544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.998780][ T3544] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.018349][ T3544] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.027673][ T3544] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 21:36:27 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000500)={0x0, 0x8}, &(0x7f0000000680)=0x8) read(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(&(0x7f00000004c0)=ANY=[], &(0x7f0000000200)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, &(0x7f0000000000)) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) ioctl$UI_SET_KEYBIT(0xffffffffffffffff, 0x40045565, 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) rt_sigaction(0x6, &(0x7f0000000280)={&(0x7f00000001c0)="44de31d3d2c401b173dacec4030d790b3e8f0850edc55c660f140366440fe44cc205460f1f40000fc0e28fc9489bf2", {0x9}, 0x2, &(0x7f0000000240)="c4e17d515d2b4c0fc7659af001a313000000457945d8268f69709beec44201a79162000000c4c2ad9dfb2ef20f184f00420f478aac1fb219"}, &(0x7f0000000480)={&(0x7f00000002c0)="c482797883fcffffffc462013d470e410f9873e7c4a12915a691db000041814ba600f0ffffc4c2cd8e5f0043830800c4e25d9bdec421fd73d5008fa990902a", {}, 0x0, &(0x7f0000000380)="c481715ede8fe978c37c8048c4c15dfe1dffefffffc462d9bcc8d9c3f0819f7ba454cb000000009cc482f92144da0bc482b5920454c461ad599d65566666"}, 0x8, &(0x7f00000004c0)) utime(0x0, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) umount2(&(0x7f0000000000)='./file0\x00', 0x0) readv(0xffffffffffffffff, 0x0, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x0, 0x202080) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000001040)={r1, 0x1000, "23307b40f964941992cc4c6da6fc4375721587129266adb0a8ae68dcbd6277fcdb262e9d9eb9b3772f48ab0a1a194565b38cf19c1da4ec2d3cadd0ff0379d2450a1b4ac1891bd5a977e356e6e55b020ad2c1a23afa5a50b6bbc16c927bf6b4bc7c1d7ce57da794bbbf9df8ce333cb9aded994675c19705adaf4dee20a0c5292704eeedbb130f4335a7999a75f8d97b748b2bc551b2c87724aff0fb7f710f5699b78243397f41fe45ac0245397ba80e370e3ac0ccb556de2957a6d9a699a1e7806054f08707b149923a055bcf9e442e8922cc0e5be6c86f641da36c4bb6ab03dafc6bf95be79d1b8ae7a84071ac91b0b15025d6a06063a9e92d36c339a02398decbf33f8983c00b7a192de7594cd5d40ff68c74288f10a0c6fa74b58773e2d73edf2522a6ba674e307c8fd73279ae0b18e25b3ae4f260f518100dc60c07ffbf1e15b4c5f142ecf4caed590579ac1a9c912cc9a736e88176dfe23068018b3b83941741833bb6639f53cbc3bc788777ab1da7a51dea012a0b45c3f4e754497242e29e6cdb8c0fd3eb117e2d7173c3312d252ace11572fbe7256d38c76393d5c39d0b4d97c950a373849ed642febb991717ecf6201b342ce7015d28551159582aea60c411863604396d27b1766b922339b0aadee5f07b5a0dd520e5775c0b553e94e99f2ca4c320f0c1a7c0fdc8855d98e589ee2968984f65469a32e4e9f8c4d0d874a901d6d6d3c58aa21ba51cf6c1f0f688930cf19e67c251220ade6b0a2392b1d42231ee8f4141b7bfc15dbacfc26e9d98647dd3f044eadf2b523715f9e9c8b6a6166f700989bf8a93ca733c916842c214b51f34b8bc6423c6577a231fe1878c0c1a709a09a7c9b09ac2e9d0efeceb1f6a99f5416a163144802349f79dbfe738744d542bca4b4a13b8e6efe016d8fd7f56f9009f930fc0127be4e2d75ed96763740758f9a720467ea392a725b953f670b91561376f05beef40b5af6abe16d4dee9c4c477e5ad78a30b2cb5484514f2f9b3f53b6dafb66f0461f6a38077f4c5a9ff99ba97316f8d684eca9cd6e9931c7757a5e437d15a933bc0b778e4e98ab7346dae21b15cb823c016ce868ca479b841bc20a5cd3c44b66b050fb60eb70539f70bd79b7d6cb300f5f187b7c84f5d1c24dea517f04b06479381f686091570001e64480a2c5dc1fd8949bf6941df14e4ddc9037075763418525df00e1d4ecae62f8148ada770b96405c6a4cd1ef06d3276e4c35d098b13a42957e61b511f1d50c901bcb450e7df09390d8da661828e61756e37eb9351c99cdb148547b06012daeeca934824ce525c6ee81c4c8d98f8a27a200e8ab771ce9e34a1aa22bfd9618d37e4d1591c9d98faeb9b8c7d27d228d8bf594b93649a8661d4d249a1f9ef79331cd081adfc5ade6776e7391ddfc38ac71856d0af2d831894ea91062e30acad3017b4ef6f44eb54ef321203b6247df092a43a8db955de43b970e86befefd4cf541915ddb6ebd165a1ee1c8b7b4821e0b5e4d5f1d816d77a8821db68e3c32d7df205b3fb49eb114bd7ef548fbf1b66ae558a0c8da0926bb30897bc3e995216affd5976caea57494bceca6e031cf4df3fc17eb29e3a4c0f330a8610950fd742932f16a926a1ec5adccb63faa590db237dbae93d8f90b4a5d2be249b3493905b4b45178bdda7e52d1144209597c1d918a2e4ef93d9d800d1228622b6624f6c7f2084ae84a0a8946f3b7f29078b8b129cc480e7d1da22b322cedd8b1ed5741ad7c9614cfcbd676dafd4aa1abbc239b8d2dce89a05e111310c2af0d36bda007cb92aee4b2fbfca464dd997388d483be784a31de93d2626ce4aaa343fe7c17e643b52df8c68fef5af0356e6c4adadb434f4c7b9181e414b5692307a03e4c00be34cf79ab57e8099098664d2d6fc784fcd6639f549aba8332b35b47798a6cd6498962de2b3282e3f0d5a9f831f6642bb3ddbcef1a98a1c98169c0fa6c3da1411c40a1936dd565e1ba6ff00290c1dd86d5f246ec7fdbbc116fce292605d5a70bea64b238c1f2137abee76935bf7d3f48672b530290e1b0c432e294563a22093a510a40ed27638418148ba45384cc783813fd9a1977961e1ba33a81364c70f12ec9a3ffd9d82a4963b1a923c07db18b5470699493ecf74d850c9274cbfceaff382a9dbadcba33d5e05df936889d8ffb857a9755ba51e59ba774c04ec0e38e2b008055901eb02ca8632b4674595cfbc64e9409d040238c80c638035652bc90e4fa793ae37e49999cc4d9624f9b7514cf2afdf6e041fe1961dbe1c221b4f73ed2aa8fc7a9641aa390aed2e7014e699ac5ce1e29938c21d40e1741d4114107b8b46328ffd3fe817873108798c4dedc34f456c43b4cffe0ccf2e74f31187320474f1ab8add16648bf905ac3838ba81b4dd098c2554a0ad889cd1da17a18f3b18267d56ad22a2999fd8f5539c69e80fc1a53d988440657d8504728d807bc4cb58e1d75ac3d2f8b8409013ce050073875f7c9ffe0017eae6cb02354ae0ed4050931fbc459251de50baad1ccd7dda7b7d455671ccab5cb09d5f8d055ee702298b404b3f14c6c9fa0a29bef24ee687740505b47dc2a4c9d9f9bceced49658334d0a4a5207fc10a0e50fee63f6a1364df8fd79b48088a7096d1fa7abb0d49c115dd232b5d7f590a4c5f3f9160540be5b953dcbc19022d9f888f7ed05fd937c8a444de5b2ab12d3578b53b1c4680876437d8ce194f8b2757b6480668c2879ab9f651c2935b28a93b4f757c9d5827fb57e45e2e7cb4bf11b4c26000243c20d1ecb053288241a212433763d5b6dbdf24a724ae916ae1ab226c145c13bc711bff9c10abe9e5c701929d7732c3e320198c90a4c0d9214f367f229ae67401b710b0a760c0d1d03b463933a3fa1802be23c17439483497a62f0ad27aec7bc6e04ae6b33e1d9de8fb8270aa2f26c5a10e4e192c3a6652c3cc7eee6861636c1b7925f6f9ec4b1428a1080292576cae4317f7db919b1fe959fc37190a48ddc5d74708915014ae2fdb1de1d4283c4a0f58809aa0a24afeccdb7306e4b4af5aa8ea18ac68e7f3f2368cb41e5b3f7a9b4a050314307d5e740133447b5e3137a18d377fc6c5ec9000d71db0d3296f4c4fe1c2a668bc8461579eb5333a96bd4b311b8a4b744a1697583b5915b129b8067ca91b115aa0f6d34a0f7574244b5b1554a4c72ae91038c79029e79d61a862543bd344b4eaa83d79e3fb3f420ab6529b8401e258133b03d2a935dadcca03958716ef79adff496b3925adeb6c609ae9e12c96e9dcc5c540bf516ea1ee4351ad6c1ac5611a7cb4cec30fc2db718fd2d627b42b382e9ec9edf783482a1e8041d720a2038fe98e266a814bc7b416b12fed89227ed39e08d51bf22e3f95af8e98f75b037ae2a4b4e30ccd69f491a7c93e94b59bc704a7679cca3d8b4a0be049c0debed919ab38ff23ecfd09a6a44f58e835393778374e78a7754e032921b315855c923687cca1833ba56c679c2f164b53c03136caaccff029d2618482fc348c34d30c7ad27bee476a036a7414545b4340b237854d08e44923454ba1a52a36a159b4104070eb57a25d581185b97962c4c95eba5a9495dc4f949e8f3c774667fb3605c808215a1a436b1f620115fa89ee8ec5f5973b1baa8fdc09ce51a7ef9d7ea3d25dc6e372b9017cf9ef40bc504d10bf75f97fc7368d1a08d57abce589dd041d5a18eb974b41ab2f7ebed0b497509db2dcbda4b3baa09a25973b532c02fa5fe4c3e791252cf75f8d1e6426b5d5c4aa6103e3d6ca5b2d8b78111a6b52f02418636dbb8b3cd552c093c720805f068acea232322af482c12ff91028013257bc51fb4f91d78a902f2a1a3285375d1568dc1fce2a581dcec542e350439c32ba00fa63800a408f4b37609264c13e6005f31930e43db564eb18572f5df5a0f0c862b672cb5d818a501d14b681c94ce4f99594d29155ad87e0b21d9eed58e8937a4c9c24059eac2d3afe88d405f62df1ba80fea87136e3926cce646a02779d5a3babb39685329ea24c664b86af53cdd72c03d8d9b936f28e0e6bd94a349a192859b1f57303a1dcc47c11255782b975ec37849366b8de1addff6e7cbf0217f4ab8151542349f3ad2e61b9f9f55eccd93e88638539d5f08e7b01f2cc903c7fd2c8a4191647cd1ea947d4d7d25a4b20ed36d47ff6fe8b11d6b35b642cbe8b5a78aa6d96cc95d2e445bade10f79a7a6bffb54908dc3f746200bb189904460c50b4ccfca3f1c37ac1a54ab283a84fa0ca483dda734f8f291bc14536b2c43adff01b3a404fc3e7ffcd57509dda4c341c67ac5540215aebabf2c5c8c8d8b48a0484e27e980f1af164c7ed6a2973fdb2fb54f517b9b5905c654c6948ed3b185b359a791a2636b5d1b4fc095f70b42877c4768be1b57efc75de0a8f9786858990d250f8e81dcd6d8cea09a7edd5b0b9215bba43829b1e8b443d6e366290cbb5c3d6bf30cc4422caa93eb0ff74f842c99c11033def357fd02a28d12eb8c8f185f3c3b064c8dbf7076787acd3f134036fb68f8d3c2315b4c88c414ce5dfc4fee0b7d4f8167713e89d411776b921f506939b6d5c0f000b0b49a9538798005b68368ec5cd87f2bfa8ed902715872da2681622aa33169a91a70505a7418c00784e0bc96a0c2d3851f2e6bd4aa458a6a807569b6b504f11b50ef1f62a1ab1ea11bdc35c6c2d99f401922c9a8d838d65e7e2e2f71f3bd1f7e7642ed92bcce5bc3f7c575df68797af18a4292056a5dbb4805ddd8d2c63fa7f1d3f77aa1f6a60e477d7e3866d656754546bf1b7c36f94dfb4ab4c1b5a1f35f28da29ffee2878198aff35fa68a444dcddf274290e2d98b7161199fbbca04a0eb4d32db4bd012436c436caccc13be5d799ae916656cc7737b1f14783547819780cca4d0c09e8a3ae25d0d5da450a8a585e50b27dc3e1e1151f0fa4663614ae44dfbb74f462f2254b88071b595b3520790616f3e93acf0a609ba456d954baf0c005634d2c380a58099207f0852a27d0bbaa3a7fed224508960d85aa856ea4742f1b858e161cf2167b40ad4b5d1e5d3fabcb881a4d4da7fc59ffb19583db85be2e2fcedd1a0fc8e3e960efc28ff47d3f8de9bd937a9aac117984fe7bc08183ec572126833524c27fb12774488ad8d379e3aced127676776cafebeb40c0ffe19cab785bf57adba99286da8793540903c9dcdf198a404c6cfe1bb0c9da65b0b7f5bf7737f73a7ed4c1278ac8974c556332ed72203149037d961c4106bd461329fa002f8875ef47fec6f0a00a8b55a864069a54e3a21baca36780093162eb95e943b4094605f553a7480a21db6ce2d12a2172870c6507e072ea74cfb5a0dd6a8f1413d1041896764cba97efb40392155b067d8076dac6a606496c49c803597dfde90116f7c34301f0a205e5fc9028d4f00be56da4599f8e888435cbaae70233df4e405c8023b085c727010f831a81e0b404e928bea8df8b683bbe10e152ed3226e6e9a75a0eeeefb26c18fe64ba1261435771764f9158df694cea319cdefe3fdcc595349b0c751822950dcbc8210682d980dcc49b249d52147ff10509b60548c623475322071cfd1ac8c212763ebace2931e74ab9cafda5db8f092c67a16a13940b23c06a9ad23fa98cde99bf3f241d6a9f3f47eea4f125404cc13b55cb40f69cc32e757ee3904324bcf1803f2ccb8fdac521a67d701323eb5f5e1cbad728821c39d546b5c0220804a8aeaa998161185067aec1626b6e62ee846c893737580b2ed41348cd82e3ae49b46f3c1fa3486407554752c9748625e206c215"}, 0x0) r3 = syz_open_dev$dmmidi(0x0, 0x4, 0x0) fcntl$getownex(r3, 0x10, &(0x7f00000000c0)) [ 171.065545][ T3544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 171.077062][ T3544] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.084573][ T3544] bridge0: port 1(bridge_slave_0) entered forwarding state [ 171.120523][ T3544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 171.140052][ T3544] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.147807][ T3544] bridge0: port 2(bridge_slave_1) entered forwarding state [ 171.176699][ T7563] chnl_net:caif_netlink_parms(): no params data found [ 171.207713][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.231788][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.241403][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready 21:36:27 executing program 5: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = inotify_init1(0x0) fcntl$setown(r2, 0x8, r1) fcntl$getownex(r2, 0x10, &(0x7f000045fff8)={0x0, 0x0}) ptrace(0x4207, r3) ptrace$getregset(0x4205, r3, 0x202, &(0x7f0000000300)={&(0x7f0000002100)=""/4096, 0x1000}) [ 171.282121][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 171.299329][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 171.313318][ T7560] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 171.355205][ T7572] IPVS: ftp: loaded support on port[0] = 21 [ 171.417227][ T7565] chnl_net:caif_netlink_parms(): no params data found [ 171.440876][ T7560] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 171.455465][ T7563] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.464388][ T7563] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.472738][ T7563] device bridge_slave_0 entered promiscuous mode [ 171.498137][ T7563] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.506307][ T7563] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.517153][ T7563] device bridge_slave_1 entered promiscuous mode [ 171.544485][ T7575] IPVS: ftp: loaded support on port[0] = 21 21:36:28 executing program 0: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000180)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x20400040c2, 0x0) write(r1, &(0x7f0000000600)='4', 0x1) [ 171.657274][ T7563] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 171.676305][ T7565] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.688739][ T7565] bridge0: port 1(bridge_slave_0) entered disabled state 21:36:28 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000000)={0x80, 0x0, 0x4d6}) [ 171.699359][ T26] audit: type=1800 audit(1554672988.277:31): pid=7583 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="loop0" ino=3 res=0 [ 171.730481][ T26] audit: type=1804 audit(1554672988.277:32): pid=7583 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir712726862/syzkaller.rbyc32/1/file0/file0" dev="loop0" ino=3 res=1 [ 171.734914][ T7565] device bridge_slave_0 entered promiscuous mode 21:36:28 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000000)={0x80, 0x0, 0x4d6}) [ 171.797591][ T7563] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 171.819416][ T7563] team0: Port device team_slave_0 added [ 171.828453][ T7563] team0: Port device team_slave_1 added [ 171.838416][ T7565] bridge0: port 2(bridge_slave_1) entered blocking state 21:36:28 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080)='cgroup\x00', 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000300)='cpuset.cpu_exclusive\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000100), 0x12) [ 171.845868][ T7565] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.862394][ T7565] device bridge_slave_1 entered promiscuous mode 21:36:28 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(r3, r3, 0x0) setresuid(0x0, r2, 0x0) setresgid(0x0, 0x0, 0x0) [ 171.898945][ T7572] chnl_net:caif_netlink_parms(): no params data found [ 171.928080][ T7567] chnl_net:caif_netlink_parms(): no params data found [ 172.032604][ T7563] device hsr_slave_0 entered promiscuous mode [ 172.070290][ T7563] device hsr_slave_1 entered promiscuous mode [ 172.116165][ T7565] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 172.126533][ T7565] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 172.158913][ T7572] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.167380][ T7572] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.175265][ T7572] device bridge_slave_0 entered promiscuous mode [ 172.200736][ T7563] bridge0: port 2(bridge_slave_1) entered blocking state 21:36:28 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mounts\x00') mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='cpuset\x00', 0x0, 0x0) pread64(r0, &(0x7f0000000140)=""/4096, 0x1000, 0x0) [ 172.208032][ T7563] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.215534][ T7563] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.222906][ T7563] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.232991][ T7572] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.240980][ T7572] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.248943][ T7572] device bridge_slave_1 entered promiscuous mode 21:36:28 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0xb00000000065808, 0x0) write$FUSE_ATTR(r0, &(0x7f0000000880)={0x78}, 0x78) read(r1, &(0x7f0000000000)=""/81, 0xffffffd5) [ 172.298540][ T7565] team0: Port device team_slave_0 added [ 172.347815][ T7572] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 172.359377][ T7572] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 172.375507][ T7567] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.383776][ T7567] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.387214][ T26] audit: type=1804 audit(1554672988.967:33): pid=7610 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir712726862/syzkaller.rbyc32/7/memory.events" dev="sda1" ino=16519 res=1 [ 172.419375][ T7567] device bridge_slave_0 entered promiscuous mode [ 172.424431][ T26] audit: type=1800 audit(1554672988.967:34): pid=7610 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=16519 res=0 [ 172.450462][ T7565] team0: Port device team_slave_1 added [ 172.455105][ T26] audit: type=1804 audit(1554672989.037:35): pid=7610 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir712726862/syzkaller.rbyc32/7/memory.events" dev="sda1" ino=16519 res=1 [ 172.487576][ T26] audit: type=1800 audit(1554672989.037:36): pid=7610 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=16519 res=0 [ 172.522966][ T7575] chnl_net:caif_netlink_parms(): no params data found [ 172.539018][ T7602] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.550180][ T7602] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.569098][ T7567] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.578024][ T7567] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.587517][ T7567] device bridge_slave_1 entered promiscuous mode [ 172.624692][ T7572] team0: Port device team_slave_0 added [ 172.672684][ T7565] device hsr_slave_0 entered promiscuous mode [ 172.720621][ T7565] device hsr_slave_1 entered promiscuous mode [ 172.772319][ T7567] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 172.782339][ T7572] team0: Port device team_slave_1 added [ 172.794249][ T7567] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 172.813085][ T7567] team0: Port device team_slave_0 added [ 172.824151][ T7563] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.841753][ T7567] team0: Port device team_slave_1 added [ 172.863094][ T7575] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.870780][ T7575] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.878922][ T7575] device bridge_slave_0 entered promiscuous mode [ 172.887694][ T7575] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.895185][ T7575] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.903915][ T7575] device bridge_slave_1 entered promiscuous mode [ 172.920700][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 172.928516][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 172.938446][ T7563] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.991571][ T7572] device hsr_slave_0 entered promiscuous mode [ 173.050198][ T7572] device hsr_slave_1 entered promiscuous mode [ 173.172654][ T7567] device hsr_slave_0 entered promiscuous mode [ 173.220355][ T7567] device hsr_slave_1 entered promiscuous mode [ 173.275221][ T7575] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 173.297400][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 173.307099][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 173.316030][ T7568] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.323458][ T7568] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.332423][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 173.341333][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 173.362351][ T7568] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.369998][ T7568] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.377531][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 173.388902][ T7575] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 173.418396][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 173.427168][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 173.436202][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 173.446332][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 173.455454][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 173.464141][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 173.485433][ T7575] team0: Port device team_slave_0 added [ 173.493048][ T7575] team0: Port device team_slave_1 added [ 173.528653][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 173.538133][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 173.564307][ T7565] 8021q: adding VLAN 0 to HW filter on device bond0 [ 173.612773][ T7575] device hsr_slave_0 entered promiscuous mode [ 173.670411][ T7575] device hsr_slave_1 entered promiscuous mode [ 173.731693][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 173.740684][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 173.757032][ T7572] 8021q: adding VLAN 0 to HW filter on device bond0 [ 173.777802][ T7565] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.788941][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 173.797813][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 173.806297][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 173.815501][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 173.824490][ T7568] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.832256][ T7568] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.841609][ T7563] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 173.849324][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.867281][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 173.876320][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 173.885776][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.893076][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.901555][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 173.926606][ T7563] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.952004][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 173.959714][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 173.968583][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 173.977704][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 173.987100][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 173.996160][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 174.005290][ T7572] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.017361][ T7567] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.033324][ T7567] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.064018][ T7616] ntfs: (device loop1): ntfs_fill_super(): Unable to determine device size. [ 174.078243][ T7565] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 174.091157][ T7565] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 174.106159][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 174.117186][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 174.126921][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 174.136062][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 174.144635][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.151866][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.161323][ T7619] ntfs: (device loop1): ntfs_fill_super(): Unable to determine device size. [ 174.167123][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 174.179347][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 174.190672][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.197849][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.206404][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 174.215511][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 174.224651][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready 21:36:30 executing program 1: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(&(0x7f00000002c0)=ANY=[@ANYPTR64], &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='tmpfs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x0) [ 174.233581][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 174.243336][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 174.252504][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 174.262074][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 174.270966][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 174.305806][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 174.314760][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 174.323873][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 174.332902][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 174.342084][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.349515][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.357655][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 174.366277][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 174.375397][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.382875][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.391123][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 174.400038][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 174.408890][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 174.418340][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 174.427351][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 174.436256][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 174.445358][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 174.454595][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 174.463328][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 174.475012][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 174.484139][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 174.493013][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 174.505300][ T7572] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 174.518216][ T7572] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 174.538911][ T7575] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.546905][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 174.555499][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 174.564708][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 174.578378][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 174.587532][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 174.596206][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 174.604914][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 174.617809][ T7567] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 174.630780][ T7567] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 174.647667][ T7565] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.657626][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 174.667125][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 174.690039][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 174.697799][ T7568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 174.722597][ T7572] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.748577][ T7575] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.769766][ C1] hrtimer: interrupt took 45960 ns [ 174.783974][ T7567] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.809239][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 174.883846][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 174.893691][ T2990] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.901107][ T2990] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.965909][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 174.974407][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 175.030712][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 175.039224][ T7602] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.046509][ T7602] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.080942][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 175.090961][ T7602] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 175.114518][ T7575] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 175.181338][ T7575] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 175.236932][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 175.256667][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 175.294773][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 175.306527][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 175.345119][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 175.387808][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 175.408956][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 175.428730][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 175.440434][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 175.449672][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 175.496593][ T7575] 8021q: adding VLAN 0 to HW filter on device batadv0 21:36:32 executing program 2: syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="1b4344303031", 0x6, 0x8000}], 0x0, 0x0) 21:36:32 executing program 0: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) accept(r0, 0x0, 0x0) 21:36:32 executing program 1: chdir(0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000180)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x20400040c2, 0x0) write(r1, &(0x7f0000000600)='4', 0x1) 21:36:32 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000480)='/dev/input/event#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000200)=""/65) 21:36:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x200, 0x0) read(r0, 0x0, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000080)={0x5, 0x70, 0x0, 0x7, 0x4, 0x4, 0x0, 0x8, 0x20108, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x5, 0x595, 0x0, 0x7fffffff, 0x80000001, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1ff, 0x2cc1, 0x2, 0x1, 0x5, 0xe4a, 0x9, 0x6, 0x0, 0x0, 0x5017, 0x0, 0x7, 0x0, 0xfd, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0xfffffffffe75f9bb}, 0x0, 0xffffffffffffffff, 0xffffffffffffff9c, 0x8) dup2(r0, r1) socket$netlink(0x10, 0x3, 0x4) 21:36:32 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x4}, {0x80000006}]}, 0x10) 21:36:32 executing program 0: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) accept(r0, 0x0, 0x0) [ 176.237416][ T26] audit: type=1800 audit(1554672992.817:37): pid=7657 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16551 res=0 21:36:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r1, 0x80046402, 0x0) [ 176.304674][ T7667] isofs_fill_super: bread failed, dev=loop2, iso_blknum=32, block=64 21:36:32 executing program 5: syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x0, 0x0) r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capi20\x00', 0x0, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, &(0x7f0000000040)={0xa}) 21:36:33 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000500), 0x0) prctl$PR_SVE_GET_VL(0x33, 0x17faf) read(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) ioctl$UI_SET_KEYBIT(0xffffffffffffffff, 0x40045565, 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) rt_sigaction(0x6, &(0x7f0000000280)={&(0x7f00000001c0)="44de31d3d2c401b173dacec4030d790b3e8f0850edc55c660f140366440fe44cc205460f1f40000fc0e28fc9489bf2", {0x9}, 0x2, &(0x7f0000000240)="c4e17d515d2b4c0fc7659af001a313000000457945d8268f69709beec44201a79162000000c4c2ad9dfb2ef20f184f00420f478aac1fb219"}, &(0x7f0000000480)={&(0x7f00000002c0)="c482797883fcffffffc462013d470e410f9873e7c4a12915a691db000041814ba600f0ffffc4c2cd8e5f0043830800c4e25d9bdec421fd73d5008fa990902a", {}, 0x0, &(0x7f0000000380)="c481715ede8fe978c37c8048c4c15dfe1dffefffffc462d9bcc8d9c3f0819f7ba454cb000000009cc482f92144da0bc482b5920454c461ad599d65566666"}, 0x8, &(0x7f00000004c0)) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) umount2(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$VIDIOC_DQEVENT(0xffffffffffffffff, 0x80885659, &(0x7f00000003c0)={0x0, @ctrl}) r1 = syz_open_dev$dmmidi(0x0, 0x4, 0x0) fcntl$getownex(r1, 0x10, &(0x7f00000000c0)) [ 176.373888][ T26] audit: type=1804 audit(1554672992.827:38): pid=7665 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir561627983/syzkaller.1w0S7j/2/file0/file0" dev="sda1" ino=16551 res=1 21:36:33 executing program 0: r0 = socket$packet(0x11, 0x0, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000400)='btrfs\x00', &(0x7f0000000440)='./file0\x00', 0x7, 0x2, &(0x7f0000001500)=[{0x0}, {0x0, 0x0, 0xff80000}], 0x80, 0x0) 21:36:33 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) 21:36:33 executing program 5: syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x0, 0x0) r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capi20\x00', 0x0, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, &(0x7f0000000040)={0xa}) 21:36:33 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000100)='t\bnu\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x00', 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000040)='9', 0x1}], 0x1, 0x881806) read(r0, &(0x7f0000000000)=""/30, 0xfffffe4c) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x0, 0x0) 21:36:33 executing program 3: r0 = socket(0x2000000018, 0x0, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:36:33 executing program 1: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capi20\x00', 0x0, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, &(0x7f0000000040)={0x0, 0x0}) 21:36:33 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r2 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r1, 0x6) setsockopt(r2, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(r2, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) 21:36:33 executing program 2: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_init_net_socket$ax25(0x3, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}) syz_open_pts(r0, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) accept(0xffffffffffffffff, 0x0, 0x0) 21:36:33 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x5c}, {0x80000006}]}, 0x10) 21:36:33 executing program 1: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) umount2(&(0x7f00000003c0)='./file0\x00', 0x4) setxattr$security_smack_transmute(&(0x7f0000000400)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0) 21:36:33 executing program 0: socket$inet6_udp(0xa, 0x2, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(&(0x7f00000002c0)=ANY=[@ANYPTR64], &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='tmpfs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x0) 21:36:33 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x15, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) 21:36:33 executing program 3: r0 = perf_event_open$cgroup(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x7863, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x9f, 0x0, 0x6, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0xff, 0xfffffffffffffffc, 0x6, 0x0, 0x3ff, 0x91e, 0x0, 0x0, 0x0, 0x100, 0x28, 0xffff, 0x101, 0x8001, 0x0, 0x0, 0x1ff, 0x2, 0x0, 0x40, 0x4, @perf_bp={0x0, 0x4}, 0x2000, 0x20, 0x7, 0x2, 0x8, 0x3, 0x6bf}, 0xffffffffffffff9c, 0x1, 0xffffffffffffffff, 0x7) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = gettid() r2 = perf_event_open$cgroup(&(0x7f0000000140)={0x4, 0x70, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, 0x200, 0x3, 0x0, 0x4, 0x0, 0xee, 0x7, 0x10000, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x7, 0x1, 0x68e2ea6a, 0x0, 0x8}, 0xffffffffffffff9c, 0x5, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x1, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x8, 0x0, 0x4479b7fd, 0x0, 0x8, 0x3, 0x0, 0x0, 0x4e, 0x81, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x401, 0x400, 0x3f, 0x47abbb2a, 0x0, 0x6, 0x0, 0xfffffffffffffff8, 0x8, 0x0, 0x5, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x20000, 0x7, 0x2, 0x4, 0x0, 0x4893, 0x1f}, r1, 0x0, r2, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0xda4fff08) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x660c, 0x5fc) 21:36:33 executing program 5: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_init_net_socket$ax25(0x3, 0x3, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x100000009b4b62b}) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17, 0x0, 0x0, 0x0, 0x3f00}) syz_open_dev$vcsn(0x0, 0x0, 0x0) accept(0xffffffffffffffff, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0) 21:36:33 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(0x0, 0x0) sendmsg$nl_route(r0, 0x0, 0x7fd) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x10000000004e20}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000400)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, 0x0) io_submit(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0}]) [ 177.120535][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 177.126511][ C1] protocol 88fb is buggy, dev hsr_slave_1 21:36:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 21:36:34 executing program 0: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='tmpfs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x0) 21:36:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(0x0, 0x0) sendmsg$nl_route(r0, 0x0, 0x7fd) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x10000000004e20}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000400)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, 0x0) io_submit(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0}]) 21:36:34 executing program 2: socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000500), 0x0) prctl$PR_SVE_GET_VL(0x33, 0x17faf) read(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x0, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) umount2(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$dmmidi(0x0, 0x4, 0x0) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)) 21:36:34 executing program 5: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_init_net_socket$ax25(0x3, 0x3, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x100000009b4b62b}) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17, 0x0, 0x0, 0x0, 0x3f00}) syz_open_dev$vcsn(0x0, 0x0, 0x0) accept(0xffffffffffffffff, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0) 21:36:34 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r2 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r1, 0x6) setsockopt(r2, 0x0, 0x800000000d, 0x0, 0x0) connect$inet(r2, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) accept(r1, 0x0, &(0x7f00000001c0)=0x281) 21:36:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(0x0, 0x0) sendmsg$nl_route(r0, 0x0, 0x7fd) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x10000000004e20}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000400)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, 0x0) io_submit(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0}]) 21:36:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) fsetxattr$security_selinux(0xffffffffffffffff, 0x0, &(0x7f00000001c0)='system_u:object_r:auditd_var_run_t:s0\x00', 0x26, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffcd8, 0x0, 0x0, 0x117) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:34 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x32, 0x1000002da) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000087, 0x0) [ 178.058690][ T7789] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 21:36:34 executing program 3: r0 = perf_event_open$cgroup(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x7863, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x9f, 0x0, 0x6, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0xff, 0xfffffffffffffffc, 0x6, 0x0, 0x3ff, 0x91e, 0x0, 0x0, 0x0, 0x100, 0x28, 0xffff, 0x101, 0x8001, 0x0, 0x0, 0x1ff, 0x2, 0x0, 0x40, 0x4, @perf_bp={0x0, 0x4}, 0x2000, 0x20, 0x7, 0x2, 0x8, 0x3, 0x6bf}, 0xffffffffffffff9c, 0x1, 0xffffffffffffffff, 0x7) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = gettid() r2 = perf_event_open$cgroup(&(0x7f0000000140)={0x4, 0x70, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, 0x200, 0x3, 0x0, 0x4, 0x0, 0xee, 0x7, 0x10000, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x7, 0x1, 0x68e2ea6a, 0x0, 0x8}, 0xffffffffffffff9c, 0x5, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x1, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x8, 0x0, 0x4479b7fd, 0x0, 0x8, 0x3, 0x0, 0x0, 0x4e, 0x81, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x401, 0x400, 0x3f, 0x47abbb2a, 0x0, 0x6, 0x0, 0xfffffffffffffff8, 0x8, 0x0, 0x5, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x20000, 0x7, 0x2, 0x4, 0x0, 0x4893, 0x1f}, r1, 0x0, r2, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0xda4fff08) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x660c, 0x5fc) 21:36:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f3188b070") sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x7}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="02101e000a0000000001000001000000080012000000000000000016ff7f0000068100000009324150d0e853506d1b85b53fb38d0000000000000000000000000000feffcd9a484e8ac9fa13b6cbccca3c000000274fa0f2814bbcbcca3e8442b4a3e847a9304a4ce4ddaa895d6da87fa9f3bb2ee9b68e4e2f34d11d63ba6eb62687b1a9fa5de44b012cfb000773d5c78265a746e1c3acaa1e65dbbdb509ff71705b281fd6200148e51a3009247d7ab6fa747287fd03390ccff6a2eb2982d384110c0a99732f5191c6993e"], 0xcb}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmmsg(r1, &(0x7f0000000180), 0x40000000000013d, 0x0) 21:36:34 executing program 5: r0 = syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}}], 0x0, 0x0, 0x0}) 21:36:34 executing program 2: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='comm\x00') socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r0 = socket$inet6(0xa, 0x3, 0x1a) r1 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000340)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000a83000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000580)={0x1, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070") sched_setaffinity(0x0, 0x0, 0x0) fsetxattr$trusted_overlay_origin(r1, &(0x7f0000000200)='trusted.overlay.origin\x00', &(0x7f0000000240)='y\x00', 0x2, 0x2) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000008c0), 0xffffffffffffffff) r2 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r3 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0xc, 0x8010, r3, 0x0) setxattr$trusted_overlay_opaque(&(0x7f0000000040)='./file0/file0/../file0\x00', &(0x7f0000000180)='trusted.overlay.opaque\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x3) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000440)={0x19, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00634040000000000000001000000001000000000000005c49"], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000140)={0x4, 0x0, &(0x7f0000000000)=[@enter_looper], 0x1, 0xfffffdfd, &(0x7f00000000c0)="f2"}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)) 21:36:34 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) 21:36:34 executing program 1: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x0) [ 178.308855][ T7806] kvm: emulating exchange as write [ 178.339662][ T7811] binder: 7809:7811 transaction failed 29189/-22, size 0-0 line 2995 21:36:35 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) prctl$PR_SET_THP_DISABLE(0x29, 0x10000000000001) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mincore(&(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f0000000640)=""/229) 21:36:35 executing program 5: r0 = perf_event_open$cgroup(&(0x7f0000000240)={0x7, 0x70, 0x2, 0x7, 0x7863, 0x0, 0x0, 0x3ff, 0x2020, 0x0, 0x0, 0x9f, 0x0, 0x6, 0x2, 0x8, 0x80, 0xec4, 0xffffffff, 0x0, 0xff, 0xfffffffffffffffc, 0x6, 0x4, 0x3ff, 0x91e, 0x0, 0x162, 0x80, 0x100, 0x28, 0xffff, 0x101, 0x8001, 0x0, 0x0, 0x1ff, 0x2, 0x0, 0x40, 0x4, @perf_bp={0x0, 0x4}, 0x2000, 0x20, 0x7, 0x2, 0x8, 0x3, 0x6bf}, 0xffffffffffffff9c, 0x1, 0xffffffffffffffff, 0x7) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = gettid() r2 = perf_event_open$cgroup(&(0x7f0000000140)={0x4, 0x70, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x7fff, 0x0, 0x9, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, 0x200, 0x3, 0x0, 0x4, 0x0, 0xee, 0x7, 0x10000, 0x0, 0x0, 0x8, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x7, 0x1, 0x68e2ea6a, 0x0, 0x8}, 0xffffffffffffff9c, 0x5, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x1, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x8, 0x0, 0x4479b7fd, 0x5b9, 0x8, 0x3, 0x0, 0x0, 0x4e, 0x81, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x401, 0x400, 0x3f, 0x47abbb2a, 0x52, 0x6, 0x0, 0xfffffffffffffff8, 0x8, 0x0, 0x5, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x20000, 0x7, 0x2, 0x4, 0x0, 0x0, 0x1f}, r1, 0x0, r2, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0xda4fff08) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x660c, 0x5fc) [ 178.396208][ T7810] binder: undelivered transaction 3, put_user failed [ 178.427533][ T7810] binder: 7808:7810 ioctl c0306201 20000140 returned -14 21:36:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x4) sendmmsg(r0, &(0x7f00000000c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, 0x0}}], 0x400018a, 0x0) r1 = socket$inet(0x2, 0x3, 0x1c) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc5f123c123f319bd070") setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000000)=0xfffffffffffffffc, 0x4) recvmsg(r0, &(0x7f0000001f40)={&(0x7f0000001c00)=@isdn, 0x80, 0x0}, 0x0) [ 178.502129][ T2990] binder: undelivered TRANSACTION_ERROR: 29189 [ 178.530785][ T7828] binder: BINDER_SET_CONTEXT_MGR already set 21:36:35 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000480)='/dev/input/event#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000200)=""/65) [ 178.583209][ T7835] raw_sendmsg: syz-executor.1 forgot to set AF_INET. Fix it! [ 178.615442][ T7828] binder: 7808:7828 ioctl 40046207 0 returned -16 [ 178.636278][ T7810] binder_alloc: 7808: binder_alloc_buf, no vma [ 178.647688][ T7568] binder: undelivered TRANSACTION_COMPLETE [ 178.663103][ T7810] binder: 7808:7810 transaction failed 29189/-3, size 0-0 line 3148 [ 178.695656][ T7568] binder: undelivered TRANSACTION_ERROR: 29189 21:36:35 executing program 4: setuid(0xee01) request_key(&(0x7f0000000280)='id_resolver\x00', &(0x7f00000002c0)={'syz'}, 0x0, 0x0) 21:36:35 executing program 2: mkdir(0x0, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet(0x2, 0x2, 0x0) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) clone(0x4800a000, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) [ 178.916059][ T7848] IPVS: ftp: loaded support on port[0] = 21 [ 178.984680][ T7848] IPVS: ftp: loaded support on port[0] = 21 21:36:35 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000006c0)={'eql\x00'}) sendto$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 21:36:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x9, &(0x7f0000000200)=[@dstype3], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:35 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x80000006}]}, 0x10) 21:36:35 executing program 4: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(&(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='tmpfs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x0) [ 179.119833][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 179.126208][ C0] protocol 88fb is buggy, dev hsr_slave_1 21:36:35 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000740)='\x00\a\x00\x00\x00\x00\x00\x00\x00G\xe3U:Q<\x16%\x98\xff\xf2\xbe\xeb\x88i\x16\x02\xb5\x83\x19\xf3w\x18\xd7\x96\x05\x00y\x93\xd3W\xc4-l\xcf\xa5R\xf4RF\xf2>Ihm\xe2\x86\xd2\xf1\xd6\xb6\xff<\xa4}\xcb\x99\x9fq\x1dF\xe0\x90\xb3\xe3\x05Y\xfex\x0f\x17\xf7s\xd51\xdf\xeb\xa5\x03\xf7\xaf\xb0\x1d@p5\x9c|\xd3\xdc\xa8\x025\x87tT&|i\xc9\xa8\x95\\\xf2\xb5\ay\xc8\xc8R\x92\xf1#\x9bsm\xf6F\x83\xd7\x13L\x94\xf8}\xc7m>\xe4]\xde\xfa=d\xc5\xf7\x115\xd7!w\xda\xd3H\x06c)\xb4\xf3\xbc\x0f\xe3V\x9d\xf8\x8b|1\r\xd4X\xae\\\xd5\x9a4J\n\xac\xd1\x9f\a\xa0\xf6\x97zr\x0f\x04\x00\x00\x00\x1f\xe0\f,\x9e\x13\xdf\xf4\xc3)mzB\xe0Y\xc3n|M\xc5\xf7\xd0\x94\xfb\x19\x9b\xefS\xf8zi0\xb5v\xde\xed\xccl\xe9\x0e-\xef\x9dN&%\x80A\xacn\x8c~7\x18\x94\x94\xd9\x8f\xd1\xe13\xd9\xa6\xb3\xa7\xf3\xcf\xb3,\x9b\xd8x\x94\xb7\x8f\xcf?\xda\v\xe7\xd2!\x8c\xa8\xe3F\x81\xee\x1c\x1c\xa7\xbcnU!R\xbc,T\xbeA\xe3\x15E\x15:f0\"\x9fJ\xc1Z\xeeu\'\x7f\xc1\x1c\xcb\x04\xf34F[\xf7\xc8VK\xad\x90') getdents64(r0, &(0x7f00000000c0)=""/184, 0x401) getdents(r0, &(0x7f0000000ea9)=""/407, 0x197) 21:36:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f3188b070") fanotify_mark(0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0) 21:36:35 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x8, &(0x7f0000000280)="0adc1f023c123f3188a070") r1 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x101002, 0x0) accept4$inet6(r1, &(0x7f0000000340)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000380)=0x1c, 0x80000) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2d6d656d2f696f202f0175a486202b6d656d6f72790e006b6401923ea03ecf84000049df0107"], 0x26) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000040)={0x9, 0x4, 0xfffffffffffffff9, 0x0, 0x7d0974d3}) ioctl$int_in(r2, 0x800000c0045006, &(0x7f00000004c0)=0x100000035) socketpair(0x1, 0x5, 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f00000004c0)=0x0) sched_setaffinity(r3, 0xfffffffffffffff8, &(0x7f0000000140)=0x40000000000009) r4 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000b60000/0x4000)=nil) r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r6 = shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x7000) shmat(r4, &(0x7f0000b62000/0x1000)=nil, 0x0) shmdt(r6) syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') clone(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0) inotify_add_watch(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x20) fsetxattr$security_evm(r2, &(0x7f0000000200)='security.evm\x00', &(0x7f0000000480)=@sha1={0x1, "ff04d18c25564647592d485f6e3abd563af9bbc9"}, 0x8, 0x0) r7 = fcntl$dupfd(0xffffffffffffffff, 0x406, r5) ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x891c, &(0x7f0000000000)={'team_slave_0\x00', {0x2, 0x4e20, @multicast1}}) read$FUSE(r2, &(0x7f0000000500), 0x1000) [ 179.200027][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 179.206323][ C1] protocol 88fb is buggy, dev hsr_slave_1 21:36:36 executing program 5: r0 = perf_event_open$cgroup(&(0x7f0000000240)={0x7, 0x70, 0x2, 0x7, 0x7863, 0x0, 0x0, 0x3ff, 0x2020, 0x0, 0x0, 0x9f, 0x0, 0x6, 0x2, 0x8, 0x80, 0xec4, 0xffffffff, 0x0, 0xff, 0xfffffffffffffffc, 0x6, 0x4, 0x3ff, 0x91e, 0x0, 0x162, 0x80, 0x100, 0x28, 0xffff, 0x101, 0x8001, 0x0, 0x0, 0x1ff, 0x2, 0x0, 0x40, 0x4, @perf_bp={0x0, 0x4}, 0x2000, 0x20, 0x7, 0x2, 0x8, 0x3, 0x6bf}, 0xffffffffffffff9c, 0x1, 0xffffffffffffffff, 0x7) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = gettid() r2 = perf_event_open$cgroup(&(0x7f0000000140)={0x4, 0x70, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x7fff, 0x0, 0x9, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, 0x200, 0x3, 0x0, 0x4, 0x0, 0xee, 0x7, 0x10000, 0x0, 0x0, 0x8, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x7, 0x1, 0x68e2ea6a, 0x0, 0x8}, 0xffffffffffffff9c, 0x5, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x1, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x8, 0x0, 0x4479b7fd, 0x5b9, 0x8, 0x3, 0x0, 0x0, 0x4e, 0x81, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x401, 0x400, 0x3f, 0x47abbb2a, 0x52, 0x6, 0x0, 0xfffffffffffffff8, 0x8, 0x0, 0x5, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x20000, 0x7, 0x2, 0x4, 0x0, 0x0, 0x1f}, r1, 0x0, r2, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0xda4fff08) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x660c, 0x5fc) 21:36:36 executing program 3: chdir(0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000180)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) sched_setattr(0x0, 0x0, 0x0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x20400040c2, 0x0) r2 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) write(r1, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d4485730984", 0x156) sendfile(r1, r2, 0x0, 0x10000) 21:36:36 executing program 2: r0 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'veth1_to_hsr\x00', &(0x7f0000000180)=@ethtool_cmd={0x17}}) 21:36:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x32, 0x1000002da) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000087, 0x0) 21:36:36 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x5450, 0x0) [ 179.632955][ T26] audit: type=1800 audit(1554672996.217:39): pid=7905 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16576 res=0 21:36:36 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[@ANYRES64], 0xffffff7c) r2 = socket$inet(0x2, 0x3, 0xff) connect$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10) splice(r0, 0x0, r2, 0x0, 0x110005, 0x0) 21:36:36 executing program 0: r0 = creat(&(0x7f0000000680)='./bus\x00', 0x0) fallocate(r0, 0x0, 0x0, 0xa001) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$binfmt_misc(r0, &(0x7f00000001c0)={'syz0'}, 0x4) write$P9_RREMOVE(r2, &(0x7f0000000180)={0x6e785e3d1cb434ee}, 0x14df) syncfs(r1) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000100)={0x0, r2}) fdatasync(r0) 21:36:36 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000500), 0x0) prctl$PR_SVE_GET_VL(0x33, 0x17faf) read(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) ioctl$UI_SET_KEYBIT(0xffffffffffffffff, 0x40045565, 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) rt_sigaction(0x6, &(0x7f0000000280)={&(0x7f00000001c0)="44de31d3d2c401b173dacec4030d790b3e8f0850edc55c660f140366440fe44cc205460f1f40000fc0e28fc9489bf2", {0x9}, 0x2, &(0x7f0000000240)="c4e17d515d2b4c0fc7659af001a313000000457945d8268f69709beec44201a79162000000c4c2ad9dfb2ef20f184f00420f478aac1fb219"}, &(0x7f0000000480)={&(0x7f00000002c0)="c482797883fcffffffc462013d470e410f9873e7c4a12915a691db000041814ba600f0ffffc4c2cd8e5f0043830800c4e25d9bdec421fd73d5008fa990902a", {}, 0x0, &(0x7f0000000380)="c481715ede8fe978c37c8048c4c15dfe1dffefffffc462d9bcc8d9c3f0819f7ba454cb000000009cc482f92144da0bc482b5920454c461ad599d65566666"}, 0x8, &(0x7f00000004c0)) utime(0x0, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) umount2(&(0x7f0000000000)='./file0\x00', 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000700)=ANY=[], 0x0) readv(0xffffffffffffffff, 0x0, 0x0) ioctl$VIDIOC_DQEVENT(0xffffffffffffffff, 0x80885659, &(0x7f00000003c0)={0x0, @ctrl}) r1 = syz_open_dev$dmmidi(0x0, 0x4, 0x0) fcntl$getownex(r1, 0x10, &(0x7f00000000c0)) [ 179.789859][ T26] audit: type=1804 audit(1554672996.217:40): pid=7905 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir128908957/syzkaller.kBcB8F/7/file0" dev="sda1" ino=16576 res=1 [ 179.967907][ T26] audit: type=1804 audit(1554672996.327:41): pid=7905 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir128908957/syzkaller.kBcB8F/7/file0" dev="sda1" ino=16576 res=1 [ 180.241122][ T26] audit: type=1804 audit(1554672996.327:42): pid=7905 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir128908957/syzkaller.kBcB8F/7/file0" dev="sda1" ino=16576 res=1 21:36:37 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) keyctl$setperm(0x8, 0x0, 0x20709a85fffffff9) 21:36:37 executing program 0: r0 = creat(&(0x7f0000000680)='./bus\x00', 0x0) fallocate(r0, 0x0, 0x0, 0xa001) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$binfmt_misc(r0, &(0x7f00000001c0)={'syz0'}, 0x4) write$P9_RREMOVE(r2, &(0x7f0000000180)={0x6e785e3d1cb434ee}, 0x14df) syncfs(r1) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000100)={0x0, r2}) fdatasync(r0) 21:36:37 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x8, &(0x7f0000000280)="0adc1f023c123f3188a070") r1 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x101002, 0x0) accept4$inet6(r1, &(0x7f0000000340)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000380)=0x1c, 0x80000) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2d6d656d2f696f202f0175a486202b6d656d6f72790e006b6401923ea03ecf84000049df0107"], 0x26) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000040)={0x9, 0x4, 0xfffffffffffffff9, 0x0, 0x7d0974d3}) ioctl$int_in(r2, 0x800000c0045006, &(0x7f00000004c0)=0x100000035) socketpair(0x1, 0x5, 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f00000004c0)=0x0) sched_setaffinity(r3, 0xfffffffffffffff8, &(0x7f0000000140)=0x40000000000009) r4 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000b60000/0x4000)=nil) r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r6 = shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x7000) shmat(r4, &(0x7f0000b62000/0x1000)=nil, 0x0) shmdt(r6) syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') clone(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0) inotify_add_watch(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x20) fsetxattr$security_evm(r2, &(0x7f0000000200)='security.evm\x00', &(0x7f0000000480)=@sha1={0x1, "ff04d18c25564647592d485f6e3abd563af9bbc9"}, 0x8, 0x0) r7 = fcntl$dupfd(0xffffffffffffffff, 0x406, r5) ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x891c, &(0x7f0000000000)={'team_slave_0\x00', {0x2, 0x4e20, @multicast1}}) read$FUSE(r2, &(0x7f0000000500), 0x1000) 21:36:37 executing program 4: keyctl$setperm(0x8, 0x0, 0x20709a85b3b6a722) 21:36:37 executing program 5: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:36:37 executing program 0: r0 = creat(&(0x7f0000000680)='./bus\x00', 0x0) fallocate(r0, 0x0, 0x0, 0xa001) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$binfmt_misc(r0, &(0x7f00000001c0)={'syz0'}, 0x4) write$P9_RREMOVE(r2, &(0x7f0000000180)={0x6e785e3d1cb434ee}, 0x14df) syncfs(r1) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000100)={0x0, r2}) fdatasync(r0) 21:36:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000140)="48b869a40000000000000f23c00f21f835000005000f23f86565664b0f3a61d70348b8ed2c0000000000000f23c00f21f835000009000f23f8c7442400030b9441c744240200700000c7442406000000000f011424c74424004d000000c74424020d000000ff2c24c442a19ce866b84a008ed0c744240006000000c744240200900000c7442406000000000f01142466ba4000ec66400f38809853360000", 0x9e}], 0x1, 0x9, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:37 executing program 4: keyctl$setperm(0x8, 0x0, 0x20709a85b3b6a722) 21:36:37 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x0, 0x0) unshare(0x0) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) pselect6(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000340)={0x0, 0x1c9c380}, &(0x7f00000003c0)={&(0x7f0000000380), 0x8}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40042406, &(0x7f0000000280)='\x00') mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(&(0x7f00000004c0)=ANY=[], &(0x7f000000aff8)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, &(0x7f0000000000)) ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000007c0)) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x100000000000009) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x200000000000000, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fchdir(r1) ioctl$VT_GETMODE(r0, 0x5601, &(0x7f00000002c0)) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) umount2(&(0x7f0000000000)='./file0\x00', 0x0) creat(&(0x7f0000000200)='./bus\x00', 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) gettid() ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070") r2 = syz_open_dev$dmmidi(0x0, 0x8000, 0x20100) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$SCSI_IOCTL_PROBE_HOST(r2, 0x5385, &(0x7f0000000080)=ANY=[@ANYBLOB="3c000000000000000000000000000000000000000000afda00"/40]) ioctl(0xffffffffffffffff, 0x800000000000937e, 0x0) [ 181.000623][ T7962] FAT-fs (loop5): bogus number of reserved sectors 21:36:37 executing program 2: syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 21:36:37 executing program 4: keyctl$setperm(0x8, 0x0, 0x20709a85b3b6a722) [ 181.161408][ T7962] FAT-fs (loop5): Can't find a valid FAT filesystem [ 181.352671][ T7962] FAT-fs (loop5): bogus number of reserved sectors [ 181.390160][ T7962] FAT-fs (loop5): Can't find a valid FAT filesystem 21:36:38 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) keyctl$setperm(0x8, 0x0, 0x20709a85fffffff8) 21:36:38 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x5}, {0x80000006}]}, 0x10) 21:36:38 executing program 4: keyctl$setperm(0x8, 0x0, 0x20709a85b3b6a722) 21:36:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000008c0)='net/dev\x00\xbc\xa8 \xb3[\xads\xec(\xaa\xc3\x98\xa0\xff\xd8.1?\x97i\x03\xc1[\xedn9\x9c\xf3a\xa2p\xa8\xb5F\xeea%\xa0\xe5k\xf5i\xb8\xa5\x98W\xdeD\xe02\x9b7$\xa7\xc5M\x8d\xd7\x95\xe2\xd9|y\x97K\xc8\x8a\xcd\xc6{\xcap\xec\xa8\xcfxL6J;[\xe7\x1c7\xe1\x9a<\xb0\x1e\xcfw\xc1=\xf5\x1c\x9cG\x85a\xae\xc9\xb8\xcak\x89\x82\xfe!\t\xf7Yf\xda\xf8\xed\xd6\xb9\x18\x81\x04z\x86\xdad2\xc9\x8c;O\xfb\x8e?\xf4>o\xa7K\xec\x1c\x03g*{2\xb1=\xb6;\xf5\xd7x\x06\x9dwHM\x88:\x86$\xffG\xf5\xaa\x1a\b%}\xbc') preadv(r0, &(0x7f0000000180)=[{&(0x7f0000000100)=""/49, 0x31}, {&(0x7f0000000240)=""/155, 0x9b}], 0x2, 0x400000000000) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x4000, &(0x7f0000000340)=ANY=[@ANYBLOB="2c6465665f6f6e740100743d726f6f"]) semget(0x2, 0x4, 0x184) ioctl$KVM_GET_PIT(r0, 0xc048ae65, &(0x7f0000000440)) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000080)) 21:36:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x8, &(0x7f0000000280)="0adc1f023c123f3188a070") r1 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x101002, 0x0) accept4$inet6(r1, &(0x7f0000000340)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000380)=0x1c, 0x80000) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2d6d656d2f696f202f0175a486202b6d656d6f72790e006b6401923ea03ecf84000049df0107"], 0x26) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000040)={0x9, 0x4, 0xfffffffffffffff9, 0x0, 0x7d0974d3}) ioctl$int_in(r2, 0x800000c0045006, &(0x7f00000004c0)=0x100000035) socketpair(0x1, 0x5, 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f00000004c0)=0x0) sched_setaffinity(r3, 0xfffffffffffffff8, &(0x7f0000000140)=0x40000000000009) r4 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000b60000/0x4000)=nil) r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r6 = shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x7000) shmat(r4, &(0x7f0000b62000/0x1000)=nil, 0x0) shmdt(r6) syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') clone(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0) inotify_add_watch(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x20) fsetxattr$security_evm(r2, &(0x7f0000000200)='security.evm\x00', &(0x7f0000000480)=@sha1={0x1, "ff04d18c25564647592d485f6e3abd563af9bbc9"}, 0x8, 0x0) r7 = fcntl$dupfd(0xffffffffffffffff, 0x406, r5) ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x891c, &(0x7f0000000000)={'team_slave_0\x00', {0x2, 0x4e20, @multicast1}}) read$FUSE(r2, &(0x7f0000000500), 0x1000) 21:36:38 executing program 5: syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x0, 0x0) r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capi20\x00', 0x0, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, &(0x7f0000000040)) 21:36:38 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:38 executing program 4: keyctl$setperm(0x8, 0x0, 0x0) 21:36:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000100)='t\bnu\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x00', 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000040)='9', 0x1}], 0x1, 0x881806) read(r0, &(0x7f0000000000)=""/30, 0xfffffe4c) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000140)) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 21:36:38 executing program 4: keyctl$setperm(0x8, 0x0, 0x0) 21:36:38 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000100)='t\bnu\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x00', 0x0) pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000040)='9', 0x1}], 0x1, 0x881806) read(r0, &(0x7f0000000000)=""/30, 0xfffffe4c) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) 21:36:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000008c0)='net/dev\x00\xbc\xa8 \xb3[\xads\xec(\xaa\xc3\x98\xa0\xff\xd8.1?\x97i\x03\xc1[\xedn9\x9c\xf3a\xa2p\xa8\xb5F\xeea%\xa0\xe5k\xf5i\xb8\xa5\x98W\xdeD\xe02\x9b7$\xa7\xc5M\x8d\xd7\x95\xe2\xd9|y\x97K\xc8\x8a\xcd\xc6{\xcap\xec\xa8\xcfxL6J;[\xe7\x1c7\xe1\x9a<\xb0\x1e\xcfw\xc1=\xf5\x1c\x9cG\x85a\xae\xc9\xb8\xcak\x89\x82\xfe!\t\xf7Yf\xda\xf8\xed\xd6\xb9\x18\x81\x04z\x86\xdad2\xc9\x8c;O\xfb\x8e?\xf4>o\xa7K\xec\x1c\x03g*{2\xb1=\xb6;\xf5\xd7x\x06\x9dwHM\x88:\x86$\xffG\xf5\xaa\x1a\b%}\xbc') preadv(r0, &(0x7f0000000180)=[{&(0x7f0000000100)=""/49, 0x31}, {&(0x7f0000000240)=""/155, 0x9b}], 0x2, 0x400000000000) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x4000, &(0x7f0000000340)=ANY=[@ANYBLOB="2c6465665f6f6e740100743d726f6f"]) semget(0x2, 0x4, 0x184) ioctl$KVM_GET_PIT(r0, 0xc048ae65, &(0x7f0000000440)) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000080)) 21:36:38 executing program 4: keyctl$setperm(0x8, 0x0, 0x0) 21:36:38 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x0, 0x0}) 21:36:39 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x9, &(0x7f0000000000)={@local, @multicast2, @remote}, 0x24e) r1 = socket$inet6_icmp_raw(0x1c, 0x3, 0x3a) getsockopt$inet_mreqn(r0, 0x0, 0x9, &(0x7f00000000c0)={@loopback, @loopback, 0x0}, &(0x7f0000000100)=0xc) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x2e, &(0x7f0000000040)={@local, r2}, 0x14) 21:36:39 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000002c0)="0adc1f123c123f3188b070") r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/udmabuf\x00', 0x2) ioctl$UDMABUF_CREATE_LIST(r1, 0x40087543, &(0x7f0000000100)) 21:36:39 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000140)="440f20c03502000000440f22c0f4410f216344d9f5450f235ec7442400fa510000c744240201000000c7442406000000000f011c2466baf80cb8d28d3885ef66bafc0cb007ee0f20e035020000000f22e0190d7a080000b805000000b9b785e7770f01d9", 0x64}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:39 executing program 1: syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r2 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r1, 0x6) setsockopt(r2, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(r2, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) sendmmsg(r2, &(0x7f0000005700)=[{{&(0x7f0000003900)=@pptp, 0x80, &(0x7f0000003b80), 0x3a5, &(0x7f0000003bc0)}}], 0x3a6, 0x0) 21:36:39 executing program 0: perf_event_open$cgroup(&(0x7f0000000240)={0x0, 0x70, 0x0, 0x0, 0x7863, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x9f, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xff, 0xfffffffffffffffc, 0x0, 0x0, 0x3ff, 0x91e, 0x0, 0x162, 0x80, 0x100, 0x28, 0xffff, 0x101, 0x8001, 0x0, 0x0, 0x1ff, 0x2, 0x0, 0x40, 0x4, @perf_bp={0x0}, 0x2000, 0x20, 0x7, 0x2, 0x0, 0x3, 0x6bf}, 0xffffffffffffff9c, 0x1, 0xffffffffffffffff, 0x7) r0 = perf_event_open$cgroup(&(0x7f0000000140)={0x4, 0x70, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x7fff, 0x0, 0x9, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, 0x200, 0x3, 0x0, 0x4, 0x0, 0xee, 0x7, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, 0x8}, 0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x1, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x8, 0x0, 0x4479b7fd, 0x0, 0x8, 0x3, 0x0, 0x0, 0x4e, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x401, 0x0, 0x3f, 0x0, 0x52, 0x6, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x20000, 0x7, 0x2, 0x4, 0x0, 0x4893}, 0x0, 0x0, r0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0xda4fff08) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x660c, 0x5fc) 21:36:39 executing program 1: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capi20\x00', 0x0, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, &(0x7f0000000040)={0xa}) 21:36:39 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:39 executing program 5: 21:36:39 executing program 2: 21:36:40 executing program 5: 21:36:40 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000140)="440f20c03502000000440f22c0f4410f216344d9f5450f235ec7442400fa510000c744240201000000c7442406000000000f011c2466baf80cb8d28d3885ef66bafc0cb007ee0f20e035020000000f22e0190d7a080000b805000000b9b785e7770f01d9", 0x64}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:40 executing program 2: 21:36:40 executing program 0: 21:36:40 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:40 executing program 1: 21:36:40 executing program 1: 21:36:40 executing program 2: 21:36:40 executing program 5: 21:36:40 executing program 0: 21:36:40 executing program 2: 21:36:40 executing program 5: 21:36:40 executing program 1: 21:36:40 executing program 4: 21:36:40 executing program 0: 21:36:40 executing program 5: 21:36:40 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:40 executing program 1: 21:36:40 executing program 2: 21:36:40 executing program 0: 21:36:40 executing program 5: 21:36:40 executing program 4: 21:36:40 executing program 0: 21:36:40 executing program 5: 21:36:40 executing program 1: 21:36:40 executing program 2: 21:36:40 executing program 4: 21:36:40 executing program 0: 21:36:41 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:41 executing program 5: 21:36:41 executing program 1: 21:36:41 executing program 2: 21:36:41 executing program 4: 21:36:41 executing program 0: 21:36:41 executing program 1: 21:36:41 executing program 2: 21:36:41 executing program 5: 21:36:41 executing program 4: 21:36:41 executing program 0: 21:36:41 executing program 2: 21:36:41 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:41 executing program 1: 21:36:41 executing program 5: 21:36:41 executing program 2: 21:36:41 executing program 4: 21:36:41 executing program 0: 21:36:41 executing program 2: 21:36:41 executing program 5: 21:36:41 executing program 4: 21:36:41 executing program 1: 21:36:41 executing program 0: 21:36:41 executing program 2: 21:36:41 executing program 5: 21:36:41 executing program 4: 21:36:41 executing program 1: 21:36:41 executing program 0: 21:36:41 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:41 executing program 2: 21:36:41 executing program 5: 21:36:41 executing program 0: 21:36:41 executing program 1: 21:36:41 executing program 4: 21:36:41 executing program 2: 21:36:42 executing program 0: 21:36:42 executing program 4: 21:36:42 executing program 5: 21:36:42 executing program 1: 21:36:42 executing program 2: 21:36:42 executing program 1: 21:36:42 executing program 0: 21:36:42 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:42 executing program 5: 21:36:42 executing program 2: 21:36:42 executing program 4: 21:36:42 executing program 1: 21:36:42 executing program 5: 21:36:42 executing program 4: 21:36:42 executing program 2: 21:36:42 executing program 0: 21:36:42 executing program 1: 21:36:42 executing program 2: 21:36:42 executing program 5: 21:36:42 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:42 executing program 0: 21:36:42 executing program 4: 21:36:42 executing program 2: 21:36:42 executing program 1: 21:36:42 executing program 5: 21:36:42 executing program 0: 21:36:42 executing program 4: 21:36:42 executing program 2: 21:36:42 executing program 1: 21:36:42 executing program 0: 21:36:42 executing program 5: 21:36:42 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:42 executing program 4: 21:36:42 executing program 2: 21:36:42 executing program 5: 21:36:43 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x481, 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_redirect(0x0, 0x0, 0x0, 0x0, 0x0) write$P9_RWRITE(0xffffffffffffffff, 0x0, 0x0) write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x0) dup3(r0, r1, 0x0) getresuid(0x0, 0x0, 0x0) write$P9_RMKNOD(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0) ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f00000002c0)) 21:36:43 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000100), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2040100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) syz_execute_func(&(0x7f0000000200)="410f01f964ff0941c3c4e2c99758423e46d8731266420fe2e33e0f1110c442019dcc6f") setsockopt$inet_mreq(r1, 0x0, 0x23, 0x0, 0x0) connect$unix(r1, 0x0, 0x0) 21:36:43 executing program 1: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x0) 21:36:43 executing program 2: socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xfffffffffffffd76}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="020100030e000000030000000000000005000600000000000a0000400000000400000000000000000000002100004000000100000000000002000100010000fdff00000200fd000005000500000000000a004872bbb6896209000000000000009aec3f3f7710aa000000ff1700400000"], 0x70}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x8000000000000e3, 0x0) 21:36:43 executing program 5: 21:36:43 executing program 4: 21:36:43 executing program 5: 21:36:43 executing program 2: 21:36:43 executing program 4: 21:36:43 executing program 2: 21:36:43 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:43 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000180)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MARK_BUFS(r0, 0x40206417, &(0x7f00000000c0)) 21:36:43 executing program 4: syz_mount_image$btrfs(&(0x7f0000000400)='btrfs\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:36:43 executing program 0: 21:36:43 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff020}, {0x80000006}]}, 0x10) 21:36:43 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff024}, {0x80000006}]}, 0x10) 21:36:43 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff000}, {0x80000006}]}, 0x10) 21:36:43 executing program 4: 21:36:43 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:43 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff014}, {0x80000006}]}, 0x10) 21:36:43 executing program 4: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0) 21:36:43 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:44 executing program 0: r0 = perf_event_open$cgroup(&(0x7f0000000240)={0x0, 0x70, 0x2, 0x7, 0x7863, 0x0, 0x0, 0x3ff, 0x2020, 0x0, 0x0, 0x9f, 0x0, 0x6, 0x2, 0x8, 0x80, 0xec4, 0x0, 0x0, 0xff, 0xfffffffffffffffc, 0x6, 0x4, 0x3ff, 0x91e, 0x0, 0x162, 0x80, 0x100, 0x28, 0xffff, 0x101, 0x8001, 0x0, 0x0, 0x1ff, 0x2, 0x0, 0x40, 0x4, @perf_bp={0x0, 0x4}, 0x2000, 0x20, 0x7, 0x2, 0x8, 0x3, 0x6bf}, 0xffffffffffffff9c, 0x1, 0xffffffffffffffff, 0x7) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = gettid() perf_event_open$cgroup(&(0x7f0000000140)={0x4, 0x70, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x7fff, 0x0, 0x9, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, 0x200, 0x3, 0x0, 0x0, 0x0, 0xee, 0x7, 0x10000, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x1, 0x68e2ea6a, 0x0, 0x8}, 0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x1, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x8, 0x0, 0x4479b7fd, 0x0, 0x8, 0x3, 0x0, 0x0, 0x4e, 0x81, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x401, 0x400, 0x3f, 0x47abbb2a, 0x52, 0x6, 0x0, 0xfffffffffffffff8, 0x8, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x20000, 0x7, 0x2, 0x4, 0x0, 0x4893, 0x1f}, r1, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0xda4fff08) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x660c, 0x5fc) 21:36:44 executing program 4: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0) 21:36:44 executing program 2: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) recvmmsg(r0, &(0x7f0000002900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40012040, 0x0) 21:36:44 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff000}, {0x80000006}]}, 0x10) 21:36:44 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000080)=0x3, 0xdd) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x32, 0x1000002da) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000087, 0x0) 21:36:44 executing program 2: r0 = socket$inet(0x2, 0xa, 0x2000004000000) ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000001640)=""/207) ioctl$PPPIOCDISCONN(0xffffffffffffffff, 0x7439) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$inet(r0, 0x0, 0x0, 0x41, &(0x7f0000001780)={0x2, 0x0, @local}, 0x10) 21:36:44 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:44 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff028}, {0x80000006}]}, 0x10) 21:36:44 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff018}, {0x80000006}]}, 0x10) [ 187.725020][ T8387] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET) 21:36:44 executing program 2: r0 = socket$inet(0x2, 0xa, 0x2000004000000) ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000001640)=""/207) ioctl$PPPIOCDISCONN(0xffffffffffffffff, 0x7439) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$inet(r0, 0x0, 0x0, 0x41, &(0x7f0000001780)={0x2, 0x0, @local}, 0x10) 21:36:44 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:44 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x48, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) 21:36:45 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000080)=0x3, 0xdd) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x32, 0x1000002da) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x400000000000087, 0x0) 21:36:45 executing program 5: r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0xfffffffffffffffe) r1 = accept4(r0, 0x0, 0x0, 0x0) write$binfmt_elf32(r1, &(0x7f0000000200)=ANY=[], 0xff42) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x2}, 0x8) 21:36:45 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:45 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff028}, {0x80000006}]}, 0x10) 21:36:45 executing program 0: r0 = perf_event_open$cgroup(&(0x7f0000000240)={0x0, 0x70, 0x2, 0x7, 0x7863, 0x0, 0x0, 0x3ff, 0x2020, 0x0, 0x0, 0x9f, 0x0, 0x6, 0x2, 0x8, 0x80, 0xec4, 0x0, 0x0, 0xff, 0xfffffffffffffffc, 0x6, 0x4, 0x3ff, 0x91e, 0x0, 0x162, 0x80, 0x100, 0x28, 0xffff, 0x101, 0x8001, 0x0, 0x0, 0x1ff, 0x2, 0x0, 0x40, 0x4, @perf_bp={0x0, 0x4}, 0x2000, 0x20, 0x7, 0x2, 0x8, 0x3, 0x6bf}, 0xffffffffffffff9c, 0x1, 0xffffffffffffffff, 0x7) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = gettid() perf_event_open$cgroup(&(0x7f0000000140)={0x4, 0x70, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x7fff, 0x0, 0x9, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, 0x200, 0x3, 0x0, 0x0, 0x0, 0xee, 0x7, 0x10000, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x1, 0x68e2ea6a, 0x0, 0x8}, 0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x1, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x8, 0x0, 0x4479b7fd, 0x0, 0x8, 0x3, 0x0, 0x0, 0x4e, 0x81, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x401, 0x400, 0x3f, 0x47abbb2a, 0x52, 0x6, 0x0, 0xfffffffffffffff8, 0x8, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x20000, 0x7, 0x2, 0x4, 0x0, 0x4893, 0x1f}, r1, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0xda4fff08) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x660c, 0x5fc) 21:36:45 executing program 2: r0 = socket$inet(0x2, 0xa, 0x2000004000000) ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000001640)=""/207) ioctl$PPPIOCDISCONN(0xffffffffffffffff, 0x7439) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$inet(r0, 0x0, 0x0, 0x41, &(0x7f0000001780)={0x2, 0x0, @local}, 0x10) 21:36:45 executing program 1: r0 = socket$inet(0x2, 0xa, 0x0) r1 = dup(r0) getpeername$packet(r1, 0x0, 0x0) 21:36:45 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:45 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)) syz_open_dev$vcsn(0x0, 0x0, 0x0) 21:36:45 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x34, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) 21:36:45 executing program 5: r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SIOCAX25ADDFWD(r0, 0x89ea, 0x0) 21:36:45 executing program 2: getresuid(0x0, 0x0, 0x0) eventfd(0xfff) socketpair(0x8000000000001e, 0x5, 0x0, &(0x7f000000dff8)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000140)="a3", 0x1}], 0x1) write(r0, 0x0, 0x0) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000785000), 0x34a) writev(r0, &(0x7f000063e000)=[{&(0x7f0000a66000)="da", 0x1}], 0x1) sendmmsg$alg(r1, &(0x7f0000236fc8)=[{0x0, 0x0, &(0x7f00000fff80), 0xc, &(0x7f00001e1e78)}], 0x4924924924926c8, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8000fffffffe) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) 21:36:45 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) write(r0, &(0x7f0000000280)="fc0000004900071f8ae8c904090007000aab6000000000000000e293212001c000000000000000000000ffff0000000000001ec28656aaa79bb94b46fe000000bc000200000300f92fbe780196370d1151ffd633d4500000003cadfd4e78a2334d9fc9e3939bede5d18064b1ed548d59c40a366c57c6a55e00000100d07302add7d5bbc91a3e2e80772c05defd5a32e280fc83ab820f06f70cce190a60aa47e9883997f391064e763b6f380f5bd92c83170e5bba4a463a1e00566f91cfded815b2ccd243f295ed94e0ad91bd0734babc7c737d670133755334170004df0200000000000000a6b567b4d5715587e6d8a1ad0a4f0108a8835d8f1d05b0", 0xfc) 21:36:45 executing program 5: fcntl$getflags(0xffffffffffffffff, 0x40b) fcntl$setflags(0xffffffffffffffff, 0x2, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000080)={0x750, {0x2, 0x4e22}, {0x2, 0x0, @remote}, {0x2, 0x0, @loopback}, 0x45, 0x8, 0x5, 0x46a, 0xfdffffff, 0x0, 0x0, 0x2000000000003}) openat$rtc(0xffffffffffffff9c, 0x0, 0x50000, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, 0x0, &(0x7f0000000480)) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) syz_genetlink_get_family_id$tipc(0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f00000003c0)) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000500)) pipe2(0x0, 0x0) getsockopt$bt_sco_SCO_OPTIONS(0xffffffffffffffff, 0x11, 0x1, 0x0, &(0x7f00000000c0)) 21:36:45 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:45 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000200)="fe35dad6972162fcb97e43787af5e3e0", 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x800, 0x0) io_destroy(0x0) sendmmsg$unix(r2, &(0x7f00000003c0)=[{&(0x7f0000000240)=@abs, 0x6e, &(0x7f0000000ac0)=[{&(0x7f0000000100)="0eb49a4e48", 0x5}], 0x1, 0x0, 0x0, 0x80}], 0x1, 0x80) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\'', 0x1ff) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) ioctl$SG_GET_PACK_ID(r2, 0x227c, 0x0) ioctl(r3, 0x8914, 0x0) r4 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r4, 0xc0045520, 0x0) add_key$user(&(0x7f0000000140)='user\x00', &(0x7f0000000180)={'syz'}, &(0x7f0000000400)="25189be01893c1e78e741180723237b0491ada8c414da0f30a9915bc5f95a30d4394b2730d37de9243acf96496edb4b63d7feda4d636b4eb74086bc0dbaaad6abd83acb8176978cc788691f64ed1c61091fa1d3e8fa0744c1de33f88a68bb64c9db39210ab35604ddc13ffe6cb", 0x6d, 0xfffffffffffffffb) write$FUSE_DIRENT(r2, &(0x7f0000000500)={0xa8, 0x0, 0x6, [{0x0, 0x188, 0xf, 0x100, '/dev/dlm_plock\x00'}, {0x4, 0x0, 0x0, 0x5}, {0x0, 0x400, 0x1, 0x9, ','}, {0x0, 0x6, 0x3, 0x0, 'syz'}, {}]}, 0xa8) write$P9_RREMOVE(r4, &(0x7f0000000300)={0x7, 0x7b, 0x1}, 0x7) bind$inet6(r1, &(0x7f0000000500)={0xa, 0x200000002}, 0x1c) listen(r1, 0x3) connect$inet(r0, &(0x7f0000000000)={0x2, 0x2, @multicast2}, 0x10) r5 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x0, 0x20042) ioctl$EVIOCGABS20(r5, 0x80184560, &(0x7f0000000080)=""/82) close(r1) [ 189.173948][ T8467] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'. [ 189.264860][ T8467] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'. 21:36:46 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000fbe000)={0x1, &(0x7f0000000000)=[{0x80000006}]}, 0x10) 21:36:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:46 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) keyctl$setperm(0x8, 0x0, 0x20709a85b3b6a722) 21:36:46 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r1, 0x40087602, 0x0) 21:36:46 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}}], 0x96, 0x0, &(0x7f00000002c0)="bb66d8564b841f73ed736a6e8d93656fe1bab936cd0258abec9fc7a7d782ed33d5fca3bfd87203f179edf3bfd2d5d6b6d0fa8b9c07ff5f616d1fcda357d9851fd48f7448d891f4b967788dd501f81643ec81a808e9f345de228c02a1603749950d981e65c8d32d88caf483920c0c0e8c351ca083b85342654529a125b3bcaf684e948b29d6f9eaf2e3fc32d13cbb3362f1b93d64847c"}) [ 189.894941][ T8514] binder: 8513:8514 transaction failed 29189/-22, size 0-0 line 2995 21:36:46 executing program 2: getresuid(0x0, 0x0, 0x0) eventfd(0xfff) socketpair(0x8000000000001e, 0x5, 0x0, &(0x7f000000dff8)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000140)="a3", 0x1}], 0x1) write(r0, 0x0, 0x0) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000785000), 0x34a) writev(r0, &(0x7f000063e000)=[{&(0x7f0000a66000)="da", 0x1}], 0x1) sendmmsg$alg(r1, &(0x7f0000236fc8)=[{0x0, 0x0, &(0x7f00000fff80), 0xc, &(0x7f00001e1e78)}], 0x4924924924926c8, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8000fffffffe) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) 21:36:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:46 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000100)={0x7, 0x8, 0xfa00, {r1}}, 0x10) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000140)={0x7, 0x8, 0xfa00, {r1}}, 0x10) 21:36:46 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:36:46 executing program 4: syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f0000000080)=[@enter_looper={0x40046304}], 0x1, 0x0, &(0x7f0000000100)="f2"}) 21:36:46 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) [ 190.003026][ T8523] binder: 8521:8523 IncRefs 0 refcount change on invalid ref 0 ret -22 21:36:46 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:46 executing program 4: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x0, 0x0) unshare(0x0) pselect6(0x40, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000340)={0x0, 0x1c9c380}, &(0x7f00000003c0)={0x0}) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) ioctl$TIOCGSID(r0, 0x5429, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x100000000000009) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x200000000000000, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fchdir(0xffffffffffffffff) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, 0xffffffffffffffff, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)) r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x0, 0x20100) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f0000000080)=ANY=[@ANYBLOB]) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000440)='/dev/autofs\x00', 0x0, 0x0) ioctl(r2, 0x800000000000937e, &(0x7f0000000380)="6f000000000000007f") 21:36:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f3188b070") r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0xfffffffffffffffd, 0x31, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000000)) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000480)) 21:36:46 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:36:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") socket$inet_sctp(0x2, 0x0, 0x84) [ 190.268022][ T8548] autofs4:pid:8548:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(111.0), cmd(0x0000937e) [ 190.390397][ T8548] autofs4:pid:8548:validate_dev_ioctl: invalid device control module version supplied for cmd(0x0000937e) 21:36:47 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000480)) 21:36:47 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:47 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}}], 0x96, 0x0, &(0x7f00000002c0)="bb66d8564b841f73ed736a6e8d93656fe1bab936cd0258abec9fc7a7d782ed33d5fca3bfd87203f179edf3bfd2d5d6b6d0fa8b9c07ff5f616d1fcda357d9851fd48f7448d891f4b967788dd501f81643ec81a808e9f345de228c02a1603749950d981e65c8d32d88caf483920c0c0e8c351ca083b85342654529a125b3bcaf684e948b29d6f9eaf2e3fc32d13cbb3362f1b93d64847c"}) 21:36:47 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:36:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") socket$inet_sctp(0x2, 0x0, 0x84) 21:36:47 executing program 4: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x0, 0x0) unshare(0x0) pselect6(0x40, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000340)={0x0, 0x1c9c380}, &(0x7f00000003c0)={0x0}) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) ioctl$TIOCGSID(r0, 0x5429, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x100000000000009) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x200000000000000, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fchdir(0xffffffffffffffff) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, 0xffffffffffffffff, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)) r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x0, 0x20100) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f0000000080)=ANY=[@ANYBLOB]) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000440)='/dev/autofs\x00', 0x0, 0x0) ioctl(r2, 0x800000000000937e, &(0x7f0000000380)="6f000000000000007f") [ 190.930573][ T8571] binder: 8570:8571 transaction failed 29189/-22, size 0-0 line 2995 21:36:47 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) socket$packet(0x11, 0x0, 0x300) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0) sendmmsg(r0, &(0x7f0000e8e000)=[{{&(0x7f00008b6000)=@in6={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x80, &(0x7f0000231ff0)=[{&(0x7f0000f89000)='t', 0x1}], 0x1}}], 0x1, 0x0) dup(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000200)=@assoc_value, 0x0) listen(r0, 0x7) r1 = syz_open_dev$midi(&(0x7f0000000180)='/dev/midi#\x00', 0x0, 0x0) accept(r0, 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffb000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10) 21:36:47 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") socket$inet_sctp(0x2, 0x0, 0x84) [ 190.991541][ T8578] autofs4:pid:8578:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(111.0), cmd(0x0000937e) 21:36:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:47 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r1, 0xae9a) ioctl$KVM_RUN(r1, 0xae80, 0x0) 21:36:47 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) [ 191.083290][ T8578] autofs4:pid:8578:validate_dev_ioctl: invalid device control module version supplied for cmd(0x0000937e) 21:36:47 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r1, 0xae9a) ioctl$KVM_RUN(r1, 0xae80, 0x0) 21:36:47 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:47 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:47 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:47 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:47 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r1, 0xae9a) ioctl$KVM_RUN(r1, 0xae80, 0x0) 21:36:48 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='attr/fscreate\x00') read$eventfd(r0, 0x0, 0x0) 21:36:48 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:48 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:48 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:48 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:48 executing program 5: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:48 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:48 executing program 1: ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, 0xffffffffffffffff, 0x0) 21:36:48 executing program 5: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:48 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af22, &(0x7f0000000100)) 21:36:48 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:48 executing program 1: ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, 0xffffffffffffffff, 0x0) 21:36:48 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:48 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x1, 0x1d0, [0x20000080, 0x0, 0x0, 0x200000b0, 0x20000220], 0x0, 0x0, &(0x7f0000000080)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'rose0\x00', 'ip_vti0\x00', 'ipddp0\x00', 'teql0\x00', @dev, [], @remote, [], 0x108, 0x108, 0x140, [@limit={'limit\x00', 0x20}, @nfacct={'nfacct\x00', 0x28, {{'syz1\x00'}}}]}}, @common=@mark={'mark\x00', 0x10}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}]}, 0x248) 21:36:48 executing program 0: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af04, &(0x7f0000000100)) 21:36:48 executing program 1: ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, 0xffffffffffffffff, 0x0) 21:36:48 executing program 5: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:48 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:48 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:48 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) [ 192.347296][ T8691] ebt_limit: overflow, try lower: 0/0 21:36:49 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:49 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:49 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:49 executing program 2: socket$inet6(0xa, 0x5, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0xfffffcf6) mmap(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x800003, 0x8013, r0, 0x0) openat$cgroup_type(0xffffffffffffffff, 0x0, 0x2, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) getsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0) write$cgroup_int(r2, &(0x7f0000000980), 0xffffff4d) syz_emit_ethernet(0x0, 0x0, 0x0) close(r2) recvmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x3f00) 21:36:49 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:49 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x1100082) r1 = memfd_create(&(0x7f0000000080)='t\bnu\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x00', 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_CLR_FD(r0, 0x4c01) ioctl$LOOP_CLR_FD(r0, 0x4c09) 21:36:49 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:49 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:49 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:49 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:49 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:49 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:49 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x750, {}, {0x2, 0x0, @remote}, {0x2, 0x0, @loopback}, 0x45, 0x8, 0x5, 0x46a}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:36:50 executing program 2: capset(&(0x7f0000000340)={0x19980330}, &(0x7f0000f21fe8)) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'nr0\x01\x00\x00\x00\x80\x00'}) 21:36:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:50 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:50 executing program 4: ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:50 executing program 0: openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x800, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff, 0x1, [0xc25b]}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240), 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x92e, 0x3, 0x71}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$mouse(&(0x7f0000001280)='/dev/input/mouse#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:50 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:50 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) [ 193.557920][ T8800] capability: warning: `syz-executor.2' uses 32-bit capabilities (legacy support in use) 21:36:50 executing program 4: ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:50 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:50 executing program 2: openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x800, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff, 0x1, [0xc25b]}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240), 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x0) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x92e, 0x3, 0x71}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x80011, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$mouse(&(0x7f0000001280)='/dev/input/mouse#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:50 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x0) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:50 executing program 4: ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:50 executing program 0: openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x800, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff, 0x1, [0xc25b]}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240), 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x92e, 0x3, 0x71}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$mouse(&(0x7f0000001280)='/dev/input/mouse#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:50 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x0) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:50 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:50 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:50 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x0) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, r0, 0x0) 21:36:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:50 executing program 2: openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x800, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff, 0x1, [0xc25b]}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240), 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x0) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x92e, 0x3, 0x71}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x80011, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$mouse(&(0x7f0000001280)='/dev/input/mouse#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:50 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:50 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 21:36:51 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 21:36:51 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:51 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:51 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:51 executing program 2: openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x800, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff, 0x1, [0xc25b]}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240), 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x0) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x92e, 0x3, 0x71}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x80011, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$mouse(&(0x7f0000001280)='/dev/input/mouse#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:51 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) 21:36:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:51 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:51 executing program 0: openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x800, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff, 0x1, [0xc25b]}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240), 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x92e, 0x3, 0x71}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$mouse(&(0x7f0000001280)='/dev/input/mouse#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:51 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, 0xffffffffffffffff, 0x0) 21:36:51 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:51 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, 0xffffffffffffffff, 0x0) 21:36:51 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, 0x0) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:51 executing program 2: openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x800, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff, 0x1, [0xc25b]}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240), 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x0) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x92e, 0x3, 0x71}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x80011, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$mouse(&(0x7f0000001280)='/dev/input/mouse#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b0") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:51 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:51 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, 0x0) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b0") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:51 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x10000100000ffff) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x4000000012, 0xffffffffffffffff, 0x0) 21:36:51 executing program 0: openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x800, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff, 0x1, [0xc25b]}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240), 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x92e, 0x3, 0x71}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$mouse(&(0x7f0000001280)='/dev/input/mouse#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b0") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:51 executing program 1: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sync_file_range(r0, 0x1ff0000000000000, 0x4, 0x7) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000025c0)=0x204, 0x4) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'ip6tnl0\x00', 0x2}, 0x18) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='lp\x00', 0x3) bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 21:36:51 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, 0x0) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:52 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:52 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:52 executing program 0: openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x800, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff, 0x1, [0xc25b]}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240), 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x92e, 0x3, 0x71}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_open_dev$mouse(&(0x7f0000001280)='/dev/input/mouse#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:52 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) 21:36:52 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:52 executing program 3: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:52 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_sctp(0x2, 0x0, 0x84) [ 196.016355][ T9028] cgroup: fork rejected by pids controller in /syz5 21:36:52 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:52 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x16}]}) 21:36:52 executing program 0: 21:36:52 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:52 executing program 5: 21:36:52 executing program 1: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sync_file_range(r0, 0x1ff0000000000000, 0x4, 0x7) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000025c0)=0x204, 0x4) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'ip6tnl0\x00', 0x2}, 0x18) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='lp\x00', 0x3) bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 21:36:52 executing program 0: 21:36:52 executing program 5: 21:36:52 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:52 executing program 5: 21:36:53 executing program 0: 21:36:53 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0) 21:36:53 executing program 5: 21:36:53 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:53 executing program 0: 21:36:53 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:53 executing program 5: 21:36:53 executing program 1: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sync_file_range(r0, 0x1ff0000000000000, 0x4, 0x7) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000025c0)=0x204, 0x4) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'ip6tnl0\x00', 0x2}, 0x18) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='lp\x00', 0x3) bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 21:36:53 executing program 0: 21:36:53 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:53 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0) 21:36:53 executing program 5: 21:36:53 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:53 executing program 0: 21:36:53 executing program 5: 21:36:53 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:53 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0) 21:36:53 executing program 5: 21:36:53 executing program 2: ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(0xffffffffffffffff, 0x4008af23, &(0x7f0000000100)) 21:36:54 executing program 1: 21:36:54 executing program 0: 21:36:54 executing program 3: socketpair$unix(0x1, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:54 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x0, 0x0}) 21:36:54 executing program 5: 21:36:54 executing program 2: ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(0xffffffffffffffff, 0x4008af23, &(0x7f0000000100)) 21:36:54 executing program 5: 21:36:54 executing program 0: 21:36:54 executing program 5: 21:36:54 executing program 2: ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(0xffffffffffffffff, 0x4008af23, &(0x7f0000000100)) 21:36:54 executing program 0: 21:36:54 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x0, 0x0}) 21:36:54 executing program 1: 21:36:54 executing program 5: 21:36:54 executing program 3: socketpair$unix(0x1, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:54 executing program 1: 21:36:54 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:54 executing program 0: 21:36:54 executing program 5: 21:36:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x0, 0x0}) 21:36:55 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:55 executing program 1: 21:36:55 executing program 5: 21:36:55 executing program 0: 21:36:55 executing program 0: 21:36:55 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:55 executing program 3: socketpair$unix(0x1, 0x3, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x0, &(0x7f0000000080)}) 21:36:55 executing program 5: 21:36:55 executing program 1: 21:36:55 executing program 0: 21:36:55 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:55 executing program 5: 21:36:55 executing program 1: 21:36:55 executing program 0: 21:36:55 executing program 5: 21:36:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x0, &(0x7f0000000080)}) 21:36:55 executing program 0: 21:36:55 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:55 executing program 5: 21:36:55 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:55 executing program 1: 21:36:55 executing program 0: 21:36:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x0, &(0x7f0000000080)}) 21:36:55 executing program 5: 21:36:55 executing program 0: 21:36:55 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, &(0x7f0000000100)) 21:36:55 executing program 1: 21:36:55 executing program 5: 21:36:55 executing program 1: 21:36:55 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:55 executing program 1: 21:36:55 executing program 0: 21:36:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{}]}) 21:36:55 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(0xffffffffffffffff, 0x4008af23, &(0x7f0000000100)) 21:36:55 executing program 5: 21:36:56 executing program 0: 21:36:56 executing program 1: 21:36:56 executing program 5: 21:36:56 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(0xffffffffffffffff, 0x4008af23, &(0x7f0000000100)) 21:36:56 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{}]}) 21:36:56 executing program 0: 21:36:56 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:56 executing program 5: 21:36:56 executing program 1: 21:36:56 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(0xffffffffffffffff, 0x4008af23, &(0x7f0000000100)) 21:36:56 executing program 0: 21:36:56 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{}]}) 21:36:56 executing program 1: 21:36:56 executing program 0: 21:36:56 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, 0x0) 21:36:56 executing program 5: 21:36:56 executing program 1: 21:36:56 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f00000003c0)=0x400100000001, 0x4) connect$inet6(r0, 0x0, 0x0) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131fff) clone(0x102002102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f00000002c0)={0xfffffffffffffffe, {{0x2, 0x4e23, @rand_addr=0xfffffffffffffffa}}}, 0x0) 21:36:56 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:56 executing program 4: syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x802) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f0000000080)=[@enter_looper], 0x1, 0x0, &(0x7f0000000100)="f2"}) 21:36:56 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, 0x0) 21:36:56 executing program 5: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sysfs$3(0x3) 21:36:56 executing program 0: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sync_file_range(r0, 0x1ff0000000000000, 0x4, 0x7) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000025c0)=0x204, 0x4) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'ip6tnl0\x00', 0x2}, 0x18) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='lp\x00', 0x3) bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0xfe3f) 21:36:56 executing program 1: r0 = syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/cgroup\x00') capset(&(0x7f0000b3e000)={0x19980330}, &(0x7f0000f21fe8)) setns(r0, 0x0) [ 200.131143][ T9379] binder: 9378:9379 ioctl c0306201 20000040 returned -11 [ 200.172234][ T9392] binder_alloc: binder_alloc_mmap_handler: 9378 20001000-20004000 already mapped failed -16 21:36:56 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x80000006}]}, 0x10) 21:36:56 executing program 1: 21:36:56 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af23, 0x0) [ 200.217199][ T9392] binder: BINDER_SET_CONTEXT_MGR already set [ 200.267693][ T9392] binder: 9378:9392 ioctl 40046207 0 returned -16 21:36:56 executing program 1: 21:36:56 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:56 executing program 4: 21:36:57 executing program 2: 21:36:57 executing program 1: 21:36:57 executing program 4: 21:36:57 executing program 5: 21:36:57 executing program 0: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sync_file_range(r0, 0x1ff0000000000000, 0x4, 0x7) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000025c0)=0x204, 0x4) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'ip6tnl0\x00', 0x2}, 0x18) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='lp\x00', 0x3) bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0xfe3f) 21:36:57 executing program 2: 21:36:57 executing program 1: 21:36:57 executing program 4: 21:36:57 executing program 5: 21:36:57 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='%'], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:57 executing program 4: 21:36:57 executing program 1: 21:36:57 executing program 2: 21:36:57 executing program 5: 21:36:57 executing program 4: 21:36:57 executing program 1: 21:36:57 executing program 0: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sync_file_range(r0, 0x1ff0000000000000, 0x4, 0x7) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000025c0)=0x204, 0x4) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'ip6tnl0\x00', 0x2}, 0x18) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='lp\x00', 0x3) bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0xfe3f) 21:36:57 executing program 2: 21:36:57 executing program 1: 21:36:57 executing program 4: 21:36:57 executing program 5: 21:36:57 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:58 executing program 1: 21:36:58 executing program 4: 21:36:58 executing program 5: 21:36:58 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) mkdir(&(0x7f0000000280)='./file0/file0\x00', 0x0) read$FUSE(r0, 0x0, 0x0) write$FUSE_ENTRY(0xffffffffffffffff, 0x0, 0x0) 21:36:58 executing program 1: getdents64(0xffffffffffffffff, 0x0, 0x0) getdents64(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, 0x0, &(0x7f0000000300)) getgroups(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x2, 0x0) r1 = syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) r2 = syz_open_dev$ndb(0x0, 0xffffffffffffffff, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r0) ioctl$NBD_CLEAR_SOCK(r2, 0xab03) ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x88) openat$uhid(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:36:58 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)) getdents64(0xffffffffffffffff, 0x0, 0x0) getdents64(r0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, 0x0, &(0x7f0000000300)) getgroups(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x11, 0x2, 0x0) r1 = syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) r2 = syz_open_dev$ndb(0x0, 0xffffffffffffffff, 0x0) ioctl$NBD_CLEAR_SOCK(r2, 0xab03) ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x0) readv(0xffffffffffffffff, 0x0, 0x0) keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, &(0x7f0000000280)) [ 201.651834][ T1287] block nbd0: Receive control failed (result -22) [ 201.843479][ T9478] block nbd0: shutting down sockets 21:36:58 executing program 0: syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sync_file_range(r0, 0x1ff0000000000000, 0x4, 0x7) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000025c0)=0x204, 0x4) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'ip6tnl0\x00', 0x2}, 0x18) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='lp\x00', 0x3) bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0xfe3f) 21:36:58 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x8000001a, 0x0, 0x0, 0x1010000) 21:36:58 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) r2 = socket(0xa, 0x20000000001, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000040)={0x4, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_mreq(r1, 0x0, 0x18, &(0x7f0000000100)={@multicast1, @empty}, 0x8) 21:36:58 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:36:58 executing program 5: r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001480)='/dev/mISDNtimer\x00', 0x0, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000000)) ioctl$IMADDTIMER(r0, 0x80044941, 0x0) r1 = getpid() migrate_pages(r1, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) memfd_create(0x0, 0x0) migrate_pages(0x0, 0xff, 0x0, 0x0) socketpair$unix(0x1, 0x4000000000002, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x4924924924924eb, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffee1, 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ppoll(&(0x7f0000000500)=[{r3, 0x2103, 0x64}], 0x1, &(0x7f0000000580)={0x0, r4+10000000}, 0x0, 0x0) 21:36:58 executing program 1: openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare(0x6000600) getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f000000a000)=[{&(0x7f000000a000)=@abs, 0x6e, 0x0}], 0x1, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000002740)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x136a88c8311572c, 0x2) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, 0x0, 0x0) [ 202.145614][ T9660] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9660 [ 202.155546][ T9660] caller is ip6_finish_output+0x335/0xdc0 [ 202.161518][ T9660] CPU: 1 PID: 9660 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 202.170560][ T9660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.180874][ T9660] Call Trace: [ 202.180902][ T9660] dump_stack+0x172/0x1f0 [ 202.180928][ T9660] __this_cpu_preempt_check+0x246/0x270 21:36:58 executing program 5: openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/\x00\x00\x00\x0e\x00\x00\x00\x00\x00\x00\a/expire_nodest_conn\x00', 0x2, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) lseek(r0, 0x400, 0x0) getdents(r0, 0x0, 0x0) [ 202.180949][ T9660] ip6_finish_output+0x335/0xdc0 [ 202.180969][ T9660] ip6_output+0x235/0x7f0 [ 202.180986][ T9660] ? ip6_finish_output+0xdc0/0xdc0 [ 202.181008][ T9660] ? ip6_fragment+0x3980/0x3980 [ 202.194496][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 202.194518][ T9660] ip6_local_out+0xc4/0x1b0 [ 202.194545][ T9660] ip6_send_skb+0xbb/0x350 [ 202.194563][ T9660] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 202.194576][ T9660] ? __sanitizer_cov_trace_cmp8+0x10/0x20 [ 202.194596][ T9660] udpv6_sendmsg+0x21e3/0x28d0 21:36:58 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 202.194609][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 202.194627][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 202.194646][ T9660] ? aa_profile_af_perm+0x320/0x320 [ 202.194660][ T9660] ? __might_fault+0x12b/0x1e0 [ 202.194673][ T9660] ? find_held_lock+0x35/0x130 [ 202.194694][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 202.204147][ T9660] ? rw_copy_check_uvector+0x2a6/0x330 [ 202.204187][ T9660] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 202.204203][ T9660] inet_sendmsg+0x147/0x5e0 [ 202.204216][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 202.204225][ T9660] ? inet_sendmsg+0x147/0x5e0 [ 202.204234][ T9660] ? ipip_gro_receive+0x100/0x100 [ 202.204252][ T9660] sock_sendmsg+0xdd/0x130 [ 202.214636][ T9660] ___sys_sendmsg+0x3e2/0x930 [ 202.214653][ T9660] ? copy_msghdr_from_user+0x430/0x430 [ 202.214667][ T9660] ? refcount_dec_and_test_checked+0x1b/0x20 [ 202.214679][ T9660] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 202.214700][ T9660] ? drop_futex_key_refs.isra.0+0x6f/0xf0 21:36:58 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xc67a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d5, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={0x0, 0x1}, 0x8) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000140)) r2 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) getuid() r3 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x100000001, 0x77, 0x0, 0x36}, 0x0) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000200)={r4, 0x400}, 0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0xa8aaaaff00000000, 0x80000001, 0x0, 0x0, 0x1000000000054}, 0x98) [ 202.300442][ T9660] ? futex_wake+0x179/0x4d0 [ 202.300474][ T9660] ? __lock_acquire+0x548/0x3fb0 [ 202.319890][ T9660] ? reacquire_held_locks+0xfb/0x520 [ 202.319914][ T9660] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.319931][ T9660] ? __fget_light+0x1a9/0x230 [ 202.319947][ T9660] ? __fdget+0x1b/0x20 [ 202.319960][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 202.319976][ T9660] ? sockfd_lookup_light+0xcb/0x180 [ 202.319995][ T9660] __sys_sendmmsg+0x1bf/0x4d0 [ 202.358791][ T9660] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 202.358819][ T9660] ? _copy_to_user+0xc9/0x120 [ 202.358847][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 202.370294][ T9660] ? put_timespec64+0xda/0x140 [ 202.370310][ T9660] ? nsecs_to_jiffies+0x30/0x30 [ 202.370335][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.370347][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.370360][ T9660] ? do_syscall_64+0x26/0x610 [ 202.370374][ T9660] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.370391][ T9660] ? do_syscall_64+0x26/0x610 [ 202.380784][ T9660] __x64_sys_sendmmsg+0x9d/0x100 [ 202.380803][ T9660] do_syscall_64+0x103/0x610 [ 202.380825][ T9660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.391108][ T9660] RIP: 0033:0x4582b9 [ 202.391123][ T9660] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 202.391129][ T9660] RSP: 002b:00007f6f40618c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 202.391141][ T9660] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 202.391154][ T9660] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 202.433556][ T9660] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 202.433566][ T9660] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f406196d4 [ 202.433575][ T9660] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 202.477239][ T9660] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9660 [ 202.495578][ T9660] caller is sk_mc_loop+0x1d/0x210 [ 202.551530][ T9660] CPU: 1 PID: 9660 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 202.560744][ T9660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 202.560750][ T9660] Call Trace: [ 202.560775][ T9660] dump_stack+0x172/0x1f0 [ 202.560796][ T9660] __this_cpu_preempt_check+0x246/0x270 [ 202.560812][ T9660] sk_mc_loop+0x1d/0x210 [ 202.560829][ T9660] ip6_finish_output2+0x17a5/0x2550 [ 202.560849][ T9660] ? find_held_lock+0x35/0x130 [ 202.574657][ T9660] ? ip6_mtu+0x2e6/0x460 [ 202.574679][ T9660] ? ip6_forward_finish+0x580/0x580 [ 202.574695][ T9660] ? lock_downgrade+0x880/0x880 [ 202.574716][ T9660] ? rcu_read_unlock_special+0xf3/0x210 [ 202.608945][ T9660] ip6_finish_output+0x614/0xdc0 [ 202.608963][ T9660] ? ip6_finish_output+0x614/0xdc0 [ 202.630186][ T9660] ip6_output+0x235/0x7f0 [ 202.634971][ T9660] ? ip6_finish_output+0xdc0/0xdc0 [ 202.640108][ T9660] ? ip6_fragment+0x3980/0x3980 [ 202.640126][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 202.640144][ T9660] ip6_local_out+0xc4/0x1b0 [ 202.640163][ T9660] ip6_send_skb+0xbb/0x350 [ 202.650321][ T9660] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 202.650343][ T9660] ? __sanitizer_cov_trace_cmp8+0x10/0x20 [ 202.650365][ T9660] udpv6_sendmsg+0x21e3/0x28d0 [ 202.676148][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 202.681297][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 202.687310][ T9660] ? aa_profile_af_perm+0x320/0x320 [ 202.687327][ T9660] ? __might_fault+0x12b/0x1e0 [ 202.687347][ T9660] ? find_held_lock+0x35/0x130 [ 202.697432][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 202.697449][ T9660] ? rw_copy_check_uvector+0x2a6/0x330 [ 202.697502][ T9660] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 202.697522][ T9660] inet_sendmsg+0x147/0x5e0 [ 202.697535][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 202.697552][ T9660] ? inet_sendmsg+0x147/0x5e0 [ 202.720262][ T9660] ? ipip_gro_receive+0x100/0x100 [ 202.720282][ T9660] sock_sendmsg+0xdd/0x130 [ 202.720298][ T9660] ___sys_sendmsg+0x3e2/0x930 [ 202.720315][ T9660] ? copy_msghdr_from_user+0x430/0x430 [ 202.720331][ T9660] ? refcount_dec_and_test_checked+0x1b/0x20 [ 202.720343][ T9660] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 202.720363][ T9660] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 202.730835][ T9660] ? futex_wake+0x179/0x4d0 [ 202.730865][ T9660] ? __lock_acquire+0x548/0x3fb0 [ 202.730877][ T9660] ? reacquire_held_locks+0xfb/0x520 [ 202.730897][ T9660] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 202.730917][ T9660] ? __fget_light+0x1a9/0x230 [ 202.799172][ T9660] ? __fdget+0x1b/0x20 [ 202.803427][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 202.810001][ T9660] ? sockfd_lookup_light+0xcb/0x180 [ 202.815284][ T9660] __sys_sendmmsg+0x1bf/0x4d0 [ 202.820160][ T9660] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 202.825195][ T9660] ? _copy_to_user+0xc9/0x120 [ 202.830130][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 202.836453][ T9660] ? put_timespec64+0xda/0x140 [ 202.841302][ T9660] ? nsecs_to_jiffies+0x30/0x30 [ 202.846184][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.851627][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 202.857092][ T9660] ? do_syscall_64+0x26/0x610 [ 202.862108][ T9660] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.868159][ T9660] ? do_syscall_64+0x26/0x610 [ 202.873084][ T9660] __x64_sys_sendmmsg+0x9d/0x100 [ 202.878269][ T9660] do_syscall_64+0x103/0x610 [ 202.883138][ T9660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 202.889132][ T9660] RIP: 0033:0x4582b9 [ 202.893188][ T9660] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 202.912950][ T9660] RSP: 002b:00007f6f40618c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 202.921617][ T9660] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 202.929803][ T9660] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 202.938373][ T9660] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 202.946416][ T9660] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f406196d4 [ 202.954615][ T9660] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 202.982798][ T9812] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9812 [ 202.992668][ T9812] caller is ip6_finish_output+0x335/0xdc0 [ 202.998622][ T9812] CPU: 0 PID: 9812 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 203.002745][ T9660] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9660 [ 203.007938][ T9812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.017833][ T9660] caller is ip6_finish_output+0x335/0xdc0 [ 203.027939][ T9812] Call Trace: [ 203.027962][ T9812] dump_stack+0x172/0x1f0 [ 203.027981][ T9812] __this_cpu_preempt_check+0x246/0x270 [ 203.027998][ T9812] ip6_finish_output+0x335/0xdc0 [ 203.028013][ T9812] ? rcu_read_unlock_special+0xf3/0x210 [ 203.028032][ T9812] ip6_output+0x235/0x7f0 [ 203.062498][ T9812] ? ip6_finish_output+0xdc0/0xdc0 [ 203.067723][ T9812] ? ip6_fragment+0x3980/0x3980 [ 203.072592][ T9812] ? ip6_finish_output+0xdc0/0xdc0 [ 203.077878][ T9812] ip6_local_out+0xc4/0x1b0 [ 203.082559][ T9812] ip6_send_skb+0xbb/0x350 [ 203.087058][ T9812] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 203.092664][ T9812] udpv6_sendmsg+0x21e3/0x28d0 [ 203.097422][ T9812] ? ip_reply_glue_bits+0xc0/0xc0 [ 203.102465][ T9812] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 203.108452][ T9812] ? aa_profile_af_perm+0x320/0x320 [ 203.113730][ T9812] ? __might_fault+0x12b/0x1e0 [ 203.118484][ T9812] ? find_held_lock+0x35/0x130 [ 203.123330][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 203.129853][ T9812] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 203.135490][ T9812] inet_sendmsg+0x147/0x5e0 [ 203.140334][ T9812] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 203.146311][ T9812] ? inet_sendmsg+0x147/0x5e0 [ 203.151085][ T9812] ? ipip_gro_receive+0x100/0x100 [ 203.156291][ T9812] sock_sendmsg+0xdd/0x130 [ 203.160877][ T9812] ___sys_sendmsg+0x3e2/0x930 [ 203.165634][ T9812] ? copy_msghdr_from_user+0x430/0x430 [ 203.171086][ T9812] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 203.177075][ T9812] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 203.182876][ T9812] ? futex_wake+0x179/0x4d0 [ 203.187403][ T9812] ? __lock_acquire+0x548/0x3fb0 [ 203.192340][ T9812] ? reacquire_held_locks+0xfb/0x520 [ 203.197627][ T9812] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 203.203863][ T9812] ? __fget_light+0x1a9/0x230 [ 203.208721][ T9812] ? __fdget+0x1b/0x20 [ 203.212796][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 203.219317][ T9812] ? sockfd_lookup_light+0xcb/0x180 [ 203.224698][ T9812] __sys_sendmmsg+0x1bf/0x4d0 [ 203.229837][ T9812] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 203.234877][ T9812] ? _copy_to_user+0xc9/0x120 [ 203.239819][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 203.246312][ T9812] ? put_timespec64+0xda/0x140 [ 203.251240][ T9812] ? nsecs_to_jiffies+0x30/0x30 [ 203.256263][ T9812] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 203.261801][ T9812] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 203.267341][ T9812] ? do_syscall_64+0x26/0x610 [ 203.272459][ T9812] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 203.278766][ T9812] ? do_syscall_64+0x26/0x610 [ 203.283703][ T9812] __x64_sys_sendmmsg+0x9d/0x100 [ 203.288726][ T9812] do_syscall_64+0x103/0x610 [ 203.293591][ T9812] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 203.299562][ T9812] RIP: 0033:0x4582b9 [ 203.303460][ T9812] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 203.323426][ T9812] RSP: 002b:00007f6f405f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 203.331830][ T9812] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 203.339972][ T9812] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 203.349593][ T9812] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 203.361500][ T9812] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f405f86d4 [ 203.371261][ T9812] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 203.380313][ T9660] CPU: 1 PID: 9660 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 203.389524][ T9660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.400246][ T9660] Call Trace: [ 203.403557][ T9660] dump_stack+0x172/0x1f0 [ 203.407895][ T9660] __this_cpu_preempt_check+0x246/0x270 [ 203.421115][ T9660] ip6_finish_output+0x335/0xdc0 [ 203.426065][ T9660] ip6_output+0x235/0x7f0 [ 203.430580][ T9660] ? ip6_finish_output+0xdc0/0xdc0 [ 203.436289][ T9660] ? ip6_fragment+0x3980/0x3980 [ 203.441215][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 203.446501][ T9660] ip6_local_out+0xc4/0x1b0 [ 203.451169][ T9660] ip6_send_skb+0xbb/0x350 [ 203.455802][ T9660] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 203.461453][ T9660] ? __sanitizer_cov_trace_cmp8+0x10/0x20 [ 203.467183][ T9660] udpv6_sendmsg+0x21e3/0x28d0 [ 203.472456][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 203.477476][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 203.483544][ T9660] ? aa_profile_af_perm+0x320/0x320 [ 203.488996][ T9660] ? __might_fault+0x12b/0x1e0 [ 203.493934][ T9660] ? find_held_lock+0x35/0x130 [ 203.498857][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 203.505096][ T9660] ? rw_copy_check_uvector+0x2a6/0x330 [ 203.510565][ T9660] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 203.516619][ T9660] inet_sendmsg+0x147/0x5e0 [ 203.521105][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 203.527157][ T9660] ? inet_sendmsg+0x147/0x5e0 [ 203.532251][ T9660] ? ipip_gro_receive+0x100/0x100 [ 203.537366][ T9660] sock_sendmsg+0xdd/0x130 [ 203.541796][ T9660] ___sys_sendmsg+0x3e2/0x930 [ 203.546574][ T9660] ? copy_msghdr_from_user+0x430/0x430 [ 203.552044][ T9660] ? __lock_acquire+0x548/0x3fb0 [ 203.556982][ T9660] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 203.564019][ T9660] ? futex_wake+0x179/0x4d0 [ 203.568619][ T9660] ? __might_fault+0x12b/0x1e0 [ 203.573819][ T9660] ? find_held_lock+0x35/0x130 [ 203.586102][ T9660] ? __might_fault+0x12b/0x1e0 [ 203.591103][ T9660] ? lock_downgrade+0x880/0x880 [ 203.595953][ T9660] ? ___might_sleep+0x163/0x280 [ 203.601504][ T9660] __sys_sendmmsg+0x1bf/0x4d0 [ 203.606355][ T9660] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 203.611546][ T9660] ? _copy_to_user+0xc9/0x120 [ 203.616220][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 203.622614][ T9660] ? put_timespec64+0xda/0x140 [ 203.627456][ T9660] ? nsecs_to_jiffies+0x30/0x30 [ 203.632469][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 203.638343][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 203.643882][ T9660] ? do_syscall_64+0x26/0x610 [ 203.648631][ T9660] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 203.654845][ T9660] ? do_syscall_64+0x26/0x610 [ 203.659593][ T9660] __x64_sys_sendmmsg+0x9d/0x100 [ 203.664770][ T9660] do_syscall_64+0x103/0x610 [ 203.669350][ T9660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 203.675413][ T9660] RIP: 0033:0x4582b9 [ 203.679387][ T9660] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 203.700040][ T9660] RSP: 002b:00007f6f40618c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 203.708519][ T9660] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 203.716896][ T9660] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 203.725486][ T9660] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 203.733832][ T9660] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f406196d4 [ 203.742175][ T9660] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 203.771621][ T9812] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9812 [ 203.773678][ T9660] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9660 [ 203.782608][ T9812] caller is sk_mc_loop+0x1d/0x210 [ 203.790863][ T9660] caller is sk_mc_loop+0x1d/0x210 [ 203.790882][ T9660] CPU: 1 PID: 9660 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 203.790895][ T9660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.820864][ T9660] Call Trace: [ 203.824354][ T9660] dump_stack+0x172/0x1f0 [ 203.828790][ T9660] __this_cpu_preempt_check+0x246/0x270 [ 203.834352][ T9660] sk_mc_loop+0x1d/0x210 [ 203.838722][ T9660] ip6_finish_output2+0x17a5/0x2550 [ 203.844221][ T9660] ? find_held_lock+0x35/0x130 [ 203.849069][ T9660] ? ip6_mtu+0x2e6/0x460 [ 203.853316][ T9660] ? ip6_forward_finish+0x580/0x580 [ 203.858597][ T9660] ? lock_downgrade+0x880/0x880 [ 203.863758][ T9660] ? rcu_read_unlock_special+0xf3/0x210 [ 203.869426][ T9660] ip6_finish_output+0x614/0xdc0 [ 203.874558][ T9660] ? ip6_finish_output+0x614/0xdc0 [ 203.879932][ T9660] ip6_output+0x235/0x7f0 [ 203.884353][ T9660] ? ip6_finish_output+0xdc0/0xdc0 [ 203.889560][ T9660] ? ip6_fragment+0x3980/0x3980 [ 203.894513][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 203.899793][ T9660] ip6_local_out+0xc4/0x1b0 [ 203.904300][ T9660] ip6_send_skb+0xbb/0x350 [ 203.908906][ T9660] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 203.914475][ T9660] ? __sanitizer_cov_trace_cmp8+0x10/0x20 [ 203.920383][ T9660] udpv6_sendmsg+0x21e3/0x28d0 [ 203.925334][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 203.930542][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 203.936614][ T9660] ? aa_profile_af_perm+0x320/0x320 [ 203.942009][ T9660] ? __might_fault+0x12b/0x1e0 [ 203.946958][ T9660] ? find_held_lock+0x35/0x130 [ 203.952026][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 203.958262][ T9660] ? rw_copy_check_uvector+0x2a6/0x330 [ 203.963894][ T9660] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 203.969716][ T9660] inet_sendmsg+0x147/0x5e0 [ 203.974623][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 203.980863][ T9660] ? inet_sendmsg+0x147/0x5e0 [ 203.985709][ T9660] ? ipip_gro_receive+0x100/0x100 [ 203.990937][ T9660] sock_sendmsg+0xdd/0x130 [ 203.995478][ T9660] ___sys_sendmsg+0x3e2/0x930 [ 204.000159][ T9660] ? copy_msghdr_from_user+0x430/0x430 [ 204.005706][ T9660] ? __lock_acquire+0x548/0x3fb0 [ 204.010652][ T9660] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 204.016467][ T9660] ? futex_wake+0x179/0x4d0 [ 204.021318][ T9660] ? __might_fault+0x12b/0x1e0 [ 204.026265][ T9660] ? find_held_lock+0x35/0x130 [ 204.031028][ T9660] ? __might_fault+0x12b/0x1e0 [ 204.035928][ T9660] ? lock_downgrade+0x880/0x880 [ 204.041130][ T9660] ? ___might_sleep+0x163/0x280 [ 204.046093][ T9660] __sys_sendmmsg+0x1bf/0x4d0 [ 204.050769][ T9660] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 204.055848][ T9660] ? _copy_to_user+0xc9/0x120 [ 204.060535][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.066892][ T9660] ? put_timespec64+0xda/0x140 [ 204.071933][ T9660] ? nsecs_to_jiffies+0x30/0x30 [ 204.076807][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 204.082436][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 204.088135][ T9660] ? do_syscall_64+0x26/0x610 [ 204.092908][ T9660] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 204.099538][ T9660] ? do_syscall_64+0x26/0x610 [ 204.104321][ T9660] __x64_sys_sendmmsg+0x9d/0x100 [ 204.109909][ T9660] do_syscall_64+0x103/0x610 [ 204.114672][ T9660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 204.120918][ T9660] RIP: 0033:0x4582b9 [ 204.124809][ T9660] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 204.144935][ T9660] RSP: 002b:00007f6f40618c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 204.153514][ T9660] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 204.161496][ T9660] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 204.169893][ T9660] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 204.178317][ T9660] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f406196d4 [ 204.186464][ T9660] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 204.194483][ T9812] CPU: 0 PID: 9812 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 204.203778][ T9812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 204.214391][ T9812] Call Trace: [ 204.217809][ T9812] dump_stack+0x172/0x1f0 [ 204.222314][ T9812] __this_cpu_preempt_check+0x246/0x270 [ 204.227877][ T9812] sk_mc_loop+0x1d/0x210 [ 204.232551][ T9812] ip6_finish_output2+0x17a5/0x2550 [ 204.237916][ T9812] ? trace_hardirqs_on_caller+0x6a/0x220 [ 204.243685][ T9812] ? find_held_lock+0x35/0x130 [ 204.248792][ T9812] ? ip6_forward_finish+0x580/0x580 [ 204.253985][ T9812] ? retint_kernel+0x2d/0x2d [ 204.258673][ T9812] ip6_finish_output+0x614/0xdc0 [ 204.263679][ T9812] ? ip6_finish_output+0x614/0xdc0 [ 204.268788][ T9812] ip6_output+0x235/0x7f0 [ 204.273121][ T9812] ? ip6_finish_output+0xdc0/0xdc0 [ 204.278399][ T9812] ? ip6_fragment+0x3980/0x3980 [ 204.283333][ T9812] ? ip6_finish_output+0xdc0/0xdc0 [ 204.288518][ T9812] ip6_local_out+0xc4/0x1b0 [ 204.293027][ T9812] ip6_send_skb+0xbb/0x350 [ 204.297529][ T9812] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 204.303176][ T9812] udpv6_sendmsg+0x21e3/0x28d0 [ 204.308274][ T9812] ? ip_reply_glue_bits+0xc0/0xc0 [ 204.313391][ T9812] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 204.319468][ T9812] ? aa_profile_af_perm+0x320/0x320 [ 204.324853][ T9812] ? __might_fault+0x12b/0x1e0 [ 204.330311][ T9812] ? find_held_lock+0x35/0x130 [ 204.335159][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.341420][ T9812] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 204.347040][ T9812] inet_sendmsg+0x147/0x5e0 [ 204.351724][ T9812] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 204.357804][ T9812] ? inet_sendmsg+0x147/0x5e0 [ 204.362467][ T9812] ? ipip_gro_receive+0x100/0x100 [ 204.367666][ T9812] sock_sendmsg+0xdd/0x130 [ 204.372200][ T9812] ___sys_sendmsg+0x3e2/0x930 [ 204.377126][ T9812] ? copy_msghdr_from_user+0x430/0x430 [ 204.382752][ T9812] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 204.388990][ T9812] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 204.394787][ T9812] ? futex_wake+0x179/0x4d0 [ 204.399371][ T9812] ? __lock_acquire+0x548/0x3fb0 [ 204.404583][ T9812] ? reacquire_held_locks+0xfb/0x520 [ 204.409872][ T9812] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 204.416187][ T9812] ? __fget_light+0x1a9/0x230 [ 204.420969][ T9812] ? __fdget+0x1b/0x20 [ 204.425213][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.431764][ T9812] ? sockfd_lookup_light+0xcb/0x180 [ 204.437155][ T9812] __sys_sendmmsg+0x1bf/0x4d0 [ 204.441970][ T9812] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 204.447170][ T9812] ? _copy_to_user+0xc9/0x120 [ 204.451932][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.458447][ T9812] ? put_timespec64+0xda/0x140 [ 204.463208][ T9812] ? nsecs_to_jiffies+0x30/0x30 [ 204.468137][ T9812] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 204.473595][ T9812] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 204.479137][ T9812] ? do_syscall_64+0x26/0x610 [ 204.483803][ T9812] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 204.490231][ T9812] ? do_syscall_64+0x26/0x610 [ 204.495266][ T9812] __x64_sys_sendmmsg+0x9d/0x100 [ 204.500431][ T9812] do_syscall_64+0x103/0x610 [ 204.505023][ T9812] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 204.510901][ T9812] RIP: 0033:0x4582b9 [ 204.514780][ T9812] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 204.534455][ T9812] RSP: 002b:00007f6f405f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 204.542888][ T9812] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 204.551156][ T9812] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 204.559209][ T9812] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 21:37:01 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) getuid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000100)) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x1000000000054}, 0x98) 21:37:01 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000680)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='nv\x00', 0x3) write$binfmt_elf64(r0, 0x0, 0x0) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) 21:37:01 executing program 5: preadv(0xffffffffffffffff, &(0x7f0000000380)=[{0x0}], 0x1, 0x2) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000c40)=ANY=[@ANYBLOB="670000000d755b5b44aa57abc085038d5729f1dc061103ab7806e5011d0ce3fb053d44881409967dc2b989168a1347209ae034a1d38791443092f685de40621e9432d9af68ad04525e17504c17cd0a86a1504361460cbeaad6125e88e032"], 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000680)={0x0, 0x7f, 0x80db, [0x0, 0x1ff0000000000000, 0x9]}, &(0x7f00000006c0)=0xe) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8) r0 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0xff, 0x20001) getpid() sched_setscheduler(0x0, 0x5, 0x0) ioctl$EVIOCGBITKEY(r0, 0x80404521, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0xffffffffffffff7f, &(0x7f0000000780)="da0373d9a376eefa62ced01d2ffd68ccfa44aa3d6f3418b39771f87d6d235bb8784f4207615de34a34213ac64759a809cf8bd0027c76ddacd76cd12d3759781a32d56be582a2baf3f5e6042029727306ea5d675cfa6a3f51fa7a5f11cde691e7989c191138ec") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r2, 0x0) write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="000000008e9464a206bd25e188bc0994ddc3d9575e6dec2aa5588b8bff2e1c2222551fbc604e3e3b37d33db65ff8d115168aaccef4eeb7e1eb24c5700ebdff10ece5ca1f61e06965b298c8ce3dd02c68a147a8ec7063e732be04fec951f934879ed74cfde53d9a4f0dd315fd4b8b8ca68aa7d1b08841e555727e8c767ee245828827867edc7a1153576dd34779fce9ab868692959ceba04e576d3c530d6671d7f1e3a0389707d71c3366af65da074ad23cade2cecfaf942b0b4dd95b532479a7c2c73146d1e82cb0b679aa2aafadc8ff4162836a56718e77701ac5fdce60d3eb930e566722278144ed27b640c546372ad430cc00"/256], 0x100) io_setup(0x101, &(0x7f0000000040)=0x0) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) ioctl$BLKRESETZONE(r0, 0x40101283, &(0x7f0000000180)={0xa4c7, 0x6}) r4 = shmget$private(0x0, 0x3000, 0x16a424badf40a786, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_STAT(r4, 0x2, &(0x7f0000000500)=""/248) io_submit(r3, 0x2000000000000246, &(0x7f0000001540)=[&(0x7f0000000140)={0x3a000000, 0x2759, 0xd, 0x0, 0x0, r1, &(0x7f0000000000), 0xfffffce4}]) syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0xfffffffffffffffa, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00008e5000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x0, 0x0) 21:37:01 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 204.567292][ T9812] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f405f86d4 [ 204.575612][ T9812] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 204.599444][ T9812] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9812 [ 204.609062][ T9812] caller is ip6_finish_output+0x335/0xdc0 [ 204.615175][ T9812] CPU: 1 PID: 9812 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 204.624309][ T9812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 204.634540][ T9812] Call Trace: [ 204.637830][ T9812] dump_stack+0x172/0x1f0 [ 204.642255][ T9812] __this_cpu_preempt_check+0x246/0x270 [ 204.647787][ T9812] ip6_finish_output+0x335/0xdc0 [ 204.652819][ T9812] ip6_output+0x235/0x7f0 [ 204.657224][ T9812] ? ip6_finish_output+0xdc0/0xdc0 [ 204.662327][ T9812] ? ip6_fragment+0x3980/0x3980 [ 204.667182][ T9812] ? ip_reply_glue_bits+0xc0/0xc0 [ 204.672218][ T9812] ip6_local_out+0xc4/0x1b0 [ 204.676808][ T9812] ip6_send_skb+0xbb/0x350 [ 204.681769][ T9812] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 204.687309][ T9812] ? __sanitizer_cov_trace_cmp8+0x10/0x20 [ 204.693209][ T9812] udpv6_sendmsg+0x21e3/0x28d0 [ 204.698052][ T9812] ? ip_reply_glue_bits+0xc0/0xc0 [ 204.703264][ T9812] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 204.709428][ T9812] ? aa_profile_af_perm+0x320/0x320 [ 204.714874][ T9812] ? __might_fault+0x12b/0x1e0 [ 204.719807][ T9812] ? find_held_lock+0x35/0x130 [ 204.724656][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.731072][ T9812] ? rw_copy_check_uvector+0x2a6/0x330 [ 204.736538][ T9812] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 204.742586][ T9812] inet_sendmsg+0x147/0x5e0 [ 204.748503][ T9812] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 204.754708][ T9812] ? inet_sendmsg+0x147/0x5e0 [ 204.759389][ T9812] ? ipip_gro_receive+0x100/0x100 [ 204.764491][ T9812] sock_sendmsg+0xdd/0x130 [ 204.769003][ T9812] ___sys_sendmsg+0x3e2/0x930 [ 204.773707][ T9812] ? copy_msghdr_from_user+0x430/0x430 [ 204.779414][ T9812] ? __lock_acquire+0x548/0x3fb0 [ 204.784445][ T9812] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 204.790246][ T9812] ? futex_wake+0x179/0x4d0 [ 204.794752][ T9812] ? __might_fault+0x12b/0x1e0 [ 204.799606][ T9812] ? find_held_lock+0x35/0x130 [ 204.804472][ T9812] ? __might_fault+0x12b/0x1e0 [ 204.809235][ T9812] ? lock_downgrade+0x880/0x880 [ 204.814395][ T9812] ? ___might_sleep+0x163/0x280 [ 204.819412][ T9812] __sys_sendmmsg+0x1bf/0x4d0 [ 204.824363][ T9812] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 204.829570][ T9812] ? _copy_to_user+0xc9/0x120 [ 204.834703][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 204.842300][ T9812] ? put_timespec64+0xda/0x140 [ 204.847396][ T9812] ? nsecs_to_jiffies+0x30/0x30 [ 204.852678][ T9812] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 204.858134][ T9812] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 204.863677][ T9812] ? do_syscall_64+0x26/0x610 [ 204.868435][ T9812] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 204.874750][ T9812] ? do_syscall_64+0x26/0x610 [ 204.879694][ T9812] __x64_sys_sendmmsg+0x9d/0x100 [ 204.885355][ T9812] do_syscall_64+0x103/0x610 [ 204.890460][ T9812] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 204.896695][ T9812] RIP: 0033:0x4582b9 [ 204.900590][ T9812] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 204.920872][ T9812] RSP: 002b:00007f6f405f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 204.929550][ T9812] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 204.937960][ T9812] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 204.946273][ T9812] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 204.954851][ T9812] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f405f86d4 [ 204.963346][ T9812] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 204.999011][ T9660] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9660 [ 205.008695][ T9660] caller is ip6_finish_output+0x335/0xdc0 [ 205.014610][ T9660] CPU: 1 PID: 9660 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 205.023919][ T9660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 205.034515][ T9660] Call Trace: [ 205.038116][ T9660] dump_stack+0x172/0x1f0 [ 205.042572][ T9660] __this_cpu_preempt_check+0x246/0x270 [ 205.048235][ T9660] ip6_finish_output+0x335/0xdc0 [ 205.052339][ T9812] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9812 [ 205.053214][ T9660] ip6_output+0x235/0x7f0 [ 205.053232][ T9660] ? ip6_finish_output+0xdc0/0xdc0 [ 205.053260][ T9660] ? ip6_fragment+0x3980/0x3980 [ 205.063063][ T9812] caller is sk_mc_loop+0x1d/0x210 [ 205.067302][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 205.067322][ T9660] ip6_local_out+0xc4/0x1b0 [ 205.093065][ T9660] ip6_send_skb+0xbb/0x350 [ 205.097676][ T9660] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 205.103592][ T9660] ? __sanitizer_cov_trace_cmp8+0x10/0x20 [ 205.109684][ T9660] udpv6_sendmsg+0x21e3/0x28d0 [ 205.114624][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 205.119829][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 205.126044][ T9660] ? aa_profile_af_perm+0x320/0x320 [ 205.131421][ T9660] ? __might_fault+0x12b/0x1e0 [ 205.136798][ T9660] ? find_held_lock+0x35/0x130 [ 205.142007][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.148524][ T9660] ? rw_copy_check_uvector+0x2a6/0x330 [ 205.154010][ T9660] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 205.159769][ T9660] inet_sendmsg+0x147/0x5e0 [ 205.164365][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 205.170725][ T9660] ? inet_sendmsg+0x147/0x5e0 [ 205.176071][ T9660] ? ipip_gro_receive+0x100/0x100 [ 205.182058][ T9660] sock_sendmsg+0xdd/0x130 [ 205.186647][ T9660] ___sys_sendmsg+0x3e2/0x930 [ 205.191417][ T9660] ? copy_msghdr_from_user+0x430/0x430 [ 205.196874][ T9660] ? __lock_acquire+0x548/0x3fb0 [ 205.201993][ T9660] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 205.207974][ T9660] ? futex_wake+0x179/0x4d0 [ 205.212570][ T9660] ? __might_fault+0x12b/0x1e0 [ 205.217332][ T9660] ? find_held_lock+0x35/0x130 [ 205.222185][ T9660] ? __might_fault+0x12b/0x1e0 [ 205.227134][ T9660] ? lock_downgrade+0x880/0x880 [ 205.232099][ T9660] ? ___might_sleep+0x163/0x280 [ 205.237236][ T9660] __sys_sendmmsg+0x1bf/0x4d0 [ 205.242021][ T9660] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 205.247139][ T9660] ? _copy_to_user+0xc9/0x120 [ 205.252110][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.258629][ T9660] ? put_timespec64+0xda/0x140 [ 205.263389][ T9660] ? nsecs_to_jiffies+0x30/0x30 [ 205.268343][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 205.273972][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 205.279428][ T9660] ? do_syscall_64+0x26/0x610 [ 205.284285][ T9660] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 205.290435][ T9660] ? do_syscall_64+0x26/0x610 [ 205.295113][ T9660] __x64_sys_sendmmsg+0x9d/0x100 [ 205.300245][ T9660] do_syscall_64+0x103/0x610 [ 205.304950][ T9660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 205.311034][ T9660] RIP: 0033:0x4582b9 [ 205.315192][ T9660] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 205.335347][ T9660] RSP: 002b:00007f6f40618c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 205.343757][ T9660] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 205.352107][ T9660] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 205.360165][ T9660] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 205.368398][ T9660] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f406196d4 [ 205.376801][ T9660] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 205.385221][ T9812] CPU: 0 PID: 9812 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 205.395045][ T9812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 205.405491][ T9812] Call Trace: [ 205.415322][ T9812] dump_stack+0x172/0x1f0 [ 205.420176][ T9812] __this_cpu_preempt_check+0x246/0x270 [ 205.425968][ T9812] sk_mc_loop+0x1d/0x210 [ 205.430821][ T9812] ip6_finish_output2+0x17a5/0x2550 [ 205.436292][ T9812] ? find_held_lock+0x35/0x130 [ 205.441482][ T9812] ? ip6_mtu+0x2e6/0x460 [ 205.446347][ T9812] ? ip6_forward_finish+0x580/0x580 [ 205.451907][ T9812] ? lock_downgrade+0x880/0x880 [ 205.457031][ T9812] ? rcu_read_unlock_special+0xf3/0x210 [ 205.463563][ T9812] ip6_finish_output+0x614/0xdc0 [ 205.468590][ T9812] ? ip6_finish_output+0x614/0xdc0 [ 205.473962][ T9812] ip6_output+0x235/0x7f0 [ 205.478542][ T9812] ? ip6_finish_output+0xdc0/0xdc0 [ 205.483743][ T9812] ? ip6_fragment+0x3980/0x3980 [ 205.489968][ T9812] ? ip_reply_glue_bits+0xc0/0xc0 [ 205.495179][ T9812] ip6_local_out+0xc4/0x1b0 [ 205.499678][ T9812] ip6_send_skb+0xbb/0x350 [ 205.504083][ T9812] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 205.509616][ T9812] ? __sanitizer_cov_trace_cmp8+0x10/0x20 [ 205.515507][ T9812] udpv6_sendmsg+0x21e3/0x28d0 [ 205.520702][ T9812] ? ip_reply_glue_bits+0xc0/0xc0 [ 205.526786][ T9812] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 205.532770][ T9812] ? aa_profile_af_perm+0x320/0x320 [ 205.538127][ T9812] ? __might_fault+0x12b/0x1e0 [ 205.542965][ T9812] ? find_held_lock+0x35/0x130 [ 205.547716][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.554057][ T9812] ? rw_copy_check_uvector+0x2a6/0x330 [ 205.559660][ T9812] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 205.565280][ T9812] inet_sendmsg+0x147/0x5e0 [ 205.569942][ T9812] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 205.582925][ T9812] ? inet_sendmsg+0x147/0x5e0 [ 205.587715][ T9812] ? ipip_gro_receive+0x100/0x100 [ 205.592834][ T9812] sock_sendmsg+0xdd/0x130 [ 205.597349][ T9812] ___sys_sendmsg+0x3e2/0x930 [ 205.602126][ T9812] ? copy_msghdr_from_user+0x430/0x430 [ 205.607789][ T9812] ? __lock_acquire+0x548/0x3fb0 [ 205.612816][ T9812] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 205.618885][ T9812] ? futex_wake+0x179/0x4d0 [ 205.623575][ T9812] ? __might_fault+0x12b/0x1e0 [ 205.628411][ T9812] ? find_held_lock+0x35/0x130 [ 205.633344][ T9812] ? __might_fault+0x12b/0x1e0 [ 205.638134][ T9812] ? lock_downgrade+0x880/0x880 [ 205.643068][ T9812] ? ___might_sleep+0x163/0x280 [ 205.647905][ T9812] __sys_sendmmsg+0x1bf/0x4d0 [ 205.652813][ T9812] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 205.658359][ T9812] ? _copy_to_user+0xc9/0x120 [ 205.663024][ T9812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.669421][ T9812] ? put_timespec64+0xda/0x140 [ 205.674168][ T9812] ? nsecs_to_jiffies+0x30/0x30 [ 205.679290][ T9812] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 205.684820][ T9812] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 205.690358][ T9812] ? do_syscall_64+0x26/0x610 [ 205.695107][ T9812] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 205.701421][ T9812] ? do_syscall_64+0x26/0x610 [ 205.706107][ T9812] __x64_sys_sendmmsg+0x9d/0x100 [ 205.711478][ T9812] do_syscall_64+0x103/0x610 [ 205.716352][ T9812] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 205.722229][ T9812] RIP: 0033:0x4582b9 [ 205.726109][ T9812] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 205.746402][ T9812] RSP: 002b:00007f6f405f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 205.754990][ T9812] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 205.763036][ T9812] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 205.771339][ T9812] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 205.780359][ T9812] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f405f86d4 [ 205.789098][ T9812] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 205.815929][ T9660] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9660 [ 205.825446][ T9660] caller is sk_mc_loop+0x1d/0x210 [ 205.830837][ T9660] CPU: 1 PID: 9660 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 205.840030][ T9660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 205.850184][ T9660] Call Trace: [ 205.853485][ T9660] dump_stack+0x172/0x1f0 [ 205.858123][ T9660] __this_cpu_preempt_check+0x246/0x270 [ 205.863859][ T9660] sk_mc_loop+0x1d/0x210 [ 205.868211][ T9660] ip6_finish_output2+0x17a5/0x2550 [ 205.873673][ T9660] ? find_held_lock+0x35/0x130 [ 205.879023][ T9660] ? ip6_mtu+0x2e6/0x460 [ 205.883464][ T9660] ? ip6_forward_finish+0x580/0x580 [ 205.888768][ T9660] ? lock_downgrade+0x880/0x880 [ 205.893738][ T9660] ? rcu_read_unlock_special+0xf3/0x210 [ 205.899326][ T9660] ip6_finish_output+0x614/0xdc0 [ 205.904447][ T9660] ? ip6_finish_output+0x614/0xdc0 [ 205.909588][ T9660] ip6_output+0x235/0x7f0 [ 205.913927][ T9660] ? ip6_finish_output+0xdc0/0xdc0 [ 205.919171][ T9660] ? ip6_fragment+0x3980/0x3980 [ 205.924130][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 205.929178][ T9660] ip6_local_out+0xc4/0x1b0 [ 205.933953][ T9660] ip6_send_skb+0xbb/0x350 [ 205.938471][ T9660] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 205.944023][ T9660] ? __sanitizer_cov_trace_cmp8+0x10/0x20 [ 205.949859][ T9660] udpv6_sendmsg+0x21e3/0x28d0 [ 205.954630][ T9660] ? ip_reply_glue_bits+0xc0/0xc0 [ 205.960093][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 205.966089][ T9660] ? aa_profile_af_perm+0x320/0x320 [ 205.971295][ T9660] ? __might_fault+0x12b/0x1e0 [ 205.976154][ T9660] ? find_held_lock+0x35/0x130 [ 205.980937][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 205.987336][ T9660] ? rw_copy_check_uvector+0x2a6/0x330 [ 205.993007][ T9660] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 205.998833][ T9660] inet_sendmsg+0x147/0x5e0 [ 206.003525][ T9660] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 206.009704][ T9660] ? inet_sendmsg+0x147/0x5e0 [ 206.014473][ T9660] ? ipip_gro_receive+0x100/0x100 [ 206.019934][ T9660] sock_sendmsg+0xdd/0x130 [ 206.024555][ T9660] ___sys_sendmsg+0x3e2/0x930 [ 206.029426][ T9660] ? copy_msghdr_from_user+0x430/0x430 [ 206.034899][ T9660] ? __lock_acquire+0x548/0x3fb0 [ 206.040020][ T9660] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 206.046007][ T9660] ? futex_wake+0x179/0x4d0 [ 206.050539][ T9660] ? __might_fault+0x12b/0x1e0 [ 206.055326][ T9660] ? find_held_lock+0x35/0x130 [ 206.060097][ T9660] ? __might_fault+0x12b/0x1e0 [ 206.065135][ T9660] ? lock_downgrade+0x880/0x880 [ 206.070187][ T9660] ? ___might_sleep+0x163/0x280 [ 206.075420][ T9660] __sys_sendmmsg+0x1bf/0x4d0 [ 206.080372][ T9660] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 206.085922][ T9660] ? _copy_to_user+0xc9/0x120 [ 206.090708][ T9660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 206.096954][ T9660] ? put_timespec64+0xda/0x140 [ 206.101871][ T9660] ? nsecs_to_jiffies+0x30/0x30 [ 206.106890][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 206.112361][ T9660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 206.118098][ T9660] ? do_syscall_64+0x26/0x610 [ 206.123407][ T9660] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 206.130202][ T9660] ? do_syscall_64+0x26/0x610 [ 206.135124][ T9660] __x64_sys_sendmmsg+0x9d/0x100 [ 206.140252][ T9660] do_syscall_64+0x103/0x610 [ 206.144947][ T9660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 206.151622][ T9660] RIP: 0033:0x4582b9 [ 206.155543][ T9660] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 206.175581][ T9660] RSP: 002b:00007f6f40618c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 206.184034][ T9660] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 206.192097][ T9660] RDX: 0136a88c8311572c RSI: 0000000020007e00 RDI: 0000000000000005 [ 206.200508][ T9660] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 206.208571][ T9660] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f6f406196d4 [ 206.216929][ T9660] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff 21:37:03 executing program 4: 21:37:03 executing program 0: 21:37:03 executing program 5: 21:37:03 executing program 1: 21:37:03 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:37:03 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) getuid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000100)) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x1000000000054}, 0x98) 21:37:03 executing program 1: 21:37:03 executing program 0: 21:37:03 executing program 5: 21:37:03 executing program 4: [ 207.155952][T10045] check_preemption_disabled: 743 callbacks suppressed [ 207.155982][T10045] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10045 [ 207.173200][T10045] caller is ip6_finish_output+0x335/0xdc0 [ 207.179032][T10045] CPU: 0 PID: 10045 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 207.188753][T10045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.199035][T10045] Call Trace: [ 207.202356][T10045] dump_stack+0x172/0x1f0 [ 207.206705][T10045] __this_cpu_preempt_check+0x246/0x270 [ 207.212440][T10045] ip6_finish_output+0x335/0xdc0 [ 207.217585][T10045] ip6_output+0x235/0x7f0 [ 207.222037][T10045] ? ip6_finish_output+0xdc0/0xdc0 [ 207.222070][T10045] ? ip6_fragment+0x3980/0x3980 [ 207.222088][T10045] ? kasan_check_read+0x11/0x20 [ 207.222106][T10045] ip6_xmit+0xe41/0x20c0 [ 207.222127][T10045] ? ip6_finish_output2+0x2550/0x2550 [ 207.222146][T10045] ? mark_held_locks+0xf0/0xf0 [ 207.251927][T10045] ? ip6_setup_cork+0x1870/0x1870 [ 207.256982][T10045] sctp_v6_xmit+0x313/0x660 [ 207.261595][T10045] sctp_packet_transmit+0x1bc4/0x36f0 [ 207.267187][T10045] ? sctp_packet_config+0xfe0/0xfe0 [ 207.272414][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 207.272426][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 207.272444][T10045] sctp_outq_flush+0x2b8/0x2780 [ 207.272464][T10045] ? sctp_make_heartbeat+0x1ef/0x280 [ 207.272485][T10045] ? __sctp_outq_teardown+0xc60/0xc60 [ 207.272506][T10045] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 207.272522][T10045] ? sctp_outq_tail+0x68c/0x930 [ 207.289243][T10045] sctp_outq_uncork+0x6c/0x80 [ 207.289260][T10045] sctp_do_sm+0x2575/0x5770 [ 207.289284][T10045] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 207.327325][T10045] ? _raw_spin_unlock_irq+0x28/0x90 [ 207.332626][T10045] ? lockdep_hardirqs_on+0x418/0x5d0 [ 207.347325][T10045] ? trace_hardirqs_on+0x67/0x230 21:37:03 executing program 1: 21:37:03 executing program 4: 21:37:03 executing program 1: 21:37:03 executing program 0: 21:37:03 executing program 5: [ 207.356098][T10045] ? kasan_check_read+0x11/0x20 [ 207.360968][T10045] ? __lock_acquire+0x548/0x3fb0 [ 207.365917][T10045] ? __switch_to_asm+0x34/0x70 [ 207.370860][T10045] ? __switch_to_asm+0x40/0x70 [ 207.370886][T10045] ? __might_fault+0x12b/0x1e0 [ 207.380571][T10045] sctp_primitive_REQUESTHEARTBEAT+0xa0/0xd0 [ 207.386691][T10045] sctp_apply_peer_addr_params+0x137/0x1f50 [ 207.392601][T10045] sctp_setsockopt_peer_addr_params+0x4c7/0x590 [ 207.399042][T10045] ? sctp_getsockopt_assoc_stats+0x5b0/0x5b0 21:37:04 executing program 4: [ 207.405413][T10045] ? lock_sock_nested+0xac/0x120 [ 207.411038][T10045] ? lock_sock_nested+0x9a/0x120 [ 207.411058][T10045] ? __local_bh_enable_ip+0x15a/0x270 [ 207.411080][T10045] sctp_setsockopt+0x2174/0x6fe0 [ 207.411099][T10045] ? sctp_setsockopt_paddr_thresholds+0x540/0x540 [ 207.411116][T10045] ? kasan_check_read+0x11/0x20 [ 207.411133][T10045] ? ___might_sleep+0x163/0x280 [ 207.411151][T10045] ? __might_sleep+0x95/0x190 [ 207.448773][T10045] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 207.454613][T10045] ? aa_sk_perm+0x288/0x880 [ 207.454635][T10045] ? aa_sock_opt_perm.isra.0+0xa1/0x130 [ 207.454655][T10045] sock_common_setsockopt+0x9a/0xe0 [ 207.454678][T10045] __sys_setsockopt+0x180/0x280 [ 207.454695][T10045] ? kernel_accept+0x310/0x310 [ 207.454721][T10045] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 207.454737][T10045] ? do_syscall_64+0x26/0x610 [ 207.454763][T10045] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.454780][T10045] ? do_syscall_64+0x26/0x610 [ 207.486883][T10045] __x64_sys_setsockopt+0xbe/0x150 [ 207.486905][T10045] do_syscall_64+0x103/0x610 [ 207.486924][T10045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 207.486950][T10045] RIP: 0033:0x4582b9 [ 207.523283][T10045] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 207.543536][T10045] RSP: 002b:00007fb7e79f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 207.552114][T10045] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004582b9 [ 207.560160][T10045] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000005 [ 207.568289][T10045] RBP: 000000000073bf00 R08: 0000000000000098 R09: 0000000000000000 [ 207.584093][T10045] R10: 0000000020000280 R11: 0000000000000246 R12: 00007fb7e79f76d4 [ 207.592141][T10045] R13: 00000000004cd6a8 R14: 00000000004db258 R15: 00000000ffffffff [ 207.668808][T10045] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10045 [ 207.678360][T10045] caller is ip6_finish_output+0x335/0xdc0 [ 207.684258][T10045] CPU: 0 PID: 10045 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 207.693637][T10045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.703957][T10045] Call Trace: [ 207.707277][T10045] dump_stack+0x172/0x1f0 [ 207.711800][T10045] __this_cpu_preempt_check+0x246/0x270 21:37:04 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 207.717610][T10045] ip6_finish_output+0x335/0xdc0 [ 207.722746][T10045] ip6_output+0x235/0x7f0 [ 207.727217][T10045] ? ip6_finish_output+0xdc0/0xdc0 [ 207.732794][T10045] ? ip6_fragment+0x3980/0x3980 [ 207.737869][T10045] ? kasan_check_read+0x11/0x20 [ 207.743784][T10045] ip6_xmit+0xe41/0x20c0 [ 207.748542][T10045] ? ip6_finish_output2+0x2550/0x2550 [ 207.754283][T10045] ? mark_held_locks+0xf0/0xf0 [ 207.754306][T10045] ? ip6_setup_cork+0x1870/0x1870 [ 207.754336][T10045] sctp_v6_xmit+0x313/0x660 [ 207.764869][T10045] sctp_packet_transmit+0x1bc4/0x36f0 [ 207.764903][T10045] ? sctp_packet_config+0xfe0/0xfe0 [ 207.764922][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 207.764933][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 207.764950][T10045] sctp_outq_flush+0x2b8/0x2780 [ 207.764971][T10045] ? sctp_make_heartbeat+0x1ef/0x280 [ 207.765003][T10045] ? __sctp_outq_teardown+0xc60/0xc60 [ 207.765023][T10045] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 207.765039][T10045] ? sctp_outq_tail+0x68c/0x930 [ 207.818798][T10044] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10044 [ 207.820019][T10045] sctp_outq_uncork+0x6c/0x80 [ 207.820035][T10045] sctp_do_sm+0x2575/0x5770 [ 207.820058][T10045] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 207.820072][T10045] ? _raw_spin_unlock_irq+0x28/0x90 [ 207.820086][T10045] ? lockdep_hardirqs_on+0x418/0x5d0 [ 207.820103][T10045] ? trace_hardirqs_on+0x67/0x230 [ 207.820119][T10045] ? kasan_check_read+0x11/0x20 [ 207.820137][T10045] ? __lock_acquire+0x548/0x3fb0 [ 207.820150][T10045] ? __switch_to_asm+0x34/0x70 [ 207.820160][T10045] ? __switch_to_asm+0x40/0x70 [ 207.820185][T10045] ? __might_fault+0x12b/0x1e0 [ 207.820219][T10045] sctp_primitive_REQUESTHEARTBEAT+0xa0/0xd0 [ 207.830052][T10044] caller is ip6_finish_output+0x335/0xdc0 [ 207.834658][T10045] sctp_apply_peer_addr_params+0x137/0x1f50 [ 207.908257][T10045] sctp_setsockopt_peer_addr_params+0x4c7/0x590 [ 207.916041][T10045] ? sctp_getsockopt_assoc_stats+0x5b0/0x5b0 [ 207.922122][T10045] ? lock_sock_nested+0xac/0x120 [ 207.927066][T10045] ? lock_sock_nested+0x9a/0x120 [ 207.932272][T10045] ? __local_bh_enable_ip+0x15a/0x270 [ 207.937753][T10045] sctp_setsockopt+0x2174/0x6fe0 [ 207.942779][T10045] ? sctp_setsockopt_paddr_thresholds+0x540/0x540 [ 207.949378][T10045] ? kasan_check_read+0x11/0x20 [ 207.954402][T10045] ? ___might_sleep+0x163/0x280 [ 207.959879][T10045] ? __might_sleep+0x95/0x190 [ 207.964836][T10045] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 207.970570][T10045] ? aa_sk_perm+0x288/0x880 [ 207.975074][T10045] ? aa_sock_opt_perm.isra.0+0xa1/0x130 [ 207.980636][T10045] sock_common_setsockopt+0x9a/0xe0 [ 207.986112][T10045] __sys_setsockopt+0x180/0x280 [ 207.991760][T10045] ? kernel_accept+0x310/0x310 [ 207.997061][T10045] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 208.002874][T10045] ? do_syscall_64+0x26/0x610 [ 208.007811][T10045] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.014247][T10045] ? do_syscall_64+0x26/0x610 [ 208.018932][T10045] __x64_sys_setsockopt+0xbe/0x150 [ 208.024444][T10045] do_syscall_64+0x103/0x610 [ 208.029469][T10045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.036046][T10045] RIP: 0033:0x4582b9 [ 208.040049][T10045] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 208.060516][T10045] RSP: 002b:00007fb7e79f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 208.069354][T10045] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004582b9 [ 208.077997][T10045] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000005 [ 208.086141][T10045] RBP: 000000000073bf00 R08: 0000000000000098 R09: 0000000000000000 [ 208.094116][T10045] R10: 0000000020000280 R11: 0000000000000246 R12: 00007fb7e79f76d4 [ 208.102714][T10045] R13: 00000000004cd6a8 R14: 00000000004db258 R15: 00000000ffffffff [ 208.111140][T10044] CPU: 1 PID: 10044 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 208.120439][T10044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 208.130918][T10044] Call Trace: [ 208.134428][T10044] dump_stack+0x172/0x1f0 [ 208.138918][T10044] __this_cpu_preempt_check+0x246/0x270 [ 208.140499][T10045] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10045 [ 208.144595][T10044] ip6_finish_output+0x335/0xdc0 [ 208.144616][T10044] ip6_output+0x235/0x7f0 [ 208.144631][T10044] ? ip6_finish_output+0xdc0/0xdc0 [ 208.144648][T10044] ? ip6_fragment+0x3980/0x3980 [ 208.144669][T10044] ? kasan_check_read+0x11/0x20 [ 208.154773][T10045] caller is ip6_finish_output+0x335/0xdc0 [ 208.159664][T10044] ip6_xmit+0xe41/0x20c0 [ 208.189100][T10044] ? ip6_finish_output2+0x2550/0x2550 [ 208.194476][T10044] ? mark_held_locks+0xf0/0xf0 [ 208.199409][T10044] ? ip6_setup_cork+0x1870/0x1870 [ 208.204877][T10044] sctp_v6_xmit+0x313/0x660 [ 208.209672][T10044] sctp_packet_transmit+0x1bc4/0x36f0 [ 208.215062][T10044] ? sctp_packet_config+0xfe0/0xfe0 [ 208.220447][T10044] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 208.226336][T10044] ? del_timer+0xcd/0x120 [ 208.230747][T10044] sctp_outq_flush+0x2b8/0x2780 [ 208.235678][T10044] ? mark_held_locks+0xa4/0xf0 [ 208.240545][T10044] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 208.246620][T10044] ? del_timer+0xcd/0x120 [ 208.251118][T10044] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 208.257130][T10044] ? __sctp_outq_teardown+0xc60/0xc60 [ 208.262690][T10044] ? del_timer+0xd2/0x120 [ 208.267025][T10044] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 208.273341][T10044] ? sctp_outq_tail+0x68c/0x930 [ 208.278192][T10044] sctp_outq_uncork+0x6c/0x80 [ 208.283276][T10044] sctp_do_sm+0x2575/0x5770 [ 208.288051][T10044] ? is_dynamic_key+0x1c0/0x1c0 [ 208.293105][T10044] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 208.299911][T10044] ? __lock_acquire+0x548/0x3fb0 [ 208.304967][T10044] ? skb_dequeue+0x12e/0x180 [ 208.309551][T10044] ? find_held_lock+0x35/0x130 [ 208.314484][T10044] ? skb_dequeue+0x12e/0x180 [ 208.319165][T10044] ? trace_hardirqs_on+0x67/0x230 [ 208.324275][T10044] ? kasan_check_read+0x11/0x20 [ 208.329661][T10044] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 208.335906][T10044] sctp_primitive_SHUTDOWN+0xa0/0xd0 [ 208.341313][T10044] sctp_close+0x445/0x860 [ 208.346078][T10044] ? sctp_init_sock+0x1360/0x1360 [ 208.351980][T10044] ? ip_mc_drop_socket+0x211/0x270 [ 208.357179][T10044] ? __sock_release+0x89/0x2b0 [ 208.362519][T10044] inet_release+0x105/0x1f0 [ 208.367137][T10044] inet6_release+0x53/0x80 [ 208.371909][T10044] __sock_release+0xd3/0x2b0 [ 208.376683][T10044] ? __sock_release+0x2b0/0x2b0 [ 208.381882][T10044] sock_close+0x1b/0x30 [ 208.386029][T10044] __fput+0x2e5/0x8d0 [ 208.390361][T10044] ____fput+0x16/0x20 [ 208.394363][T10044] task_work_run+0x14a/0x1c0 [ 208.399042][T10044] exit_to_usermode_loop+0x273/0x2c0 [ 208.404560][T10044] do_syscall_64+0x52d/0x610 [ 208.409151][T10044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.415120][T10044] RIP: 0033:0x412071 [ 208.419100][T10044] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 e4 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 208.439436][T10044] RSP: 002b:00007ffdecdf3b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 208.448034][T10044] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000412071 [ 208.457490][T10044] RDX: 0000000000000000 RSI: ffffffff8715d85d RDI: 0000000000000004 [ 208.465727][T10044] RBP: 0000000000000000 R08: ffffffff8132cbea R09: 0000000033a1570b [ 208.473889][T10044] R10: 00007ffdecdf3aa0 R11: 0000000000000293 R12: 0000000000000000 [ 208.482267][T10044] R13: 00007ffdecdf3bb0 R14: 0000000000000000 R15: 00007ffdecdf3bc0 [ 208.490578][T10044] ? __phys_addr+0x1a/0x120 [ 208.495085][T10044] ? sprintf+0x8d/0x100 [ 208.499242][T10045] CPU: 0 PID: 10045 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 208.507419][T10044] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10044 [ 208.508371][T10045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 208.519246][T10044] caller is ip6_finish_output+0x335/0xdc0 [ 208.528595][T10045] Call Trace: [ 208.528616][T10045] dump_stack+0x172/0x1f0 [ 208.528637][T10045] __this_cpu_preempt_check+0x246/0x270 [ 208.528653][T10045] ip6_finish_output+0x335/0xdc0 [ 208.528673][T10045] ip6_output+0x235/0x7f0 [ 208.557301][T10045] ? ip6_finish_output+0xdc0/0xdc0 [ 208.562448][T10045] ? ip6_fragment+0x3980/0x3980 [ 208.567386][T10045] ? kasan_check_read+0x11/0x20 [ 208.572439][T10045] ip6_xmit+0xe41/0x20c0 [ 208.576792][T10045] ? ip6_finish_output2+0x2550/0x2550 [ 208.582248][T10045] ? mark_held_locks+0xf0/0xf0 [ 208.587098][T10045] ? ip6_setup_cork+0x1870/0x1870 [ 208.592335][T10045] sctp_v6_xmit+0x313/0x660 [ 208.596957][T10045] sctp_packet_transmit+0x1bc4/0x36f0 [ 208.602360][T10045] ? sctp_packet_config+0xfe0/0xfe0 [ 208.607646][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 208.613358][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 208.619169][T10045] sctp_outq_flush+0x2b8/0x2780 [ 208.624161][T10045] ? sctp_make_heartbeat+0x1ef/0x280 [ 208.629452][T10045] ? __sctp_outq_teardown+0xc60/0xc60 [ 208.634827][T10045] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 208.641147][T10045] ? sctp_outq_tail+0x68c/0x930 [ 208.646189][T10045] sctp_outq_uncork+0x6c/0x80 [ 208.650949][T10045] sctp_do_sm+0x2575/0x5770 [ 208.655570][T10045] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 208.662304][T10045] ? _raw_spin_unlock_irq+0x28/0x90 [ 208.667590][T10045] ? lockdep_hardirqs_on+0x418/0x5d0 [ 208.672879][T10045] ? trace_hardirqs_on+0x67/0x230 [ 208.677995][T10045] ? kasan_check_read+0x11/0x20 [ 208.683190][T10045] ? __lock_acquire+0x548/0x3fb0 [ 208.688464][T10045] ? __switch_to_asm+0x34/0x70 [ 208.693316][T10045] ? __switch_to_asm+0x40/0x70 [ 208.698199][T10045] ? __might_fault+0x12b/0x1e0 [ 208.702993][T10045] sctp_primitive_REQUESTHEARTBEAT+0xa0/0xd0 [ 208.709172][T10045] sctp_apply_peer_addr_params+0x137/0x1f50 [ 208.715109][T10045] sctp_setsockopt_peer_addr_params+0x4c7/0x590 [ 208.721351][T10045] ? sctp_getsockopt_assoc_stats+0x5b0/0x5b0 [ 208.727338][T10045] ? lock_sock_nested+0xac/0x120 [ 208.732281][T10045] ? lock_sock_nested+0x9a/0x120 [ 208.737213][T10045] ? __local_bh_enable_ip+0x15a/0x270 [ 208.742777][T10045] sctp_setsockopt+0x2174/0x6fe0 [ 208.747920][T10045] ? sctp_setsockopt_paddr_thresholds+0x540/0x540 [ 208.754466][T10045] ? kasan_check_read+0x11/0x20 [ 208.759498][T10045] ? ___might_sleep+0x163/0x280 [ 208.764433][T10045] ? __might_sleep+0x95/0x190 [ 208.769334][T10045] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 208.775235][T10045] ? aa_sk_perm+0x288/0x880 [ 208.779849][T10045] ? aa_sock_opt_perm.isra.0+0xa1/0x130 [ 208.785567][T10045] sock_common_setsockopt+0x9a/0xe0 [ 208.791025][T10045] __sys_setsockopt+0x180/0x280 [ 208.795881][T10045] ? kernel_accept+0x310/0x310 [ 208.800662][T10045] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 208.806122][T10045] ? do_syscall_64+0x26/0x610 [ 208.810899][T10045] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.817171][T10045] ? do_syscall_64+0x26/0x610 [ 208.821972][T10045] __x64_sys_setsockopt+0xbe/0x150 [ 208.827085][T10045] do_syscall_64+0x103/0x610 [ 208.831780][T10045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 208.837748][T10045] RIP: 0033:0x4582b9 [ 208.842536][T10045] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 208.862970][T10045] RSP: 002b:00007fb7e79f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 208.871823][T10045] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004582b9 [ 208.880233][T10045] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000005 [ 208.888661][T10045] RBP: 000000000073bf00 R08: 0000000000000098 R09: 0000000000000000 [ 208.896897][T10045] R10: 0000000020000280 R11: 0000000000000246 R12: 00007fb7e79f76d4 [ 208.904991][T10045] R13: 00000000004cd6a8 R14: 00000000004db258 R15: 00000000ffffffff [ 208.913500][T10044] CPU: 1 PID: 10044 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 208.923504][T10044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 208.923626][T10045] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10045 [ 208.934525][T10044] Call Trace: [ 208.934551][T10044] dump_stack+0x172/0x1f0 [ 208.934570][T10044] __this_cpu_preempt_check+0x246/0x270 [ 208.934590][T10044] ip6_finish_output+0x335/0xdc0 [ 208.934607][T10044] ip6_output+0x235/0x7f0 [ 208.934621][T10044] ? ip6_finish_output+0xdc0/0xdc0 [ 208.934640][T10044] ? ip6_fragment+0x3980/0x3980 [ 208.944701][T10045] caller is ip6_finish_output+0x335/0xdc0 [ 208.948199][T10044] ? kasan_check_read+0x11/0x20 [ 208.991893][T10044] ip6_xmit+0xe41/0x20c0 [ 208.996218][T10044] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.002589][T10044] ? ip6_finish_output2+0x2550/0x2550 [ 209.008055][T10044] ? mark_held_locks+0xf0/0xf0 [ 209.013004][T10044] ? ip6_setup_cork+0x1870/0x1870 [ 209.018039][T10044] sctp_v6_xmit+0x313/0x660 [ 209.022545][T10044] sctp_packet_transmit+0x1bc4/0x36f0 [ 209.028298][T10044] ? sctp_packet_config+0xfe0/0xfe0 [ 209.033676][T10044] sctp_outq_flush+0x2b8/0x2780 [ 209.039250][T10044] ? kmem_cache_alloc+0x32e/0x6f0 [ 209.044626][T10044] ? skb_trim+0x190/0x190 [ 209.048975][T10044] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 209.055213][T10044] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 209.061024][T10044] ? __sctp_outq_teardown+0xc60/0xc60 [ 209.066572][T10044] ? sctp_addto_chunk+0xf6/0x2a0 [ 209.071612][T10044] ? sctp_make_heartbeat_ack+0xd9/0x110 [ 209.077420][T10044] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 209.083738][T10044] ? sctp_outq_tail+0x68c/0x930 [ 209.088856][T10044] sctp_outq_uncork+0x6c/0x80 [ 209.093536][T10044] sctp_do_sm+0x2575/0x5770 [ 209.098120][T10044] ? del_timer+0xcd/0x120 [ 209.102448][T10044] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 209.109950][T10044] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 209.115749][T10044] ? del_timer+0xcd/0x120 [ 209.120369][T10044] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 209.126705][T10044] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 209.132083][T10044] ? find_held_lock+0x35/0x130 [ 209.136845][T10044] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 209.142134][T10044] ? mark_held_locks+0xa4/0xf0 [ 209.147068][T10044] ? ktime_get+0x105/0x300 [ 209.151561][T10044] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 209.156757][T10044] ? ktime_get+0x105/0x300 [ 209.161342][T10044] ? trace_hardirqs_on+0x67/0x230 [ 209.166539][T10044] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 209.172506][T10044] ? ktime_get+0x208/0x300 [ 209.176921][T10044] sctp_assoc_bh_rcv+0x343/0x660 [ 209.182741][T10044] sctp_inq_push+0x1ea/0x290 [ 209.187452][T10044] sctp_backlog_rcv+0x196/0xbe0 [ 209.192393][T10044] ? __local_bh_enable_ip+0x15a/0x270 [ 209.197775][T10044] ? _raw_spin_unlock_bh+0x31/0x40 [ 209.203062][T10044] ? __local_bh_enable_ip+0x15a/0x270 [ 209.208612][T10044] ? sctp_hash_obj+0x600/0x600 [ 209.213560][T10044] ? __release_sock+0xca/0x3a0 [ 209.218406][T10044] ? __local_bh_enable_ip+0x15a/0x270 [ 209.223948][T10044] __release_sock+0x12e/0x3a0 [ 209.228976][T10044] release_sock+0x59/0x1c0 [ 209.233560][T10044] sctp_close+0x4a4/0x860 [ 209.238074][T10044] ? sctp_init_sock+0x1360/0x1360 [ 209.243191][T10044] ? ip_mc_drop_socket+0x211/0x270 [ 209.248560][T10044] ? __sock_release+0x89/0x2b0 [ 209.253585][T10044] inet_release+0x105/0x1f0 [ 209.258268][T10044] inet6_release+0x53/0x80 [ 209.262794][T10044] __sock_release+0xd3/0x2b0 [ 209.267648][T10044] ? __sock_release+0x2b0/0x2b0 [ 209.272753][T10044] sock_close+0x1b/0x30 [ 209.277296][T10044] __fput+0x2e5/0x8d0 [ 209.281364][T10044] ____fput+0x16/0x20 [ 209.285359][T10044] task_work_run+0x14a/0x1c0 [ 209.290391][T10044] exit_to_usermode_loop+0x273/0x2c0 [ 209.295685][T10044] do_syscall_64+0x52d/0x610 [ 209.300273][T10044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.306241][T10044] RIP: 0033:0x412071 [ 209.310131][T10044] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 e4 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 209.331203][T10044] RSP: 002b:00007ffdecdf3b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 209.339816][T10044] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000412071 [ 209.348057][T10044] RDX: 0000000000000000 RSI: ffffffff8715d85d RDI: 0000000000000004 [ 209.356282][T10044] RBP: 0000000000000000 R08: ffffffff8132cbea R09: 0000000033a1570b [ 209.364505][T10044] R10: 00007ffdecdf3aa0 R11: 0000000000000293 R12: 0000000000000000 [ 209.373200][T10044] R13: 00007ffdecdf3bb0 R14: 0000000000000000 R15: 00007ffdecdf3bc0 [ 209.381375][T10044] ? __phys_addr+0x1a/0x120 [ 209.385979][T10044] ? sprintf+0x8d/0x100 [ 209.390226][T10045] CPU: 0 PID: 10045 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 209.397814][T10044] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10044 [ 209.399698][T10045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.410148][T10044] caller is ip6_finish_output+0x335/0xdc0 [ 209.420018][T10045] Call Trace: [ 209.420039][T10045] dump_stack+0x172/0x1f0 [ 209.420061][T10045] __this_cpu_preempt_check+0x246/0x270 [ 209.420077][T10045] ip6_finish_output+0x335/0xdc0 [ 209.420097][T10045] ip6_output+0x235/0x7f0 [ 209.449186][T10045] ? ip6_finish_output+0xdc0/0xdc0 [ 209.454321][T10045] ? ip6_fragment+0x3980/0x3980 [ 209.459455][T10045] ? kasan_check_read+0x11/0x20 [ 209.464389][T10045] ip6_xmit+0xe41/0x20c0 [ 209.468905][T10045] ? ip6_finish_output2+0x2550/0x2550 [ 209.474288][T10045] ? mark_held_locks+0xf0/0xf0 [ 209.479239][T10045] ? ip6_setup_cork+0x1870/0x1870 [ 209.484658][T10045] sctp_v6_xmit+0x313/0x660 [ 209.489434][T10045] sctp_packet_transmit+0x1bc4/0x36f0 [ 209.494835][T10045] ? sctp_packet_config+0xfe0/0xfe0 [ 209.500645][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 209.506363][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 209.512079][T10045] sctp_outq_flush+0x2b8/0x2780 [ 209.517269][T10045] ? sctp_make_heartbeat+0x1ef/0x280 [ 209.522560][T10045] ? __sctp_outq_teardown+0xc60/0xc60 [ 209.528038][T10045] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 209.534277][T10045] ? sctp_outq_tail+0x68c/0x930 [ 209.539309][T10045] sctp_outq_uncork+0x6c/0x80 [ 209.543982][T10045] sctp_do_sm+0x2575/0x5770 [ 209.548550][T10045] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 209.555216][T10045] ? _raw_spin_unlock_irq+0x28/0x90 [ 209.560509][T10045] ? lockdep_hardirqs_on+0x418/0x5d0 [ 209.566056][T10045] ? trace_hardirqs_on+0x67/0x230 [ 209.571356][T10045] ? kasan_check_read+0x11/0x20 [ 209.576571][T10045] ? __lock_acquire+0x548/0x3fb0 [ 209.582027][T10045] ? __switch_to_asm+0x34/0x70 [ 209.587112][T10045] ? __switch_to_asm+0x40/0x70 [ 209.592027][T10045] ? __might_fault+0x12b/0x1e0 [ 209.597769][T10045] sctp_primitive_REQUESTHEARTBEAT+0xa0/0xd0 [ 209.604179][T10045] sctp_apply_peer_addr_params+0x137/0x1f50 [ 209.610254][T10045] sctp_setsockopt_peer_addr_params+0x4c7/0x590 [ 209.616765][T10045] ? sctp_getsockopt_assoc_stats+0x5b0/0x5b0 [ 209.623294][T10045] ? lock_sock_nested+0xac/0x120 [ 209.628597][T10045] ? lock_sock_nested+0x9a/0x120 [ 209.633918][T10045] ? __local_bh_enable_ip+0x15a/0x270 [ 209.639376][T10045] sctp_setsockopt+0x2174/0x6fe0 [ 209.644404][T10045] ? sctp_setsockopt_paddr_thresholds+0x540/0x540 [ 209.651511][T10045] ? kasan_check_read+0x11/0x20 [ 209.656671][T10045] ? ___might_sleep+0x163/0x280 [ 209.661521][T10045] ? __might_sleep+0x95/0x190 [ 209.666212][T10045] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 209.672107][T10045] ? aa_sk_perm+0x288/0x880 [ 209.676710][T10045] ? aa_sock_opt_perm.isra.0+0xa1/0x130 [ 209.682825][T10045] sock_common_setsockopt+0x9a/0xe0 [ 209.688456][T10045] __sys_setsockopt+0x180/0x280 [ 209.693650][T10045] ? kernel_accept+0x310/0x310 [ 209.698520][T10045] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 209.703974][T10045] ? do_syscall_64+0x26/0x610 [ 209.708945][T10045] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.715273][T10045] ? do_syscall_64+0x26/0x610 [ 209.720053][T10045] __x64_sys_setsockopt+0xbe/0x150 [ 209.725340][T10045] do_syscall_64+0x103/0x610 [ 209.730187][T10045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.736504][T10045] RIP: 0033:0x4582b9 [ 209.740489][T10045] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 209.761655][T10045] RSP: 002b:00007fb7e79f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 209.771461][T10045] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004582b9 [ 209.779841][T10045] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000005 [ 209.789083][T10045] RBP: 000000000073bf00 R08: 0000000000000098 R09: 0000000000000000 [ 209.797884][T10045] R10: 0000000020000280 R11: 0000000000000246 R12: 00007fb7e79f76d4 [ 209.806023][T10045] R13: 00000000004cd6a8 R14: 00000000004db258 R15: 00000000ffffffff [ 209.814010][T10044] CPU: 1 PID: 10044 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 209.823385][T10044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.826436][T10045] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10045 [ 209.833435][T10044] Call Trace: [ 209.833459][T10044] dump_stack+0x172/0x1f0 [ 209.833480][T10044] __this_cpu_preempt_check+0x246/0x270 [ 209.833498][T10044] ip6_finish_output+0x335/0xdc0 [ 209.833516][T10044] ip6_output+0x235/0x7f0 [ 209.833532][T10044] ? ip6_finish_output+0xdc0/0xdc0 [ 209.833550][T10044] ? ip6_fragment+0x3980/0x3980 [ 209.843199][T10045] caller is ip6_finish_output+0x335/0xdc0 [ 209.846514][T10044] ? kasan_check_read+0x11/0x20 [ 209.887037][T10044] ip6_xmit+0xe41/0x20c0 [ 209.892516][T10044] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 209.898586][T10044] ? ip6_finish_output2+0x2550/0x2550 [ 209.904384][T10044] ? mark_held_locks+0xf0/0xf0 [ 209.909242][T10044] ? ip6_setup_cork+0x1870/0x1870 [ 209.914275][T10044] sctp_v6_xmit+0x313/0x660 [ 209.918967][T10044] sctp_packet_transmit+0x1bc4/0x36f0 [ 209.924640][T10044] ? sctp_packet_config+0xfe0/0xfe0 [ 209.929926][T10044] sctp_outq_flush+0x2b8/0x2780 [ 209.934767][T10044] ? kmem_cache_alloc+0x32e/0x6f0 [ 209.939805][T10044] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 209.945873][T10044] ? __sctp_outq_teardown+0xc60/0xc60 [ 209.951581][T10044] ? sctp_addto_chunk+0xf6/0x2a0 [ 209.956865][T10044] ? sctp_make_heartbeat_ack+0xd9/0x110 [ 209.962668][T10044] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 209.969088][T10044] ? sctp_outq_tail+0x68c/0x930 [ 209.974205][T10044] sctp_outq_uncork+0x6c/0x80 [ 209.979230][T10044] sctp_do_sm+0x2575/0x5770 [ 209.983812][T10044] ? __fput+0x2e5/0x8d0 [ 209.987958][T10044] ? ____fput+0x16/0x20 [ 209.992286][T10044] ? task_work_run+0x14a/0x1c0 [ 209.997611][T10044] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 210.004817][T10044] ? lock_downgrade+0x880/0x880 [ 210.009758][T10044] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 210.015042][T10044] ? find_held_lock+0x35/0x130 [ 210.020148][T10044] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 210.025515][T10044] ? mark_held_locks+0xa4/0xf0 [ 210.030504][T10044] ? ktime_get+0x105/0x300 [ 210.034964][T10044] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 210.040237][T10044] ? ktime_get+0x105/0x300 [ 210.044939][T10044] ? trace_hardirqs_on+0x67/0x230 [ 210.050651][T10044] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 210.056536][T10044] ? ktime_get+0x208/0x300 [ 210.060962][T10044] sctp_assoc_bh_rcv+0x343/0x660 [ 210.066260][T10044] sctp_inq_push+0x1ea/0x290 [ 210.070937][T10044] sctp_backlog_rcv+0x196/0xbe0 [ 210.075864][T10044] ? __local_bh_enable_ip+0x15a/0x270 [ 210.081526][T10044] ? _raw_spin_unlock_bh+0x31/0x40 [ 210.086890][T10044] ? __local_bh_enable_ip+0x15a/0x270 [ 210.092430][T10044] ? sctp_hash_obj+0x600/0x600 [ 210.097287][T10044] ? __release_sock+0xca/0x3a0 [ 210.102046][T10044] ? __local_bh_enable_ip+0x15a/0x270 [ 210.107422][T10044] __release_sock+0x12e/0x3a0 [ 210.112188][T10044] release_sock+0x59/0x1c0 [ 210.116599][T10044] sctp_close+0x4a4/0x860 [ 210.121015][T10044] ? sctp_init_sock+0x1360/0x1360 [ 210.126311][T10044] ? ip_mc_drop_socket+0x211/0x270 [ 210.131425][T10044] ? __sock_release+0x89/0x2b0 [ 210.136379][T10044] inet_release+0x105/0x1f0 [ 210.141152][T10044] inet6_release+0x53/0x80 [ 210.145738][T10044] __sock_release+0xd3/0x2b0 [ 210.150333][T10044] ? __sock_release+0x2b0/0x2b0 [ 210.155183][T10044] sock_close+0x1b/0x30 [ 210.159506][T10044] __fput+0x2e5/0x8d0 [ 210.163489][T10044] ____fput+0x16/0x20 [ 210.168263][T10044] task_work_run+0x14a/0x1c0 [ 210.173030][T10044] exit_to_usermode_loop+0x273/0x2c0 [ 210.178419][T10044] do_syscall_64+0x52d/0x610 [ 210.183109][T10044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 210.189789][T10044] RIP: 0033:0x412071 [ 210.193937][T10044] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 e4 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 210.215626][T10044] RSP: 002b:00007ffdecdf3b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 210.224384][T10044] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000412071 [ 210.232786][T10044] RDX: 0000000000000000 RSI: ffffffff8715d85d RDI: 0000000000000004 [ 210.241284][T10044] RBP: 0000000000000000 R08: ffffffff8132cbea R09: 0000000033a1570b [ 210.249949][T10044] R10: 00007ffdecdf3aa0 R11: 0000000000000293 R12: 0000000000000000 [ 210.258019][T10044] R13: 00007ffdecdf3bb0 R14: 0000000000000000 R15: 00007ffdecdf3bc0 [ 210.266274][T10044] ? __phys_addr+0x1a/0x120 [ 210.270858][T10044] ? sprintf+0x8d/0x100 [ 210.275101][T10045] CPU: 0 PID: 10045 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 210.279925][T10044] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10044 [ 210.284478][T10045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 210.284489][T10045] Call Trace: [ 210.294115][T10044] caller is ip6_finish_output+0x335/0xdc0 [ 210.304382][T10045] dump_stack+0x172/0x1f0 [ 210.304405][T10045] __this_cpu_preempt_check+0x246/0x270 [ 210.304424][T10045] ip6_finish_output+0x335/0xdc0 [ 210.329584][T10045] ip6_output+0x235/0x7f0 [ 210.334487][T10045] ? ip6_finish_output+0xdc0/0xdc0 [ 210.340378][T10045] ? ip6_fragment+0x3980/0x3980 [ 210.345773][T10045] ? kasan_check_read+0x11/0x20 [ 210.350644][T10045] ip6_xmit+0xe41/0x20c0 [ 210.355673][T10045] ? ip6_finish_output2+0x2550/0x2550 [ 210.361140][T10045] ? mark_held_locks+0xf0/0xf0 [ 210.366074][T10045] ? ip6_setup_cork+0x1870/0x1870 [ 210.371397][T10045] sctp_v6_xmit+0x313/0x660 [ 210.376188][T10045] sctp_packet_transmit+0x1bc4/0x36f0 [ 210.382008][T10045] ? sctp_packet_config+0xfe0/0xfe0 [ 210.387637][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 210.393436][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 210.399529][T10045] sctp_outq_flush+0x2b8/0x2780 [ 210.405237][T10045] ? sctp_make_heartbeat+0x1ef/0x280 [ 210.411249][T10045] ? __sctp_outq_teardown+0xc60/0xc60 [ 210.417232][T10045] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 210.423643][T10045] ? sctp_outq_tail+0x68c/0x930 [ 210.429027][T10045] sctp_outq_uncork+0x6c/0x80 [ 210.433785][T10045] sctp_do_sm+0x2575/0x5770 [ 210.438626][T10045] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 210.445570][T10045] ? _raw_spin_unlock_irq+0x28/0x90 [ 210.450954][T10045] ? lockdep_hardirqs_on+0x418/0x5d0 [ 210.456419][T10045] ? trace_hardirqs_on+0x67/0x230 [ 210.461615][T10045] ? kasan_check_read+0x11/0x20 [ 210.466742][T10045] ? __lock_acquire+0x548/0x3fb0 [ 210.471826][T10045] ? __switch_to_asm+0x34/0x70 [ 210.476679][T10045] ? __switch_to_asm+0x40/0x70 [ 210.481645][T10045] ? __might_fault+0x12b/0x1e0 [ 210.487127][T10045] sctp_primitive_REQUESTHEARTBEAT+0xa0/0xd0 [ 210.493639][T10045] sctp_apply_peer_addr_params+0x137/0x1f50 [ 210.499750][T10045] sctp_setsockopt_peer_addr_params+0x4c7/0x590 [ 210.506165][T10045] ? sctp_getsockopt_assoc_stats+0x5b0/0x5b0 [ 210.512584][T10045] ? lock_sock_nested+0xac/0x120 [ 210.517715][T10045] ? lock_sock_nested+0x9a/0x120 [ 210.522837][T10045] ? __local_bh_enable_ip+0x15a/0x270 [ 210.528209][T10045] sctp_setsockopt+0x2174/0x6fe0 [ 210.533149][T10045] ? sctp_setsockopt_paddr_thresholds+0x540/0x540 [ 210.539651][T10045] ? kasan_check_read+0x11/0x20 [ 210.544648][T10045] ? ___might_sleep+0x163/0x280 [ 210.549496][T10045] ? __might_sleep+0x95/0x190 [ 210.554177][T10045] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 210.559884][T10045] ? aa_sk_perm+0x288/0x880 [ 210.564456][T10045] ? aa_sock_opt_perm.isra.0+0xa1/0x130 [ 210.570195][T10045] sock_common_setsockopt+0x9a/0xe0 [ 210.575662][T10045] __sys_setsockopt+0x180/0x280 [ 210.580527][T10045] ? kernel_accept+0x310/0x310 [ 210.585294][T10045] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 210.590755][T10045] ? do_syscall_64+0x26/0x610 [ 210.595441][T10045] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 210.601768][T10045] ? do_syscall_64+0x26/0x610 [ 210.606544][T10045] __x64_sys_setsockopt+0xbe/0x150 [ 210.611870][T10045] do_syscall_64+0x103/0x610 [ 210.616597][T10045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 210.622768][T10045] RIP: 0033:0x4582b9 [ 210.626778][T10045] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 210.647196][T10045] RSP: 002b:00007fb7e79f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 210.655776][T10045] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004582b9 [ 210.664609][T10045] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000005 [ 210.672810][T10045] RBP: 000000000073bf00 R08: 0000000000000098 R09: 0000000000000000 [ 210.681209][T10045] R10: 0000000020000280 R11: 0000000000000246 R12: 00007fb7e79f76d4 [ 210.689687][T10045] R13: 00000000004cd6a8 R14: 00000000004db258 R15: 00000000ffffffff [ 210.698131][T10044] CPU: 1 PID: 10044 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 210.707521][T10044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 210.709722][T10045] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10045 [ 210.718049][T10044] Call Trace: [ 210.718073][T10044] dump_stack+0x172/0x1f0 [ 210.718095][T10044] __this_cpu_preempt_check+0x246/0x270 [ 210.718112][T10044] ip6_finish_output+0x335/0xdc0 [ 210.718138][T10044] ip6_output+0x235/0x7f0 [ 210.727903][T10045] caller is ip6_finish_output+0x335/0xdc0 [ 210.731143][T10044] ? ip6_finish_output+0xdc0/0xdc0 [ 210.731168][T10044] ? ip6_fragment+0x3980/0x3980 [ 210.767959][T10044] ? kasan_check_read+0x11/0x20 [ 210.773016][T10044] ip6_xmit+0xe41/0x20c0 [ 210.777258][T10044] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 210.783411][T10044] ? ip6_finish_output2+0x2550/0x2550 [ 210.788882][T10044] ? mark_held_locks+0xf0/0xf0 [ 210.793815][T10044] ? ip6_setup_cork+0x1870/0x1870 [ 210.798939][T10044] sctp_v6_xmit+0x313/0x660 [ 210.803637][T10044] sctp_packet_transmit+0x1bc4/0x36f0 [ 210.809564][T10044] ? sctp_packet_config+0xfe0/0xfe0 [ 210.814769][T10044] sctp_outq_flush+0x2b8/0x2780 [ 210.819794][T10044] ? kmem_cache_alloc+0x32e/0x6f0 [ 210.825020][T10044] ? skb_trim+0x190/0x190 [ 210.829779][T10044] ? __save_stack_trace+0x99/0x100 [ 210.834981][T10044] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 210.841044][T10044] ? __sctp_outq_teardown+0xc60/0xc60 [ 210.846502][T10044] ? sctp_addto_chunk+0xf6/0x2a0 [ 210.851529][T10044] ? sctp_make_heartbeat_ack+0xd9/0x110 [ 210.857170][T10044] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 210.863581][T10044] ? sctp_outq_tail+0x68c/0x930 [ 210.868520][T10044] sctp_outq_uncork+0x6c/0x80 [ 210.873543][T10044] sctp_do_sm+0x2575/0x5770 [ 210.878412][T10044] ? __fput+0x2e5/0x8d0 [ 210.882979][T10044] ? ____fput+0x16/0x20 [ 210.887281][T10044] ? task_work_run+0x14a/0x1c0 [ 210.892049][T10044] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 210.898996][T10044] ? lock_downgrade+0x880/0x880 [ 210.904208][T10044] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 210.910019][T10044] ? find_held_lock+0x35/0x130 [ 210.915035][T10044] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 210.920145][T10044] ? mark_held_locks+0xa4/0xf0 [ 210.924995][T10044] ? ktime_get+0x105/0x300 [ 210.929663][T10044] ? sctp_assoc_bh_rcv+0x2fc/0x660 [ 210.935248][T10044] ? ktime_get+0x105/0x300 [ 210.939664][T10044] ? trace_hardirqs_on+0x67/0x230 [ 210.944702][T10044] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 210.951110][T10044] ? ktime_get+0x208/0x300 [ 210.955631][T10044] sctp_assoc_bh_rcv+0x343/0x660 [ 210.960742][T10044] sctp_inq_push+0x1ea/0x290 [ 210.965324][T10044] sctp_backlog_rcv+0x196/0xbe0 [ 210.970182][T10044] ? __local_bh_enable_ip+0x15a/0x270 [ 210.975642][T10044] ? _raw_spin_unlock_bh+0x31/0x40 [ 210.981190][T10044] ? __local_bh_enable_ip+0x15a/0x270 [ 210.986733][T10044] ? sctp_hash_obj+0x600/0x600 [ 210.992402][T10044] ? __release_sock+0xca/0x3a0 [ 210.997336][T10044] ? __local_bh_enable_ip+0x15a/0x270 [ 211.003449][T10044] __release_sock+0x12e/0x3a0 [ 211.008226][T10044] release_sock+0x59/0x1c0 [ 211.013005][T10044] sctp_close+0x4a4/0x860 [ 211.017443][T10044] ? sctp_init_sock+0x1360/0x1360 [ 211.023004][T10044] ? ip_mc_drop_socket+0x211/0x270 [ 211.028659][T10044] ? __sock_release+0x89/0x2b0 [ 211.033693][T10044] inet_release+0x105/0x1f0 [ 211.038991][T10044] inet6_release+0x53/0x80 [ 211.043435][T10044] __sock_release+0xd3/0x2b0 [ 211.048278][T10044] ? __sock_release+0x2b0/0x2b0 [ 211.053489][T10044] sock_close+0x1b/0x30 [ 211.057822][T10044] __fput+0x2e5/0x8d0 [ 211.061962][T10044] ____fput+0x16/0x20 [ 211.065955][T10044] task_work_run+0x14a/0x1c0 [ 211.070652][T10044] exit_to_usermode_loop+0x273/0x2c0 [ 211.076113][T10044] do_syscall_64+0x52d/0x610 [ 211.081069][T10044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 211.087324][T10044] RIP: 0033:0x412071 [ 211.091473][T10044] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 e4 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 211.111649][T10044] RSP: 002b:00007ffdecdf3b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 211.120321][T10044] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000412071 [ 211.128372][T10044] RDX: 0000000000000000 RSI: ffffffff8715d85d RDI: 0000000000000004 [ 211.136859][T10044] RBP: 0000000000000000 R08: ffffffff8132cbea R09: 0000000033a1570b [ 211.145102][T10044] R10: 00007ffdecdf3aa0 R11: 0000000000000293 R12: 0000000000000000 [ 211.153067][T10044] R13: 00007ffdecdf3bb0 R14: 0000000000000000 R15: 00007ffdecdf3bc0 [ 211.161390][T10044] ? __phys_addr+0x1a/0x120 [ 211.165985][T10044] ? sprintf+0x8d/0x100 [ 211.170146][T10045] CPU: 0 PID: 10045 Comm: syz-executor.2 Not tainted 5.1.0-rc3-next-20190405 #19 [ 211.179358][T10045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 211.190060][T10045] Call Trace: [ 211.193610][T10045] dump_stack+0x172/0x1f0 [ 211.198224][T10045] __this_cpu_preempt_check+0x246/0x270 [ 211.203762][T10045] ip6_finish_output+0x335/0xdc0 [ 211.208872][T10045] ip6_output+0x235/0x7f0 [ 211.213460][T10045] ? ip6_finish_output+0xdc0/0xdc0 [ 211.218672][T10045] ? ip6_fragment+0x3980/0x3980 [ 211.223511][T10045] ? kasan_check_read+0x11/0x20 [ 211.228452][T10045] ip6_xmit+0xe41/0x20c0 [ 211.232778][T10045] ? ip6_finish_output2+0x2550/0x2550 [ 211.238136][T10045] ? mark_held_locks+0xf0/0xf0 [ 211.242977][T10045] ? ip6_setup_cork+0x1870/0x1870 [ 211.248108][T10045] sctp_v6_xmit+0x313/0x660 [ 211.252812][T10045] sctp_packet_transmit+0x1bc4/0x36f0 [ 211.258408][T10045] ? sctp_packet_config+0xfe0/0xfe0 [ 211.264139][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 211.270022][T10045] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 211.275728][T10045] sctp_outq_flush+0x2b8/0x2780 [ 211.280574][T10045] ? sctp_make_heartbeat+0x1ef/0x280 [ 211.285860][T10045] ? __sctp_outq_teardown+0xc60/0xc60 [ 211.291220][T10045] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 211.297439][T10045] ? sctp_outq_tail+0x68c/0x930 [ 211.302272][T10045] sctp_outq_uncork+0x6c/0x80 [ 211.306932][T10045] sctp_do_sm+0x2575/0x5770 [ 211.311518][T10045] ? sctp_do_8_2_transport_strike.isra.0+0x940/0x940 [ 211.318446][T10045] ? _raw_spin_unlock_irq+0x28/0x90 [ 211.323730][T10045] ? lockdep_hardirqs_on+0x418/0x5d0 [ 211.329002][T10045] ? trace_hardirqs_on+0x67/0x230 [ 211.334315][T10045] ? kasan_check_read+0x11/0x20 [ 211.339152][T10045] ? __lock_acquire+0x548/0x3fb0 [ 211.344780][T10045] ? __switch_to_asm+0x34/0x70 [ 211.350148][T10045] ? __switch_to_asm+0x40/0x70 [ 211.355183][T10045] ? __might_fault+0x12b/0x1e0 [ 211.360040][T10045] sctp_primitive_REQUESTHEARTBEAT+0xa0/0xd0 [ 211.366116][T10045] sctp_apply_peer_addr_params+0x137/0x1f50 [ 211.372211][T10045] sctp_setsockopt_peer_addr_params+0x4c7/0x590 [ 211.378617][T10045] ? sctp_getsockopt_assoc_stats+0x5b0/0x5b0 [ 211.384614][T10045] ? lock_sock_nested+0xac/0x120 [ 211.389741][T10045] ? lock_sock_nested+0x9a/0x120 [ 211.394797][T10045] ? __local_bh_enable_ip+0x15a/0x270 [ 211.400273][T10045] sctp_setsockopt+0x2174/0x6fe0 [ 211.405378][T10045] ? sctp_setsockopt_paddr_thresholds+0x540/0x540 [ 211.411862][T10045] ? kasan_check_read+0x11/0x20 [ 211.416873][T10045] ? ___might_sleep+0x163/0x280 [ 211.421993][T10045] ? __might_sleep+0x95/0x190 [ 211.426662][T10045] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 211.432660][T10045] ? aa_sk_perm+0x288/0x880 [ 211.437238][T10045] ? aa_sock_opt_perm.isra.0+0xa1/0x130 [ 211.442995][T10045] sock_common_setsockopt+0x9a/0xe0 [ 211.448190][T10045] __sys_setsockopt+0x180/0x280 [ 211.453070][T10045] ? kernel_accept+0x310/0x310 [ 211.457907][T10045] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 211.463350][T10045] ? do_syscall_64+0x26/0x610 [ 211.468197][T10045] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 211.474592][T10045] ? do_syscall_64+0x26/0x610 [ 211.479432][T10045] __x64_sys_setsockopt+0xbe/0x150 [ 211.484643][T10045] do_syscall_64+0x103/0x610 [ 211.489398][T10045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 211.495417][T10045] RIP: 0033:0x4582b9 [ 211.499596][T10045] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 211.519356][T10045] RSP: 002b:00007fb7e79f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 211.528116][T10045] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004582b9 [ 211.536089][T10045] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000005 [ 211.545004][T10045] RBP: 000000000073bf00 R08: 0000000000000098 R09: 0000000000000000 [ 211.553397][T10045] R10: 0000000020000280 R11: 0000000000000246 R12: 00007fb7e79f76d4 [ 211.561443][T10045] R13: 00000000004cd6a8 R14: 00000000004db258 R15: 00000000ffffffff 21:37:08 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) getuid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000100)) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x1000000000054}, 0x98) 21:37:08 executing program 0: 21:37:08 executing program 1: 21:37:08 executing program 5: 21:37:08 executing program 4: 21:37:08 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(rmd128,cbc(blowfish))\x00'}, 0x58) bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x58) 21:37:08 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000000380)=[{0x0}], 0x1, 0x2) r0 = syz_open_dev$usbmon(0x0, 0x81, 0x0) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, 0x0, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000680)={0x0, 0x0, 0x1, [0x0]}, &(0x7f00000006c0)=0xa) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8) getpid() ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r2, 0x0) write$binfmt_misc(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="000000008e9464a206bd25e188bc0994ddc3d9575e6dec2aa5588b8bff2e1c2222551fbc604e3e3b37d33db65ff8d115168aaccef4eeb7e1eb24c5700ebdff10ece5ca1f61e06965b298c8ce3dd02c68a147a8ec7063e732be04fec951f934879ed74cfde53d9a4f0dd315fd4b8b8ca68aa7d1b08841e555727e8c767ee245828827867edc7a1153576dd34779fce9ab868692959ceba04e576d3c530d6671d7f1e3a0389707d71c3366af65da074ad23cade2cecfaf942b0b4dd95b532479a7c2c73146d1e82cb0b679aa2aafadc8ff4162836a56718e77701ac5fdce60d3eb930e566722278144ed27b640c546372ad4"], 0xf1) io_setup(0x101, &(0x7f0000000040)=0x0) shmget$private(0x0, 0x3000, 0x16a424badf40a786, &(0x7f0000ffd000/0x3000)=nil) io_submit(r3, 0x2000000000000246, &(0x7f0000001540)=[&(0x7f0000000140)={0x3a000000, 0x2759, 0xd, 0x0, 0x0, r1, &(0x7f0000000000), 0xfffffce4}]) 21:37:08 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x2) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0xffffffffffffff1b, 0x12, 0x100000000000000, {0x0, 0x0, 0x18000000000000}}, 0xfffffefd) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) 21:37:08 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x1}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/route\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000261, 0x10400003) fdatasync(0xffffffffffffffff) creat(0x0, 0x0) 21:37:08 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x246) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0xfffd}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x30, 0x0, 0x0, 0x117) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:37:08 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$P9_RFLUSH(r1, &(0x7f0000001380)={0x7, 0x6d, 0x1}, 0x7) syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00') r2 = syz_open_dev$video(&(0x7f00000013c0)='/dev/video#\x00', 0x0, 0x0) ioctl$VIDIOC_S_PRIORITY(r2, 0xc0189436, 0x1fffffff) sendmsg$FOU_CMD_GET(r1, &(0x7f0000001240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4) getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='system.advise\x00', &(0x7f00000001c0)=""/4096, 0x1000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r3 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r3, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) fchmod(r2, 0xa8) r4 = socket$packet(0x11, 0x3, 0x300) mq_timedsend(r4, &(0x7f0000001280)="b4c52167fcd4a137604a6ff4698668a882faac35b23e67ba2fb77ea277b8ec92c160dbbd0e433257988e80d9e0f5f8b6a41c1a88c6f8341598f401391346b209e3a82fed10ae2a38f652d805e2c6ac1ae916cdd2ea3d4bf558ebb233e67a561c3ccfc21ef29e56aee92b0d1d1a8194513cef203e70cd93a4111dbcdc8f3d4918f1707c434f21015dba62cdfc1a00edda233e1190936f5e9d8ff4e43f6c8267dac0d294a10986458b76f674b9402276bcbac19711164a2bd0345e2e499e881f1af9d4e296c28366ed31072369addffac358eee2d316e148bdda5d47ed748593b09ccb2bd2a3d2949bfabbfeea3a625808b9533e7009c4b2c4513af329e6", 0xfd, 0x3f, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}, 0x41a}, 0x1c) sendmmsg(r3, &(0x7f0000005fc0), 0x80000000000006a, 0x69000000) 21:37:08 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) getuid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000100)) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x1000000000054}, 0x98) 21:37:08 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x1}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/route\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000261, 0x10400003) fdatasync(0xffffffffffffffff) creat(0x0, 0x0)