[ 56.288345] audit: type=1800 audit(1542651087.338:30): pid=6550 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.116' (ECDSA) to the list of known hosts. 2018/11/19 18:11:37 fuzzer started 2018/11/19 18:11:42 dialing manager at 10.128.0.26:46773 2018/11/19 18:11:42 syscalls: 1 2018/11/19 18:11:42 code coverage: enabled 2018/11/19 18:11:42 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/11/19 18:11:42 setuid sandbox: enabled 2018/11/19 18:11:42 namespace sandbox: enabled 2018/11/19 18:11:42 Android sandbox: /sys/fs/selinux/policy does not exist 2018/11/19 18:11:42 fault injection: enabled 2018/11/19 18:11:42 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/11/19 18:11:42 net packed injection: enabled 2018/11/19 18:11:42 net device setup: enabled 18:13:48 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x805, 0x0) ioctl$UI_SET_SNDBIT(r1, 0x4004556a, 0x6) write$uinput_user_dev(r1, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x12) ioctl$UI_DEV_SETUP(r1, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'}) syzkaller login: [ 197.693677] IPVS: ftp: loaded support on port[0] = 21 [ 199.781221] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.787938] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.796527] device bridge_slave_0 entered promiscuous mode [ 199.958087] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.964671] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.973028] device bridge_slave_1 entered promiscuous mode [ 200.093208] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 200.213453] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 200.582683] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 200.708177] bond0: Enslaving bond_slave_1 as an active interface with an up link 18:13:52 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = syz_open_dev$sndctrl(&(0x7f00000000c0)='/dev/snd/controlC#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001000)={0xb, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000005000)}, 0x0, 0x100000000000004}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2) ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0xc1105511, &(0x7f0000001000)) [ 201.483236] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 201.491050] team0: Port device team_slave_0 added [ 201.699073] IPVS: ftp: loaded support on port[0] = 21 [ 201.757849] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 201.765797] team0: Port device team_slave_1 added [ 201.884991] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 201.893940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 201.902853] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 202.058443] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 202.311403] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 202.319209] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 202.328311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 202.495685] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 202.503271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 202.512386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 203.362845] ip (6811) used greatest stack depth: 53168 bytes left [ 204.733996] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.740443] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.749462] device bridge_slave_0 entered promiscuous mode [ 204.824991] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.831506] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.838487] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.844980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.853528] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 204.985634] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.992157] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.000513] device bridge_slave_1 entered promiscuous mode [ 205.211087] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 205.418957] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 205.861803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 206.044265] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 206.174278] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 206.323148] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 206.330268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 206.457669] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 206.465543] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 18:13:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x27) [ 207.137173] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 207.145309] team0: Port device team_slave_0 added [ 207.309351] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 207.317300] team0: Port device team_slave_1 added [ 207.399438] IPVS: ftp: loaded support on port[0] = 21 [ 207.553557] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 207.560686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.569604] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 207.739155] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 207.746528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 207.755295] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 207.959814] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 207.967462] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.976252] not chained 10000 origins [ 207.980091] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 4.20.0-rc3+ #89 [ 207.986845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 207.996214] Workqueue: events linkwatch_event [ 208.000708] Call Trace: [ 208.003311] dump_stack+0x32d/0x480 [ 208.006947] ? save_stack_trace+0xc6/0x110 [ 208.011196] kmsan_internal_chain_origin+0x222/0x240 [ 208.016310] ? kmsan_internal_chain_origin+0x136/0x240 [ 208.021599] ? __msan_chain_origin+0x6d/0xb0 [ 208.026011] ? __save_stack_trace+0x833/0xc60 [ 208.030508] ? save_stack_trace+0xc6/0x110 [ 208.034755] ? kmsan_internal_chain_origin+0x136/0x240 [ 208.040035] ? kmsan_memcpy_origins+0x13d/0x190 [ 208.044711] ? __msan_memcpy+0x6f/0x80 [ 208.048607] ? nla_put+0x20a/0x2d0 [ 208.052157] ? br_port_fill_attrs+0x42b/0x1ea0 [ 208.056743] ? br_port_fill_slave_info+0xff/0x120 [ 208.061592] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.066089] ? rtmsg_ifinfo_build_skb+0x27c/0x410 [ 208.070932] ? rtmsg_ifinfo+0x112/0x260 [ 208.074916] ? netdev_state_change+0x1ea/0x2f0 [ 208.079499] ? linkwatch_do_dev+0x4b8/0x530 [ 208.083833] ? __linkwatch_run_queue+0x995/0x1120 [ 208.088677] ? linkwatch_event+0x73/0x90 [ 208.092747] ? process_one_work+0x19fe/0x25f0 [ 208.097244] ? worker_thread+0x1601/0x2bd0 [ 208.101484] ? kthread+0x5e7/0x620 [ 208.105031] ? ret_from_fork+0x35/0x40 [ 208.108928] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 208.114218] ? kmsan_internal_chain_origin+0x136/0x240 [ 208.119498] ? __msan_chain_origin+0x6d/0xb0 [ 208.123916] ? save_stack_trace+0xfa/0x110 [ 208.128154] ? kmsan_internal_chain_origin+0x136/0x240 [ 208.133434] ? kmsan_memcpy_origins+0x13d/0x190 [ 208.138112] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 208.143570] ? in_task_stack+0x12c/0x210 [ 208.147646] __msan_chain_origin+0x6d/0xb0 [ 208.151894] ? br_port_fill_attrs+0x42b/0x1ea0 [ 208.156481] __save_stack_trace+0x8be/0xc60 [ 208.160812] ? __msan_warning+0x76/0xc0 [ 208.164820] ? br_port_fill_attrs+0x42b/0x1ea0 [ 208.169429] save_stack_trace+0xc6/0x110 [ 208.173519] kmsan_internal_chain_origin+0x136/0x240 [ 208.178632] ? __save_stack_trace+0x9f2/0xc60 [ 208.183143] ? kmsan_internal_chain_origin+0x136/0x240 [ 208.188421] ? kmsan_memcpy_origins+0x13d/0x190 [ 208.193091] ? __msan_memcpy+0x6f/0x80 [ 208.196981] ? nla_put+0x20a/0x2d0 [ 208.200529] ? br_port_fill_attrs+0x366/0x1ea0 [ 208.205125] ? br_port_fill_slave_info+0xff/0x120 [ 208.209971] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.214468] ? rtmsg_ifinfo_build_skb+0x27c/0x410 [ 208.219316] ? rtmsg_ifinfo+0x112/0x260 [ 208.223298] ? netdev_state_change+0x1ea/0x2f0 [ 208.227884] ? linkwatch_do_dev+0x4b8/0x530 [ 208.232215] ? __linkwatch_run_queue+0x995/0x1120 [ 208.237061] ? linkwatch_event+0x73/0x90 [ 208.241125] ? process_one_work+0x19fe/0x25f0 [ 208.245627] ? worker_thread+0x1601/0x2bd0 [ 208.249863] ? kthread+0x5e7/0x620 [ 208.253410] ? ret_from_fork+0x35/0x40 [ 208.257304] ? ret_from_fork+0x35/0x40 [ 208.261204] ? kmsan_set_origin+0x7f/0x100 [ 208.265440] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 208.270566] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 208.275937] ? find_next_bit+0x25b/0x2a0 [ 208.280006] ? vmalloc_to_page+0x585/0x6c0 [ 208.284253] ? kmsan_set_origin+0x7f/0x100 [ 208.288495] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 208.293874] kmsan_memcpy_origins+0x13d/0x190 [ 208.298379] __msan_memcpy+0x6f/0x80 [ 208.302105] nla_put+0x20a/0x2d0 [ 208.305483] br_port_fill_attrs+0x42b/0x1ea0 [ 208.309909] br_port_fill_slave_info+0xff/0x120 [ 208.314587] ? br_port_get_slave_size+0x30/0x30 [ 208.319259] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.323616] rtmsg_ifinfo_build_skb+0x27c/0x410 [ 208.328303] rtmsg_ifinfo+0x112/0x260 [ 208.332117] netdev_state_change+0x1ea/0x2f0 [ 208.336546] linkwatch_do_dev+0x4b8/0x530 [ 208.340716] __linkwatch_run_queue+0x995/0x1120 [ 208.345406] linkwatch_event+0x73/0x90 [ 208.349294] ? linkwatch_fire_event+0xc60/0xc60 [ 208.353974] process_one_work+0x19fe/0x25f0 [ 208.358317] worker_thread+0x1601/0x2bd0 [ 208.362406] kthread+0x5e7/0x620 [ 208.365777] ? process_one_work+0x25f0/0x25f0 [ 208.370296] ? INIT_BOOL+0x30/0x30 [ 208.373846] ret_from_fork+0x35/0x40 [ 208.377576] Uninit was stored to memory at: [ 208.381919] kmsan_internal_chain_origin+0x136/0x240 [ 208.387029] __msan_chain_origin+0x6d/0xb0 [ 208.391263] __save_stack_trace+0x8be/0xc60 [ 208.395589] save_stack_trace+0xc6/0x110 [ 208.399667] kmsan_internal_chain_origin+0x136/0x240 [ 208.404772] kmsan_memcpy_origins+0x13d/0x190 [ 208.409269] __msan_memcpy+0x6f/0x80 [ 208.412998] nla_put+0x20a/0x2d0 [ 208.416383] br_port_fill_attrs+0x366/0x1ea0 [ 208.420802] br_port_fill_slave_info+0xff/0x120 [ 208.425482] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.429807] rtmsg_ifinfo_build_skb+0x27c/0x410 [ 208.434493] rtmsg_ifinfo+0x112/0x260 [ 208.438297] netdev_state_change+0x1ea/0x2f0 [ 208.442711] linkwatch_do_dev+0x4b8/0x530 [ 208.446861] __linkwatch_run_queue+0x995/0x1120 [ 208.451548] linkwatch_event+0x73/0x90 [ 208.455445] process_one_work+0x19fe/0x25f0 [ 208.459772] worker_thread+0x1601/0x2bd0 [ 208.463845] kthread+0x5e7/0x620 [ 208.467212] ret_from_fork+0x35/0x40 [ 208.470907] [ 208.472524] Uninit was stored to memory at: [ 208.476845] kmsan_internal_chain_origin+0x136/0x240 [ 208.482048] __msan_chain_origin+0x6d/0xb0 [ 208.486276] __save_stack_trace+0x8be/0xc60 [ 208.490653] save_stack_trace+0xc6/0x110 [ 208.494709] kmsan_internal_chain_origin+0x136/0x240 [ 208.499809] kmsan_memcpy_origins+0x13d/0x190 [ 208.504302] __msan_memcpy+0x6f/0x80 [ 208.508010] nla_put+0x20a/0x2d0 [ 208.511375] br_port_fill_attrs+0x366/0x1ea0 [ 208.515780] br_port_fill_slave_info+0xff/0x120 [ 208.520458] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.524770] rtmsg_ifinfo_build_skb+0x27c/0x410 [ 208.529438] rtmsg_ifinfo+0x112/0x260 [ 208.533233] netdev_state_change+0x1ea/0x2f0 [ 208.537646] linkwatch_do_dev+0x4b8/0x530 [ 208.541788] __linkwatch_run_queue+0x995/0x1120 [ 208.546452] linkwatch_event+0x73/0x90 [ 208.550331] process_one_work+0x19fe/0x25f0 [ 208.554657] worker_thread+0x1601/0x2bd0 [ 208.558725] kthread+0x5e7/0x620 [ 208.562096] ret_from_fork+0x35/0x40 [ 208.565804] [ 208.567443] Uninit was stored to memory at: [ 208.571764] kmsan_internal_chain_origin+0x136/0x240 [ 208.576864] __msan_chain_origin+0x6d/0xb0 [ 208.581097] __save_stack_trace+0x8be/0xc60 [ 208.585409] save_stack_trace+0xc6/0x110 [ 208.589464] kmsan_internal_chain_origin+0x136/0x240 [ 208.594565] kmsan_memcpy_origins+0x13d/0x190 [ 208.599058] __msan_memcpy+0x6f/0x80 [ 208.602770] nla_put+0x20a/0x2d0 [ 208.606134] br_port_fill_attrs+0x366/0x1ea0 [ 208.610543] br_port_fill_slave_info+0xff/0x120 [ 208.615209] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.619522] rtmsg_ifinfo_build_skb+0x27c/0x410 [ 208.624191] rtmsg_ifinfo+0x112/0x260 [ 208.627986] netdev_state_change+0x1ea/0x2f0 [ 208.632390] linkwatch_do_dev+0x4b8/0x530 [ 208.636532] __linkwatch_run_queue+0x995/0x1120 [ 208.641197] linkwatch_event+0x73/0x90 [ 208.645075] process_one_work+0x19fe/0x25f0 [ 208.649385] worker_thread+0x1601/0x2bd0 [ 208.653448] kthread+0x5e7/0x620 [ 208.656816] ret_from_fork+0x35/0x40 [ 208.660516] [ 208.662135] Uninit was stored to memory at: [ 208.666448] kmsan_internal_chain_origin+0x136/0x240 [ 208.671555] __msan_chain_origin+0x6d/0xb0 [ 208.675791] __save_stack_trace+0x8be/0xc60 [ 208.680108] save_stack_trace+0xc6/0x110 [ 208.684166] kmsan_internal_chain_origin+0x136/0x240 [ 208.689264] kmsan_memcpy_origins+0x13d/0x190 [ 208.693754] __msan_memcpy+0x6f/0x80 [ 208.697458] nla_put+0x20a/0x2d0 [ 208.700820] br_port_fill_attrs+0x366/0x1ea0 [ 208.705482] br_port_fill_slave_info+0xff/0x120 [ 208.710145] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.714461] rtmsg_ifinfo_build_skb+0x27c/0x410 [ 208.719119] rtmsg_ifinfo+0x112/0x260 [ 208.722911] netdev_state_change+0x1ea/0x2f0 [ 208.727324] linkwatch_do_dev+0x4b8/0x530 [ 208.731474] __linkwatch_run_queue+0x995/0x1120 [ 208.736133] linkwatch_event+0x73/0x90 [ 208.740011] process_one_work+0x19fe/0x25f0 [ 208.744323] worker_thread+0x1601/0x2bd0 [ 208.748380] kthread+0x5e7/0x620 [ 208.751742] ret_from_fork+0x35/0x40 [ 208.755436] [ 208.757052] Uninit was stored to memory at: [ 208.761376] kmsan_internal_chain_origin+0x136/0x240 [ 208.766471] __msan_chain_origin+0x6d/0xb0 [ 208.770697] __save_stack_trace+0x8be/0xc60 [ 208.775010] save_stack_trace+0xc6/0x110 [ 208.779079] kmsan_internal_chain_origin+0x136/0x240 [ 208.784175] kmsan_memcpy_origins+0x13d/0x190 [ 208.788664] __msan_memcpy+0x6f/0x80 [ 208.792374] nla_put+0x20a/0x2d0 [ 208.795738] br_port_fill_attrs+0x366/0x1ea0 [ 208.800140] br_port_fill_slave_info+0xff/0x120 [ 208.804805] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.809123] rtmsg_ifinfo_build_skb+0x27c/0x410 [ 208.813782] rtmsg_ifinfo+0x112/0x260 [ 208.818096] netdev_state_change+0x1ea/0x2f0 [ 208.822498] linkwatch_do_dev+0x4b8/0x530 [ 208.826641] __linkwatch_run_queue+0x995/0x1120 [ 208.831307] linkwatch_event+0x73/0x90 [ 208.835187] process_one_work+0x19fe/0x25f0 [ 208.839590] worker_thread+0x1601/0x2bd0 [ 208.843646] kthread+0x5e7/0x620 [ 208.847004] ret_from_fork+0x35/0x40 [ 208.850703] [ 208.852321] Uninit was stored to memory at: [ 208.856636] kmsan_internal_chain_origin+0x136/0x240 [ 208.861737] __msan_chain_origin+0x6d/0xb0 [ 208.865967] __save_stack_trace+0x8be/0xc60 [ 208.870285] save_stack_trace+0xc6/0x110 [ 208.874344] kmsan_internal_chain_origin+0x136/0x240 [ 208.879442] kmsan_memcpy_origins+0x13d/0x190 [ 208.883949] __msan_memcpy+0x6f/0x80 [ 208.887677] nla_put+0x20a/0x2d0 [ 208.891040] br_port_fill_attrs+0x366/0x1ea0 [ 208.895529] br_port_fill_slave_info+0xff/0x120 [ 208.900195] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.904505] rtmsg_ifinfo_build_skb+0x27c/0x410 [ 208.909191] rtmsg_ifinfo+0x112/0x260 [ 208.912986] netdev_state_change+0x1ea/0x2f0 [ 208.917390] linkwatch_do_dev+0x4b8/0x530 [ 208.921544] __linkwatch_run_queue+0x995/0x1120 [ 208.926209] linkwatch_event+0x73/0x90 [ 208.930087] process_one_work+0x19fe/0x25f0 [ 208.934402] worker_thread+0x1601/0x2bd0 [ 208.938456] kthread+0x5e7/0x620 [ 208.941824] ret_from_fork+0x35/0x40 [ 208.945521] [ 208.947143] Uninit was stored to memory at: [ 208.951456] kmsan_internal_chain_origin+0x136/0x240 [ 208.956562] __msan_chain_origin+0x6d/0xb0 [ 208.960790] __save_stack_trace+0x8be/0xc60 [ 208.965105] save_stack_trace+0xc6/0x110 [ 208.969158] kmsan_internal_chain_origin+0x136/0x240 [ 208.974258] kmsan_memcpy_origins+0x13d/0x190 [ 208.978747] __msan_memcpy+0x6f/0x80 [ 208.982655] nla_put+0x20a/0x2d0 [ 208.986019] br_port_fill_attrs+0x366/0x1ea0 [ 208.990419] br_port_fill_slave_info+0xff/0x120 [ 208.995083] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 208.999396] rtmsg_ifinfo_build_skb+0x27c/0x410 [ 209.004067] rtmsg_ifinfo+0x112/0x260 [ 209.007862] netdev_state_change+0x1ea/0x2f0 [ 209.012266] linkwatch_do_dev+0x4b8/0x530 [ 209.016409] __linkwatch_run_queue+0x995/0x1120 [ 209.021068] linkwatch_event+0x73/0x90 [ 209.024949] process_one_work+0x19fe/0x25f0 [ 209.029264] worker_thread+0x1601/0x2bd0 [ 209.033318] kthread+0x5e7/0x620 [ 209.036686] ret_from_fork+0x35/0x40 [ 209.040387] [ 209.042007] Local variable description: ----__ai_o2.i.i.i.i@kfree [ 209.048222] Variable was created at: [ 209.051932] kfree+0x100/0x2fb0 [ 209.055206] skb_release_data+0xbcb/0xc90 [ 209.060646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 209.425504] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 209.520580] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 209.529787] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 212.266845] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.273377] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.280427] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.286987] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.295556] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 212.372654] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 212.720920] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.727562] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.735881] device bridge_slave_0 entered promiscuous mode [ 213.030878] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.037460] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.045837] device bridge_slave_1 entered promiscuous mode [ 213.316029] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 213.559808] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 214.445041] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 214.728779] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 215.030716] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 215.037913] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 215.291480] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 215.298819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 215.564583] 8021q: adding VLAN 0 to HW filter on device bond0 18:14:06 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f00000003c0)=ANY=[], &(0x7f0000000080)='.', &(0x7f0000000040)="045b898f73", 0x0, 0x0) mount(&(0x7f0000000000), &(0x7f00000000c0)='.', &(0x7f0000000140)='vxfs\x00', 0x3080, &(0x7f0000000200)) rmdir(&(0x7f0000000200)='./file0\x00') mount(&(0x7f0000000080), &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f0000000580)) [ 216.173530] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 216.181406] team0: Port device team_slave_0 added [ 216.477782] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 216.485936] team0: Port device team_slave_1 added [ 216.648334] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 216.851913] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 216.858966] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 216.865482] IPVS: ftp: loaded support on port[0] = 21 [ 216.867666] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 217.225752] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 217.232987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 217.241465] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.584033] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 217.591748] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 217.600624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 217.820307] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 217.826842] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 217.835038] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 217.847814] ip (7130) used greatest stack depth: 53024 bytes left [ 217.885857] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 217.893632] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 217.902443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 218.973928] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.487790] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.494330] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.501201] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.507788] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.516263] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 221.945846] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.952626] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.960905] device bridge_slave_0 entered promiscuous mode [ 222.271727] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.278194] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.286664] device bridge_slave_1 entered promiscuous mode [ 222.342187] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 222.650084] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 222.974047] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 223.805870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.877946] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 224.192101] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 224.490255] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 224.511727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 224.765388] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 224.772603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 225.035564] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 225.691316] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 225.693930] input: syz1 as /devices/virtual/input/input5 [ 225.699181] team0: Port device team_slave_0 added [ 225.764989] input: syz1 as /devices/virtual/input/input6 [ 225.997456] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 226.005585] team0: Port device team_slave_1 added 18:14:17 executing program 4: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) read$FUSE(r0, &(0x7f0000000040), 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$FUSE_ENTRY(r0, &(0x7f0000001040)={0x90, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000}}}, 0x90) 18:14:17 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) waitid(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f00000002c0)) [ 226.249370] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 226.255887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 226.264052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 226.399223] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 226.406548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 226.415580] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 18:14:17 executing program 0: r0 = openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0) write(r0, &(0x7f0000000100)="066ad8e0be3d458806402d41493b13e526b75647cb727d7747b1d37b4b9960912a45b88a53c19e4e3cfc9ed864bc75d0b66ac8ad187ca7e02617c91d216480e76a523a8d5845e47a6641e8fda58eae8cd581caa9a778b4db9119fc41d93277a5b0ca226960b0c735bf518f3d8aa52533d5e7820be1dfa4cc68f9ea5926f07c5bd7c3c291e69768503b7a39754a8cae7415e853f10de933", 0x97) r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x821f, 0x40002) ioctl$int_in(r1, 0x5452, &(0x7f00000001c0)=0x9) ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000240)=""/42) write$cgroup_type(r1, &(0x7f0000000280)='threaded\x00', 0xfe9e) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000200)={0x5, &(0x7f0000000080)=[{}, {}, {}, {}, {}]}) accept4$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0xffffffff, @host}, 0x10, 0x80800) [ 226.809641] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 226.817028] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 226.826024] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready 18:14:18 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) io_setup(0x7, &(0x7f00000000c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r1, &(0x7f0000000300)}]) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) [ 227.241382] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 227.249193] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.258011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.443980] IPVS: ftp: loaded support on port[0] = 21 [ 227.482854] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.647756] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 227.660553] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.669442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 18:14:18 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) io_setup(0x7, &(0x7f00000000c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r1, &(0x7f0000000300)}]) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:19 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) io_setup(0x7, &(0x7f00000000c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r1, &(0x7f0000000300)}]) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:19 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) io_setup(0x7, &(0x7f00000000c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r1, &(0x7f0000000300)}]) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:20 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) io_setup(0x7, &(0x7f00000000c0)) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:20 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) [ 231.630939] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.637491] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.644587] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.651032] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.659324] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 232.506331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 232.885025] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.891825] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.900044] device bridge_slave_0 entered promiscuous mode [ 233.249452] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.256308] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.264888] device bridge_slave_1 entered promiscuous mode [ 233.575901] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 233.904779] not chained 20000 origins [ 233.908642] CPU: 0 PID: 7576 Comm: ip Not tainted 4.20.0-rc3+ #89 [ 233.914879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.924237] Call Trace: [ 233.926836] dump_stack+0x32d/0x480 [ 233.930479] ? save_stack_trace+0xc6/0x110 [ 233.934733] kmsan_internal_chain_origin+0x222/0x240 [ 233.939856] ? kmsan_internal_chain_origin+0x136/0x240 [ 233.945143] ? __msan_chain_origin+0x6d/0xb0 [ 233.949567] ? __save_stack_trace+0x833/0xc60 [ 233.954074] ? save_stack_trace+0xc6/0x110 [ 233.958315] ? kmsan_internal_chain_origin+0x136/0x240 [ 233.963600] ? kmsan_memcpy_origins+0x13d/0x190 [ 233.968288] ? __msan_memcpy+0x6f/0x80 [ 233.972207] ? nla_put+0x20a/0x2d0 [ 233.975763] ? br_port_fill_attrs+0x42b/0x1ea0 [ 233.980362] ? br_port_fill_slave_info+0xff/0x120 [ 233.985216] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 233.989724] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 233.994238] ? netlink_dump+0xc79/0x1c90 [ 233.998312] ? netlink_recvmsg+0xec2/0x19d0 [ 234.002641] ? sock_recvmsg+0x1d1/0x230 [ 234.006626] ? ___sys_recvmsg+0x444/0xae0 [ 234.010784] ? __se_sys_recvmsg+0x2fa/0x450 [ 234.015131] ? __x64_sys_recvmsg+0x4a/0x70 [ 234.019386] ? do_syscall_64+0xcf/0x110 [ 234.023368] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 234.028744] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 234.033866] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 234.039162] ? kmsan_internal_chain_origin+0x136/0x240 [ 234.044446] ? __msan_chain_origin+0x6d/0xb0 [ 234.048865] ? save_stack_trace+0xfa/0x110 [ 234.053108] ? kmsan_internal_chain_origin+0x136/0x240 [ 234.058391] ? kmsan_memcpy_origins+0x13d/0x190 [ 234.063073] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 234.068530] ? in_task_stack+0x12c/0x210 [ 234.072755] __msan_chain_origin+0x6d/0xb0 [ 234.077004] ? __se_sys_recvmsg+0x2fa/0x450 [ 234.081336] __save_stack_trace+0x8be/0xc60 [ 234.085692] ? __se_sys_recvmsg+0x2fa/0x450 [ 234.090031] save_stack_trace+0xc6/0x110 [ 234.094112] kmsan_internal_chain_origin+0x136/0x240 [ 234.099230] ? kmsan_internal_chain_origin+0x136/0x240 [ 234.104512] ? kmsan_memcpy_origins+0x13d/0x190 [ 234.109214] ? __msan_memcpy+0x6f/0x80 [ 234.113113] ? nla_put+0x20a/0x2d0 [ 234.116682] ? br_port_fill_attrs+0x42b/0x1ea0 [ 234.121276] ? br_port_fill_slave_info+0xff/0x120 [ 234.126133] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 234.130643] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 234.135145] ? netlink_dump+0xc79/0x1c90 [ 234.139210] ? netlink_recvmsg+0xec2/0x19d0 [ 234.143553] ? sock_recvmsg+0x1d1/0x230 [ 234.147531] ? ___sys_recvmsg+0x444/0xae0 [ 234.151691] ? __se_sys_recvmsg+0x2fa/0x450 [ 234.156016] ? __x64_sys_recvmsg+0x4a/0x70 [ 234.160260] ? do_syscall_64+0xcf/0x110 [ 234.164260] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 234.169651] ? __msan_poison_alloca+0x1e0/0x270 [ 234.174339] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 234.179717] ? find_next_bit+0x25b/0x2a0 [ 234.183785] ? vmalloc_to_page+0x585/0x6c0 [ 234.188038] ? kmsan_set_origin+0x7f/0x100 [ 234.192283] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 234.197667] kmsan_memcpy_origins+0x13d/0x190 [ 234.202180] __msan_memcpy+0x6f/0x80 [ 234.205915] nla_put+0x20a/0x2d0 [ 234.209302] br_port_fill_attrs+0x42b/0x1ea0 [ 234.213737] br_port_fill_slave_info+0xff/0x120 [ 234.218429] ? br_port_get_slave_size+0x30/0x30 [ 234.223107] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 234.227469] rtnl_dump_ifinfo+0x18b5/0x2140 [ 234.231881] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 234.237259] ? rtnl_getlink+0xec0/0xec0 [ 234.241242] netlink_dump+0xc79/0x1c90 [ 234.245192] netlink_recvmsg+0xec2/0x19d0 [ 234.249370] sock_recvmsg+0x1d1/0x230 [ 234.253178] ? netlink_sendmsg+0x1440/0x1440 [ 234.257597] ___sys_recvmsg+0x444/0xae0 [ 234.261597] ? __msan_poison_alloca+0x1e0/0x270 [ 234.266278] ? __se_sys_recvmsg+0xca/0x450 [ 234.270527] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 234.275902] ? __fdget+0x23c/0x440 [ 234.279458] __se_sys_recvmsg+0x2fa/0x450 [ 234.283633] __x64_sys_recvmsg+0x4a/0x70 [ 234.287709] do_syscall_64+0xcf/0x110 [ 234.291521] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 234.296726] RIP: 0033:0x7f1db974c210 [ 234.300449] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24 [ 234.319354] RSP: 002b:00007ffec51b1ec8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 234.327071] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1db974c210 [ 234.334353] RDX: 0000000000000000 RSI: 00007ffec51b1f10 RDI: 0000000000000003 [ 234.341625] RBP: 0000000000001fe4 R08: 00007f1db99f5ec8 R09: 0000000000000000 [ 234.348908] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006395c0 [ 234.356191] R13: 00007ffec51b5fa0 R14: 0000000000001fe4 R15: 00007ffec51b3f34 [ 234.363482] Uninit was stored to memory at: [ 234.367818] kmsan_internal_chain_origin+0x136/0x240 [ 234.372949] __msan_chain_origin+0x6d/0xb0 [ 234.377192] __save_stack_trace+0x8be/0xc60 [ 234.381521] save_stack_trace+0xc6/0x110 [ 234.385596] kmsan_internal_chain_origin+0x136/0x240 [ 234.390704] kmsan_memcpy_origins+0x13d/0x190 [ 234.395207] __msan_memcpy+0x6f/0x80 [ 234.399069] nla_put+0x20a/0x2d0 [ 234.402446] br_port_fill_attrs+0x366/0x1ea0 [ 234.406859] br_port_fill_slave_info+0xff/0x120 [ 234.411543] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 234.415869] rtnl_dump_ifinfo+0x18b5/0x2140 [ 234.420192] netlink_dump+0xc79/0x1c90 [ 234.424088] netlink_recvmsg+0xec2/0x19d0 [ 234.428243] sock_recvmsg+0x1d1/0x230 [ 234.432046] ___sys_recvmsg+0x444/0xae0 [ 234.436026] __se_sys_recvmsg+0x2fa/0x450 [ 234.440189] __x64_sys_recvmsg+0x4a/0x70 [ 234.444254] do_syscall_64+0xcf/0x110 [ 234.448062] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 234.453248] [ 234.454877] Uninit was stored to memory at: [ 234.459210] kmsan_internal_chain_origin+0x136/0x240 [ 234.464325] __msan_chain_origin+0x6d/0xb0 [ 234.468576] __save_stack_trace+0x8be/0xc60 [ 234.472903] save_stack_trace+0xc6/0x110 [ 234.476968] kmsan_internal_chain_origin+0x136/0x240 [ 234.482077] kmsan_memcpy_origins+0x13d/0x190 [ 234.486600] __msan_memcpy+0x6f/0x80 [ 234.490353] nla_put+0x20a/0x2d0 [ 234.493742] br_port_fill_attrs+0x366/0x1ea0 [ 234.498158] br_port_fill_slave_info+0xff/0x120 [ 234.502830] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 234.507154] rtnl_dump_ifinfo+0x18b5/0x2140 [ 234.511480] netlink_dump+0xc79/0x1c90 [ 234.515374] netlink_recvmsg+0xec2/0x19d0 [ 234.519530] sock_recvmsg+0x1d1/0x230 [ 234.523337] ___sys_recvmsg+0x444/0xae0 [ 234.527313] __se_sys_recvmsg+0x2fa/0x450 [ 234.531466] __x64_sys_recvmsg+0x4a/0x70 [ 234.535545] do_syscall_64+0xcf/0x110 [ 234.539355] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 234.544544] [ 234.546171] Uninit was stored to memory at: [ 234.550499] kmsan_internal_chain_origin+0x136/0x240 [ 234.555616] __msan_chain_origin+0x6d/0xb0 [ 234.559882] __save_stack_trace+0x8be/0xc60 [ 234.564208] save_stack_trace+0xc6/0x110 [ 234.568274] kmsan_internal_chain_origin+0x136/0x240 [ 234.573386] kmsan_memcpy_origins+0x13d/0x190 [ 234.577907] __msan_memcpy+0x6f/0x80 [ 234.581637] nla_put+0x20a/0x2d0 [ 234.585015] br_port_fill_attrs+0x366/0x1ea0 [ 234.589436] br_port_fill_slave_info+0xff/0x120 [ 234.594108] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 234.598432] rtnl_dump_ifinfo+0x18b5/0x2140 [ 234.602759] netlink_dump+0xc79/0x1c90 [ 234.606655] netlink_recvmsg+0xec2/0x19d0 [ 234.610816] sock_recvmsg+0x1d1/0x230 [ 234.614623] ___sys_recvmsg+0x444/0xae0 [ 234.618605] __se_sys_recvmsg+0x2fa/0x450 [ 234.622758] __x64_sys_recvmsg+0x4a/0x70 [ 234.626827] do_syscall_64+0xcf/0x110 [ 234.630642] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 234.635825] [ 234.637451] Uninit was stored to memory at: [ 234.641777] kmsan_internal_chain_origin+0x136/0x240 [ 234.646888] __msan_chain_origin+0x6d/0xb0 [ 234.651155] __save_stack_trace+0x8be/0xc60 [ 234.655486] save_stack_trace+0xc6/0x110 [ 234.659564] kmsan_internal_chain_origin+0x136/0x240 [ 234.664680] kmsan_memcpy_origins+0x13d/0x190 [ 234.669183] __msan_memcpy+0x6f/0x80 [ 234.672906] nla_put+0x20a/0x2d0 [ 234.676281] br_port_fill_attrs+0x366/0x1ea0 [ 234.680697] br_port_fill_slave_info+0xff/0x120 [ 234.685371] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 234.689700] rtnl_dump_ifinfo+0x18b5/0x2140 [ 234.694025] netlink_dump+0xc79/0x1c90 [ 234.697922] netlink_recvmsg+0xec2/0x19d0 [ 234.702075] sock_recvmsg+0x1d1/0x230 [ 234.705884] ___sys_recvmsg+0x444/0xae0 [ 234.709859] __se_sys_recvmsg+0x2fa/0x450 [ 234.714017] __x64_sys_recvmsg+0x4a/0x70 [ 234.718085] do_syscall_64+0xcf/0x110 [ 234.721914] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 234.727102] [ 234.728726] Uninit was stored to memory at: [ 234.733058] kmsan_internal_chain_origin+0x136/0x240 [ 234.738171] __msan_chain_origin+0x6d/0xb0 [ 234.742415] __save_stack_trace+0x8be/0xc60 [ 234.746747] save_stack_trace+0xc6/0x110 [ 234.750819] kmsan_internal_chain_origin+0x136/0x240 [ 234.755929] kmsan_memcpy_origins+0x13d/0x190 [ 234.760431] __msan_memcpy+0x6f/0x80 [ 234.764154] nla_put+0x20a/0x2d0 [ 234.767529] br_port_fill_attrs+0x366/0x1ea0 [ 234.771954] br_port_fill_slave_info+0xff/0x120 [ 234.776627] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 234.780953] rtnl_dump_ifinfo+0x18b5/0x2140 [ 234.785280] netlink_dump+0xc79/0x1c90 [ 234.789170] netlink_recvmsg+0xec2/0x19d0 [ 234.793329] sock_recvmsg+0x1d1/0x230 [ 234.797132] ___sys_recvmsg+0x444/0xae0 [ 234.801110] __se_sys_recvmsg+0x2fa/0x450 [ 234.805260] __x64_sys_recvmsg+0x4a/0x70 [ 234.809324] do_syscall_64+0xcf/0x110 [ 234.813133] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 234.818580] [ 234.820213] Uninit was stored to memory at: [ 234.824548] kmsan_internal_chain_origin+0x136/0x240 [ 234.829657] __msan_chain_origin+0x6d/0xb0 [ 234.833897] __save_stack_trace+0x8be/0xc60 [ 234.838223] save_stack_trace+0xc6/0x110 [ 234.842296] kmsan_internal_chain_origin+0x136/0x240 [ 234.847411] kmsan_memcpy_origins+0x13d/0x190 [ 234.851912] __msan_memcpy+0x6f/0x80 [ 234.855637] nla_put+0x20a/0x2d0 [ 234.859014] br_port_fill_attrs+0x366/0x1ea0 [ 234.863430] br_port_fill_slave_info+0xff/0x120 [ 234.868105] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 234.872430] rtnl_dump_ifinfo+0x18b5/0x2140 [ 234.876758] netlink_dump+0xc79/0x1c90 [ 234.880655] netlink_recvmsg+0xec2/0x19d0 [ 234.884815] sock_recvmsg+0x1d1/0x230 [ 234.888620] ___sys_recvmsg+0x444/0xae0 [ 234.892607] __se_sys_recvmsg+0x2fa/0x450 [ 234.896757] __x64_sys_recvmsg+0x4a/0x70 [ 234.900832] do_syscall_64+0xcf/0x110 [ 234.904641] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 234.909824] [ 234.911448] Uninit was stored to memory at: [ 234.915776] kmsan_internal_chain_origin+0x136/0x240 [ 234.920886] __msan_chain_origin+0x6d/0xb0 [ 234.925125] __save_stack_trace+0x8be/0xc60 [ 234.929453] save_stack_trace+0xc6/0x110 [ 234.933525] kmsan_internal_chain_origin+0x136/0x240 [ 234.938645] kmsan_memcpy_origins+0x13d/0x190 [ 234.943147] __msan_memcpy+0x6f/0x80 [ 234.946872] nla_put+0x20a/0x2d0 [ 234.950246] br_port_fill_attrs+0x366/0x1ea0 [ 234.954664] br_port_fill_slave_info+0xff/0x120 [ 234.959343] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 234.963682] rtnl_dump_ifinfo+0x18b5/0x2140 [ 234.968021] netlink_dump+0xc79/0x1c90 [ 234.971918] netlink_recvmsg+0xec2/0x19d0 [ 234.976075] sock_recvmsg+0x1d1/0x230 [ 234.979882] ___sys_recvmsg+0x444/0xae0 [ 234.984049] __se_sys_recvmsg+0x2fa/0x450 [ 234.988202] __x64_sys_recvmsg+0x4a/0x70 [ 234.992271] do_syscall_64+0xcf/0x110 [ 234.996080] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 235.001269] [ 235.002895] Local variable description: ----c.i.i@should_fail [ 235.008773] Variable was created at: [ 235.012498] should_fail+0x162/0x13c0 [ 235.016310] __alloc_pages_nodemask+0x73f/0x63e0 [ 235.245638] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 235.871283] 8021q: adding VLAN 0 to HW filter on device bond0 18:14:26 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000000)='trusted.overlay.upper\x00', &(0x7f00000001c0)=ANY=[], 0x0, 0x0) setsockopt(r0, 0x400000000ff, 0x24, &(0x7f0000000040), 0x0) [ 236.026804] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 236.274414] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 236.464141] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 236.473226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 236.595813] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 236.602983] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 236.692749] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 237.075331] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 237.083711] team0: Port device team_slave_0 added [ 237.237412] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 237.245460] team0: Port device team_slave_1 added [ 237.364095] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 237.377041] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 237.384863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 237.474125] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 237.661330] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 237.668714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 237.677373] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 237.812486] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 237.820044] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 237.828910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 238.054218] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 238.062121] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 238.070944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 238.105004] 8021q: adding VLAN 0 to HW filter on device team0 [ 240.194988] bridge0: port 2(bridge_slave_1) entered blocking state [ 240.201462] bridge0: port 2(bridge_slave_1) entered forwarding state [ 240.208488] bridge0: port 1(bridge_slave_0) entered blocking state [ 240.215038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 240.223344] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 240.229955] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 241.767927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 242.507447] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 18:14:33 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1b, 0x7, 0x4}, 0x2c) mknod$loop(&(0x7f0000000140)='./file1\x00', 0x0, 0xffffffffffffffff) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000011c0)={r0, &(0x7f00000001c0)}, 0x10) [ 243.135358] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 243.144912] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 243.152622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 243.612433] 8021q: adding VLAN 0 to HW filter on device team0 [ 246.396351] 8021q: adding VLAN 0 to HW filter on device bond0 18:14:37 executing program 3: unshare(0x28020400) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f00000002c0)=0xffffffffffffffff, 0x0) [ 246.812039] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 247.148387] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 247.154781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 247.162534] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 247.447998] 8021q: adding VLAN 0 to HW filter on device team0 18:14:40 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x1, 0x0) r1 = dup2(r0, r0) ioctl$sock_bt_bnep_BNEPCONNADD(r1, 0x400442c8, &(0x7f0000000000)) 18:14:40 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00'}) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) io_setup(0x7, &(0x7f00000000c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r1, &(0x7f0000000300)}]) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:40 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000039ff8)={0xffffffffffffffff}) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000801ff8)=@file={0x1, './file0\x00'}, 0xa) connect$unix(r0, &(0x7f00000005c0)=@file={0x1, './file0\x00'}, 0x6e) 18:14:40 executing program 2: unshare(0x2000400) r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000000)=0x44) 18:14:40 executing program 3: unshare(0x28020400) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f00000002c0)=0xffffffffffffffff, 0x0) 18:14:40 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000100)=0x4000800000, 0x4) sendto$inet6(r0, &(0x7f00007a8fff), 0x0, 0xfffffefffffffffe, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto(r0, &(0x7f00000001c0)="a0", 0x1, 0x0, &(0x7f0000000240)=@rc, 0x80) sendto$inet6(r0, &(0x7f00000002c0)="15", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local}, 0x1c) 18:14:40 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020d0000100000000000000000000000030006000000000002000000e000000100000000200000000800120002000200000000000000000010000000020300000000000f00000000020000000000000092ab000000000001020014bb000000000000000000000000030005000000000002000000e00000010000000002000000"], 0x80}}, 0x0) 18:14:40 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00'}) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:40 executing program 3: unshare(0x28020400) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f00000002c0)=0xffffffffffffffff, 0x0) 18:14:40 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0x1, 0x0) r1 = dup2(r0, r0) ioctl$KVM_SET_TSC_KHZ(r1, 0xaea2, 0x0) [ 249.778089] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 18:14:40 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00'}) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:41 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={"6e7230010100", 0x2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000100)={0x2, &(0x7f0000000000)=[{0x64, 0x0, 0x0, 0x100000001}, {0x16}]}) 18:14:41 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020d0000100000000000000000000000030006000000000002000000e000000100000000200000000800120002000200000000000000000010000000020300000000000f00000000020000000000000092ab000000000001020014bb000000000000000000000000030005000000000002000000e00000010000000002000000"], 0x80}}, 0x0) [ 250.413358] IPVS: ftp: loaded support on port[0] = 21 [ 251.672869] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.679278] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.687388] device bridge_slave_0 entered promiscuous mode [ 251.760850] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.767310] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.775269] device bridge_slave_1 entered promiscuous mode [ 251.847147] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 251.918388] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 252.136581] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 252.212660] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 252.356024] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 252.363068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 252.584797] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 252.592757] team0: Port device team_slave_0 added [ 252.664344] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 252.672149] team0: Port device team_slave_1 added [ 252.745116] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 252.819746] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 252.896066] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 252.903394] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 252.912160] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 252.984623] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 252.992684] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 253.001344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 253.905486] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.911951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.918658] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.925222] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.933592] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 254.352687] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 255.015838] not chained 30000 origins [ 255.019768] CPU: 1 PID: 8230 Comm: ip Not tainted 4.20.0-rc3+ #89 [ 255.025983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.035321] Call Trace: [ 255.037901] dump_stack+0x32d/0x480 [ 255.041524] ? save_stack_trace+0xc6/0x110 [ 255.045766] kmsan_internal_chain_origin+0x222/0x240 [ 255.050862] ? kmsan_internal_chain_origin+0x136/0x240 [ 255.056127] ? __msan_chain_origin+0x6d/0xb0 [ 255.060558] ? __save_stack_trace+0x833/0xc60 [ 255.065046] ? save_stack_trace+0xc6/0x110 [ 255.069267] ? kmsan_internal_chain_origin+0x136/0x240 [ 255.074529] ? kmsan_memcpy_origins+0x13d/0x190 [ 255.079209] ? __msan_memcpy+0x6f/0x80 [ 255.083086] ? nla_put+0x20a/0x2d0 [ 255.086613] ? br_port_fill_attrs+0x366/0x1ea0 [ 255.091180] ? br_port_fill_slave_info+0xff/0x120 [ 255.096009] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 255.100488] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 255.104968] ? netlink_dump+0xc79/0x1c90 [ 255.109013] ? netlink_recvmsg+0xec2/0x19d0 [ 255.113323] ? sock_recvmsg+0x1d1/0x230 [ 255.117279] ? ___sys_recvmsg+0x444/0xae0 [ 255.121416] ? __se_sys_recvmsg+0x2fa/0x450 [ 255.125725] ? __x64_sys_recvmsg+0x4a/0x70 [ 255.129945] ? do_syscall_64+0xcf/0x110 [ 255.133903] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.139254] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 255.144350] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 255.149618] ? kmsan_internal_chain_origin+0x136/0x240 [ 255.154882] ? __msan_chain_origin+0x6d/0xb0 [ 255.159278] ? save_stack_trace+0xfa/0x110 [ 255.163501] ? kmsan_internal_chain_origin+0x136/0x240 [ 255.168766] ? kmsan_memcpy_origins+0x13d/0x190 [ 255.173427] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 255.178863] ? in_task_stack+0x12c/0x210 [ 255.182918] __msan_chain_origin+0x6d/0xb0 [ 255.187139] ? __msan_memcpy+0x6f/0x80 [ 255.191013] __save_stack_trace+0x8be/0xc60 [ 255.195332] ? __msan_memcpy+0x6f/0x80 [ 255.199207] save_stack_trace+0xc6/0x110 [ 255.203260] kmsan_internal_chain_origin+0x136/0x240 [ 255.208351] ? kmsan_internal_chain_origin+0x136/0x240 [ 255.213614] ? kmsan_memcpy_origins+0x13d/0x190 [ 255.218271] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 255.223629] ? __msan_poison_alloca+0x1e0/0x270 [ 255.228290] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 255.233645] ? find_next_bit+0x25b/0x2a0 [ 255.237691] ? vmalloc_to_page+0x585/0x6c0 [ 255.241914] ? kmsan_set_origin+0x7f/0x100 [ 255.246139] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 255.251509] kmsan_memcpy_origins+0x13d/0x190 [ 255.256010] __msan_memcpy+0x6f/0x80 [ 255.259711] nla_put+0x20a/0x2d0 [ 255.263072] br_port_fill_attrs+0x366/0x1ea0 [ 255.267470] br_port_fill_slave_info+0xff/0x120 [ 255.272130] ? br_port_get_slave_size+0x30/0x30 [ 255.276785] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 255.281111] rtnl_dump_ifinfo+0x18b5/0x2140 [ 255.285454] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 255.290813] ? rtnl_getlink+0xec0/0xec0 [ 255.294777] netlink_dump+0xc79/0x1c90 [ 255.298662] netlink_recvmsg+0xec2/0x19d0 [ 255.302817] sock_recvmsg+0x1d1/0x230 [ 255.306612] ? netlink_sendmsg+0x1440/0x1440 [ 255.311005] ___sys_recvmsg+0x444/0xae0 [ 255.314984] ? __msan_poison_alloca+0x1e0/0x270 [ 255.319645] ? __se_sys_recvmsg+0xca/0x450 [ 255.323872] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 255.329218] ? __fdget+0x23c/0x440 [ 255.332762] __se_sys_recvmsg+0x2fa/0x450 [ 255.336903] __x64_sys_recvmsg+0x4a/0x70 [ 255.340949] do_syscall_64+0xcf/0x110 [ 255.344749] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.349928] RIP: 0033:0x7fa81142d210 [ 255.353629] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24 [ 255.372518] RSP: 002b:00007ffd5e558968 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 255.380216] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa81142d210 [ 255.387486] RDX: 0000000000000000 RSI: 00007ffd5e5589b0 RDI: 0000000000000003 [ 255.394744] RBP: 0000000000001f1c R08: 00007fa8116d6ec8 R09: 00007fa811473800 [ 255.402000] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006395c0 [ 255.409260] R13: 00007ffd5e55ca40 R14: 0000000000001f1c R15: 00007ffd5e55a90c [ 255.416521] Uninit was stored to memory at: [ 255.420836] kmsan_internal_chain_origin+0x136/0x240 [ 255.425929] __msan_chain_origin+0x6d/0xb0 [ 255.430149] __save_stack_trace+0x8be/0xc60 [ 255.434455] save_stack_trace+0xc6/0x110 [ 255.438501] kmsan_internal_chain_origin+0x136/0x240 [ 255.443593] kmsan_memcpy_origins+0x13d/0x190 [ 255.448072] __msan_memcpy+0x6f/0x80 [ 255.451863] nla_put+0x20a/0x2d0 [ 255.455218] br_port_fill_attrs+0x366/0x1ea0 [ 255.459613] br_port_fill_slave_info+0xff/0x120 [ 255.464362] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 255.468666] rtnl_dump_ifinfo+0x18b5/0x2140 [ 255.472970] netlink_dump+0xc79/0x1c90 [ 255.476842] netlink_recvmsg+0xec2/0x19d0 [ 255.480976] sock_recvmsg+0x1d1/0x230 [ 255.484762] ___sys_recvmsg+0x444/0xae0 [ 255.488719] __se_sys_recvmsg+0x2fa/0x450 [ 255.492849] __x64_sys_recvmsg+0x4a/0x70 [ 255.496896] do_syscall_64+0xcf/0x110 [ 255.500683] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.505852] [ 255.507459] Uninit was stored to memory at: [ 255.511782] kmsan_internal_chain_origin+0x136/0x240 [ 255.516883] __msan_chain_origin+0x6d/0xb0 [ 255.521103] __save_stack_trace+0x8be/0xc60 [ 255.525409] save_stack_trace+0xc6/0x110 [ 255.529457] kmsan_internal_chain_origin+0x136/0x240 [ 255.534552] kmsan_memcpy_origins+0x13d/0x190 [ 255.539033] __msan_memcpy+0x6f/0x80 [ 255.542737] nla_put+0x20a/0x2d0 [ 255.546090] br_port_fill_attrs+0x366/0x1ea0 [ 255.550482] br_port_fill_slave_info+0xff/0x120 [ 255.555135] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 255.559452] rtnl_dump_ifinfo+0x18b5/0x2140 [ 255.563759] netlink_dump+0xc79/0x1c90 [ 255.567632] netlink_recvmsg+0xec2/0x19d0 [ 255.571764] sock_recvmsg+0x1d1/0x230 [ 255.575556] ___sys_recvmsg+0x444/0xae0 [ 255.579514] __se_sys_recvmsg+0x2fa/0x450 [ 255.583651] __x64_sys_recvmsg+0x4a/0x70 [ 255.587696] do_syscall_64+0xcf/0x110 [ 255.591500] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.596675] [ 255.598282] Uninit was stored to memory at: [ 255.602591] kmsan_internal_chain_origin+0x136/0x240 [ 255.607681] __msan_chain_origin+0x6d/0xb0 [ 255.611902] __save_stack_trace+0x8be/0xc60 [ 255.616206] save_stack_trace+0xc6/0x110 [ 255.620254] kmsan_internal_chain_origin+0x136/0x240 [ 255.625345] kmsan_memcpy_origins+0x13d/0x190 [ 255.629825] __msan_memcpy+0x6f/0x80 [ 255.633527] nla_put+0x20a/0x2d0 [ 255.636885] br_port_fill_attrs+0x366/0x1ea0 [ 255.641277] br_port_fill_slave_info+0xff/0x120 [ 255.646019] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 255.650339] rtnl_dump_ifinfo+0x18b5/0x2140 [ 255.654646] netlink_dump+0xc79/0x1c90 [ 255.658519] netlink_recvmsg+0xec2/0x19d0 [ 255.662662] sock_recvmsg+0x1d1/0x230 [ 255.666446] ___sys_recvmsg+0x444/0xae0 [ 255.670403] __se_sys_recvmsg+0x2fa/0x450 [ 255.674557] __x64_sys_recvmsg+0x4a/0x70 [ 255.678603] do_syscall_64+0xcf/0x110 [ 255.682389] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.687557] [ 255.689168] Uninit was stored to memory at: [ 255.693475] kmsan_internal_chain_origin+0x136/0x240 [ 255.698567] __msan_chain_origin+0x6d/0xb0 [ 255.702793] __save_stack_trace+0x8be/0xc60 [ 255.707103] save_stack_trace+0xc6/0x110 [ 255.711147] kmsan_internal_chain_origin+0x136/0x240 [ 255.716234] kmsan_memcpy_origins+0x13d/0x190 [ 255.720715] __msan_memcpy+0x6f/0x80 [ 255.724414] nla_put+0x20a/0x2d0 [ 255.727766] br_port_fill_attrs+0x366/0x1ea0 [ 255.732162] br_port_fill_slave_info+0xff/0x120 [ 255.736827] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 255.741133] rtnl_dump_ifinfo+0x18b5/0x2140 [ 255.745442] netlink_dump+0xc79/0x1c90 [ 255.749317] netlink_recvmsg+0xec2/0x19d0 [ 255.753483] sock_recvmsg+0x1d1/0x230 [ 255.757268] ___sys_recvmsg+0x444/0xae0 [ 255.761225] __se_sys_recvmsg+0x2fa/0x450 [ 255.765358] __x64_sys_recvmsg+0x4a/0x70 [ 255.769405] do_syscall_64+0xcf/0x110 [ 255.773196] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.778366] [ 255.779977] Uninit was stored to memory at: [ 255.784285] kmsan_internal_chain_origin+0x136/0x240 [ 255.789378] __msan_chain_origin+0x6d/0xb0 [ 255.794054] __save_stack_trace+0x8be/0xc60 [ 255.798360] save_stack_trace+0xc6/0x110 [ 255.802408] kmsan_internal_chain_origin+0x136/0x240 [ 255.807497] kmsan_memcpy_origins+0x13d/0x190 [ 255.811980] __msan_memcpy+0x6f/0x80 [ 255.815678] nla_put+0x20a/0x2d0 [ 255.819034] br_port_fill_attrs+0x366/0x1ea0 [ 255.823430] br_port_fill_slave_info+0xff/0x120 [ 255.828102] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 255.832413] rtnl_dump_ifinfo+0x18b5/0x2140 [ 255.836719] netlink_dump+0xc79/0x1c90 [ 255.840588] netlink_recvmsg+0xec2/0x19d0 [ 255.844722] sock_recvmsg+0x1d1/0x230 [ 255.848507] ___sys_recvmsg+0x444/0xae0 [ 255.852463] __se_sys_recvmsg+0x2fa/0x450 [ 255.856593] __x64_sys_recvmsg+0x4a/0x70 [ 255.860638] do_syscall_64+0xcf/0x110 [ 255.864429] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.869596] [ 255.871206] Uninit was stored to memory at: [ 255.875512] kmsan_internal_chain_origin+0x136/0x240 [ 255.880603] __msan_chain_origin+0x6d/0xb0 [ 255.884823] __save_stack_trace+0x8be/0xc60 [ 255.889131] save_stack_trace+0xc6/0x110 [ 255.893181] kmsan_internal_chain_origin+0x136/0x240 [ 255.898266] kmsan_memcpy_origins+0x13d/0x190 [ 255.902751] __msan_memcpy+0x6f/0x80 [ 255.906450] nla_put+0x20a/0x2d0 [ 255.909805] br_port_fill_attrs+0x366/0x1ea0 [ 255.914200] br_port_fill_slave_info+0xff/0x120 [ 255.918851] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 255.923161] rtnl_dump_ifinfo+0x18b5/0x2140 [ 255.927468] netlink_dump+0xc79/0x1c90 [ 255.931341] netlink_recvmsg+0xec2/0x19d0 [ 255.935472] sock_recvmsg+0x1d1/0x230 [ 255.939257] ___sys_recvmsg+0x444/0xae0 [ 255.943218] __se_sys_recvmsg+0x2fa/0x450 [ 255.947351] __x64_sys_recvmsg+0x4a/0x70 [ 255.951395] do_syscall_64+0xcf/0x110 [ 255.955183] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.960355] [ 255.961963] Uninit was stored to memory at: [ 255.966269] kmsan_internal_chain_origin+0x136/0x240 [ 255.971355] __msan_chain_origin+0x6d/0xb0 [ 255.975592] __save_stack_trace+0x8be/0xc60 [ 255.979912] save_stack_trace+0xc6/0x110 [ 255.983959] kmsan_internal_chain_origin+0x136/0x240 [ 255.989046] kmsan_memcpy_origins+0x13d/0x190 [ 255.993529] __msan_memcpy+0x6f/0x80 [ 255.997237] nla_put+0x20a/0x2d0 [ 256.000588] br_port_fill_attrs+0x366/0x1ea0 [ 256.004983] br_port_fill_slave_info+0xff/0x120 [ 256.009639] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 256.013945] rtnl_dump_ifinfo+0x18b5/0x2140 [ 256.018253] netlink_dump+0xc79/0x1c90 [ 256.022125] netlink_recvmsg+0xec2/0x19d0 [ 256.026262] sock_recvmsg+0x1d1/0x230 [ 256.030046] ___sys_recvmsg+0x444/0xae0 [ 256.034009] __se_sys_recvmsg+0x2fa/0x450 [ 256.038142] __x64_sys_recvmsg+0x4a/0x70 [ 256.042199] do_syscall_64+0xcf/0x110 [ 256.045999] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 256.051169] [ 256.052783] Local variable description: ----c.i.i@should_fail [ 256.058646] Variable was created at: [ 256.062348] should_fail+0x162/0x13c0 [ 256.066134] __alloc_pages_nodemask+0x73f/0x63e0 [ 257.952611] 8021q: adding VLAN 0 to HW filter on device bond0 [ 258.228358] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 258.502669] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 258.508942] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 258.516845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 258.787342] 8021q: adding VLAN 0 to HW filter on device team0 18:14:51 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'filter\x00'}, 0xffffffffffffffff) 18:14:51 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)) r0 = socket(0x200000000000011, 0x803, 0x0) bind$packet(r0, &(0x7f0000000200), 0x14) getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:51 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x1, 0x44031, 0xffffffffffffffff, 0x0) getsockopt$sock_timeval(r0, 0x1, 0x0, &(0x7f0000000000), &(0x7f0000000100)=0x10) mlock(&(0x7f0000625000/0x1000)=nil, 0x1000) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/netfilter\x00') 18:14:51 executing program 3: unshare(0x28020400) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, &(0x7f00000002c0)=0xffffffffffffffff, 0x0) 18:14:51 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020d0000100000000000000000000000030006000000000002000000e000000100000000200000000800120002000200000000000000000010000000020300000000000f00000000020000000000000092ab000000000001020014bb000000000000000000000000030005000000000002000000e00000010000000002000000"], 0x80}}, 0x0) 18:14:51 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000100)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2e975afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r0, r1, &(0x7f0000000000), 0x7fff) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000200), 0x14) 18:14:51 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r2 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x200}], 0x30}, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r2, &(0x7f0000000c00)={&(0x7f00000005c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000740)=""/78, 0x4e}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, &(0x7f0000000bc0)=""/45, 0x2d}, 0x0) 18:14:52 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000340)=@ipv4_newrule={0x38, 0x20, 0x505, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14}, [@FRA_GENERIC_POLICY=@FRA_L3MDEV={0x8}, @FRA_SRC={0x8, 0x2, @multicast1}, @FRA_FLOW={0x8}]}, 0xfff7}}, 0x0) 18:14:52 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)) r0 = socket(0x200000000000011, 0x803, 0x0) bind$packet(r0, &(0x7f0000000200), 0x14) getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:52 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x4, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x1, @remote}}}, 0x108) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000280), 0x1c) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f000014f000)={&(0x7f00003c7ff4), 0xc, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xfffffffffffffff9) 18:14:52 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020d0000100000000000000000000000030006000000000002000000e000000100000000200000000800120002000200000000000000000010000000020300000000000f00000000020000000000000092ab000000000001020014bb000000000000000000000000030005000000000002000000e00000010000000002000000"], 0x80}}, 0x0) 18:14:52 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x0, 0x0, 0xff, 0x1}, 0x20) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local}, &(0x7f0000000340)=0x20) 18:14:52 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)) r0 = socket(0x200000000000011, 0x803, 0x0) bind$packet(r0, &(0x7f0000000200), 0x14) getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:52 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f0000000400)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1, 0x1}, {{@in=@rand_addr, 0x0, 0x2b}, 0x0, @in6=@mcast2}}, 0xe8) sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0) 18:14:52 executing program 5: r0 = memfd_create(&(0x7f0000000180)='}cgroupcgroup[mime_typevmnet0\x00', 0x6) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execveat(r0, &(0x7f0000000100)='\x00', &(0x7f00000001c0), &(0x7f0000000340), 0x1000) 18:14:52 executing program 3: syz_emit_ethernet(0xcc, &(0x7f0000000000)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0xf000, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x5}}}}}}, 0x0) 18:14:52 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r1}, 0x14) getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:53 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000100)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2e975afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r0, r1, &(0x7f0000000000), 0x7fff) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000200), 0x14) 18:14:53 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0x1, 0x0) r1 = dup2(r0, r0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000040)={[{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]}) 18:14:53 executing program 0: r0 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1}, 0x14) getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:53 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) unshare(0x20400) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000080)=0x12, 0x4) 18:14:53 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000300)) 18:14:53 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") sendmsg$alg(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000a00), 0x191, &(0x7f0000000a80)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmmsg(r1, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000000)=""/84, 0x54}], 0x1, &(0x7f0000000440)=""/45, 0x2d}}], 0x1, 0x0, &(0x7f0000000640)={0x77359400}) 18:14:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x35100}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000031002908000000000000000004000000110002001400010000000000000000000000000000000001"], 0x1}}, 0x0) 18:14:53 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x34000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x2c, 0x29, 0x1, 0x0, 0x0, {0x1}, [@nested={0x18, 0x0, [@typed={0x400b, 0x0, @ipv6=@ipv4={[0x0, 0x0, 0x0, 0x17, 0xf0ffff], [], @remote}}]}]}, 0x2c}}, 0x0) 18:14:53 executing program 0: r0 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1}, 0x14) getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:53 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = syz_open_procfs(0x0, &(0x7f0000000240)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r1, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @dev}}}, 0x98) 18:14:53 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="86"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x10, &(0x7f0000000140), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:14:53 executing program 2: creat(&(0x7f00006e9ff8)='./file0\x00', 0x0) lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000000080)=@known='security.capability\x00', &(0x7f00002b2fec)="0000000201000000000000010400000000000000", 0x14, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) [ 263.007736] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 18:14:54 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000100)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2e975afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r0, r1, &(0x7f0000000000), 0x7fff) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000200), 0x14) 18:14:54 executing program 0: r0 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1}, 0x14) getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:54 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000000)=ANY=[@ANYBLOB="0203000313000000e046c1440000000005000600000000000a0000000000000000000000000000005500000000000009000000000000000005000900ff0000000a00000000000000fe8000000000000000000000000000ff000000000000000002000100000000000000050c0000000005000500000000000a00000000000000ff02000000000000000000000000004100f5ffffff000000"], 0x98}}, 0x0) 18:14:54 executing program 2: creat(&(0x7f00006e9ff8)='./file0\x00', 0x0) lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000000080)=@known='security.capability\x00', &(0x7f00002b2fec)="0000000201000000000000010400000000000000", 0x14, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) 18:14:54 executing program 5: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x7c, 0x0) ioctl$VIDIOC_SUBDEV_G_EDID(r0, 0xc0285628, &(0x7f0000000080)={0x1, 0x1, 0x0, [], &(0x7f0000000040)}) 18:14:54 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="86"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x10, &(0x7f0000000140), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:14:54 executing program 2: creat(&(0x7f00006e9ff8)='./file0\x00', 0x0) lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000000080)=@known='security.capability\x00', &(0x7f00002b2fec)="0000000201000000000000010400000000000000", 0x14, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) [ 263.601753] hrtimer: interrupt took 279469 ns 18:14:54 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="86"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x10, &(0x7f0000000140), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:14:55 executing program 2: creat(&(0x7f00006e9ff8)='./file0\x00', 0x0) lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000000080)=@known='security.capability\x00', &(0x7f00002b2fec)="0000000201000000000000010400000000000000", 0x14, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) 18:14:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="86"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x10, &(0x7f0000000140), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:14:55 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:55 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000100)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2e975afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r0, r1, &(0x7f0000000000), 0x7fff) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000200), 0x14) 18:14:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="86"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x10, &(0x7f0000000140), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:14:55 executing program 3: socketpair(0x15, 0x5, 0x0, &(0x7f0000000040)) 18:14:55 executing program 2: unshare(0x8000400) r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x53, 0x1100082) ioctl$LOOP_GET_STATUS64(r0, 0x4c02, &(0x7f00000004c0)) 18:14:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="86"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x10, &(0x7f0000000140), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:14:55 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:55 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)="00fbfffff4") r1 = openat$cgroup_ro(r0, &(0x7f0000000340)="6d656d00017937737761532e63757289c942abe3fa72656e7400", 0x0, 0x0) preadv(r1, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/81, 0x20000111}], 0x1, 0x2000107c) shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x5000) 18:14:56 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4, 0x248) sendto$inet6(r0, &(0x7f0000000280)="040105000500000000000000ffb25bc202938207d903378c398d5375c5f73f2e55067d2780e19e33e3c2e772050000e8d7cc471600402810fadc5712f295bd0108186575efe5eb8f5972eaecff8b30ac32030e80fa01", 0x56, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x4, @ipv4={[], [], @loopback}}, 0x1c) 18:14:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="86"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x10, &(0x7f0000000140), 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:14:56 executing program 4: sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000001c0)}, 0x0) r0 = socket$inet(0x10, 0x40000000000003, 0x0) ioctl$sock_ifreq(0xffffffffffffffff, 0x0, &(0x7f0000000000)={'nr0\x00', @ifru_addrs=@ax25={0x3, {"7ab762f8a9e01b"}}}) ioctl$sock_ifreq(r0, 0x89f9, &(0x7f0000000180)={'sit0\x00', @ifru_flags}) 18:14:56 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x0, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:56 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000040)={@my=0x0}) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_dgram(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10) r3 = dup2(r2, r1) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r3, 0x28, 0x6, &(0x7f0000000180)={0x0, 0x7530}, 0x10) connect$vsock_dgram(r3, &(0x7f0000000080)={0x28, 0x0, 0x0, @hyper}, 0x10) 18:14:56 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) exit(0x0) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x2a}, &(0x7f0000000200), &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) 18:14:56 executing program 3: unshare(0x28020400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1f) 18:14:56 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:56 executing program 5: unshare(0x2000400) r0 = syz_open_dev$evdev(&(0x7f00000015c0)='/dev/input/event#\x00', 0x2, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, 0xffffffffffffffff) 18:14:56 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)) r0 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1}, 0x14) getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:57 executing program 2: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x3) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB='#!'], 0x2) close(r0) execve(&(0x7f0000000180)='./file0\x00', &(0x7f0000000140), &(0x7f0000000140)) 18:14:57 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8995, &(0x7f00000000c0)={'veth1\x00', @ifru_names='bond_slave_1\x00'}) 18:14:57 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0), 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x400000000001e, &(0x7f0000000040), 0x4) 18:14:57 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)) r0 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1}, 0x14) getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:57 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0), 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x400000000001e, &(0x7f0000000040), 0x4) 18:14:57 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'salsa20-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="b7859cb8eec705f2288a933d6e593ae164c990a016726640c522b60bdfedb810", 0x20) 18:14:57 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000400), 0xc, &(0x7f0000000000)={&(0x7f00000003c0)=@ipv4_newroute={0x1c, 0x18, 0x101, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffff7f}}, 0x1c}}, 0x0) sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) 18:14:57 executing program 2: r0 = socket(0xa, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'veth0_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@mcast1, @empty, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={@loopback, @loopback, @remote, 0x0, 0x0, 0x0, 0x400}) 18:14:57 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000000)=@srh, 0x8) close(r1) 18:14:57 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)) r0 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1}, 0x14) getsockname$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:57 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000080)={0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}) 18:14:57 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0), 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x400000000001e, &(0x7f0000000040), 0x4) 18:14:58 executing program 1: rt_sigsuspend(&(0x7f00000002c0), 0xfffffffffffffc9b) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000b28000)) 18:14:58 executing program 2: r0 = socket$inet(0x2, 0x2, 0x0) bind(r0, &(0x7f0000000080)=@in={0x2, 0x4e20}, 0x7c) sendto$inet(r0, &(0x7f0000000300), 0x0, 0x0, &(0x7f0000000280)={0x2, 0x8004e20}, 0x10) ioctl$int_in(r0, 0x5421, &(0x7f0000000000)=0x80000000) pselect6(0x40, &(0x7f0000000040), &(0x7f00000000c0), &(0x7f0000000100)={0x9}, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) 18:14:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)) sched_getaffinity(0x0, 0x8, &(0x7f0000000040)) 18:14:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) accept4(0xffffffffffffff9c, &(0x7f00000002c0)=@sco, &(0x7f0000000200)=0x80, 0x0) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000340), &(0x7f0000000380)=0x4) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fde000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f0000000140)="66b9c208000066b80500000066ba000000000f3016ab0f306766662e362e0f22570f299508000f080f01df0fc75940640f08", 0x32}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f00000001c0)=0x5000) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000180)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:14:58 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0), 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x400000000001e, &(0x7f0000000040), 0x4) [ 267.271279] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 18:14:58 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:58 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000fe8)) r1 = epoll_create1(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r2, 0x6, 0x12, &(0x7f00000000c0), &(0x7f0000012000)=0xffffffffffffff34) dup3(r1, r0, 0x0) 18:14:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)) sched_getaffinity(0x0, 0x8, &(0x7f0000000040)) 18:14:58 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:58 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000911000)={{&(0x7f00003e3000/0x1000)=nil, 0x1000}, 0x1}) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0xe}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000007c0)={{&(0x7f00004b4000/0x1000)=nil, 0x1000}, 0x1}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000913000)={{&(0x7f00004b3000/0x5000)=nil, 0x5000}, 0x1}) clone(0x0, &(0x7f0000001f37), &(0x7f0000001ffc), &(0x7f0000001000), &(0x7f0000001000)) read(r1, &(0x7f0000000280)=""/100, 0x64) read(r0, &(0x7f00000001c0)=""/100, 0x136) 18:14:58 executing program 2: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x7d, &(0x7f0000000080), 0x8) 18:14:58 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x4000)=nil, 0x4000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000100), &(0x7f0000000140)=0x4) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffb, 0x32, 0xffffffffffffffff, 0x0) close(r0) 18:14:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)) sched_getaffinity(0x0, 0x8, &(0x7f0000000040)) 18:14:59 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast2, 0x0, 0x2b}, 0x0, @in=@local, 0x0, 0x3}}, 0xe8) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000400000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="02120000020000000a000097d3d34473"], 0x10}}, 0x0) recvmmsg(r1, &(0x7f0000000f00), 0x400000000000308, 0x10000, &(0x7f0000001000)={0x77359400}) 18:14:59 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:59 executing program 2: unshare(0x40400) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x17, 0x4) 18:14:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)) sched_getaffinity(0x0, 0x8, &(0x7f0000000040)) 18:14:59 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x4000)=nil, 0x4000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000100), &(0x7f0000000140)=0x4) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffb, 0x32, 0xffffffffffffffff, 0x0) close(r0) 18:14:59 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='coredump_filter\x00') r1 = getpid() write$cgroup_pid(r0, &(0x7f0000000000)=r1, 0x12) 18:14:59 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00'}) bind$packet(r1, &(0x7f0000000200), 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:14:59 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast2, 0x0, 0x2b}, 0x0, @in=@local, 0x0, 0x3}}, 0xe8) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000400000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="02120000020000000a000097d3d34473"], 0x10}}, 0x0) recvmmsg(r1, &(0x7f0000000f00), 0x400000000000308, 0x10000, &(0x7f0000001000)={0x77359400}) 18:14:59 executing program 3: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) read(r0, &(0x7f0000000000)=""/184, 0xb8) 18:14:59 executing program 2: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x6287, 0x0) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f00000000c0)={0x0, 0x4f565559, 0x280, 0x0, 0x0, @stepwise}) 18:15:00 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00'}) bind$packet(r1, &(0x7f0000000200), 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:15:00 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f00000003c0), 0x4) 18:15:00 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast2, 0x0, 0x2b}, 0x0, @in=@local, 0x0, 0x3}}, 0xe8) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000400000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="02120000020000000a000097d3d34473"], 0x10}}, 0x0) recvmmsg(r1, &(0x7f0000000f00), 0x400000000000308, 0x10000, &(0x7f0000001000)={0x77359400}) 18:15:00 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x4000)=nil, 0x4000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000100), &(0x7f0000000140)=0x4) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffb, 0x32, 0xffffffffffffffff, 0x0) close(r0) 18:15:00 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424ab9b3f8683ecf89dee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca9fcf03cbf82bd13534737339245d3c70641be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf3ad8882947ffa1fb4c050727beb12c57e06ff590000000000000000000000000000008924578ad49ea1144c7448d640aa88a66a71b77d73a924ff027fdcb550161653d4cb57088385248286f5be9d8766c70c29e6f5063dfe74a1b0b52079159048210b4d271ac94c889b063ca34a09579af03631f128e6dd2c966daecd7c6f7e0f4ebcaf80250cfab07184838078c71d809d06dc0bac75db814525d1d1acaf4cb6f4890f397382ae636697f688094e38db5c22770f53076c630df9bb4c149189ffa975f52087311c5baafc11c90bdc25fc803b71153ddc3995b2df49cdd784bc5bea40861070dadb395e85c93cdfa08e") mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffc, 0x12, r0, 0x0) r1 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r1, 0x10d, 0x2000000e0, &(0x7f0000000000), &(0x7f0000000240)=0x4) 18:15:00 executing program 4: r0 = socket(0x40000000001e, 0x1, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x4000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000040)) 18:15:00 executing program 3: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x357, 0x0, {0xa, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [], 0x10001}}}) 18:15:00 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast2, 0x0, 0x2b}, 0x0, @in=@local, 0x0, 0x3}}, 0xe8) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000400000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="02120000020000000a000097d3d34473"], 0x10}}, 0x0) recvmmsg(r1, &(0x7f0000000f00), 0x400000000000308, 0x10000, &(0x7f0000001000)={0x77359400}) 18:15:00 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00'}) bind$packet(r1, &(0x7f0000000200), 0x14) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:15:00 executing program 2: r0 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r0, &(0x7f0000000380)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r1 = dup(r0) sendto$inet6(r0, &(0x7f0000000080), 0x0, 0x20000007, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000007c0)=0x80, 0x4) socket$inet6(0xa, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$l2tp(0x18, 0x1, 0x1) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000005c0), &(0x7f0000000680)=0xb0) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") ftruncate(0xffffffffffffffff, 0x0) setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f00000001c0)=@assoc_value, 0x8) perf_event_open(&(0x7f0000000140)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) listen(0xffffffffffffffff, 0x0) accept4(0xffffffffffffffff, &(0x7f0000000340)=@alg, &(0x7f0000000040)=0x80, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000100)=ANY=[], &(0x7f0000000280)) r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) flistxattr(r0, &(0x7f0000000000)=""/199, 0xc7) ftruncate(r3, 0x2007ffb) sendfile(r1, r3, &(0x7f0000d83ff8)=0x54, 0x87ff7) 18:15:00 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x4000)=nil, 0x4000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000100), &(0x7f0000000140)=0x4) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffb, 0x32, 0xffffffffffffffff, 0x0) close(r0) 18:15:00 executing program 4: unshare(0x20400) r0 = socket$inet_tcp(0x2, 0x1, 0x0) lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200)=@known='trusted.overlay.nlink\x00') ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f0000000300)={0x23c, &(0x7f0000000340)=[{}]}) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000180)={0x11, @multicast1, 0x0, 0x0, 'nq\x00', 0x0, 0x80}, 0x2c) ioctl$sock_bt_hidp_HIDPGETCONNLIST(0xffffffffffffffff, 0x800448d2, &(0x7f0000000240)={0x2, &(0x7f0000000040)=[{}, {}]}) listxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000400)=""/224, 0xe0) 18:15:01 executing program 1: r0 = socket$kcm(0x29, 0x5, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x0, &(0x7f0000000080)={@multicast1, @dev}, &(0x7f00000000c0)=0xc) 18:15:01 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23}, 0x1c) listen(r0, 0x800000002) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) dup2(r1, r0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0x14) 18:15:01 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket(0x200000000000011, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2}, 0x14) getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) 18:15:01 executing program 5: io_setup(0x7, &(0x7f00000001c0)=0x0) r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x0, 0x0) close(r1) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) io_submit(r0, 0x1, &(0x7f0000000b00)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 18:15:01 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'sit0\x00', 0xfffffffffffffffe}) sigaltstack(&(0x7f0000000000/0x3000)=nil, &(0x7f0000000040)) sigaltstack(&(0x7f0000000000/0x1000)=nil, &(0x7f00005d6000)) 18:15:01 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000700)={'syzkaller0\x00', &(0x7f0000000640)=@ethtool_gstrings={0x1b, 0x7f, 0x3b, "9f7fc1b7e42c25020c0658ebf88d730f5e58bf851d781959e7882f34d5be5131679f4b14e43c6267adb36b12ccf1c0f93fb6f43dc149c449920c8b"}}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb) r1 = dup2(r0, r0) connect$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040)={0x1f, {0x0, 0x5c, 0x8, 0x0, 0x0, 0x8}}, 0xa) write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000580)={0xe, 0x1, 0x20, 0x1}, 0xc) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000000)={'team0\x00', 0x892}) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280)) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000006c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200001}, 0xc, &(0x7f0000000300)={&(0x7f0000000480)={0x5c, r2, 0x220, 0x0, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6000000}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x400}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfffffffffffffff9}]}]}, 0x5c}}, 0x800) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000440)={'tunl0\x00'}) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000005c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="3906145d8dc556bae92245070000005fec0a0469123a7d1c3550d6011655f9b5862b587ba826ce7b739a1180216cca93d49e119024a0e13e53a1bb8cedd7e5a471feb00b8ba4d915c3947ac5d9bf90d506058ee44fc7b0ddc58985fd197ebd11fa4e3403953887e2322e14a68ee3476df60695f0623c678b308715b114f2729deed7e0179c21c37fe0e25beab5101a9e63cd99b916988d78b76f971987ced6fbe953141f87528c635102eb15685202e35b0474f5902bc3ca8c89cfac8894a8ec5b34075457236dc329a0693f5764f3991cfa5edf6208172f"], 0x1}}, 0x44801) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[]}}, 0x40002) sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80050}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, r2, 0x828, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000881}, 0x40804) ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e20, @rand_addr=0x401}, {0x1, @link_local}, 0x2, {0x2, 0x4e24, @loopback}, 'team_slave_0\x00'}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000380), 0xfdf5) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0xc, 0x0, @empty, [0x0, 0x3e8]}, 0x0) getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)=""/39, &(0x7f00000003c0)=0x27) clock_gettime(0x0, &(0x7f0000000240)) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f00000008c0)=@req={0xfffffffffffeffff, 0x8, 0x8, 0x8}, 0x10) 18:15:01 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='dctcp\x00', 0x6) sendto$inet(r0, &(0x7f00000001c0), 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f00000005c0)="1a8c443d3a568c81cc096aa87ddab0f1b182da383fd71795f41053261e63b0b9f1283f7431b6146106716c21b43625f9194bf4b6a5dba53c46b82862a2f804121cda7e6be8fd507bb1545de629746d878f10be8036e98a270c42d6458f97b342303464e94ccb6d6f4f81941e3f3fa371596cdf17e160c992140c9dc81362f019f017", 0x82, 0x0, &(0x7f0000000100)={0x2, 0x0, @multicast2}, 0x10) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/226, 0xfffffd85}], 0x1) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) recvfrom(r0, &(0x7f0000000380)=""/239, 0xff4e, 0x0, 0x0, 0x307) close(r0) 18:15:01 executing program 0: r0 = socket$nl_generic(0xa, 0x3, 0x10) fgetxattr(r0, &(0x7f0000000200)=@random={'btrfs.', "276b657972696e67656d302d776c616e30776c616e312628656d31707070312647504cd92c5c40707070317b6d696d655f747970652800"}, &(0x7f0000000340)=""/110, 0x6e) 18:15:01 executing program 5: socketpair(0x0, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x2102001fbb, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000180)=0x200) fcntl$setownex(r1, 0xf, &(0x7f00000001c0)) connect(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x3b6) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r2, 0x0, 0x60, &(0x7f0000000080)={0x0, @local, 0x0, 0x0, 'fo\x00', 0x0, 0xffffffff, 0x100003f00}, 0x2c) 18:15:01 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23}, 0x1c) listen(r0, 0x800000002) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) dup2(r1, r0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0x14) 18:15:02 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000000, 0x800002c0, 0x40000001]}) 18:15:02 executing program 0: r0 = socket$nl_generic(0xa, 0x3, 0x10) fgetxattr(r0, &(0x7f0000000200)=@random={'btrfs.', "276b657972696e67656d302d776c616e30776c616e312628656d31707070312647504cd92c5c40707070317b6d696d655f747970652800"}, &(0x7f0000000340)=""/110, 0x6e) 18:15:02 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23}, 0x1c) listen(r0, 0x800000002) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) dup2(r1, r0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0x14) 18:15:02 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='dctcp\x00', 0x6) sendto$inet(r0, &(0x7f00000001c0), 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f00000005c0)="1a8c443d3a568c81cc096aa87ddab0f1b182da383fd71795f41053261e63b0b9f1283f7431b6146106716c21b43625f9194bf4b6a5dba53c46b82862a2f804121cda7e6be8fd507bb1545de629746d878f10be8036e98a270c42d6458f97b342303464e94ccb6d6f4f81941e3f3fa371596cdf17e160c992140c9dc81362f019f017", 0x82, 0x0, &(0x7f0000000100)={0x2, 0x0, @multicast2}, 0x10) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/226, 0xfffffd85}], 0x1) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) recvfrom(r0, &(0x7f0000000380)=""/239, 0xff4e, 0x0, 0x0, 0x307) close(r0) 18:15:02 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000700)={'syzkaller0\x00', &(0x7f0000000640)=@ethtool_gstrings={0x1b, 0x7f, 0x3b, "9f7fc1b7e42c25020c0658ebf88d730f5e58bf851d781959e7882f34d5be5131679f4b14e43c6267adb36b12ccf1c0f93fb6f43dc149c449920c8b"}}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb) r1 = dup2(r0, r0) connect$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040)={0x1f, {0x0, 0x5c, 0x8, 0x0, 0x0, 0x8}}, 0xa) write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000580)={0xe, 0x1, 0x20, 0x1}, 0xc) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000000)={'team0\x00', 0x892}) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280)) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000006c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200001}, 0xc, &(0x7f0000000300)={&(0x7f0000000480)={0x5c, r2, 0x220, 0x0, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6000000}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x400}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfffffffffffffff9}]}]}, 0x5c}}, 0x800) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000440)={'tunl0\x00'}) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000005c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="3906145d8dc556bae92245070000005fec0a0469123a7d1c3550d6011655f9b5862b587ba826ce7b739a1180216cca93d49e119024a0e13e53a1bb8cedd7e5a471feb00b8ba4d915c3947ac5d9bf90d506058ee44fc7b0ddc58985fd197ebd11fa4e3403953887e2322e14a68ee3476df60695f0623c678b308715b114f2729deed7e0179c21c37fe0e25beab5101a9e63cd99b916988d78b76f971987ced6fbe953141f87528c635102eb15685202e35b0474f5902bc3ca8c89cfac8894a8ec5b34075457236dc329a0693f5764f3991cfa5edf6208172f"], 0x1}}, 0x44801) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[]}}, 0x40002) sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80050}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, r2, 0x828, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000881}, 0x40804) ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e20, @rand_addr=0x401}, {0x1, @link_local}, 0x2, {0x2, 0x4e24, @loopback}, 'team_slave_0\x00'}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000380), 0xfdf5) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0xc, 0x0, @empty, [0x0, 0x3e8]}, 0x0) getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)=""/39, &(0x7f00000003c0)=0x27) clock_gettime(0x0, &(0x7f0000000240)) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f00000008c0)=@req={0xfffffffffffeffff, 0x8, 0x8, 0x8}, 0x10) 18:15:02 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000000, 0x800002c0, 0x40000001]}) 18:15:02 executing program 0: r0 = socket$nl_generic(0xa, 0x3, 0x10) fgetxattr(r0, &(0x7f0000000200)=@random={'btrfs.', "276b657972696e67656d302d776c616e30776c616e312628656d31707070312647504cd92c5c40707070317b6d696d655f747970652800"}, &(0x7f0000000340)=""/110, 0x6e) 18:15:02 executing program 5: socketpair(0x0, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x2102001fbb, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000180)=0x200) fcntl$setownex(r1, 0xf, &(0x7f00000001c0)) connect(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x3b6) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r2, 0x0, 0x60, &(0x7f0000000080)={0x0, @local, 0x0, 0x0, 'fo\x00', 0x0, 0xffffffff, 0x100003f00}, 0x2c) 18:15:02 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23}, 0x1c) listen(r0, 0x800000002) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) dup2(r1, r0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0x14) 18:15:03 executing program 5: socketpair(0x0, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x2102001fbb, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000180)=0x200) fcntl$setownex(r1, 0xf, &(0x7f00000001c0)) connect(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x3b6) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r2, 0x0, 0x60, &(0x7f0000000080)={0x0, @local, 0x0, 0x0, 'fo\x00', 0x0, 0xffffffff, 0x100003f00}, 0x2c) 18:15:03 executing program 0: r0 = socket$nl_generic(0xa, 0x3, 0x10) fgetxattr(r0, &(0x7f0000000200)=@random={'btrfs.', "276b657972696e67656d302d776c616e30776c616e312628656d31707070312647504cd92c5c40707070317b6d696d655f747970652800"}, &(0x7f0000000340)=""/110, 0x6e) 18:15:03 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000000, 0x800002c0, 0x40000001]}) 18:15:03 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='dctcp\x00', 0x6) sendto$inet(r0, &(0x7f00000001c0), 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f00000005c0)="1a8c443d3a568c81cc096aa87ddab0f1b182da383fd71795f41053261e63b0b9f1283f7431b6146106716c21b43625f9194bf4b6a5dba53c46b82862a2f804121cda7e6be8fd507bb1545de629746d878f10be8036e98a270c42d6458f97b342303464e94ccb6d6f4f81941e3f3fa371596cdf17e160c992140c9dc81362f019f017", 0x82, 0x0, &(0x7f0000000100)={0x2, 0x0, @multicast2}, 0x10) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/226, 0xfffffd85}], 0x1) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) recvfrom(r0, &(0x7f0000000380)=""/239, 0xff4e, 0x0, 0x0, 0x307) close(r0) 18:15:03 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000700)={'syzkaller0\x00', &(0x7f0000000640)=@ethtool_gstrings={0x1b, 0x7f, 0x3b, "9f7fc1b7e42c25020c0658ebf88d730f5e58bf851d781959e7882f34d5be5131679f4b14e43c6267adb36b12ccf1c0f93fb6f43dc149c449920c8b"}}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb) r1 = dup2(r0, r0) connect$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040)={0x1f, {0x0, 0x5c, 0x8, 0x0, 0x0, 0x8}}, 0xa) write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000580)={0xe, 0x1, 0x20, 0x1}, 0xc) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000000)={'team0\x00', 0x892}) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280)) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000006c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200001}, 0xc, &(0x7f0000000300)={&(0x7f0000000480)={0x5c, r2, 0x220, 0x0, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6000000}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x400}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfffffffffffffff9}]}]}, 0x5c}}, 0x800) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000440)={'tunl0\x00'}) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000005c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="3906145d8dc556bae92245070000005fec0a0469123a7d1c3550d6011655f9b5862b587ba826ce7b739a1180216cca93d49e119024a0e13e53a1bb8cedd7e5a471feb00b8ba4d915c3947ac5d9bf90d506058ee44fc7b0ddc58985fd197ebd11fa4e3403953887e2322e14a68ee3476df60695f0623c678b308715b114f2729deed7e0179c21c37fe0e25beab5101a9e63cd99b916988d78b76f971987ced6fbe953141f87528c635102eb15685202e35b0474f5902bc3ca8c89cfac8894a8ec5b34075457236dc329a0693f5764f3991cfa5edf6208172f"], 0x1}}, 0x44801) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[]}}, 0x40002) sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80050}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, r2, 0x828, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000881}, 0x40804) ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e20, @rand_addr=0x401}, {0x1, @link_local}, 0x2, {0x2, 0x4e24, @loopback}, 'team_slave_0\x00'}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000380), 0xfdf5) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0xc, 0x0, @empty, [0x0, 0x3e8]}, 0x0) getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)=""/39, &(0x7f00000003c0)=0x27) clock_gettime(0x0, &(0x7f0000000240)) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f00000008c0)=@req={0xfffffffffffeffff, 0x8, 0x8, 0x8}, 0x10) 18:15:03 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0x9) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3a, &(0x7f00000002c0)=0x8, 0x4) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) read(r0, &(0x7f0000000380)=""/172, 0xffffff88) 18:15:03 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mount(&(0x7f0000000000)=@md0='/dev/md0\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffffff, 0x0, &(0x7f0000000100)='vmnet1\'-vmnet0\\\\\'cgroup\x00') [ 272.595020] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 18:15:03 executing program 5: socketpair(0x0, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x2102001fbb, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000180)=0x200) fcntl$setownex(r1, 0xf, &(0x7f00000001c0)) connect(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x3b6) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r2, 0x0, 0x60, &(0x7f0000000080)={0x0, @local, 0x0, 0x0, 'fo\x00', 0x0, 0xffffffff, 0x100003f00}, 0x2c) 18:15:03 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000000, 0x800002c0, 0x40000001]}) 18:15:04 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000140)=""/28, 0x1c) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000008f80)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f00000001c0), &(0x7f0000000200)=0x4) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000000)={0xbf, @time={0x0, 0x1c9c380}}) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f00000000c0)={0xa7}) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{}, {0x0, 0x1c9c380}}, &(0x7f0000000180)) tkill(r2, 0x1000000000013) 18:15:04 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='dctcp\x00', 0x6) sendto$inet(r0, &(0x7f00000001c0), 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f00000005c0)="1a8c443d3a568c81cc096aa87ddab0f1b182da383fd71795f41053261e63b0b9f1283f7431b6146106716c21b43625f9194bf4b6a5dba53c46b82862a2f804121cda7e6be8fd507bb1545de629746d878f10be8036e98a270c42d6458f97b342303464e94ccb6d6f4f81941e3f3fa371596cdf17e160c992140c9dc81362f019f017", 0x82, 0x0, &(0x7f0000000100)={0x2, 0x0, @multicast2}, 0x10) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/226, 0xfffffd85}], 0x1) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) recvfrom(r0, &(0x7f0000000380)=""/239, 0xff4e, 0x0, 0x0, 0x307) close(r0) 18:15:04 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0x9) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3a, &(0x7f00000002c0)=0x8, 0x4) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) read(r0, &(0x7f0000000380)=""/172, 0xffffff88) 18:15:04 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0x9) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3a, &(0x7f00000002c0)=0x8, 0x4) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) read(r0, &(0x7f0000000380)=""/172, 0xffffff88) 18:15:04 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000340)='yeah\x00', 0x5) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x2000ff0f, &(0x7f0000e68000)={0x2, 0x4004e23, @local, [0x0, 0x0, 0x0, 0x2c01000000000000]}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf6, &(0x7f0000000500)=[{&(0x7f0000003ac0)=""/4096, 0xfffffe44}], 0x1, &(0x7f0000000200)=""/20, 0xd2}, 0x100) [ 273.919043] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 18:15:05 executing program 4: r0 = socket(0x40000000015, 0x5, 0x0) unshare(0x600) getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4) 18:15:05 executing program 0: r0 = socket$inet6(0xa, 0x40000000003, 0x4000200000087) sendto(r0, &(0x7f0000000340)='A\x00\x00\x00', 0x4, 0xfffffffffffffffc, &(0x7f0000000140)=@nl=@unspec, 0x80) 18:15:06 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000700)={'syzkaller0\x00', &(0x7f0000000640)=@ethtool_gstrings={0x1b, 0x7f, 0x3b, "9f7fc1b7e42c25020c0658ebf88d730f5e58bf851d781959e7882f34d5be5131679f4b14e43c6267adb36b12ccf1c0f93fb6f43dc149c449920c8b"}}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb) r1 = dup2(r0, r0) connect$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040)={0x1f, {0x0, 0x5c, 0x8, 0x0, 0x0, 0x8}}, 0xa) write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000580)={0xe, 0x1, 0x20, 0x1}, 0xc) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000000)={'team0\x00', 0x892}) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280)) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000006c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200001}, 0xc, &(0x7f0000000300)={&(0x7f0000000480)={0x5c, r2, 0x220, 0x0, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6000000}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x400}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfffffffffffffff9}]}]}, 0x5c}}, 0x800) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000440)={'tunl0\x00'}) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000005c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="3906145d8dc556bae92245070000005fec0a0469123a7d1c3550d6011655f9b5862b587ba826ce7b739a1180216cca93d49e119024a0e13e53a1bb8cedd7e5a471feb00b8ba4d915c3947ac5d9bf90d506058ee44fc7b0ddc58985fd197ebd11fa4e3403953887e2322e14a68ee3476df60695f0623c678b308715b114f2729deed7e0179c21c37fe0e25beab5101a9e63cd99b916988d78b76f971987ced6fbe953141f87528c635102eb15685202e35b0474f5902bc3ca8c89cfac8894a8ec5b34075457236dc329a0693f5764f3991cfa5edf6208172f"], 0x1}}, 0x44801) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[]}}, 0x40002) sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80050}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, r2, 0x828, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000881}, 0x40804) ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e20, @rand_addr=0x401}, {0x1, @link_local}, 0x2, {0x2, 0x4e24, @loopback}, 'team_slave_0\x00'}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000380), 0xfdf5) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0xc, 0x0, @empty, [0x0, 0x3e8]}, 0x0) getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)=""/39, &(0x7f00000003c0)=0x27) clock_gettime(0x0, &(0x7f0000000240)) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f00000008c0)=@req={0xfffffffffffeffff, 0x8, 0x8, 0x8}, 0x10) 18:15:06 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0x9) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3a, &(0x7f00000002c0)=0x8, 0x4) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) read(r0, &(0x7f0000000380)=""/172, 0xffffff88) 18:15:06 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0x9) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3a, &(0x7f00000002c0)=0x8, 0x4) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) read(r0, &(0x7f0000000380)=""/172, 0xffffff88) 18:15:06 executing program 1: r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000000), 0x1c) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) sendmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000002d40), 0x2bc}}, {{0x0, 0x0, &(0x7f0000000040), 0x361, &(0x7f0000000140)}}], 0x40001ab, 0x0) 18:15:06 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000340)="580000001400192340834b84043f679a10f61bcdf1e422000000000100804824ca945f64009400050028925aaa00ffb0c3c1654839dc78bb8083771ad9910000000000008400f0fffeff2c5d143f44ff04fffffffff40001", 0x58}], 0x1) 18:15:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000200)=ANY=[@ANYBLOB="05000000000000000d000040050000a90000000000000000000000400000000001"]) ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f00000022c0)={0x0, 0x0, 0x2080}) [ 275.604678] not chained 40000 origins [ 275.608553] CPU: 0 PID: 8940 Comm: syz-executor3 Not tainted 4.20.0-rc3+ #89 [ 275.615747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.625102] Call Trace: [ 275.627706] dump_stack+0x32d/0x480 [ 275.631355] kmsan_internal_chain_origin+0x222/0x240 [ 275.636491] ? save_stack_trace+0xc6/0x110 [ 275.640743] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 275.645863] ? kmsan_internal_chain_origin+0x90/0x240 [ 275.651078] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 275.656453] ? is_bpf_text_address+0x49e/0x4d0 [ 275.661049] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 275.666508] ? in_task_stack+0x12c/0x210 [ 275.670593] __msan_chain_origin+0x6d/0xb0 [ 275.674842] ? tcp_send_synack+0x7a3/0x18f0 [ 275.679174] __save_stack_trace+0x8be/0xc60 [ 275.683527] ? tcp_send_synack+0x7a3/0x18f0 [ 275.687869] save_stack_trace+0xc6/0x110 [ 275.691955] kmsan_internal_chain_origin+0x136/0x240 [ 275.697077] ? kmsan_internal_chain_origin+0x136/0x240 [ 275.702360] ? kmsan_memcpy_origins+0x13d/0x190 [ 275.707037] ? __msan_memcpy+0x6f/0x80 [ 275.710933] ? skb_copy_bits+0x1d2/0xc90 [ 275.715008] ? skb_copy+0x56c/0xba0 [ 275.718644] ? tcp_send_synack+0x7a3/0x18f0 [ 275.722981] ? tcp_rcv_state_process+0x275d/0x6c60 [ 275.727923] ? tcp_v4_do_rcv+0xb25/0xd80 [ 275.731999] ? __release_sock+0x32d/0x750 [ 275.736142] ? release_sock+0x99/0x2a0 [ 275.740028] ? __inet_stream_connect+0xdff/0x15d0 [ 275.744871] ? tcp_sendmsg_locked+0x6655/0x6c30 [ 275.749536] ? tcp_sendmsg+0xb2/0x100 [ 275.753360] ? inet_sendmsg+0x4e9/0x800 [ 275.757336] ? __sys_sendto+0x940/0xb80 [ 275.761312] ? __se_sys_sendto+0x107/0x130 [ 275.765555] ? __x64_sys_sendto+0x6e/0x90 [ 275.769714] ? do_syscall_64+0xcf/0x110 [ 275.773688] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 275.779051] ? memcg_kmem_put_cache+0x73/0x460 [ 275.783645] ? __kmalloc_node_track_caller+0x1010/0x14e0 [ 275.789101] ? __msan_get_context_state+0x9/0x20 [ 275.793852] ? INIT_INT+0xc/0x30 [ 275.797227] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 275.802591] ? __msan_get_context_state+0x9/0x20 [ 275.807359] kmsan_memcpy_origins+0x13d/0x190 [ 275.811859] __msan_memcpy+0x6f/0x80 [ 275.815820] skb_copy_bits+0x1d2/0xc90 [ 275.819721] skb_copy+0x56c/0xba0 [ 275.823182] tcp_send_synack+0x7a3/0x18f0 [ 275.827331] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 275.832793] tcp_rcv_state_process+0x275d/0x6c60 [ 275.837576] tcp_v4_do_rcv+0xb25/0xd80 [ 275.841463] ? __local_bh_enable_ip+0x11f/0x260 [ 275.846131] ? inet_sk_rx_dst_set+0x200/0x200 [ 275.850626] __release_sock+0x32d/0x750 [ 275.854609] release_sock+0x99/0x2a0 [ 275.858322] __inet_stream_connect+0xdff/0x15d0 [ 275.863004] ? wait_woken+0x5b0/0x5b0 [ 275.866812] tcp_sendmsg_locked+0x6655/0x6c30 [ 275.871309] ? aa_label_sk_perm+0xda/0x960 [ 275.875563] ? kmsan_set_origin+0x7f/0x100 [ 275.879810] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 275.885177] ? __msan_poison_alloca+0x1e0/0x270 [ 275.889847] ? __local_bh_enable_ip+0x46/0x260 [ 275.894439] ? __msan_poison_alloca+0x1e0/0x270 [ 275.899107] tcp_sendmsg+0xb2/0x100 [ 275.902737] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 275.907402] inet_sendmsg+0x4e9/0x800 [ 275.911205] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 275.916574] ? security_socket_sendmsg+0x1bd/0x200 [ 275.921767] ? inet_getname+0x490/0x490 [ 275.925742] __sys_sendto+0x940/0xb80 [ 275.929564] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 275.935011] ? prepare_exit_to_usermode+0x182/0x4c0 [ 275.940032] __se_sys_sendto+0x107/0x130 [ 275.944100] __x64_sys_sendto+0x6e/0x90 [ 275.948068] do_syscall_64+0xcf/0x110 [ 275.951869] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 275.957056] RIP: 0033:0x457569 [ 275.960244] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 275.979138] RSP: 002b:00007f36711adc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 275.986840] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 275.994103] RDX: fffffffffffffeb4 RSI: 0000000020000200 RDI: 0000000000000003 [ 276.001367] RBP: 000000000072bf00 R08: 0000000020db4ff0 R09: 0000000000000010 [ 276.008633] R10: 0000000020008011 R11: 0000000000000246 R12: 00007f36711ae6d4 [ 276.015894] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 276.023166] Uninit was stored to memory at: [ 276.027485] kmsan_internal_chain_origin+0x136/0x240 [ 276.032586] __msan_chain_origin+0x6d/0xb0 [ 276.036820] __save_stack_trace+0x8be/0xc60 [ 276.041133] save_stack_trace+0xc6/0x110 [ 276.045192] kmsan_internal_chain_origin+0x136/0x240 [ 276.050292] kmsan_memcpy_origins+0x13d/0x190 [ 276.054783] __msan_memcpy+0x6f/0x80 [ 276.058497] skb_copy_bits+0x1d2/0xc90 [ 276.062378] skb_copy+0x56c/0xba0 [ 276.065825] tcp_send_synack+0x7a3/0x18f0 [ 276.069973] tcp_rcv_state_process+0x275d/0x6c60 [ 276.074724] tcp_v4_do_rcv+0xb25/0xd80 [ 276.078617] __release_sock+0x32d/0x750 [ 276.082583] release_sock+0x99/0x2a0 [ 276.086301] __inet_stream_connect+0xdff/0x15d0 [ 276.090984] tcp_sendmsg_locked+0x6655/0x6c30 [ 276.095472] tcp_sendmsg+0xb2/0x100 [ 276.099095] inet_sendmsg+0x4e9/0x800 [ 276.102900] __sys_sendto+0x940/0xb80 [ 276.106696] __se_sys_sendto+0x107/0x130 [ 276.110757] __x64_sys_sendto+0x6e/0x90 [ 276.114730] do_syscall_64+0xcf/0x110 [ 276.118528] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 276.123710] [ 276.125329] Uninit was stored to memory at: [ 276.129644] kmsan_internal_chain_origin+0x136/0x240 [ 276.134741] __msan_chain_origin+0x6d/0xb0 [ 276.138971] __save_stack_trace+0x8be/0xc60 [ 276.143296] save_stack_trace+0xc6/0x110 [ 276.147366] kmsan_internal_chain_origin+0x136/0x240 [ 276.152484] kmsan_memcpy_origins+0x13d/0x190 [ 276.156974] __msan_memcpy+0x6f/0x80 [ 276.160681] skb_copy_bits+0x1d2/0xc90 [ 276.164567] skb_copy+0x56c/0xba0 [ 276.168014] tcp_send_synack+0x7a3/0x18f0 [ 276.172155] tcp_rcv_state_process+0x275d/0x6c60 [ 276.176905] tcp_v4_do_rcv+0xb25/0xd80 [ 276.180784] __release_sock+0x32d/0x750 [ 276.184752] release_sock+0x99/0x2a0 [ 276.188462] __inet_stream_connect+0xdff/0x15d0 [ 276.193216] tcp_sendmsg_locked+0x6655/0x6c30 [ 276.197704] tcp_sendmsg+0xb2/0x100 [ 276.201322] inet_sendmsg+0x4e9/0x800 [ 276.205120] __sys_sendto+0x940/0xb80 [ 276.208915] __se_sys_sendto+0x107/0x130 [ 276.212970] __x64_sys_sendto+0x6e/0x90 [ 276.216947] do_syscall_64+0xcf/0x110 [ 276.220744] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 276.225917] [ 276.227536] Uninit was stored to memory at: [ 276.231862] kmsan_internal_chain_origin+0x136/0x240 [ 276.236959] __msan_chain_origin+0x6d/0xb0 [ 276.241185] __save_stack_trace+0x8be/0xc60 [ 276.245498] save_stack_trace+0xc6/0x110 [ 276.249560] kmsan_internal_chain_origin+0x136/0x240 [ 276.254661] kmsan_memcpy_origins+0x13d/0x190 [ 276.259150] __msan_memcpy+0x6f/0x80 [ 276.262859] skb_copy_bits+0x1d2/0xc90 [ 276.266742] skb_copy+0x56c/0xba0 [ 276.270186] tcp_send_synack+0x7a3/0x18f0 [ 276.274328] tcp_rcv_state_process+0x275d/0x6c60 [ 276.279076] tcp_v4_do_rcv+0xb25/0xd80 [ 276.282955] __release_sock+0x32d/0x750 [ 276.286922] release_sock+0x99/0x2a0 [ 276.290630] __inet_stream_connect+0xdff/0x15d0 [ 276.295291] tcp_sendmsg_locked+0x6655/0x6c30 [ 276.299784] tcp_sendmsg+0xb2/0x100 [ 276.303409] inet_sendmsg+0x4e9/0x800 [ 276.307205] __sys_sendto+0x940/0xb80 [ 276.311001] __se_sys_sendto+0x107/0x130 [ 276.315058] __x64_sys_sendto+0x6e/0x90 [ 276.319028] do_syscall_64+0xcf/0x110 [ 276.322832] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 276.328016] [ 276.329643] Uninit was stored to memory at: [ 276.333979] kmsan_internal_chain_origin+0x136/0x240 [ 276.339078] __msan_chain_origin+0x6d/0xb0 [ 276.343305] __save_stack_trace+0x8be/0xc60 [ 276.347621] save_stack_trace+0xc6/0x110 [ 276.351679] kmsan_internal_chain_origin+0x136/0x240 [ 276.356774] kmsan_memcpy_origins+0x13d/0x190 [ 276.361278] __msan_memcpy+0x6f/0x80 [ 276.364988] skb_copy_bits+0x1d2/0xc90 [ 276.368870] skb_copy+0x56c/0xba0 [ 276.372320] tcp_send_synack+0x7a3/0x18f0 [ 276.376479] tcp_rcv_state_process+0x275d/0x6c60 [ 276.381225] tcp_v4_do_rcv+0xb25/0xd80 [ 276.385107] __release_sock+0x32d/0x750 [ 276.389071] release_sock+0x99/0x2a0 [ 276.392783] __inet_stream_connect+0xdff/0x15d0 [ 276.397452] tcp_sendmsg_locked+0x6655/0x6c30 [ 276.401943] tcp_sendmsg+0xb2/0x100 [ 276.405573] inet_sendmsg+0x4e9/0x800 [ 276.409383] __sys_sendto+0x940/0xb80 [ 276.413181] __se_sys_sendto+0x107/0x130 [ 276.417234] __x64_sys_sendto+0x6e/0x90 [ 276.421207] do_syscall_64+0xcf/0x110 [ 276.425004] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 276.430178] [ 276.431794] Uninit was stored to memory at: [ 276.436115] kmsan_internal_chain_origin+0x136/0x240 [ 276.441215] __msan_chain_origin+0x6d/0xb0 [ 276.445461] __save_stack_trace+0x8be/0xc60 [ 276.449776] save_stack_trace+0xc6/0x110 [ 276.453841] kmsan_internal_chain_origin+0x136/0x240 [ 276.458937] kmsan_memcpy_origins+0x13d/0x190 [ 276.463427] __msan_memcpy+0x6f/0x80 [ 276.467155] skb_copy_bits+0x1d2/0xc90 [ 276.471033] skb_copy+0x56c/0xba0 [ 276.474479] tcp_send_synack+0x7a3/0x18f0 [ 276.478636] tcp_rcv_state_process+0x275d/0x6c60 [ 276.483388] tcp_v4_do_rcv+0xb25/0xd80 [ 276.487270] __release_sock+0x32d/0x750 [ 276.491236] release_sock+0x99/0x2a0 [ 276.494953] __inet_stream_connect+0xdff/0x15d0 [ 276.499614] tcp_sendmsg_locked+0x6655/0x6c30 [ 276.504102] tcp_sendmsg+0xb2/0x100 [ 276.507724] inet_sendmsg+0x4e9/0x800 [ 276.511524] __sys_sendto+0x940/0xb80 [ 276.515419] __se_sys_sendto+0x107/0x130 [ 276.519477] __x64_sys_sendto+0x6e/0x90 [ 276.523447] do_syscall_64+0xcf/0x110 [ 276.527246] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 276.532423] [ 276.534049] Uninit was stored to memory at: [ 276.538366] kmsan_internal_chain_origin+0x136/0x240 [ 276.543466] __msan_chain_origin+0x6d/0xb0 [ 276.547697] __save_stack_trace+0x8be/0xc60 [ 276.552016] save_stack_trace+0xc6/0x110 [ 276.556072] kmsan_internal_chain_origin+0x136/0x240 [ 276.561167] kmsan_memcpy_origins+0x13d/0x190 [ 276.565665] __msan_memcpy+0x6f/0x80 [ 276.569379] skb_copy_bits+0x1d2/0xc90 [ 276.573263] skb_copy+0x56c/0xba0 [ 276.576709] tcp_send_synack+0x7a3/0x18f0 [ 276.580850] tcp_rcv_state_process+0x275d/0x6c60 [ 276.585599] tcp_v4_do_rcv+0xb25/0xd80 [ 276.589477] __release_sock+0x32d/0x750 [ 276.593441] release_sock+0x99/0x2a0 [ 276.597148] __inet_stream_connect+0xdff/0x15d0 [ 276.601816] tcp_sendmsg_locked+0x6655/0x6c30 [ 276.606306] tcp_sendmsg+0xb2/0x100 [ 276.609924] inet_sendmsg+0x4e9/0x800 [ 276.614325] __sys_sendto+0x940/0xb80 [ 276.618128] __se_sys_sendto+0x107/0x130 [ 276.622185] __x64_sys_sendto+0x6e/0x90 [ 276.626156] do_syscall_64+0xcf/0x110 [ 276.629955] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 276.635128] [ 276.636742] Uninit was stored to memory at: [ 276.641058] kmsan_internal_chain_origin+0x136/0x240 [ 276.646158] __msan_chain_origin+0x6d/0xb0 [ 276.650390] __save_stack_trace+0x8be/0xc60 [ 276.654708] save_stack_trace+0xc6/0x110 [ 276.658763] kmsan_internal_chain_origin+0x136/0x240 [ 276.663877] kmsan_memcpy_origins+0x13d/0x190 [ 276.668368] __msan_memcpy+0x6f/0x80 [ 276.672082] skb_copy_bits+0x1d2/0xc90 [ 276.675976] skb_copy+0x56c/0xba0 [ 276.679423] tcp_send_synack+0x7a3/0x18f0 [ 276.683580] tcp_rcv_state_process+0x275d/0x6c60 [ 276.688329] tcp_v4_do_rcv+0xb25/0xd80 [ 276.692213] __release_sock+0x32d/0x750 [ 276.696180] release_sock+0x99/0x2a0 [ 276.699891] __inet_stream_connect+0xdff/0x15d0 [ 276.704563] tcp_sendmsg_locked+0x6655/0x6c30 [ 276.709052] tcp_sendmsg+0xb2/0x100 [ 276.712673] inet_sendmsg+0x4e9/0x800 [ 276.716468] __sys_sendto+0x940/0xb80 [ 276.720276] __se_sys_sendto+0x107/0x130 [ 276.724333] __x64_sys_sendto+0x6e/0x90 [ 276.728305] do_syscall_64+0xcf/0x110 [ 276.732102] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 276.737381] [ 276.739002] Local variable description: ----_tcph.i@ip_vs_in [ 276.744784] Variable was created at: [ 276.748497] ip_vs_in+0xe9/0x3250 [ 276.751943] ip_vs_local_request4+0xec/0x130 18:15:07 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000100), 0x1e2) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @ioapic={0x451280b1a0962f9e}}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:15:08 executing program 0: unshare(0x2000400) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0x204000, 0x0) write$P9_RFSYNC(r0, &(0x7f0000000200)={0x7}, 0x7) 18:15:08 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @empty, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0xf411, 0x0, @local, @rand_addr=0x80000000, {[@timestamp={0x44, 0x4}]}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f0000000040)) 18:15:08 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000080)=0x7fff, 0x4) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4}}}, &(0x7f0000000000)=0x98) 18:15:08 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0x9) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3a, &(0x7f00000002c0)=0x8, 0x4) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) read(r0, &(0x7f0000000380)=""/172, 0xffffff88) 18:15:08 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0x9) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3a, &(0x7f00000002c0)=0x8, 0x4) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) read(r0, &(0x7f0000000380)=""/172, 0xffffff88) 18:15:08 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = epoll_create1(0x0) r2 = fcntl$dupfd(r1, 0x0, r1) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r0) 18:15:08 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$void(r1, 0x5450) 18:15:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, &(0x7f00000001c0)="650fc75c276766b882000f00d0c4423d3c56eef22ede9a002000000f01cf0f3042802100660f38802afb0f23d4", 0x2d}], 0x1, 0xffffffffffffffff, &(0x7f0000000040), 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:08 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @empty, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0xf411, 0x0, @local, @rand_addr=0x80000000, {[@timestamp={0x44, 0x4}]}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f0000000040)) 18:15:08 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast1}, r1}}, 0x48) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f0000000280), r1, 0x2}}, 0x18) 18:15:08 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @empty, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0xf411, 0x0, @local, @rand_addr=0x80000000, {[@timestamp={0x44, 0x4}]}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f0000000040)) 18:15:09 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0xa, 0x1, 0x20000000000001, 0x0, 0x0}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000100), &(0x7f0000000180)}, 0x8) 18:15:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, &(0x7f00000001c0)="650fc75c276766b882000f00d0c4423d3c56eef22ede9a002000000f01cf0f3042802100660f38802afb0f23d4", 0x2d}], 0x1, 0xffffffffffffffff, &(0x7f0000000040), 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:09 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @empty, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0xf411, 0x0, @local, @rand_addr=0x80000000, {[@timestamp={0x44, 0x4}]}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f0000000040)) 18:15:09 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000780)='net\x00') mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) exit(0x0) getdents64(r0, &(0x7f0000000080)=""/57, 0x39) 18:15:09 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0xa, 0x1, 0x20000000000001, 0x0, 0x0}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000100), &(0x7f0000000180)}, 0x8) 18:15:09 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000040), &(0x7f00000000c0)}}, &(0x7f0000044000)) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='numa_maps\x00') sendfile(r0, r2, &(0x7f0000000240), 0x80040006) r3 = socket$nl_generic(0x10, 0x3, 0x10) dup2(r3, r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, &(0x7f00000001c0)) tkill(r1, 0x1004000000016) 18:15:09 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0x1, 0x4) ioctl$int_in(r0, 0x5452, &(0x7f0000530ff8)=0x4) listen(r0, 0x0) poll(&(0x7f0000f81000)=[{r0}], 0x1, 0x431b844a) shutdown(r0, 0x0) 18:15:09 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000}}, 0x20) 18:15:09 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0xa, 0x1, 0x20000000000001, 0x0, 0x0}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000100), &(0x7f0000000180)}, 0x8) 18:15:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, &(0x7f00000001c0)="650fc75c276766b882000f00d0c4423d3c56eef22ede9a002000000f01cf0f3042802100660f38802afb0f23d4", 0x2d}], 0x1, 0xffffffffffffffff, &(0x7f0000000040), 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:10 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f00000000c0)=0x2000000000003, 0x4) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)="2f02726f75f0000000000000", 0x2761, 0x0) r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000180), 0x2, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) write$cgroup_int(r2, &(0x7f0000000000), 0x12) sendfile(r1, r2, &(0x7f0000000100), 0x7) 18:15:10 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000040), &(0x7f00000000c0)}}, &(0x7f0000044000)) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='numa_maps\x00') sendfile(r0, r2, &(0x7f0000000240), 0x80040006) r3 = socket$nl_generic(0x10, 0x3, 0x10) dup2(r3, r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, &(0x7f00000001c0)) tkill(r1, 0x1004000000016) 18:15:10 executing program 5: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000fff000/0x1000)=nil, 0x1000}, 0x3}) 18:15:10 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0xa, 0x1, 0x20000000000001, 0x0, 0x0}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000100), &(0x7f0000000180)}, 0x8) 18:15:10 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) unshare(0x600) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/tcp\x00') readv(r1, &(0x7f00000003c0), 0x0) 18:15:10 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.max\x00', 0x2, 0x0) r2 = openat$cgroup_ro(r0, &(0x7f0000000140)='rdma.current\x00', 0x0, 0x0) sendfile(r1, r2, &(0x7f0000000000)=0x50, 0x3) 18:15:10 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x4, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) 18:15:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, &(0x7f00000001c0)="650fc75c276766b882000f00d0c4423d3c56eef22ede9a002000000f01cf0f3042802100660f38802afb0f23d4", 0x2d}], 0x1, 0xffffffffffffffff, &(0x7f0000000040), 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:10 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000040), &(0x7f00000000c0)}}, &(0x7f0000044000)) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='numa_maps\x00') sendfile(r0, r2, &(0x7f0000000240), 0x80040006) r3 = socket$nl_generic(0x10, 0x3, 0x10) dup2(r3, r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, &(0x7f00000001c0)) tkill(r1, 0x1004000000016) 18:15:10 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f00000000c0)=0x2000000000003, 0x4) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)="2f02726f75f0000000000000", 0x2761, 0x0) r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000180), 0x2, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) write$cgroup_int(r2, &(0x7f0000000000), 0x12) sendfile(r1, r2, &(0x7f0000000100), 0x7) 18:15:10 executing program 0: unshare(0x8000400) r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt$inet6_int(r0, 0x28, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 18:15:11 executing program 1: mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x8002, 0x0) open(&(0x7f00000000c0)='./bus\x00', 0x10b885, 0x0) 18:15:11 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f00000000c0)=0x2000000000003, 0x4) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)="2f02726f75f0000000000000", 0x2761, 0x0) r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000180), 0x2, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) write$cgroup_int(r2, &(0x7f0000000000), 0x12) sendfile(r1, r2, &(0x7f0000000100), 0x7) 18:15:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000000, 0x0, 0x10a]}) 18:15:11 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[]}}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="66b9820000400f320fc799b2030f20d86635080000000f22d8ba410066ede1f7ba2100ec670f0e0f01c9650f426e45baa000ed", 0x33}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:11 executing program 1: clone(0x4008500, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) socketpair$inet(0x2, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') exit(0x0) getdents64(r0, &(0x7f0000000680)=""/4096, 0x1000) 18:15:11 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'seqiv(rfc4543(gcm(aes-generic)))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="1f184f9f06d9b2ee276fb759cd520736b78d1947c93c591f4f61ae5f", 0x1c) 18:15:11 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f00000000c0)=0x2000000000003, 0x4) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)="2f02726f75f0000000000000", 0x2761, 0x0) r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000180), 0x2, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) write$cgroup_int(r2, &(0x7f0000000000), 0x12) sendfile(r1, r2, &(0x7f0000000100), 0x7) 18:15:11 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000040), &(0x7f00000000c0)}}, &(0x7f0000044000)) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='numa_maps\x00') sendfile(r0, r2, &(0x7f0000000240), 0x80040006) r3 = socket$nl_generic(0x10, 0x3, 0x10) dup2(r3, r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, &(0x7f00000001c0)) tkill(r1, 0x1004000000016) [ 280.693973] kvm [9096]: vcpu0, guest rIP: 0x106 Hyper-V unhandled rdmsr: 0x40000060 18:15:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000000, 0x0, 0x10a]}) 18:15:12 executing program 1: clone(0x4008500, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) socketpair$inet(0x2, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') exit(0x0) getdents64(r0, &(0x7f0000000680)=""/4096, 0x1000) 18:15:12 executing program 2: clone(0x4008500, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) socketpair$inet(0x2, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') exit(0x0) getdents64(r0, &(0x7f0000000680)=""/4096, 0x1000) 18:15:12 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) mmap(&(0x7f0000000000/0xddf000)=nil, 0xddf000, 0x0, 0x32, 0xffffffffffffffff, 0x0) write$cgroup_pid(r0, &(0x7f0000000040), 0xd) 18:15:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000000, 0x0, 0x10a]}) 18:15:12 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000e11ff0)=[{&(0x7f0000000140)="580000001300add427323b470c458c560a067fffffff81004e220000000058000b4824ca945f64009400050028925aa80000000000000080000efffeffe809000000fff5dd00000010000100090a1000410400000000fcff", 0x58}], 0x1) 18:15:12 executing program 2: clone(0x4008500, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) socketpair$inet(0x2, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') exit(0x0) getdents64(r0, &(0x7f0000000680)=""/4096, 0x1000) 18:15:12 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[]}}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="66b9820000400f320fc799b2030f20d86635080000000f22d8ba410066ede1f7ba2100ec670f0e0f01c9650f426e45baa000ed", 0x33}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:12 executing program 3: r0 = socket$inet(0x2, 0x8008000000003, 0x2f) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='ip_vti0\x00', 0x10) sendto$inet(r0, &(0x7f00000001c0), 0x29c, 0x0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) 18:15:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000000, 0x0, 0x10a]}) [ 282.005984] kvm [9177]: vcpu0, guest rIP: 0x106 Hyper-V unhandled rdmsr: 0x40000060 18:15:13 executing program 4: r0 = gettid() exit(0x0) sched_getaffinity(r0, 0x8, &(0x7f0000000240)) 18:15:13 executing program 1: clone(0x4008500, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) socketpair$inet(0x2, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') exit(0x0) getdents64(r0, &(0x7f0000000680)=""/4096, 0x1000) 18:15:13 executing program 2: clone(0x4008500, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) socketpair$inet(0x2, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') exit(0x0) getdents64(r0, &(0x7f0000000680)=""/4096, 0x1000) 18:15:13 executing program 3: r0 = socket$inet(0x2, 0x8008000000003, 0x2f) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='ip_vti0\x00', 0x10) sendto$inet(r0, &(0x7f00000001c0), 0x29c, 0x0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) 18:15:13 executing program 5: r0 = memfd_create(&(0x7f0000000200)='$@[GPL^^\x00', 0x0) unshare(0x20400) close(r0) timerfd_settime(r0, 0x0, &(0x7f0000000240)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000280)) 18:15:13 executing program 1: clone(0x4008500, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) socketpair$inet(0x2, 0x0, 0x0, &(0x7f0000000000)) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') exit(0x0) getdents64(r0, &(0x7f0000000680)=""/4096, 0x1000) 18:15:13 executing program 3: r0 = socket$inet(0x2, 0x8008000000003, 0x2f) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='ip_vti0\x00', 0x10) sendto$inet(r0, &(0x7f00000001c0), 0x29c, 0x0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) 18:15:13 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000100079) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0x8108551b, &(0x7f0000000200)={0x0, 0x0, @start}) ioctl$sock_inet_SIOCRTMSG(r0, 0xc0105512, &(0x7f00000000c0)={0x0, {0x2, 0x0, @dev}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='ip6gre0\x00'}) 18:15:14 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[]}}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="66b9820000400f320fc799b2030f20d86635080000000f22d8ba410066ede1f7ba2100ec670f0e0f01c9650f426e45baa000ed", 0x33}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:14 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000340)="643e67660f3a61ca9bbaf80c66b8bc5d158866efbafc0c66ed66b9800000c00f326635001000000f30f40f38c94bf80f380b5775260f01ca0f21360f180ad810", 0x40}], 0x1, 0xfffffffbfffffffc, &(0x7f0000000280), 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000000)=ANY=[@ANYBLOB="fafb"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:15:14 executing program 3: r0 = socket$inet(0x2, 0x8008000000003, 0x2f) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='ip_vti0\x00', 0x10) sendto$inet(r0, &(0x7f00000001c0), 0x29c, 0x0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) [ 283.181245] *** Guest State *** [ 283.184761] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [ 283.193820] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 283.202911] CR3 = 0x0000000000000000 [ 283.206677] RSP = 0x0000000000000f80 RIP = 0x0000000000000002 [ 283.212788] RFLAGS=0x00000202 DR7 = 0x0000000000000400 [ 283.218927] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 283.225793] CS: sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000 [ 283.233925] DS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 [ 283.242052] SS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 [ 283.250082] ES: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 [ 283.258223] FS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 [ 283.266404] GS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 18:15:14 executing program 4: perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0xb, &(0x7f0000000040), &(0x7f00000000c0)=0x4) [ 283.274521] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 283.282665] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 283.290684] IDTR: limit=0x0000ffff, base=0x0000000000000000 [ 283.298814] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 283.306935] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 283.313479] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 283.321001] Interruptibility = 00000001 ActivityState = 00000000 [ 283.327359] *** Host State *** [ 283.330597] RIP = 0xffffffff812cfa68 RSP = 0xffff88811e0df378 [ 283.336735] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 283.343283] FSBase=00007f1b09ab6700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000 [ 283.351124] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 283.357152] CR0=0000000080050033 CR3=000000011a088000 CR4=00000000001426f0 [ 283.364338] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260 [ 283.371051] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 283.377229] *** Control State *** 18:15:14 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000100079) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0x8108551b, &(0x7f0000000200)={0x0, 0x0, @start}) ioctl$sock_inet_SIOCRTMSG(r0, 0xc0105512, &(0x7f00000000c0)={0x0, {0x2, 0x0, @dev}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='ip6gre0\x00'}) [ 283.380726] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 283.387526] EntryControls=0000d1ff ExitControls=002fefff [ 283.393126] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 283.400095] VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000 [ 283.406910] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 283.413689] reason=80000021 qualification=0000000000000003 [ 283.420078] IDTVectoring: info=00000000 errcode=00000000 [ 283.425733] TSC Offset = 0xffffff62310b7f5c 18:15:14 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="71e67a111fde54fe46b904832c8fff73d41196c3cdf8311cfc093a52a7d10000", 0x20) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000003b80)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000440)="e054c4ad1f4f0249c5229a656302a0bcd343edc79a91c7fbf60ff87bdff39efc1515628e108ca8a51572ee9309e811a3d3", 0x31}], 0x1, &(0x7f0000000140)}, 0x0) capset(&(0x7f0000000240), &(0x7f0000000080)) recvmmsg(r1, &(0x7f0000002480), 0x871, 0x0, &(0x7f00000001c0)={0x77359400}) [ 283.430104] EPT pointer = 0x00000001984b001e 18:15:14 executing program 3: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x1, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x1, 0xea3}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 18:15:14 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[]}}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="66b9820000400f320fc799b2030f20d86635080000000f22d8ba410066ede1f7ba2100ec670f0e0f01c9650f426e45baa000ed", 0x33}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 283.756114] [drm:drm_calc_timestamping_constants] *ERROR* crtc 29: Can't calculate constants, dotclock = 0! 18:15:15 executing program 4: r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1) ioctl$UI_SET_SWBIT(r0, 0x8004551a, 0xffffffffffffffff) 18:15:15 executing program 1: r0 = socket(0x10, 0x3, 0x0) sendto(r0, &(0x7f0000000140)="120000001200e7ef007b1a3fcd00000000a1", 0x12, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0xc, &(0x7f0000000440)={&(0x7f0000000000)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000002400)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400}) 18:15:15 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000100079) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0x8108551b, &(0x7f0000000200)={0x0, 0x0, @start}) ioctl$sock_inet_SIOCRTMSG(r0, 0xc0105512, &(0x7f00000000c0)={0x0, {0x2, 0x0, @dev}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='ip6gre0\x00'}) 18:15:15 executing program 0: keyctl$dh_compute(0x17, &(0x7f0000000100), &(0x7f0000000080)=""/107, 0x6b, &(0x7f0000000280)={&(0x7f0000000180)={"736861332d3338342d04656e6572696300"}, &(0x7f0000000140)}) 18:15:15 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) unshare(0x8000400) r1 = mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x5, 0x71a}) mq_timedsend(r1, &(0x7f0000000240), 0x0, 0x0, &(0x7f0000000280)) mq_timedreceive(r1, &(0x7f00000021c0)=""/4096, 0x1000, 0x706000, &(0x7f0000000080)={0x0, 0x1c9c380}) 18:15:15 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000340)="643e67660f3a61ca9bbaf80c66b8bc5d158866efbafc0c66ed66b9800000c00f326635001000000f30f40f38c94bf80f380b5775260f01ca0f21360f180ad810", 0x40}], 0x1, 0xfffffffbfffffffc, &(0x7f0000000280), 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000000)=ANY=[@ANYBLOB="fafb"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:15:15 executing program 3: unshare(0x8000400) r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt$inet6_int(r0, 0x28, 0x1, &(0x7f0000000100), &(0x7f0000000080)=0xc1a3ace81c3ad9e4) 18:15:15 executing program 1: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00') mount(&(0x7f0000000440)=ANY=[], &(0x7f0000000400)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, &(0x7f00000001c0)) mount(&(0x7f0000000280), &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='securityfs\x00', 0x100021, &(0x7f0000000480)) 18:15:15 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000100079) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0x8108551b, &(0x7f0000000200)={0x0, 0x0, @start}) ioctl$sock_inet_SIOCRTMSG(r0, 0xc0105512, &(0x7f00000000c0)={0x0, {0x2, 0x0, @dev}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='ip6gre0\x00'}) [ 284.950408] could not allocate digest TFM handle sha3-384-eneric [ 285.033193] could not allocate digest TFM handle sha3-384-eneric 18:15:16 executing program 3: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a03468b66e464e11d46810ab82ed1b2959b4d2a41e7a566d7bf7d6d370e99b6dcdd4b78fe9bb29772bf59a8f12f8f2267e1cc5f68c8961848db69e01dbca25356d5b5eede8533251a89cc0bf43b65924f0531fb43fec8afa2742078a0f17f610f3e232adaca43f860"], 0x6b) 18:15:16 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000400000000000"], 0x10}}, 0x0) recvmmsg(r1, &(0x7f0000004c40)=[{{&(0x7f0000000900)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f0000000140), 0x0, &(0x7f0000001040)=""/4096, 0x1000}}], 0x1, 0x10000, &(0x7f0000001000)={0x77359400}) 18:15:16 executing program 0: r0 = socket$inet_dccp(0x2, 0x6, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet_int(r0, 0x10d, 0xc5, &(0x7f00000000c0), &(0x7f0000000140)=0x4) 18:15:16 executing program 2: r0 = userfaultfd(0x80800) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180)) unshare(0x20400) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000080), &(0x7f00000000c0), 0x8) 18:15:16 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r1, 0x10d, 0x9c, &(0x7f0000000080), &(0x7f0000000040)=0x4) 18:15:16 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x407, 0x0, 0x0, {{@in=@loopback, @in6=@ipv4={[], [], @dev}}}}, 0xffe4}}, 0x0) 18:15:16 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000340)="643e67660f3a61ca9bbaf80c66b8bc5d158866efbafc0c66ed66b9800000c00f326635001000000f30f40f38c94bf80f380b5775260f01ca0f21360f180ad810", 0x40}], 0x1, 0xfffffffbfffffffc, &(0x7f0000000280), 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000000)=ANY=[@ANYBLOB="fafb"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:15:17 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = memfd_create(&(0x7f0000001380)="7dbf2a78892d764fd34a556b884fc44ea20d71490db3d951280a1a9f2f581d3903c216af9dff6cdc43eba6961224d1355b7a85f41eccfcf6340000000000000050771b4e5b81921550c50e061708af0a75d844397a9e52086a68cea96adaf842848d122eeb959a0ab24dc7d1874ec54f733f5422fc0c6392bb3ea36c9ac92714d52bb1a6f59ed1ea25d86caed65c645a172fe724288a78dcc4b7a49b92d8164c7a9efcf8f1dcb92b467e251665811b117677313add5db9e899ead14f83f35741adaadc0d7e5b499fac03f9e2124a65e924d200ef0d9d5132a15434b41136524f2b0e988b1bc181f05593d1f7bb7d4e27ea8fbb6464dab57fffeffdd59b013fad20a8e36c8622944dd5fa5d9f1dadf979fc033d245a004f612360714864cc8f80a1ed812085e71f99bee8e5ce790aab8ba0794dbacf377d8e5651e6642e539eb198d9c83bccd5f229f75a6829ff46b8c7d225e9c705ef715c975dd71bdf226fcad4e0d51235ef7a31cce16e5abe16a18fc82939b8c6c2dd382e2a55e0c50400d9fd7b5a54f2e4b99578a5bd040f8e6b79d88ed737d70f700a1113299bf344b2882a28027bb2603a01000000000000eeffffff5632aa82", 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0x40d5) 18:15:17 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000240)='/dev/snd/midiC#D#\x00', 0x200, 0x0) readv(r1, &(0x7f0000000200)=[{&(0x7f0000000140)}, {&(0x7f0000000180)=""/67, 0x43}], 0x2) dup3(r0, r1, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000000100)) tkill(r2, 0x1000000000013) 18:15:17 executing program 0: r0 = epoll_create1(0x0) r1 = timerfd_create(0x0, 0x0) close(r1) epoll_pwait(r0, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffffffffffffa, &(0x7f0000000140), 0x8) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000001380)='/dev/vga_arbiter\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000021ff4)={0x2001}) 18:15:17 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000340)="643e67660f3a61ca9bbaf80c66b8bc5d158866efbafc0c66ed66b9800000c00f326635001000000f30f40f38c94bf80f380b5775260f01ca0f21360f180ad810", 0x40}], 0x1, 0xfffffffbfffffffc, &(0x7f0000000280), 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000000)=ANY=[@ANYBLOB="fafb"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:15:17 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200010000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32fd0289, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:15:17 executing program 1: r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000280)={0x1001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90) 18:15:17 executing program 3: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x43, 0x29, 0x201}, 0xfdb3}}, 0x0) 18:15:17 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, 0x1c) close(r2) close(r1) 18:15:17 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000240)='/dev/snd/midiC#D#\x00', 0x200, 0x0) readv(r1, &(0x7f0000000200)=[{&(0x7f0000000140)}, {&(0x7f0000000180)=""/67, 0x43}], 0x2) dup3(r0, r1, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000000100)) tkill(r2, 0x1000000000013) 18:15:18 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) read(r1, &(0x7f0000000280)=""/1, 0xfffffece) close(r1) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 18:15:18 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000010000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r1, &(0x7f0000000400)=""/91, 0x214) [ 287.010263] netlink: 31 bytes leftover after parsing attributes in process `syz-executor3'. 18:15:18 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1000000000000019, &(0x7f0000548000)=0x4001, 0x4) sendto$inet6(r0, &(0x7f0000000440), 0xffffffffffffffdb, 0x0, &(0x7f0000000200)={0xa, 0x4e28, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000380), 0x4) recvmsg(r0, &(0x7f0000000400)={&(0x7f00000002c0)=@nl=@proc, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000000080)=""/36, 0x24}, 0x2000) 18:15:18 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000240)='/dev/snd/midiC#D#\x00', 0x200, 0x0) readv(r1, &(0x7f0000000200)=[{&(0x7f0000000140)}, {&(0x7f0000000180)=""/67, 0x43}], 0x2) dup3(r0, r1, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000000100)) tkill(r2, 0x1000000000013) 18:15:18 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000240), 0x10) setsockopt(r0, 0x65, 0x10000000002, &(0x7f0000000000)="c8d63f23", 0x4) 18:15:18 executing program 3: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x40046104, &(0x7f0000000280)) 18:15:18 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r1, r2, &(0x7f0000000180), 0x100000001) 18:15:18 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000240)='/dev/snd/midiC#D#\x00', 0x200, 0x0) readv(r1, &(0x7f0000000200)=[{&(0x7f0000000140)}, {&(0x7f0000000180)=""/67, 0x43}], 0x2) dup3(r0, r1, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000000100)) tkill(r2, 0x1000000000013) 18:15:19 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) read(r1, &(0x7f0000000280)=""/1, 0xfffffece) close(r1) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 18:15:19 executing program 4: unshare(0x20400) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x0, 0x0) ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f0000000040)) 18:15:19 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000240), 0x10) setsockopt(r0, 0x65, 0x10000000002, &(0x7f0000000000)="c8d63f23", 0x4) 18:15:19 executing program 3: clone(0x84007ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r0 = getpid() mknod(&(0x7f00000000c0)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300), &(0x7f0000000140)=[&(0x7f0000000000)='&', &(0x7f0000000080)='eth0$eth0{\x00', &(0x7f0000000100)='wlan1{selinuxwlan1\x00']) ptrace(0x10, r0) ptrace(0x10, r0) kcmp(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file1\x00', &(0x7f00000003c0)=[&(0x7f0000000200)='&', &(0x7f0000000280)='&', &(0x7f00000002c0)='wlan1{selinuxwlan1\x00', &(0x7f0000000300)='eth0$eth0{\x00', &(0x7f0000000340)='eth0$eth0{\x00', &(0x7f0000000380)='$system,,security/@\x00'], &(0x7f0000000500)=[&(0x7f0000000440)="86253a7472757374656400"]) tkill(r0, 0x20000000000010) r1 = socket$alg(0x26, 0x5, 0x0) fcntl$setownex(r1, 0xf, &(0x7f0000000540)) 18:15:19 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f0000000040), 0x229) 18:15:19 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000240), 0x10) setsockopt(r0, 0x65, 0x10000000002, &(0x7f0000000000)="c8d63f23", 0x4) 18:15:19 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) read(r1, &(0x7f0000000280)=""/1, 0xfffffece) close(r1) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 18:15:19 executing program 4: r0 = semget$private(0x0, 0x8, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000000)) semtimedop(r0, &(0x7f0000000040)=[{}], 0x1, &(0x7f00000000c0)={0x77359400}) semctl$IPC_RMID(r0, 0x0, 0x0) 18:15:19 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r1, r2, &(0x7f0000000180), 0x100000001) 18:15:19 executing program 3: clone(0x84007ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r0 = getpid() mknod(&(0x7f00000000c0)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300), &(0x7f0000000140)=[&(0x7f0000000000)='&', &(0x7f0000000080)='eth0$eth0{\x00', &(0x7f0000000100)='wlan1{selinuxwlan1\x00']) ptrace(0x10, r0) ptrace(0x10, r0) kcmp(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file1\x00', &(0x7f00000003c0)=[&(0x7f0000000200)='&', &(0x7f0000000280)='&', &(0x7f00000002c0)='wlan1{selinuxwlan1\x00', &(0x7f0000000300)='eth0$eth0{\x00', &(0x7f0000000340)='eth0$eth0{\x00', &(0x7f0000000380)='$system,,security/@\x00'], &(0x7f0000000500)=[&(0x7f0000000440)="86253a7472757374656400"]) tkill(r0, 0x20000000000010) r1 = socket$alg(0x26, 0x5, 0x0) fcntl$setownex(r1, 0xf, &(0x7f0000000540)) 18:15:20 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000240), 0x10) setsockopt(r0, 0x65, 0x10000000002, &(0x7f0000000000)="c8d63f23", 0x4) 18:15:20 executing program 2: mlock(&(0x7f0000ff7000/0x4000)=nil, 0x4000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000000)=0x9, 0x7, 0x0) mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000040)=0x7fffffff, 0x3, 0x0) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) 18:15:20 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x805, 0x0) write$uinput_user_dev(r1, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5) ioctl$UI_DEV_SETUP(r1, 0x5501, &(0x7f0000000300)={{}, 'syz1\x00'}) write$uinput_user_dev(r1, &(0x7f0000000d00)={'syz0\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c) 18:15:20 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) read(r1, &(0x7f0000000280)=""/1, 0xfffffece) close(r1) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 18:15:20 executing program 3: clone(0x84007ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r0 = getpid() mknod(&(0x7f00000000c0)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300), &(0x7f0000000140)=[&(0x7f0000000000)='&', &(0x7f0000000080)='eth0$eth0{\x00', &(0x7f0000000100)='wlan1{selinuxwlan1\x00']) ptrace(0x10, r0) ptrace(0x10, r0) kcmp(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file1\x00', &(0x7f00000003c0)=[&(0x7f0000000200)='&', &(0x7f0000000280)='&', &(0x7f00000002c0)='wlan1{selinuxwlan1\x00', &(0x7f0000000300)='eth0$eth0{\x00', &(0x7f0000000340)='eth0$eth0{\x00', &(0x7f0000000380)='$system,,security/@\x00'], &(0x7f0000000500)=[&(0x7f0000000440)="86253a7472757374656400"]) tkill(r0, 0x20000000000010) r1 = socket$alg(0x26, 0x5, 0x0) fcntl$setownex(r1, 0xf, &(0x7f0000000540)) [ 289.511762] input: syz1 as /devices/virtual/input/input8 18:15:20 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x800000000000004) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000100)=@req3={0x80000000}, 0xad) ppoll(&(0x7f0000000000)=[{r1}, {r0, 0x100}], 0x2, &(0x7f0000000080)={0x77359400}, &(0x7f00000000c0), 0x8) [ 289.610735] input: syz1 as /devices/virtual/input/input9 18:15:20 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) r2 = dup(r0) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, r1}, 0x10) 18:15:20 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r1, r2, &(0x7f0000000180), 0x100000001) 18:15:21 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000013000/0x1000)=nil, 0x1000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_INITMSG(r2, 0x84, 0x14, &(0x7f0000000000), 0x8) close(r2) close(r1) 18:15:21 executing program 4: unshare(0x2000400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xf) 18:15:21 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='oom_score_adj\x00') writev(r0, &(0x7f0000000000)=[{&(0x7f0000000200)='-09', 0x3}], 0x1) 18:15:21 executing program 3: clone(0x84007ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r0 = getpid() mknod(&(0x7f00000000c0)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300), &(0x7f0000000140)=[&(0x7f0000000000)='&', &(0x7f0000000080)='eth0$eth0{\x00', &(0x7f0000000100)='wlan1{selinuxwlan1\x00']) ptrace(0x10, r0) ptrace(0x10, r0) kcmp(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file1\x00', &(0x7f00000003c0)=[&(0x7f0000000200)='&', &(0x7f0000000280)='&', &(0x7f00000002c0)='wlan1{selinuxwlan1\x00', &(0x7f0000000300)='eth0$eth0{\x00', &(0x7f0000000340)='eth0$eth0{\x00', &(0x7f0000000380)='$system,,security/@\x00'], &(0x7f0000000500)=[&(0x7f0000000440)="86253a7472757374656400"]) tkill(r0, 0x20000000000010) r1 = socket$alg(0x26, 0x5, 0x0) fcntl$setownex(r1, 0xf, &(0x7f0000000540)) 18:15:21 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x40000000000c) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000080)="1f00000002031900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000180)="1f0000000203193b000007000000068100023b050900020000004042010058", 0x1f}], 0x1) 18:15:21 executing program 5: socketpair$unix(0x1, 0x40000000000002, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x200000005, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x9, &(0x7f0000000040), &(0x7f0000000080)=0x10) close(r2) close(r1) 18:15:21 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6(0xa, 0x801, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x51, r1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000380)=@mangle={'mangle\x00', 0x1f, 0x6, 0x498, 0x1e0, 0x4d8, 0x4d8, 0x1e0, 0x0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, &(0x7f0000000300), {[{{@uncond, 0x0, 0x98, 0xc0}, @ECN={0x28, 'ECN\x00'}}, {{@ip={@local, @local, 0x0, 0x0, 'veth1_to_bridge\x00', 'lo\x00'}, 0x0, 0x98, 0xf8}, @common=@SET={0x60, 'SET\x00'}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'ip_vti0\x00', 'bond_slave_0\x00'}, 0x0, 0x98, 0xc0}, @inet=@DSCP={0x28, 'DSCP\x00'}}, {{@ip={@empty, @remote, 0x0, 0x0, 'bpq0\x00', 'bond_slave_1\x00'}, 0x0, 0x98, 0xc0}, @TTL={0x28, 'TTL\x00'}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'dummy0\x00', 'tunl0\x00'}, 0x0, 0x98, 0xc8}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x4f8) 18:15:21 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r1, r2, &(0x7f0000000180), 0x100000001) 18:15:21 executing program 3: write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x4}], 0x18) r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000001540)={0x0, 0x38, &(0x7f0000000080)="12d4478e89e3fa80f369c7985c0e462a2c23ae5ab72627c77ac84f35b2111e54d040772cf33ed5b8adc2b48f348d301d8a6d62d359786215"}) write$evdev(r0, &(0x7f0000000040)=[{}, {}], 0x52a) 18:15:21 executing program 4: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/69, 0x5}], 0x1) 18:15:21 executing program 2: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x3, @local, 'syz_tun\x00'}}, 0x1e) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000000c0)={0x18, 0x0, {0x3, @local, 'vcan0\x00'}}, 0x1e) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x3, @local, 'sit0\x00'}}, 0x1e) 18:15:22 executing program 3: write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x4}], 0x18) r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000001540)={0x0, 0x38, &(0x7f0000000080)="12d4478e89e3fa80f369c7985c0e462a2c23ae5ab72627c77ac84f35b2111e54d040772cf33ed5b8adc2b48f348d301d8a6d62d359786215"}) write$evdev(r0, &(0x7f0000000040)=[{}, {}], 0x52a) 18:15:22 executing program 0: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000000000)="240000001a0025f0116bbc04fef7001c020b49ff001c00008000080008001d00ec000000", 0x24) 18:15:22 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)="2f65786500e1ffffff0409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f02acc7edbcd7a071fbbc7864c3cf7318e89c6e97ca49e2523f8d54c646dd47000000000000000000000082c8ed780fc8de13aac81a5393802cac9b30bd34f4b1aa91950e3321095ed1dc0609f379617d65d54e4900f041cf05b8b29c725e548eba7414e6686d0e4d0e354ffbecf9b6cb56df37daad793393cdf96d60c334d7dee99d58bb98ec8fbae88509abe32fd44239abb4ccf659f55c76c288ae1d12b8aef689f19c39d9cdd8a249969185b3f229a48ef301365dc6762a1967eb3241f49796f3f6ceb28fd1833071281f0d81aee58fc8a61050486d5641c3dfc84c25baa2b3712cb8251267e70159894f6dd8f293e8cd44ea35ca1c52f1c165b6391d779405fabfaf835c2928c61282a10cfee523c694139d9b158c8ac9c2068deae9563a8661cef5dfb87149694d3b000cd5cc727f52139996dd2f575b0af9cc013f275d3651") flistxattr(r1, &(0x7f0000000080)=""/6, 0xe027278b7d699f3c) userfaultfd(0x0) 18:15:22 executing program 5: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) shutdown(r1, 0x1) sendto$inet(r1, &(0x7f00000001c0), 0x331, 0x200007ff, &(0x7f0000000180)={0x2, 0x3, @loopback}, 0x10) r2 = dup3(r1, r0, 0x0) sendto$inet(r2, &(0x7f0000000400), 0x0, 0xffffffffffffffff, 0x0, 0x0) 18:15:22 executing program 2: creat(&(0x7f00000000c0)='./bus\x00', 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8003, &(0x7f0000000080)=0x1, 0x3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000040)=0x2, 0x7, 0x0) [ 291.407370] netlink: 'syz-executor0': attribute type 29 has an invalid length. 18:15:22 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc4c85513, &(0x7f0000000100)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', &(0x7f0000000040)}) [ 291.492471] netlink: 'syz-executor0': attribute type 29 has an invalid length. 18:15:22 executing program 3: write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x4}], 0x18) r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000001540)={0x0, 0x38, &(0x7f0000000080)="12d4478e89e3fa80f369c7985c0e462a2c23ae5ab72627c77ac84f35b2111e54d040772cf33ed5b8adc2b48f348d301d8a6d62d359786215"}) write$evdev(r0, &(0x7f0000000040)=[{}, {}], 0x52a) 18:15:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f00000004c0), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @pic={0x0, 0x4}}) fcntl$getown(0xffffffffffffffff, 0x9) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f00000002c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x484b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x680}) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001d80)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x14) syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_DOORUNLOCK(0xffffffffffffffff, 0x5381) 18:15:22 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@setlink={0x30, 0x13, 0x101, 0x0, 0x0, {}, [@IFLA_IF_NETNSID={0x8}, @IFLA_NET_NS_PID={0x8}]}, 0x30}}, 0x0) 18:15:22 executing program 4: r0 = syz_open_dev$video(&(0x7f00000004c0)='/dev/video#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x800000000003, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000180)={0x2, @win={{}, 0x0, 0x0, &(0x7f0000000140)={{}, &(0x7f0000000100)={{}, &(0x7f0000000080)}}, 0x0, &(0x7f0000000280)}}) 18:15:22 executing program 2: r0 = add_key$keyring(&(0x7f0000000580)='keyring\x00', &(0x7f00000005c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$revoke(0x3, r0) keyctl$read(0xb, r0, &(0x7f0000000640)=""/68, 0x44) 18:15:22 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x3407a}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x2c, 0x32, 0x829, 0x0, 0x0, {0x3}, [@nested={0x18, 0x0, [@typed={0x10, 0x1, @ipv6=@loopback={0x700000000000000}}]}]}, 0x2c}}, 0x0) 18:15:23 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) r2 = dup2(r1, r0) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f00000003c0)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) sendmmsg$inet_sctp(r2, &(0x7f0000006000)=[{&(0x7f0000000180)=@in6={0xa, 0x0, 0x80000001, @remote}, 0x1c, &(0x7f0000001500), 0x0, &(0x7f0000001580)}], 0x1, 0x0) 18:15:23 executing program 3: write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x4}], 0x18) r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000001540)={0x0, 0x38, &(0x7f0000000080)="12d4478e89e3fa80f369c7985c0e462a2c23ae5ab72627c77ac84f35b2111e54d040772cf33ed5b8adc2b48f348d301d8a6d62d359786215"}) write$evdev(r0, &(0x7f0000000040)=[{}, {}], 0x52a) 18:15:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f00000004c0), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @pic={0x0, 0x4}}) fcntl$getown(0xffffffffffffffff, 0x9) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f00000002c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x484b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x680}) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001d80)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x14) syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_DOORUNLOCK(0xffffffffffffffff, 0x5381) 18:15:23 executing program 4: r0 = socket$inet_dccp(0x2, 0x6, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet_int(r0, 0x10d, 0x11, &(0x7f000079bffc), &(0x7f0000350ffc)=0x4) 18:15:23 executing program 1: unshare(0x400) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 18:15:23 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_open_dev$midi(&(0x7f00000001c0)='/dev/midi#\x00', 0x595, 0x1550b35265fa6ced) mkdir(&(0x7f0000000240)='./file0\x00', 0x0) mount(&(0x7f0000000080)=ANY=[], &(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0xff, 0x2c00) ioctl$SCSI_IOCTL_SYNC(r1, 0x4) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000140)) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = openat$cgroup_subtree(r2, &(0x7f0000000080)='cgroup.subtree_control\x00', 0x2, 0x0) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video37\x00', 0x2, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x0) write$cgroup_subtree(r3, &(0x7f00000000c0)={[{0x2d, 'pids'}]}, 0x6) 18:15:23 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256\x00'}, 0x58) close(r1) 18:15:23 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001000), 0x0) r2 = dup2(r1, r0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r4 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) write$cgroup_type(r4, &(0x7f0000000000)='threaded\x00', 0x9) sendfile(r1, r4, &(0x7f00000000c0), 0x3c) accept4$packet(r2, &(0x7f0000000800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000840)=0x14, 0x0) 18:15:23 executing program 2: r0 = memfd_create(&(0x7f0000001fc1)='#vmnet1nodevem1\x00', 0x0) io_setup(0x7, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000380)="cae2f834dc994bd4a8dc7af229d5fb085261813f2a8dd38c996e3e6d6913ae729247fc4bef2a14cb589c114023cbfb627a8bdb5f53148176bfd10c250b0ca634ea33891c6efc36135a066759667f74373502aebdf8985a166abd48f11fa0197375484f5132311aa40764bd7c202c26a5dfcc5866f3723b9c3990d336729935a16abb2e4b6b3cdb79cee2516ab5bb4a263c1d14fc246210a6d5befd0cdd1609f4384f619401ca5c885eb2a7934a83009165fb496b86048b4e7e76161694c1192c7167d8511a8859ec6c31974735354aaefedef34fdbaedd896bdf71189ffbc75611beb9a3098ae48e028b084af292ab901ee74c89e361f1adf7e75fcd1b9feba120fbf7c9905ed71a4cabb67d44d2fcd080adc963b9a7cd9a9f7aefd9dd16e74a3c567a3255228b51b11822b83b32f95f07d33c9b8250c7c1e6a82ddd91b13f82dc3fb884dfb8c7cb389bf0c653cea36059803f9ba1a940580a657886e868bb8f67716410988354e93c0c28d52cef5c213b05b0d45561135dd3c192281170db407fbc436200258f4cb347220b7ec3c9f8826dd07b288f31cb0aabb8054ba8f8e77f533d6216a9a8d8bf17ca7f34e8a6cf9da6a78a9c731c0aa003c84312b8ad760389470cd5017b593516dad8c7c6191d95d6e4fc4fe971fccbb48c3c5f3a730bc9503646e9f29453894dfdd2e8114acd56daf4a343c9b5dbe422753ae1fd5ee9d8", 0x201}]) 18:15:23 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") ioctl$sock_ifreq(r0, 0x89a3, &(0x7f0000000180)={'"ri\x00', @ifru_settings={0x0, 0x0, @raw_hdlc=&(0x7f0000000080)}}) 18:15:23 executing program 1: unshare(0x400) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 18:15:24 executing program 0: timer_create(0x9, &(0x7f0000000180)={0x0, 0x0, 0x1}, &(0x7f0000000000)) 18:15:24 executing program 1: unshare(0x400) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 18:15:24 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(xeta)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000740), 0x0, &(0x7f0000000800)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[@ANYRES16=0x0], 0x314) recvmmsg(r1, &(0x7f0000001e00)=[{{&(0x7f0000000080)=@in6, 0x80, &(0x7f0000000540)=[{&(0x7f0000000100)=""/102, 0x66}, {&(0x7f0000000180)=""/105, 0x69}], 0x2, &(0x7f00000005c0)=""/98, 0x62}}], 0x1, 0x0, &(0x7f0000001ec0)) 18:15:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f00000004c0), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @pic={0x0, 0x4}}) fcntl$getown(0xffffffffffffffff, 0x9) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f00000002c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x484b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x680}) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001d80)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x14) syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_DOORUNLOCK(0xffffffffffffffff, 0x5381) 18:15:24 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000090607031dfffd946fa2830020200a0009000200001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 18:15:24 executing program 3: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x188, 0x42, 0x201}, 0xfdb3}}, 0x0) recvmmsg(r0, &(0x7f0000002f00)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)=""/64, 0x40}, {&(0x7f00000000c0)=""/87, 0x57}], 0x2, &(0x7f0000000240)=""/147, 0x93, 0x60000000000000}, 0xfb82}, {{&(0x7f0000000180)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000000300)=[{&(0x7f00000003c0)=""/196, 0xc4}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x2, &(0x7f00000014c0)=""/188, 0xbc, 0x7}, 0x2}, {{&(0x7f0000001580)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000001c80)=[{&(0x7f0000001600)=""/216, 0xd8}, {&(0x7f0000001700)=""/176, 0xb0}, {&(0x7f00000017c0)=""/198, 0xc6}, {&(0x7f0000000340)=""/26, 0x1a}, {&(0x7f00000018c0)=""/132, 0x84}, {&(0x7f0000001980)=""/152, 0x98}, {&(0x7f0000001a40)=""/243, 0xf3}, {&(0x7f0000001b40)=""/113, 0x71}, {&(0x7f0000001bc0)=""/151, 0x97}], 0x9, &(0x7f0000001d40)=""/174, 0xae, 0x2}, 0x6}, {{&(0x7f0000001e00)=@ax25, 0x80, &(0x7f0000001fc0)=[{&(0x7f0000001e80)=""/166, 0xa6}, {&(0x7f0000001f40)=""/90, 0x5a}], 0x2, 0x0, 0x0, 0x2}, 0x10001}, {{&(0x7f0000002000)=@vsock, 0x80, &(0x7f0000002300)=[{&(0x7f0000002080)=""/4, 0x4}, {&(0x7f00000020c0)}, {&(0x7f0000002100)=""/100, 0x64}, {&(0x7f0000002180)=""/156, 0x9c}, {&(0x7f0000002240)=""/158, 0x9e}], 0x5, 0x0, 0x0, 0xc8}, 0x5}, {{&(0x7f0000002380)=@generic, 0x80, &(0x7f00000025c0)=[{&(0x7f0000002400)=""/254, 0xfe}, {&(0x7f0000002500)=""/14, 0xe}, {&(0x7f0000002540)=""/37, 0x25}, {&(0x7f0000002580)=""/27, 0x1b}], 0x4, &(0x7f0000002600)=""/84, 0x54, 0x2}}, {{&(0x7f0000002ac0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000002dc0)=[{&(0x7f0000002b40)=""/178, 0xb2}, {&(0x7f0000002c00)=""/151, 0x97}, {&(0x7f0000002cc0)=""/25, 0x19}, {&(0x7f0000002d00)=""/136, 0x88}], 0x4, &(0x7f0000002e00)=""/194, 0xc2}}], 0x7, 0x0, &(0x7f00000061c0)={0x77359400}) 18:15:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x8, &(0x7f0000000d40)=0x0) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0x9) close(r0) io_submit(r2, 0x1400, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000140), 0x700000000000}]) 18:15:24 executing program 1: unshare(0x400) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) [ 293.727226] netlink: 20 bytes leftover after parsing attributes in process `syz-executor2'. 18:15:24 executing program 4: r0 = socket$inet6(0xa, 0x800000001, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23}, 0x1c) listen(r0, 0x4000) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[], 0xfe7c) write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[], 0xffef) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000180)=0x4, 0x4) shutdown(r2, 0x2) 18:15:25 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000c0003007465616d300000000000000000000000033b"], 0x1}}, 0x0) 18:15:25 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000000100)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f000026cfff)="c6", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) r1 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x800000000004, 0x20011, r1, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000400), &(0x7f0000000440)=0x14) 18:15:25 executing program 0: capset(&(0x7f0000000040)={0x20071026}, &(0x7f00000000c0)) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000280)={0x1}, 0x8, 0x0) [ 294.093317] not chained 50000 origins [ 294.097184] CPU: 1 PID: 9646 Comm: syz-executor4 Not tainted 4.20.0-rc3+ #89 [ 294.104384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.113750] Call Trace: [ 294.116360] dump_stack+0x32d/0x480 [ 294.120024] kmsan_internal_chain_origin+0x222/0x240 [ 294.125157] ? kmsan_internal_chain_origin+0x136/0x240 [ 294.130463] ? __msan_chain_origin+0x6d/0xb0 [ 294.134893] ? __save_stack_trace+0x8be/0xc60 [ 294.139402] ? save_stack_trace+0xc6/0x110 [ 294.143652] ? kmsan_internal_chain_origin+0x136/0x240 [ 294.148940] ? kmsan_memcpy_origins+0x13d/0x190 [ 294.153622] ? __msan_memcpy+0x6f/0x80 [ 294.157521] ? skb_copy_bits+0x1d2/0xc90 [ 294.161602] ? skb_copy+0x56c/0xba0 [ 294.165239] ? sctp_make_reassembled_event+0xcbe/0x1210 [ 294.170612] ? sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 294.176157] ? sctp_ulpq_tail_data+0xa0b/0x1450 [ 294.180850] ? sctp_do_sm+0x4415/0x9c50 [ 294.184841] ? sctp_assoc_bh_rcv+0x66a/0xd90 [ 294.189265] ? sctp_inq_push+0x300/0x420 [ 294.193449] ? sctp_backlog_rcv+0x1c2/0x560 [ 294.197788] ? __release_sock+0x32d/0x750 [ 294.201953] ? release_sock+0x99/0x2a0 [ 294.205859] ? inet_shutdown+0x49f/0x600 [ 294.209938] ? __se_sys_shutdown+0x28b/0x3e0 [ 294.214359] ? __x64_sys_shutdown+0x3e/0x60 [ 294.218696] ? do_syscall_64+0xcf/0x110 [ 294.222684] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 294.228059] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 294.233445] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 294.238818] ? __module_address+0x6a/0x5f0 [ 294.243074] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 294.248449] ? is_bpf_text_address+0x49e/0x4d0 [ 294.253047] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 294.258511] ? in_task_stack+0x12c/0x210 [ 294.262599] __msan_chain_origin+0x6d/0xb0 [ 294.266854] ? sctp_backlog_rcv+0x1c2/0x560 [ 294.271192] __save_stack_trace+0x8be/0xc60 [ 294.275539] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 294.280965] ? sctp_backlog_rcv+0x1c2/0x560 [ 294.285320] save_stack_trace+0xc6/0x110 [ 294.289408] kmsan_internal_chain_origin+0x136/0x240 [ 294.294532] ? __x64_sys_shutdown+0x3e/0x60 [ 294.298895] ? kmsan_internal_chain_origin+0x136/0x240 [ 294.304193] ? kmsan_memcpy_origins+0x13d/0x190 [ 294.308879] ? __msan_memcpy+0x6f/0x80 [ 294.312785] ? skb_copy_bits+0x1d2/0xc90 [ 294.316864] ? skb_copy+0x56c/0xba0 [ 294.320508] ? sctp_make_reassembled_event+0xcbe/0x1210 [ 294.325901] ? sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 294.331454] ? sctp_ulpq_tail_data+0xa0b/0x1450 [ 294.336138] ? sctp_do_sm+0x4415/0x9c50 [ 294.340131] ? sctp_assoc_bh_rcv+0x66a/0xd90 [ 294.344566] ? sctp_inq_push+0x300/0x420 [ 294.348645] ? sctp_backlog_rcv+0x1c2/0x560 [ 294.352969] ? __release_sock+0x32d/0x750 [ 294.357113] ? release_sock+0x99/0x2a0 [ 294.360996] ? inet_shutdown+0x49f/0x600 [ 294.365052] ? __se_sys_shutdown+0x28b/0x3e0 [ 294.369455] ? __x64_sys_shutdown+0x3e/0x60 [ 294.373778] ? do_syscall_64+0xcf/0x110 [ 294.377753] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 294.383134] ? __msan_get_context_state+0x9/0x20 [ 294.387887] ? INIT_INT+0xc/0x30 [ 294.391253] ? __kmalloc_node_track_caller+0x1226/0x14e0 [ 294.396701] ? INIT_INT+0xc/0x30 [ 294.400065] ? kmem_cache_alloc_node+0x27b/0xec0 [ 294.404825] kmsan_memcpy_origins+0x13d/0x190 [ 294.409327] __msan_memcpy+0x6f/0x80 [ 294.413039] skb_copy_bits+0x1d2/0xc90 [ 294.416934] skb_copy+0x56c/0xba0 [ 294.420397] sctp_make_reassembled_event+0xcbe/0x1210 [ 294.425603] sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 294.430974] sctp_ulpq_tail_data+0xa0b/0x1450 [ 294.435467] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 294.440836] ? sctp_ulpq_free+0x40/0x40 [ 294.444805] sctp_do_sm+0x4415/0x9c50 [ 294.448621] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 294.453988] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 294.459440] ? skb_pull+0x13f/0x230 [ 294.463072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 294.468427] ? ktime_get+0x2e6/0x420 [ 294.472147] sctp_assoc_bh_rcv+0x66a/0xd90 [ 294.476389] ? sctp_assoc_lookup_asconf_ack+0x2a0/0x2a0 [ 294.481752] sctp_inq_push+0x300/0x420 [ 294.485645] sctp_backlog_rcv+0x1c2/0x560 [ 294.489795] ? sctp_rcv+0x4e40/0x4e40 [ 294.493594] __release_sock+0x32d/0x750 [ 294.497577] release_sock+0x99/0x2a0 [ 294.501374] ? sock_init_data+0x12c0/0x12c0 [ 294.505696] inet_shutdown+0x49f/0x600 [ 294.509584] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 294.514952] ? inet_recvmsg+0x6c0/0x6c0 [ 294.518922] __se_sys_shutdown+0x28b/0x3e0 [ 294.523157] __x64_sys_shutdown+0x3e/0x60 [ 294.527309] do_syscall_64+0xcf/0x110 [ 294.531111] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 294.536298] RIP: 0033:0x457569 [ 294.539495] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 294.558390] RSP: 002b:00007f79462dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000030 [ 294.566106] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000457569 [ 294.573368] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005 [ 294.580632] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 294.587894] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f79462db6d4 [ 294.595162] R13: 00000000004c4695 R14: 00000000004d7a40 R15: 00000000ffffffff [ 294.602442] Uninit was stored to memory at: [ 294.606762] kmsan_internal_chain_origin+0x136/0x240 [ 294.611861] __msan_chain_origin+0x6d/0xb0 [ 294.616096] __save_stack_trace+0x8be/0xc60 [ 294.620425] save_stack_trace+0xc6/0x110 [ 294.624481] kmsan_internal_chain_origin+0x136/0x240 [ 294.629581] kmsan_memcpy_origins+0x13d/0x190 [ 294.634072] __msan_memcpy+0x6f/0x80 [ 294.637783] skb_copy_bits+0x1d2/0xc90 [ 294.641667] skb_copy+0x56c/0xba0 [ 294.645115] sctp_make_reassembled_event+0xcbe/0x1210 [ 294.650297] sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 294.655662] sctp_ulpq_tail_data+0xa0b/0x1450 [ 294.660153] sctp_do_sm+0x4415/0x9c50 [ 294.663949] sctp_assoc_bh_rcv+0x66a/0xd90 [ 294.668264] sctp_inq_push+0x300/0x420 [ 294.672144] sctp_backlog_rcv+0x1c2/0x560 [ 294.676286] __release_sock+0x32d/0x750 [ 294.680258] release_sock+0x99/0x2a0 [ 294.683965] inet_shutdown+0x49f/0x600 [ 294.687853] __se_sys_shutdown+0x28b/0x3e0 [ 294.692091] __x64_sys_shutdown+0x3e/0x60 [ 294.696235] do_syscall_64+0xcf/0x110 [ 294.700033] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 294.705207] [ 294.706827] Uninit was stored to memory at: [ 294.711145] kmsan_internal_chain_origin+0x136/0x240 [ 294.716254] __msan_chain_origin+0x6d/0xb0 [ 294.720496] __save_stack_trace+0x8be/0xc60 [ 294.724814] save_stack_trace+0xc6/0x110 [ 294.728868] kmsan_internal_chain_origin+0x136/0x240 [ 294.733964] kmsan_memcpy_origins+0x13d/0x190 [ 294.738463] __msan_memcpy+0x6f/0x80 [ 294.742174] skb_copy_bits+0x1d2/0xc90 [ 294.746052] skb_copy+0x56c/0xba0 [ 294.749498] sctp_make_reassembled_event+0xcbe/0x1210 [ 294.754685] sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 294.760052] sctp_ulpq_tail_data+0xa0b/0x1450 [ 294.764539] sctp_do_sm+0x4415/0x9c50 [ 294.768352] sctp_assoc_bh_rcv+0x66a/0xd90 [ 294.772581] sctp_inq_push+0x300/0x420 [ 294.776460] sctp_backlog_rcv+0x1c2/0x560 [ 294.780605] __release_sock+0x32d/0x750 [ 294.784569] release_sock+0x99/0x2a0 [ 294.788279] inet_shutdown+0x49f/0x600 [ 294.792162] __se_sys_shutdown+0x28b/0x3e0 [ 294.796501] __x64_sys_shutdown+0x3e/0x60 [ 294.800644] do_syscall_64+0xcf/0x110 [ 294.804438] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 294.809615] [ 294.811233] Uninit was stored to memory at: [ 294.815797] kmsan_internal_chain_origin+0x136/0x240 [ 294.820895] __msan_chain_origin+0x6d/0xb0 [ 294.825129] __save_stack_trace+0x8be/0xc60 [ 294.829450] save_stack_trace+0xc6/0x110 [ 294.833510] kmsan_internal_chain_origin+0x136/0x240 [ 294.838612] kmsan_memcpy_origins+0x13d/0x190 [ 294.843101] __msan_memcpy+0x6f/0x80 [ 294.846812] skb_copy_bits+0x1d2/0xc90 [ 294.850694] skb_copy+0x56c/0xba0 [ 294.854144] sctp_make_reassembled_event+0xcbe/0x1210 [ 294.859332] sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 294.864689] sctp_ulpq_tail_data+0xa0b/0x1450 [ 294.869178] sctp_do_sm+0x4415/0x9c50 [ 294.872977] sctp_assoc_bh_rcv+0x66a/0xd90 [ 294.877202] sctp_inq_push+0x300/0x420 [ 294.881085] sctp_backlog_rcv+0x1c2/0x560 [ 294.885226] __release_sock+0x32d/0x750 [ 294.889194] release_sock+0x99/0x2a0 [ 294.892906] inet_shutdown+0x49f/0x600 [ 294.896788] __se_sys_shutdown+0x28b/0x3e0 [ 294.901013] __x64_sys_shutdown+0x3e/0x60 [ 294.905159] do_syscall_64+0xcf/0x110 [ 294.908958] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 294.914133] [ 294.915753] Uninit was stored to memory at: [ 294.920071] kmsan_internal_chain_origin+0x136/0x240 [ 294.925169] __msan_chain_origin+0x6d/0xb0 [ 294.929407] __save_stack_trace+0x8be/0xc60 [ 294.933725] save_stack_trace+0xc6/0x110 [ 294.937784] kmsan_internal_chain_origin+0x136/0x240 [ 294.942884] kmsan_memcpy_origins+0x13d/0x190 [ 294.947376] __msan_memcpy+0x6f/0x80 [ 294.951085] skb_copy_bits+0x1d2/0xc90 [ 294.954969] skb_copy+0x56c/0xba0 [ 294.958415] sctp_make_reassembled_event+0xcbe/0x1210 [ 294.963603] sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 294.968960] sctp_ulpq_tail_data+0xa0b/0x1450 [ 294.973451] sctp_do_sm+0x4415/0x9c50 [ 294.977243] sctp_assoc_bh_rcv+0x66a/0xd90 [ 294.981481] sctp_inq_push+0x300/0x420 [ 294.985850] sctp_backlog_rcv+0x1c2/0x560 [ 294.989994] __release_sock+0x32d/0x750 [ 294.993963] release_sock+0x99/0x2a0 [ 294.997683] inet_shutdown+0x49f/0x600 [ 295.001574] __se_sys_shutdown+0x28b/0x3e0 [ 295.005810] __x64_sys_shutdown+0x3e/0x60 [ 295.009955] do_syscall_64+0xcf/0x110 [ 295.013750] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 295.018923] [ 295.020537] Uninit was stored to memory at: [ 295.024866] kmsan_internal_chain_origin+0x136/0x240 [ 295.029965] __msan_chain_origin+0x6d/0xb0 [ 295.034196] __save_stack_trace+0x8be/0xc60 [ 295.038514] save_stack_trace+0xc6/0x110 [ 295.042578] kmsan_internal_chain_origin+0x136/0x240 [ 295.047677] kmsan_memcpy_origins+0x13d/0x190 [ 295.052169] __msan_memcpy+0x6f/0x80 [ 295.055879] skb_copy_bits+0x1d2/0xc90 [ 295.059761] skb_copy+0x56c/0xba0 [ 295.063207] sctp_make_reassembled_event+0xcbe/0x1210 [ 295.068391] sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 295.073750] sctp_ulpq_tail_data+0xa0b/0x1450 [ 295.078241] sctp_do_sm+0x4415/0x9c50 [ 295.082038] sctp_assoc_bh_rcv+0x66a/0xd90 [ 295.086268] sctp_inq_push+0x300/0x420 [ 295.090151] sctp_backlog_rcv+0x1c2/0x560 [ 295.094295] __release_sock+0x32d/0x750 [ 295.098265] release_sock+0x99/0x2a0 [ 295.101974] inet_shutdown+0x49f/0x600 [ 295.105856] __se_sys_shutdown+0x28b/0x3e0 [ 295.110086] __x64_sys_shutdown+0x3e/0x60 [ 295.114227] do_syscall_64+0xcf/0x110 [ 295.118021] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 295.123198] [ 295.124816] Uninit was stored to memory at: [ 295.129135] kmsan_internal_chain_origin+0x136/0x240 [ 295.134233] __msan_chain_origin+0x6d/0xb0 [ 295.138467] __save_stack_trace+0x8be/0xc60 [ 295.142785] save_stack_trace+0xc6/0x110 [ 295.146842] kmsan_internal_chain_origin+0x136/0x240 [ 295.151938] kmsan_memcpy_origins+0x13d/0x190 [ 295.156426] __msan_memcpy+0x6f/0x80 [ 295.160152] skb_copy_bits+0x1d2/0xc90 [ 295.164031] skb_copy+0x56c/0xba0 [ 295.167490] sctp_make_reassembled_event+0xcbe/0x1210 [ 295.172674] sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 295.178041] sctp_ulpq_tail_data+0xa0b/0x1450 [ 295.182530] sctp_do_sm+0x4415/0x9c50 [ 295.186331] sctp_assoc_bh_rcv+0x66a/0xd90 [ 295.190566] sctp_inq_push+0x300/0x420 [ 295.194447] sctp_backlog_rcv+0x1c2/0x560 [ 295.198592] __release_sock+0x32d/0x750 [ 295.202562] release_sock+0x99/0x2a0 [ 295.206277] inet_shutdown+0x49f/0x600 [ 295.210251] __se_sys_shutdown+0x28b/0x3e0 [ 295.214476] __x64_sys_shutdown+0x3e/0x60 [ 295.218618] do_syscall_64+0xcf/0x110 [ 295.222413] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 295.227589] [ 295.229205] Uninit was stored to memory at: [ 295.233524] kmsan_internal_chain_origin+0x136/0x240 [ 295.238628] __msan_chain_origin+0x6d/0xb0 [ 295.242861] __save_stack_trace+0x8be/0xc60 [ 295.247176] save_stack_trace+0xc6/0x110 [ 295.251232] kmsan_internal_chain_origin+0x136/0x240 [ 295.256331] kmsan_memcpy_origins+0x13d/0x190 [ 295.260819] __msan_memcpy+0x6f/0x80 [ 295.264530] skb_copy_bits+0x1d2/0xc90 [ 295.268418] skb_copy+0x56c/0xba0 [ 295.271870] sctp_make_reassembled_event+0xcbe/0x1210 [ 295.277051] sctp_ulpq_retrieve_reassembled+0xbae/0xe50 [ 295.282407] sctp_ulpq_tail_data+0xa0b/0x1450 [ 295.286893] sctp_do_sm+0x4415/0x9c50 [ 295.290691] sctp_assoc_bh_rcv+0x66a/0xd90 [ 295.294922] sctp_inq_push+0x300/0x420 [ 295.298802] sctp_backlog_rcv+0x1c2/0x560 [ 295.302948] __release_sock+0x32d/0x750 [ 295.306913] release_sock+0x99/0x2a0 [ 295.310620] inet_shutdown+0x49f/0x600 [ 295.314504] __se_sys_shutdown+0x28b/0x3e0 [ 295.318731] __x64_sys_shutdown+0x3e/0x60 [ 295.322957] do_syscall_64+0xcf/0x110 [ 295.326756] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 295.331930] [ 295.333556] Local variable description: ----_ip6@ipv6_find_hdr [ 295.339512] Variable was created at: [ 295.343230] ipv6_find_hdr+0xc6/0x1940 [ 295.347114] ip_vs_fill_iph_skb+0x5b3/0xa10 [ 295.400562] capability: warning: `syz-executor0' uses deprecated v2 capabilities in a way that may be insecure 18:15:26 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000480)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r0, 0xc02c5625, &(0x7f0000000180)={0xf0f000}) 18:15:26 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip6_mr_cache\x00') lseek(r0, 0x3, 0x0) 18:15:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316200717070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="020b000007000000000021002d54036205001800000c9a0200000000001000e0c99f3d653c00f0ffaba499df000000400000000000000000"], 0x38}}, 0x0) sendmmsg(r1, &(0x7f0000000180), 0x20, 0x0) 18:15:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f00000004c0), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @pic={0x0, 0x4}}) fcntl$getown(0xffffffffffffffff, 0x9) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f00000002c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x484b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x680}) ioctl$KVM_RUN(r2, 0xae80, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001d80)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x14) syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_DOORUNLOCK(0xffffffffffffffff, 0x5381) 18:15:26 executing program 3: mmap(&(0x7f00005a1000/0x200000)=nil, 0x200000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x3) 18:15:27 executing program 0: syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x0) r0 = epoll_create1(0x0) flock(r0, 0x6) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/4\x00') readv(r1, &(0x7f0000f46000)=[{&(0x7f0000949000)=""/101, 0xb6}], 0x1) 18:15:27 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000008380)=[{{&(0x7f0000000000)=@in={0x2, 0x4e22, @dev}, 0x80, &(0x7f0000001180), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1400000000000000000000000100000000001000"], 0x14}}], 0x1, 0x0) connect$inet6(r0, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x4000000000001cb, 0x0) 18:15:27 executing program 3: mmap(&(0x7f00005a1000/0x200000)=nil, 0x200000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x3) 18:15:27 executing program 4: r0 = socket$inet6(0xa, 0x800000001, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23}, 0x1c) listen(r0, 0x4000) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[], 0xfe7c) write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[], 0xffef) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000180)=0x4, 0x4) shutdown(r2, 0x2) 18:15:27 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0xfffffffffffffffd) 18:15:27 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r1, &(0x7f0000000100)="030002773a", 0x5, 0x800000000008000, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10) sendto$inet(r1, &(0x7f0000000040)="0900d13a8e045acfa7bd0000000011000055a6c91fcc70", 0x17, 0x0, &(0x7f0000000080), 0x10) 18:15:27 executing program 0: r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x20000003) set_mempolicy(0x3, &(0x7f0000000080)=0xffffffff, 0x6) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0xf}}, 0x18) 18:15:27 executing program 3: mmap(&(0x7f00005a1000/0x200000)=nil, 0x200000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x3) 18:15:27 executing program 5: unshare(0x2000400) openat$mixer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/mixer\x00', 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) select(0x40, &(0x7f0000000040), &(0x7f0000000080)={0x72}, &(0x7f00000000c0), &(0x7f0000000240)) 18:15:27 executing program 1: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x4, 0x0) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000080)={0x2, 0x0, 0x1}) 18:15:27 executing program 0: r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x20000003) set_mempolicy(0x3, &(0x7f0000000080)=0xffffffff, 0x6) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0xf}}, 0x18) 18:15:27 executing program 3: mmap(&(0x7f00005a1000/0x200000)=nil, 0x200000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x3) 18:15:27 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000000000/0x8000)=nil, 0x8000, 0x4, 0x800000032, 0xffffffffffffffff, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000000)={'icmp6\x00'}, &(0x7f0000000100)=0x1e) 18:15:28 executing program 4: r0 = socket$inet6(0xa, 0x800000001, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23}, 0x1c) listen(r0, 0x4000) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[], 0xfe7c) write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[], 0xffef) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000180)=0x4, 0x4) shutdown(r2, 0x2) 18:15:28 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") r1 = socket(0x20000000000000a, 0x2, 0x0) getsockopt$inet6_int(r1, 0x29, 0x13, &(0x7f0000dbb000), &(0x7f0000329000)=0x4) 18:15:28 executing program 1: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x406000) shmctl$IPC_RMID(r0, 0x0) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0) 18:15:28 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000380)=0x200000000) readv(r1, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/172, 0xac}], 0x10) close(r1) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rfkill\x00', 0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={&(0x7f0000000280), &(0x7f0000000100)}}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r2, 0x1000000000016) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 18:15:28 executing program 0: r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x20000003) set_mempolicy(0x3, &(0x7f0000000080)=0xffffffff, 0x6) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0xf}}, 0x18) [ 297.256608] mmap: syz-executor1 (9731) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. 18:15:28 executing program 5: r0 = socket$kcm(0x10, 0x1000000000000002, 0x0) sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="230000005e0081aee4050c00000f0000709110ecab372942b44ee4a0008bc609f6d8ff", 0x23}], 0x1, &(0x7f00000000c0)}, 0x0) 18:15:28 executing program 2: r0 = semget(0xffffffffffffffff, 0x3, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, &(0x7f0000000040)={0x0, 0x989680}) r1 = semget$private(0x0, 0x1, 0x0) semop(r1, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}], 0x1) semop(0x0, &(0x7f00000001c0)=[{0x0, 0x0, 0x1800}], 0x1) 18:15:28 executing program 0: r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x20000003) set_mempolicy(0x3, &(0x7f0000000080)=0xffffffff, 0x6) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0xf}}, 0x18) 18:15:28 executing program 1: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x406000) shmctl$IPC_RMID(r0, 0x0) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0) 18:15:28 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000480)={0xffffffffffffffff}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f00000004c0)={0x0, 0x4, 0x20, 0x4, 0x800}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r3 = inotify_init1(0x0) r4 = inotify_init() inotify_add_watch(r4, &(0x7f0000000200)='./file0\x00', 0x80000002) inotify_add_watch(r3, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r5 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000100)='./file0\x00') r6 = dup2(r2, r5) r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x0, 0x0) r8 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r8, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000600)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) connect$inet6(r6, &(0x7f0000000140)={0xa, 0x4e23, 0x5, @dev={0xfe, 0x80, [], 0x1c}, 0x7}, 0x1c) mq_timedsend(r7, &(0x7f00000001c0)="699ae565186743717edf4040feff400576d6dacf0a377d05b5ba33d516b583509a97312982f32238c4ffc7ae381310e354cd2552a5912b46867a6b3cec9d6f1495e22f647a7c5e3efbf66593f1c5f2c6de6bcdd35dc5cb9e46a27504a1116618797d81604c723494150a0ae6acbdb988de70d4679f34fb02040c8684e78327a52dcf7318d2145dc9d531d57d24ea4baf03a0bafed35623c3f5c7a33b8b4ef817948ebcdb9d6a72eb2c7289e9e914c639bf8112a250d6b8ed0de625b8943181ae827a8b42c56f6e1bf2ecf4a0f7", 0xcd, 0x800, &(0x7f0000000100)={r9, r10+30000000}) connect$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x88d9, @loopback}, 0x1c) mq_open(&(0x7f00000000c0)='/dev/vsock\x00', 0x0, 0x0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x80000001}) clock_gettime(0x0, &(0x7f0000000300)) sendmsg$can_bcm(r5, &(0x7f0000000440)={&(0x7f00000002c0), 0x10, &(0x7f00000003c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="010000c0010000000000006003000000b752cc7450387cebb763ceb4839cff7ff7c36da46b9bad7214c113c0c3abe4d578dbbe49d2567e7dc2d1b358a9df4dfb5d2699ef5a8a80042330ac020ab21fabe3e7c0bb59ef2853c833cd47c38a45cd93d7675ae3af2727126d5cefc806000000ba188e225fef5cdb12d728eed89e347e41ce4add63f866b79f4910b3f8b7ccf90c53f5a03bcae7ca6386c65702e00c3c018d1b32792dcbe716ba7fff65b8ba4971ec00fd7965b1d39479e0abf55f00000000000000000000000000000000000000000000000000000000000000"], 0x1}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000340)=ANY=[@ANYBLOB="736563757269747900000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000667869d4f0b66a652ccf8c22e742c707c71fc6494af41d53f0187fa567ab75"], 0x1) 18:15:28 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000040)=@filter={'filter\x00', 0xe, 0x2, 0x258, [0x0, 0x20000600, 0x20000630, 0x20000788], 0x1a0, &(0x7f0000000000), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @link_local, [], 0xf8, 0xf8, 0x128, [@ipvs={'ipvs\x00', 0x28, {{@ipv4=@remote}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'dumm\\0\x00', 'lo\x00', 'rose0\x00', "467dac2e895fc5d400000000a85f00", @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2d0) 18:15:28 executing program 2: r0 = semget(0xffffffffffffffff, 0x3, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, &(0x7f0000000040)={0x0, 0x989680}) r1 = semget$private(0x0, 0x1, 0x0) semop(r1, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}], 0x1) semop(0x0, &(0x7f00000001c0)=[{0x0, 0x0, 0x1800}], 0x1) [ 298.052812] xt_ipvs: protocol family 7 not supported 18:15:29 executing program 4: r0 = socket$inet6(0xa, 0x800000001, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23}, 0x1c) listen(r0, 0x4000) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[], 0xfe7c) write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[], 0xffef) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000180)=0x4, 0x4) shutdown(r2, 0x2) 18:15:29 executing program 3: r0 = semget(0xffffffffffffffff, 0x3, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, &(0x7f0000000040)={0x0, 0x989680}) r1 = semget$private(0x0, 0x1, 0x0) semop(r1, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}], 0x1) semop(0x0, &(0x7f00000001c0)=[{0x0, 0x0, 0x1800}], 0x1) 18:15:29 executing program 1: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x406000) shmctl$IPC_RMID(r0, 0x0) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0) 18:15:29 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) unshare(0x600) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000080)="fda22e7289a272097e7b8aa4faea2d49", 0x10) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f00000000c0)="8d9bba6c3ac860541cbc5db00e213a80", 0x10) [ 298.319929] not chained 60000 origins [ 298.323789] CPU: 0 PID: 9771 Comm: syz-executor4 Not tainted 4.20.0-rc3+ #89 [ 298.330986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.340344] Call Trace: [ 298.342935] [ 298.345109] dump_stack+0x32d/0x480 [ 298.348770] kmsan_internal_chain_origin+0x222/0x240 [ 298.353917] ? save_stack_trace+0xc6/0x110 [ 298.358166] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 298.363284] ? kmsan_internal_chain_origin+0x90/0x240 [ 298.368502] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 298.373982] ? in_task_stack+0x12c/0x210 [ 298.378063] ? get_stack_info+0x206/0x220 [ 298.382233] __msan_chain_origin+0x6d/0xb0 [ 298.386487] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 298.391864] __save_stack_trace+0x8be/0xc60 [ 298.396202] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 298.401611] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 298.406994] save_stack_trace+0xc6/0x110 [ 298.411074] kmsan_internal_chain_origin+0x136/0x240 [ 298.416194] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 298.421589] ? kmsan_internal_chain_origin+0x136/0x240 [ 298.426880] ? kmsan_memcpy_origins+0x13d/0x190 [ 298.431569] ? __msan_memcpy+0x6f/0x80 [ 298.435472] ? sctp_copy_local_addr_list+0x324/0x660 [ 298.440588] ? sctp_copy_one_addr+0x200/0xc10 [ 298.445100] ? sctp_bind_addr_copy+0x243/0x910 [ 298.449696] ? sctp_assoc_set_bind_addr_from_ep+0x21b/0x280 [ 298.455425] ? sctp_sf_do_5_1B_init+0xcbe/0x1c50 [ 298.460193] ? sctp_do_sm+0x2c8/0x9c50 [ 298.464096] ? sctp_endpoint_bh_rcv+0xd6e/0x1020 [ 298.468861] ? sctp_inq_push+0x300/0x420 [ 298.472919] ? sctp_rcv+0x42f2/0x4e40 [ 298.476716] ? sctp6_rcv+0x41/0x70 [ 298.480253] ? ip6_input_finish+0xb53/0x2450 [ 298.484655] ? ip6_input+0x29d/0x340 [ 298.488365] ? ip6_rcv_finish+0x4d2/0x710 [ 298.492508] ? ipv6_rcv+0x34b/0x3f0 [ 298.496134] ? process_backlog+0x82b/0x11e0 [ 298.500448] ? net_rx_action+0x98f/0x1d50 [ 298.504591] ? __do_softirq+0x721/0xc7f [ 298.508569] ? do_softirq_own_stack+0x49/0x80 [ 298.513062] ? __local_bh_enable_ip+0x228/0x260 [ 298.517734] ? local_bh_enable+0x36/0x40 [ 298.521789] ? ip6_finish_output2+0x1b1a/0x22d0 [ 298.526457] ? ip6_finish_output+0xc13/0xca0 [ 298.530857] ? ip6_output+0x5e4/0x720 [ 298.534655] ? ip6_xmit+0x216d/0x26a0 [ 298.538449] ? sctp_v6_xmit+0x57b/0x650 [ 298.542422] ? sctp_packet_transmit+0x3f66/0x43c0 [ 298.547258] ? sctp_outq_flush+0x9b8/0x5c50 [ 298.551590] ? sctp_outq_uncork+0xd0/0xf0 [ 298.555761] ? sctp_do_sm+0x94bb/0x9c50 [ 298.559728] ? sctp_primitive_ASSOCIATE+0x172/0x1a0 [ 298.564741] ? sctp_sendmsg_to_asoc+0xbb2/0x2210 [ 298.569490] ? sctp_sendmsg+0x3fae/0x6820 [ 298.573632] ? inet_sendmsg+0x4e9/0x800 [ 298.577603] ? __sys_sendto+0x940/0xb80 [ 298.581581] ? __se_sys_sendto+0x107/0x130 [ 298.585826] ? __x64_sys_sendto+0x6e/0x90 [ 298.589967] ? do_syscall_64+0xcf/0x110 [ 298.593941] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 298.599310] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 298.604677] kmsan_memcpy_origins+0x13d/0x190 [ 298.609280] __msan_memcpy+0x6f/0x80 [ 298.612995] sctp_copy_local_addr_list+0x324/0x660 [ 298.617930] sctp_copy_one_addr+0x200/0xc10 [ 298.622260] sctp_bind_addr_copy+0x243/0x910 [ 298.626689] sctp_assoc_set_bind_addr_from_ep+0x21b/0x280 [ 298.632231] sctp_sf_do_5_1B_init+0xcbe/0x1c50 [ 298.636830] sctp_do_sm+0x2c8/0x9c50 [ 298.640561] ? sctp_sf_pdiscard+0x230/0x230 [ 298.644894] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 298.650254] ? sctp_epaddr_lookup_transport+0x7f5/0x9b0 [ 298.655614] ? sctp_inq_pop+0x148c/0x18b0 [ 298.659847] ? __msan_get_context_state+0x9/0x20 [ 298.664685] ? sctp_auth_recv_cid+0xc8/0x390 [ 298.669096] sctp_endpoint_bh_rcv+0xd6e/0x1020 [ 298.673687] ? sctp_endpoint_is_peeled_off+0x240/0x240 [ 298.678965] sctp_inq_push+0x300/0x420 [ 298.682856] sctp_rcv+0x42f2/0x4e40 [ 298.686513] sctp6_rcv+0x41/0x70 [ 298.689891] ? sctp_inet6addr_event+0xbd0/0xbd0 [ 298.694570] ip6_input_finish+0xb53/0x2450 [ 298.698824] ? ip6_input_finish+0x13e1/0x2450 [ 298.703324] ip6_input+0x29d/0x340 [ 298.706865] ? ip6_input+0x340/0x340 [ 298.710580] ? ip6_sublist_rcv+0x1ab0/0x1ab0 [ 298.714982] ip6_rcv_finish+0x4d2/0x710 [ 298.718957] ipv6_rcv+0x34b/0x3f0 [ 298.722411] ? dst_hold+0x5e0/0x5e0 [ 298.726035] process_backlog+0x82b/0x11e0 [ 298.730182] ? ip6_rcv_finish+0x710/0x710 [ 298.734334] ? rps_trigger_softirq+0x2e0/0x2e0 [ 298.738910] net_rx_action+0x98f/0x1d50 [ 298.742892] ? net_tx_action+0xf20/0xf20 [ 298.746946] __do_softirq+0x721/0xc7f [ 298.750749] ? smp_reschedule_interrupt+0x1b8/0x670 [ 298.755769] do_softirq_own_stack+0x49/0x80 [ 298.760078] [ 298.762311] __local_bh_enable_ip+0x228/0x260 [ 298.766811] local_bh_enable+0x36/0x40 [ 298.770693] ip6_finish_output2+0x1b1a/0x22d0 [ 298.775203] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 298.780571] ? ip6_mtu+0x289/0x330 [ 298.784110] ip6_finish_output+0xc13/0xca0 [ 298.788375] ip6_output+0x5e4/0x720 [ 298.792007] ? ip6_output+0x720/0x720 [ 298.795807] ? ac6_seq_show+0x200/0x200 [ 298.799776] ip6_xmit+0x216d/0x26a0 [ 298.803422] ? ip6_xmit+0x26a0/0x26a0 [ 298.807220] sctp_v6_xmit+0x57b/0x650 [ 298.811021] ? __sctp_v6_cmp_addr+0x850/0x850 [ 298.815746] sctp_packet_transmit+0x3f66/0x43c0 [ 298.820447] sctp_outq_flush+0x9b8/0x5c50 [ 298.824597] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 298.829963] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 298.835431] sctp_outq_uncork+0xd0/0xf0 [ 298.839406] sctp_do_sm+0x94bb/0x9c50 [ 298.843227] ? kmsan_set_origin+0x7f/0x100 [ 298.847463] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 298.852908] ? flex_array_get+0x2a0/0x360 [ 298.857063] sctp_primitive_ASSOCIATE+0x172/0x1a0 [ 298.861910] sctp_sendmsg_to_asoc+0xbb2/0x2210 [ 298.866493] ? kmsan_memcpy_origins+0x111/0x190 [ 298.871180] sctp_sendmsg+0x3fae/0x6820 [ 298.875178] ? sctp_getsockopt+0x186f0/0x186f0 [ 298.879755] inet_sendmsg+0x4e9/0x800 [ 298.883562] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 298.888920] ? sctp_sendmsg+0x1040/0x6820 [ 298.893068] ? inet_getname+0x490/0x490 [ 298.897039] __sys_sendto+0x940/0xb80 [ 298.900851] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 298.906294] ? prepare_exit_to_usermode+0x182/0x4c0 [ 298.911591] __se_sys_sendto+0x107/0x130 [ 298.915660] __x64_sys_sendto+0x6e/0x90 [ 298.919630] do_syscall_64+0xcf/0x110 [ 298.923429] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 298.928708] RIP: 0033:0x457569 [ 298.931894] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 298.950795] RSP: 002b:00007f79462dac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 298.958500] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 298.965761] RDX: 0000000000000001 RSI: 0000000020e33fe0 RDI: 0000000000000004 [ 298.973026] RBP: 000000000072bf00 R08: 000000002005ffe4 R09: 000000000000001c [ 298.980287] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f79462db6d4 [ 298.987873] R13: 00000000004c3c1d R14: 00000000004d5e98 R15: 00000000ffffffff [ 298.995150] Uninit was stored to memory at: [ 298.999474] kmsan_internal_chain_origin+0x136/0x240 [ 299.004578] __msan_chain_origin+0x6d/0xb0 [ 299.008821] __save_stack_trace+0x8be/0xc60 [ 299.013148] save_stack_trace+0xc6/0x110 [ 299.017205] kmsan_internal_chain_origin+0x136/0x240 [ 299.022312] kmsan_memcpy_origins+0x13d/0x190 [ 299.026808] __msan_memcpy+0x6f/0x80 [ 299.030527] sctp_copy_local_addr_list+0x324/0x660 [ 299.035458] sctp_copy_one_addr+0x200/0xc10 [ 299.039778] sctp_bind_addr_copy+0x243/0x910 [ 299.044199] sctp_assoc_set_bind_addr_from_ep+0x21b/0x280 [ 299.049730] sctp_sf_do_5_1B_init+0xcbe/0x1c50 [ 299.054313] sctp_do_sm+0x2c8/0x9c50 [ 299.058024] sctp_endpoint_bh_rcv+0xd6e/0x1020 [ 299.062598] sctp_inq_push+0x300/0x420 [ 299.066477] sctp_rcv+0x42f2/0x4e40 [ 299.070100] sctp6_rcv+0x41/0x70 [ 299.073464] ip6_input_finish+0xb53/0x2450 [ 299.077702] ip6_input+0x29d/0x340 [ 299.081233] ip6_rcv_finish+0x4d2/0x710 [ 299.085205] ipv6_rcv+0x34b/0x3f0 [ 299.088653] process_backlog+0x82b/0x11e0 [ 299.092796] net_rx_action+0x98f/0x1d50 [ 299.096767] __do_softirq+0x721/0xc7f [ 299.100559] [ 299.102174] Uninit was stored to memory at: [ 299.106506] kmsan_internal_chain_origin+0x136/0x240 [ 299.111604] __msan_chain_origin+0x6d/0xb0 [ 299.115832] __save_stack_trace+0x8be/0xc60 [ 299.120148] save_stack_trace+0xc6/0x110 [ 299.124207] kmsan_internal_chain_origin+0x136/0x240 [ 299.129303] kmsan_memcpy_origins+0x13d/0x190 [ 299.133793] __msan_memcpy+0x6f/0x80 [ 299.137503] sctp_copy_local_addr_list+0x324/0x660 [ 299.142424] sctp_copy_one_addr+0x200/0xc10 [ 299.146739] sctp_bind_addr_copy+0x243/0x910 [ 299.151144] sctp_assoc_set_bind_addr_from_ep+0x21b/0x280 [ 299.156674] sctp_sf_do_5_1B_init+0xcbe/0x1c50 [ 299.161249] sctp_do_sm+0x2c8/0x9c50 [ 299.164960] sctp_endpoint_bh_rcv+0xd6e/0x1020 [ 299.169535] sctp_inq_push+0x300/0x420 [ 299.173421] sctp_rcv+0x42f2/0x4e40 [ 299.177041] sctp6_rcv+0x41/0x70 [ 299.180401] ip6_input_finish+0xb53/0x2450 [ 299.184628] ip6_input+0x29d/0x340 [ 299.188248] ip6_rcv_finish+0x4d2/0x710 [ 299.192218] ipv6_rcv+0x34b/0x3f0 [ 299.195666] process_backlog+0x82b/0x11e0 [ 299.199812] net_rx_action+0x98f/0x1d50 [ 299.203781] __do_softirq+0x721/0xc7f [ 299.207570] [ 299.209182] Uninit was stored to memory at: [ 299.213501] kmsan_internal_chain_origin+0x136/0x240 [ 299.218599] __msan_chain_origin+0x6d/0xb0 [ 299.222916] __save_stack_trace+0x8be/0xc60 [ 299.227228] save_stack_trace+0xc6/0x110 [ 299.231284] kmsan_internal_chain_origin+0x136/0x240 [ 299.236380] kmsan_memcpy_origins+0x13d/0x190 [ 299.240869] __msan_memcpy+0x6f/0x80 [ 299.244580] sctp_copy_local_addr_list+0x324/0x660 [ 299.249505] sctp_copy_one_addr+0x200/0xc10 [ 299.253822] sctp_bind_addr_copy+0x243/0x910 [ 299.258317] sctp_assoc_set_bind_addr_from_ep+0x21b/0x280 [ 299.263852] sctp_sf_do_5_1B_init+0xcbe/0x1c50 [ 299.268429] sctp_do_sm+0x2c8/0x9c50 [ 299.272140] sctp_endpoint_bh_rcv+0xd6e/0x1020 [ 299.276714] sctp_inq_push+0x300/0x420 [ 299.280594] sctp_rcv+0x42f2/0x4e40 [ 299.284216] sctp6_rcv+0x41/0x70 [ 299.287578] ip6_input_finish+0xb53/0x2450 [ 299.291810] ip6_input+0x29d/0x340 [ 299.295342] ip6_rcv_finish+0x4d2/0x710 [ 299.299322] ipv6_rcv+0x34b/0x3f0 [ 299.302772] process_backlog+0x82b/0x11e0 [ 299.306922] net_rx_action+0x98f/0x1d50 [ 299.310886] __do_softirq+0x721/0xc7f [ 299.314676] [ 299.316290] Uninit was stored to memory at: [ 299.320610] kmsan_internal_chain_origin+0x136/0x240 [ 299.325709] __msan_chain_origin+0x6d/0xb0 [ 299.329936] __save_stack_trace+0x8be/0xc60 [ 299.334251] save_stack_trace+0xc6/0x110 [ 299.338315] kmsan_internal_chain_origin+0x136/0x240 [ 299.343414] kmsan_memcpy_origins+0x13d/0x190 [ 299.347899] __msan_memcpy+0x6f/0x80 [ 299.351608] sctp_copy_local_addr_list+0x324/0x660 [ 299.356530] sctp_copy_one_addr+0x200/0xc10 [ 299.360850] sctp_bind_addr_copy+0x243/0x910 [ 299.365257] sctp_assoc_set_bind_addr_from_ep+0x21b/0x280 [ 299.370785] sctp_sf_do_5_1B_init+0xcbe/0x1c50 [ 299.375363] sctp_do_sm+0x2c8/0x9c50 [ 299.379071] sctp_endpoint_bh_rcv+0xd6e/0x1020 [ 299.383646] sctp_inq_push+0x300/0x420 [ 299.387539] sctp_rcv+0x42f2/0x4e40 [ 299.391170] sctp6_rcv+0x41/0x70 [ 299.394535] ip6_input_finish+0xb53/0x2450 [ 299.398783] ip6_input+0x29d/0x340 [ 299.402322] ip6_rcv_finish+0x4d2/0x710 [ 299.406293] ipv6_rcv+0x34b/0x3f0 [ 299.409746] process_backlog+0x82b/0x11e0 [ 299.413889] net_rx_action+0x98f/0x1d50 [ 299.417854] __do_softirq+0x721/0xc7f [ 299.421654] [ 299.423271] Uninit was stored to memory at: [ 299.427597] kmsan_internal_chain_origin+0x136/0x240 [ 299.432698] __msan_chain_origin+0x6d/0xb0 [ 299.436925] __save_stack_trace+0x8be/0xc60 [ 299.441239] save_stack_trace+0xc6/0x110 [ 299.445293] kmsan_internal_chain_origin+0x136/0x240 [ 299.450390] kmsan_memcpy_origins+0x13d/0x190 [ 299.454880] __msan_memcpy+0x6f/0x80 [ 299.458588] sctp_copy_local_addr_list+0x324/0x660 [ 299.463524] sctp_copy_one_addr+0x200/0xc10 [ 299.467847] sctp_bind_addr_copy+0x243/0x910 [ 299.472268] sctp_assoc_set_bind_addr_from_ep+0x21b/0x280 [ 299.477795] sctp_sf_do_5_1B_init+0xcbe/0x1c50 [ 299.482377] sctp_do_sm+0x2c8/0x9c50 [ 299.486086] sctp_endpoint_bh_rcv+0xd6e/0x1020 [ 299.490662] sctp_inq_push+0x300/0x420 [ 299.494554] sctp_rcv+0x42f2/0x4e40 [ 299.498173] sctp6_rcv+0x41/0x70 [ 299.501881] ip6_input_finish+0xb53/0x2450 [ 299.506112] ip6_input+0x29d/0x340 [ 299.509733] ip6_rcv_finish+0x4d2/0x710 [ 299.513714] ipv6_rcv+0x34b/0x3f0 [ 299.517164] process_backlog+0x82b/0x11e0 [ 299.521303] net_rx_action+0x98f/0x1d50 [ 299.525269] __do_softirq+0x721/0xc7f [ 299.529056] [ 299.530669] Uninit was stored to memory at: [ 299.534998] kmsan_internal_chain_origin+0x136/0x240 [ 299.540096] __msan_chain_origin+0x6d/0xb0 [ 299.544329] __save_stack_trace+0x8be/0xc60 [ 299.548648] save_stack_trace+0xc6/0x110 [ 299.552715] kmsan_internal_chain_origin+0x136/0x240 [ 299.557819] kmsan_memcpy_origins+0x13d/0x190 [ 299.562311] __msan_memcpy+0x6f/0x80 [ 299.566022] sctp_copy_local_addr_list+0x324/0x660 [ 299.570944] sctp_copy_one_addr+0x200/0xc10 [ 299.575269] sctp_bind_addr_copy+0x243/0x910 [ 299.579675] sctp_assoc_set_bind_addr_from_ep+0x21b/0x280 [ 299.585204] sctp_sf_do_5_1B_init+0xcbe/0x1c50 [ 299.589782] sctp_do_sm+0x2c8/0x9c50 [ 299.593497] sctp_endpoint_bh_rcv+0xd6e/0x1020 [ 299.598071] sctp_inq_push+0x300/0x420 [ 299.601954] sctp_rcv+0x42f2/0x4e40 [ 299.605579] sctp6_rcv+0x41/0x70 [ 299.608939] ip6_input_finish+0xb53/0x2450 [ 299.613166] ip6_input+0x29d/0x340 [ 299.616699] ip6_rcv_finish+0x4d2/0x710 [ 299.620671] ipv6_rcv+0x34b/0x3f0 [ 299.624117] process_backlog+0x82b/0x11e0 [ 299.628269] net_rx_action+0x98f/0x1d50 [ 299.632239] __do_softirq+0x721/0xc7f [ 299.636025] [ 299.637641] Uninit was stored to memory at: [ 299.641958] kmsan_internal_chain_origin+0x136/0x240 [ 299.647056] __msan_chain_origin+0x6d/0xb0 [ 299.651289] __save_stack_trace+0x8be/0xc60 [ 299.655606] save_stack_trace+0xc6/0x110 [ 299.659662] kmsan_internal_chain_origin+0x136/0x240 [ 299.664764] kmsan_memcpy_origins+0x13d/0x190 [ 299.669250] __msan_memcpy+0x6f/0x80 [ 299.672961] sctp_copy_local_addr_list+0x324/0x660 [ 299.677880] sctp_copy_one_addr+0x200/0xc10 [ 299.682196] sctp_bind_addr_copy+0x243/0x910 [ 299.686602] sctp_assoc_set_bind_addr_from_ep+0x21b/0x280 [ 299.692129] sctp_sf_do_5_1B_init+0xcbe/0x1c50 [ 299.696707] sctp_do_sm+0x2c8/0x9c50 [ 299.700411] sctp_endpoint_bh_rcv+0xd6e/0x1020 [ 299.704982] sctp_inq_push+0x300/0x420 [ 299.708861] sctp_rcv+0x42f2/0x4e40 [ 299.712484] sctp6_rcv+0x41/0x70 [ 299.715848] ip6_input_finish+0xb53/0x2450 [ 299.720077] ip6_input+0x29d/0x340 [ 299.723627] ip6_rcv_finish+0x4d2/0x710 [ 299.727593] ipv6_rcv+0x34b/0x3f0 [ 299.731051] process_backlog+0x82b/0x11e0 [ 299.735196] net_rx_action+0x98f/0x1d50 [ 299.739163] __do_softirq+0x721/0xc7f [ 299.742945] [ 299.744570] Local variable description: ----target.i.i@nf_nat_inet_fn [ 299.751133] Variable was created at: [ 299.754842] nf_nat_inet_fn+0xaf/0x1290 [ 299.758820] nf_nat_ipv6_out+0x501/0xba0 18:15:30 executing program 3: r0 = semget(0xffffffffffffffff, 0x3, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, &(0x7f0000000040)={0x0, 0x989680}) r1 = semget$private(0x0, 0x1, 0x0) semop(r1, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}], 0x1) semop(0x0, &(0x7f00000001c0)=[{0x0, 0x0, 0x1800}], 0x1) 18:15:30 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) add_key(&(0x7f0000000040)='.dead\x00', &(0x7f0000000100), &(0x7f00000001c0), 0x0, 0x0) 18:15:30 executing program 2: r0 = semget(0xffffffffffffffff, 0x3, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, &(0x7f0000000040)={0x0, 0x989680}) r1 = semget$private(0x0, 0x1, 0x0) semop(r1, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}], 0x1) semop(0x0, &(0x7f00000001c0)=[{0x0, 0x0, 0x1800}], 0x1) 18:15:31 executing program 1: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x406000) shmctl$IPC_RMID(r0, 0x0) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0) 18:15:31 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) setresgid(0x0, 0x0, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1) 18:15:31 executing program 3: r0 = semget(0xffffffffffffffff, 0x3, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, &(0x7f0000000040)={0x0, 0x989680}) r1 = semget$private(0x0, 0x1, 0x0) semop(r1, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}], 0x1) semop(0x0, &(0x7f00000001c0)=[{0x0, 0x0, 0x1800}], 0x1) 18:15:31 executing program 2: r0 = semget(0xffffffffffffffff, 0x3, 0x0) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, &(0x7f0000000040)={0x0, 0x989680}) r1 = semget$private(0x0, 0x1, 0x0) semop(r1, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}], 0x1) semop(0x0, &(0x7f00000001c0)=[{0x0, 0x0, 0x1800}], 0x1) 18:15:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) rt_sigtimedwait(&(0x7f0000000040)={0x12}, &(0x7f0000000180), &(0x7f0000000100), 0x8) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)) [ 300.244268] ucma_write: process 417 (syz-executor4) changed security contexts after opening file descriptor, this is not allowed. 18:15:31 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'veth1_to_bond:\x00', &(0x7f00000000c0)=@ethtool_ringparam={0x11}}) close(r2) close(r1) 18:15:31 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000cd0fc8)={0x0, 0x0, &(0x7f0000ca6000)={&(0x7f0000e05000)={0x2, 0xd, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x4}, @sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@rand_addr, @in6=@mcast2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[], [], @dev}}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}}}]}, 0xc0}}, 0x0) 18:15:31 executing program 0: r0 = socket(0x40000000015, 0x805, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000300)="0a5c2d0240316285717070") getsockopt(r0, 0x114, 0x271d, &(0x7f0000000000)=""/13, &(0x7f0000000140)=0xd) 18:15:31 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000000)={0x1d, r1}, 0x10) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000140)=0xeadc, 0x4) write(r0, &(0x7f0000000400)="c4e1f64e08c456a36447bc9e5c17326a", 0x10) 18:15:31 executing program 2: socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2}, 0x2c) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000040)="6c6f00966fd651b159a9c84a2c60d29800000020") 18:15:31 executing program 4: r0 = socket$inet6(0xa, 0x800000806, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000240)="0022040009a70a84ff448dc978ff1ce7b306feffffffff144e0000ff000207835eebf116b208feef4eef097b4f31da7f162436e71baf234b4ff8b4cc4c39cfd992af8cbb2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff2335ce778de4a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f394ea4e2540019ccbd9f6672837496d00ad7765abaac2ec0f91c88a1ea1ffcc0d17792febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb034199cc5a75b2aa653792cfdf4344114349c847e0500bc226a85abe6eb60cd7c0f248132afb0e03123165f8162cad5f8d103d38c31c7c86d1600000000", 0x118) 18:15:31 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'vcan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000005700)={&(0x7f0000000000), 0xc, &(0x7f00000056c0)={&(0x7f0000000080)=@setlink={0x34, 0x13, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_IFNAME={0x14, 0x4, 'C\x00\x00\x001\x00'}]}, 0x34}}, 0x0) 18:15:32 executing program 1: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) splice(r1, 0x0, r0, 0x0, 0xfffffffffffffffc, 0x0) 18:15:32 executing program 2: socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2}, 0x2c) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000040)="6c6f00966fd651b159a9c84a2c60d29800000020") 18:15:32 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f7, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000140)=@ethtool_eeprom}) 18:15:32 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={"6d616ec700004000000000000000008200", 0x2, [{}, {}]}, 0x48) 18:15:32 executing program 3: r0 = socket$kcm(0x10, 0x800000000002, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e00000018008100e00f80ecdb4cb9040a4865160b000000d4126efb120009000e00da1b40d819a9060000000000", 0x2e}], 0x1, &(0x7f00000013c0)}, 0x0) [ 301.166335] netlink: 'syz-executor5': attribute type 4 has an invalid length. [ 301.232388] netlink: 'syz-executor5': attribute type 4 has an invalid length. 18:15:32 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) clone(0x7ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) exit_group(0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="8b", 0x1) recvmmsg(r1, &(0x7f0000006100)=[{{&(0x7f0000000100)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000300), 0x0, &(0x7f0000000340)=""/120, 0x6f}}], 0x400000000000653, 0x0, 0x0) 18:15:32 executing program 2: socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2}, 0x2c) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000040)="6c6f00966fd651b159a9c84a2c60d29800000020") 18:15:32 executing program 1: socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x7e, &(0x7f0000000140)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4001, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x608}, {[@timestamp={0x8, 0x40, 0x0, 0x0, 0x0, [{[@rand_addr]}, {[@multicast2]}, {[@multicast1]}, {}, {[@loopback]}, {[@broadcast]}, {[@multicast1]}, {[@dev]}]}]}}}}}}}, &(0x7f0000000040)) 18:15:32 executing program 5: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) stat(&(0x7f0000000400)='./file1\x00', &(0x7f0000000540)) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x1, 0x0, [{0x1, 0x0, 0x6}]}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000240)='TRUE', 0x4, 0x0) 18:15:32 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000340)=@broute={'broute\x00', 0x25, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x0, &(0x7f0000000080), &(0x7f0000000100)=[{}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x1}]}, 0x108) 18:15:32 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffc000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x4b564d03, 0x1, 0x40000073]}) [ 301.800185] kernel msg: ebtables bug: please report to author: Valid hook without chain 18:15:32 executing program 2: socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2}, 0x2c) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000040)="6c6f00966fd651b159a9c84a2c60d29800000020") 18:15:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0xff) sendto$inet(r0, &(0x7f0000000900), 0x0, 0x20000800, &(0x7f0000deaff0), 0x10) 18:15:33 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) clone(0x7ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) exit_group(0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="8b", 0x1) recvmmsg(r1, &(0x7f0000006100)=[{{&(0x7f0000000100)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000300), 0x0, &(0x7f0000000340)=""/120, 0x6f}}], 0x400000000000653, 0x0, 0x0) 18:15:33 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000340)=@broute={'broute\x00', 0x25, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x0, &(0x7f0000000080), &(0x7f0000000100)=[{}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x1}]}, 0x108) 18:15:33 executing program 0: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x0) ioctl$UI_GET_VERSION(r0, 0x8004552d, &(0x7f00000000c0)) 18:15:33 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r1 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_CROP(r1, 0xc038563c, &(0x7f0000000040)={0x0, 0x8}) 18:15:33 executing program 1: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3, 0x1}) ioctl$INOTIFY_IOC_SETNEXTWD(0xffffffffffffffff, 0x40044900, 0x3ff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 302.194111] kernel msg: ebtables bug: please report to author: Valid hook without chain 18:15:33 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000340)=@broute={'broute\x00', 0x25, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x0, &(0x7f0000000080), &(0x7f0000000100)=[{}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x1}]}, 0x108) 18:15:33 executing program 0: r0 = socket(0x2, 0x6, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000000eff4)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)) [ 302.548775] kernel msg: ebtables bug: please report to author: Valid hook without chain 18:15:33 executing program 5: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) stat(&(0x7f0000000400)='./file1\x00', &(0x7f0000000540)) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x1, 0x0, [{0x1, 0x0, 0x6}]}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000240)='TRUE', 0x4, 0x0) 18:15:33 executing program 2: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4003}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 18:15:33 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) clone(0x7ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) exit_group(0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="8b", 0x1) recvmmsg(r1, &(0x7f0000006100)=[{{&(0x7f0000000100)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000300), 0x0, &(0x7f0000000340)=""/120, 0x6f}}], 0x400000000000653, 0x0, 0x0) 18:15:33 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000340)=@broute={'broute\x00', 0x25, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x0, &(0x7f0000000080), &(0x7f0000000100)=[{}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x1}]}, 0x108) [ 302.919420] kernel msg: ebtables bug: please report to author: Valid hook without chain 18:15:34 executing program 0: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) stat(&(0x7f0000000400)='./file1\x00', &(0x7f0000000540)) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x1, 0x0, [{0x1, 0x0, 0x6}]}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000240)='TRUE', 0x4, 0x0) 18:15:34 executing program 2: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4003}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 18:15:34 executing program 1: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3, 0x1}) ioctl$INOTIFY_IOC_SETNEXTWD(0xffffffffffffffff, 0x40044900, 0x3ff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:34 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = memfd_create(&(0x7f0000000100)='}\x00', 0x0) ftruncate(r1, 0x100) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x4, 0x2012, r1, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) 18:15:34 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) clone(0x7ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) exit_group(0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="8b", 0x1) recvmmsg(r1, &(0x7f0000006100)=[{{&(0x7f0000000100)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000300), 0x0, &(0x7f0000000340)=""/120, 0x6f}}], 0x400000000000653, 0x0, 0x0) 18:15:34 executing program 2: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4003}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 18:15:34 executing program 3: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x8000000000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x5, 0x5, 0x7, 0x9}, 0x2c) socketpair$inet6(0xa, 0x0, 0x0, &(0x7f00000000c0)) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x1ff, 0x4, 0x100000001, 0x0, r0}, 0x59) 18:15:35 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)=@ipv4_newroute={0x1c, 0x18, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9effffff, 0x5}}, 0x1c}}, 0x0) 18:15:35 executing program 5: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) stat(&(0x7f0000000400)='./file1\x00', &(0x7f0000000540)) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x1, 0x0, [{0x1, 0x0, 0x6}]}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000240)='TRUE', 0x4, 0x0) 18:15:35 executing program 2: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4003}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 18:15:35 executing program 0: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) stat(&(0x7f0000000400)='./file1\x00', &(0x7f0000000540)) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x1, 0x0, [{0x1, 0x0, 0x6}]}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000240)='TRUE', 0x4, 0x0) 18:15:35 executing program 1: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3, 0x1}) ioctl$INOTIFY_IOC_SETNEXTWD(0xffffffffffffffff, 0x40044900, 0x3ff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:35 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x200000000000002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_buf(r1, 0x6, 0x0, &(0x7f00000001c0)="ae74a0e7", 0x4) 18:15:35 executing program 3: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) r2 = socket$vsock_dgram(0x28, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000240)) 18:15:35 executing program 2: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000180)="240000005a001f0000ff0307180000000913171408000300001b09ff07ff020001000000", 0x24) 18:15:35 executing program 5: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) stat(&(0x7f0000000400)='./file1\x00', &(0x7f0000000540)) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x1, 0x0, [{0x1, 0x0, 0x6}]}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000240)='TRUE', 0x4, 0x0) [ 304.717105] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. 18:15:35 executing program 3: ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x0, 0xffffffffffffff9c}) mlock(&(0x7f0000001000/0x4000)=nil, 0x4000) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 18:15:36 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x3, 0x4, 0x800000000000004, 0xfffffffffffffffd, 0x0, 0x1}, 0x2c) 18:15:36 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/sockstat\x00') pread64(r1, &(0x7f00000002c0), 0x37f, 0x0) 18:15:36 executing program 3: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000180)='/dev/md0\x00', 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) 18:15:36 executing program 0: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) stat(&(0x7f0000000400)='./file1\x00', &(0x7f0000000540)) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)={0x1, 0x0, [{0x1, 0x0, 0x6}]}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000240)='TRUE', 0x4, 0x0) 18:15:36 executing program 4: r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000040)=""/31, 0x1f) getdents64(r0, &(0x7f0000000200)=""/54, 0xff3d) 18:15:36 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$inet6(0xa, 0x100000000002, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x6}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0xfd90, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) write$binfmt_script(r1, &(0x7f0000000100)={'#! ', './file0'}, 0xb) 18:15:36 executing program 1: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3, 0x1}) ioctl$INOTIFY_IOC_SETNEXTWD(0xffffffffffffffff, 0x40044900, 0x3ff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000004f000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="26410f300f01c90f06643e400f01c9420f758e000000002ef3400fb8e566baf80cb8ac8abd80ef66bafc0cedd2fe0f01ca66ba4000ec", 0x36}], 0x1, 0x0, &(0x7f0000000180), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xc1, 0x0, &(0x7f0000000140), 0x1000000000000055) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x80000000}, &(0x7f0000000180)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:15:36 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f0000000180), 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)="2e12fa6d3c3f07d5f683895884851f119a560e10e644ac31a18a14639be0a779e064e7195eceb0921866146e97e3d467cb085e50f33b327fd752ba40ef7b339200ba656ca891df09e5af02e0a22d95247d13c8063e0cf86a05e1682f3b5a0bee7296a961fc7e3a99caa6981ae9f0be2b37e8b62026981229e8fabb7a98440460a2e9", 0x82, 0x0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) recvmsg(r0, &(0x7f0000000700)={&(0x7f0000000100)=@l2, 0x80, &(0x7f0000000580)=[{&(0x7f0000000300)=""/161, 0xa1}], 0x1, &(0x7f0000000600)=""/232, 0xe8}, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='veno\x00', 0x24f) shutdown(r0, 0x1) 18:15:36 executing program 4: socket$packet(0x11, 0x0, 0x300) r0 = socket$packet(0x11, 0x3, 0x300) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fcntl$lock(r0, 0x24, &(0x7f0000000300)={0x0, 0x2}) 18:15:36 executing program 2: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f000000ffd8)={'vcan0\x00', 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000001500), 0x0, 0x0, &(0x7f0000001600)) sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000007ff0)={0x1d, r1}, 0x10, &(0x7f0000000040)={&(0x7f000000afb8)={0x1, 0x3, 0x1, {0x0, 0x2710}, {0x0, 0x7530}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "8e15adecfc04aba1"}}, 0x48}}, 0x0) 18:15:37 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r2 = getpid() ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000002c0)=r2) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0xffffffffffffffff]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x6478c8501c739e53, 0x120, 0x0, 0x4f) 18:15:37 executing program 2: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f000000ffd8)={'vcan0\x00', 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000001500), 0x0, 0x0, &(0x7f0000001600)) sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000007ff0)={0x1d, r1}, 0x10, &(0x7f0000000040)={&(0x7f000000afb8)={0x1, 0x3, 0x1, {0x0, 0x2710}, {0x0, 0x7530}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "8e15adecfc04aba1"}}, 0x48}}, 0x0) 18:15:37 executing program 4: socket$packet(0x11, 0x0, 0x300) r0 = socket$packet(0x11, 0x3, 0x300) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fcntl$lock(r0, 0x24, &(0x7f0000000300)={0x0, 0x2}) 18:15:37 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f0000000180), 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)="2e12fa6d3c3f07d5f683895884851f119a560e10e644ac31a18a14639be0a779e064e7195eceb0921866146e97e3d467cb085e50f33b327fd752ba40ef7b339200ba656ca891df09e5af02e0a22d95247d13c8063e0cf86a05e1682f3b5a0bee7296a961fc7e3a99caa6981ae9f0be2b37e8b62026981229e8fabb7a98440460a2e9", 0x82, 0x0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) recvmsg(r0, &(0x7f0000000700)={&(0x7f0000000100)=@l2, 0x80, &(0x7f0000000580)=[{&(0x7f0000000300)=""/161, 0xa1}], 0x1, &(0x7f0000000600)=""/232, 0xe8}, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='veno\x00', 0x24f) shutdown(r0, 0x1) 18:15:37 executing program 0: r0 = socket$inet_sctp(0x2, 0x5, 0x84) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0xa) 18:15:37 executing program 2: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f000000ffd8)={'vcan0\x00', 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000001500), 0x0, 0x0, &(0x7f0000001600)) sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000007ff0)={0x1d, r1}, 0x10, &(0x7f0000000040)={&(0x7f000000afb8)={0x1, 0x3, 0x1, {0x0, 0x2710}, {0x0, 0x7530}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "8e15adecfc04aba1"}}, 0x48}}, 0x0) 18:15:37 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000000340)=ANY=[@ANYBLOB="05000000000000000d000040050000a900000000000000000000004000000040010000000000000025000000fff0ffff04040000000000000a00000006ed"]) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008601000000000000003140"]) 18:15:37 executing program 4: socket$packet(0x11, 0x0, 0x300) r0 = socket$packet(0x11, 0x3, 0x300) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fcntl$lock(r0, 0x24, &(0x7f0000000300)={0x0, 0x2}) 18:15:37 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f0000000180), 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)="2e12fa6d3c3f07d5f683895884851f119a560e10e644ac31a18a14639be0a779e064e7195eceb0921866146e97e3d467cb085e50f33b327fd752ba40ef7b339200ba656ca891df09e5af02e0a22d95247d13c8063e0cf86a05e1682f3b5a0bee7296a961fc7e3a99caa6981ae9f0be2b37e8b62026981229e8fabb7a98440460a2e9", 0x82, 0x0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) recvmsg(r0, &(0x7f0000000700)={&(0x7f0000000100)=@l2, 0x80, &(0x7f0000000580)=[{&(0x7f0000000300)=""/161, 0xa1}], 0x1, &(0x7f0000000600)=""/232, 0xe8}, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='veno\x00', 0x24f) shutdown(r0, 0x1) 18:15:37 executing program 0: r0 = socket$inet6(0xa, 0x80001, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={@mcast1, 0x0, r1}) [ 306.964010] kvm_pmu: event creation failed -2 18:15:38 executing program 2: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f000000ffd8)={'vcan0\x00', 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000001500), 0x0, 0x0, &(0x7f0000001600)) sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000007ff0)={0x1d, r1}, 0x10, &(0x7f0000000040)={&(0x7f000000afb8)={0x1, 0x3, 0x1, {0x0, 0x2710}, {0x0, 0x7530}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "8e15adecfc04aba1"}}, 0x48}}, 0x0) 18:15:38 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r2 = getpid() ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000002c0)=r2) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0xffffffffffffffff]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x6478c8501c739e53, 0x120, 0x0, 0x4f) 18:15:38 executing program 4: socket$packet(0x11, 0x0, 0x300) r0 = socket$packet(0x11, 0x3, 0x300) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fcntl$lock(r0, 0x24, &(0x7f0000000300)={0x0, 0x2}) 18:15:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000005c0)=ANY=[@ANYBLOB="020000000000000000000080010100000200000062ed0000000000001f0000000000000000000000000000000000000001"]) 18:15:38 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f0000000180), 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)="2e12fa6d3c3f07d5f683895884851f119a560e10e644ac31a18a14639be0a779e064e7195eceb0921866146e97e3d467cb085e50f33b327fd752ba40ef7b339200ba656ca891df09e5af02e0a22d95247d13c8063e0cf86a05e1682f3b5a0bee7296a961fc7e3a99caa6981ae9f0be2b37e8b62026981229e8fabb7a98440460a2e9", 0x82, 0x0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) recvmsg(r0, &(0x7f0000000700)={&(0x7f0000000100)=@l2, 0x80, &(0x7f0000000580)=[{&(0x7f0000000300)=""/161, 0xa1}], 0x1, &(0x7f0000000600)=""/232, 0xe8}, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='veno\x00', 0x24f) shutdown(r0, 0x1) 18:15:38 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000100)={0x56ad, 0x11, 0x1, 0xffffffffffffffff}) mmap(&(0x7f0000008000/0x1000)=nil, 0x1000, 0x0, 0x6012, r1, 0x0) 18:15:38 executing program 2: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc040565e, &(0x7f0000000040)={0x9, 0x2}) 18:15:38 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_procfs(0x0, &(0x7f0000000080)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424ada75af1f02acc7edbcd7a071fb35331ce39c5a00000000") fsetxattr(r1, &(0x7f0000000280)=@known='user.syz\x00', &(0x7f00000002c0)="2f0409004bddd9de91be10eebf000ee9a90f798058439ed554af1f02acc7edbcd7a071fb35331ce39c5a0000000000000000080000000000000000000aaad955a3c93f9d248b46a7c99eb35b406bf918ff01739e56187b2db8f1074424745271062042fb3808186e0a837132f9108c583073a4ca94b3e4e58717fe2b659fa3903c7b73bd66b83f5ecc0a7361257896883f1b43ff4ec0a1e336b92f705461af0b60825a7834ffd0a7339d85c51b8db7b4c0e4f40953dd2d9f2110f04c9fdf8489eaa996", 0xc3, 0x0) fremovexattr(r1, &(0x7f0000000000)=@known='user.syz\x00') 18:15:38 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000100)={0x56ad, 0x11, 0x1, 0xffffffffffffffff}) mmap(&(0x7f0000008000/0x1000)=nil, 0x1000, 0x0, 0x6012, r1, 0x0) 18:15:38 executing program 0: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f0000000000)=@md0='/dev/md0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='nfs\x00', 0x0, 0x0) 18:15:39 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) r1 = socket$kcm(0x2b, 0x1, 0x0) r2 = socket$kcm(0xa, 0x1, 0x0) sendmsg$kcm(r2, &(0x7f0000000700)={&(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @dev, 0xc}, 0x80, &(0x7f0000000480), 0x0, &(0x7f0000000740)}, 0x20004040) dup3(r1, r2, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000180)={'ip6gretap0\x00', @random="01003a1e2410"}) 18:15:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xa1) 18:15:39 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000100)={0x56ad, 0x11, 0x1, 0xffffffffffffffff}) mmap(&(0x7f0000008000/0x1000)=nil, 0x1000, 0x0, 0x6012, r1, 0x0) 18:15:39 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r2 = getpid() ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000002c0)=r2) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0xffffffffffffffff]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x6478c8501c739e53, 0x120, 0x0, 0x4f) 18:15:39 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bind$alg(r0, &(0x7f0000002640)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(twofish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001400)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) 18:15:39 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xc812, r0, 0x0) futex(&(0x7f0000000100), 0x88, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000000140), 0x0) 18:15:39 executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc1205531, &(0x7f0000000100)) 18:15:39 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000100)={0x56ad, 0x11, 0x1, 0xffffffffffffffff}) mmap(&(0x7f0000008000/0x1000)=nil, 0x1000, 0x0, 0x6012, r1, 0x0) 18:15:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @pic={0x0, 0x4}}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[], 0x0, 0x680}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:15:39 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = perf_event_open(&(0x7f00004e7000)={0x2, 0x70, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000040)="63707526307c7c090000010000019cd30e35a01d3d040a1c60666f8dcc6d5c76fd2e9e7c626b31deea1b0d3b8184872d58b62cc5b4223726b5797482fb1d83f82e2d2000000028e9604401695c8d6c866c68a8fc80de2c4b74f423c55d593bc13676f9890906be2aaa26bd1678518ef3d61afdd00427799b7ce4b70845ed9780731957b75bf0253e4d4df598be5e3d7121a60f70013200bbbe9d5835af657010520b26afa8247f3756ed4c4a34cf0701d5540acac2865fc1ce8ded62538de97482f4317a7772e66f88e5e3e7476378c0914901000000010000004b9ee55ba00a0f04a6b07345298ad052c3c12c62201c2349527a36fe4a7edad75ffe1fe586b1787526fbf2bfe87f9193ab05003485866c8d000000000000000000000000000000") 18:15:39 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xc812, r0, 0x0) futex(&(0x7f0000000100), 0x88, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000000140), 0x0) 18:15:39 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) fcntl$lock(r0, 0x5, &(0x7f0000001680)={0x0, 0x1, 0x0, 0x5}) sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffe4e, 0x0, &(0x7f00000000c0)={0x2, 0x0, @empty, [0x40000000]}, 0x6) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000001700)) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000001740)) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000001800)=ANY=[], 0x0) 18:15:40 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) sendmmsg$alg(r1, &(0x7f00000035c0)=[{0x0, 0x0, &(0x7f0000003540)=[{&(0x7f0000001300)="fd0734b296a7b62d2f873c4cd20ac9170e88c9eab14516821ab33095f8190fbb2038393221a87136cc14cd1c2d5292e834055f86d9d4b54dafc9ab6e1a3b9e88267ec74bc24fe4440e09056b119b98b6d3b8f3f0aac195b1a3e4753136fc6c04026d3bd79c5e131a5c9cf2dde967d0063ee6945ddca0876dde106d4e871ff589b7e2423d3ef6eab23de4d722d8adfcb8ddbd39658d51d9f2854ac195604456088a5c59d67239e8c35559abb8b4b82aab2173e6656d88c261055dc9c87307be4a281134e0c4f176e12481ee20689dce99f5ba41ddecbc00f61f53bb3aa74c31f468f82b76666b35c7fda60ea34288ef3e7269ef432ded8753a42959aecf3c4cdbf12f3c0b7b588caa049312f0f2d0ef77a1e9ffff8669d9b6cf8a830a9cbfb9be74a64e14e5587f4ae03d29d986b30d1daa1fabea4dc606079ebc250eb804ed81f6aef39bb4df4ce8f0cf0ea22652699ed2fe5c1246fb29a2269e9270ba1db765afea31703b6dfa7aa94bdceccac6380f8cd6827947f44aa68f2563b5612980110f7bc73f10b437caaab718dcd2d433f7af23641ae303ba8407227bc0d44dd89ebc287b1b9792c844aad26550fa1bcb23520b5ea526e4e073097c9d270d71430e64a2350f246067d70cd4610711f07afeb731f7a73b0b950e26c339d55a88ab57a1d1d31739e5764e60f5e5f5f20bd94b092ab3951248438d56c7e9648b13f431b7d7fdfb9e394eda7bdc64f40125090f9e6d8af50ce9f7b097c903f7934fecca3ecc65776a38544f395b7e43cde6e3666a1b5fd586fdc5a35bbadfa63727bad3e5ee61e05a7befd742740e0f6d89e3fa5a6dbd4d4a4eaee9b191f17f8e92aa66a507b0f3bafc29582963ea647a8434c6ed79d5e3b652ef152ddae0d506da825848c609a422b92a17bb5d419108f312b4176f02a114c601e69456253218715d5976776f266ac747c88d0d8e8d5b6d03ac56b01825dd2c446c2920049c4c661fce908ee3fb033afe3c10fc59878ede7882f5f8ff11afabce46e77923e926067932e1f96f359d25bdd3f3fde5118256418915da36616912d7fc98218b4639491364a8630025cefa0b98e6017f9e1cb5bf16a49d3c6a83619a543844a5d7fcc06f3120d34e4fe782ca1b3185e96c9561e8e1857faa51346a2f74a3f596258fffdb4c5f9691c540bcc4c34a695d212f27662d3dd5328fcee2cf93019c22dd4cb965d429967838a5d6f9b27cc381e3507d094c50a507375d93b3f9e2ad6d87233442a86c3c8dba3c359ccf5356b3668813f82c78f4b0576b29c0c9d3e06cf996f57509620a0bb68061aef2b6a2f84c8481102f57d289b522936a6e661f7d49aa13d3b39688215492d7a6eeb7050ccf638575aca413082bf04ee08e6174b1bbb00eef87fdbd3810c6e77679fdff56f5bd5afe28554614523857a9c5f56fbeba5f5bf5fdb190f6cdf4315781cefe718561056d666f0708270aae6e151583298d0f60c423b9daac61cbeb38a728994cb6c876bf2763187a8a5a7c91f0de6b5b44f441b989b35997e337abb88f6a89eb8931684ae476122ba30e834a1a8a34cde93524581d043ad0d0c81cbd4a706591240255c90342b48b85219d87907c7fbb15323d484819b51d716fb1e3ec5561f03b6d079badc3cb1114b701d9f88a33fdeb8e43e6de1bd9d40bd35a01033de1f0d98379f0cf761f5755042f4a5f84a72287de2fe8b63608c644b14ceb94d25184f8cddfd9c12d6b6bd7a682edd3c897da13aae5debd73aeb72ae51a659ceba205baafc3c307f7ff5e4cd7c7ce0bd023326f671ab474a0c46c7f19802037d384fc1a2762074baecab6d3fa399e80a1d39abeeb81d3fef553020c6109eb7f116e0ab76b87e2b91cb9eb5c0c9a3220214b8372bd41a9a021d24d18b0185085eec47ddd9a35cace64e9bb01f60ea751b1f5cf24d245ccf3487738f99e1a1c301c0ad3ea9ff43bfcbb41a554326371f58f153d8de57287e9d691037308ecb8b81666eb51761b1ecec8c40651db9f2686e2eb877f3a4854fb43559152d17cc52461e8552d12f47123b34d68a2eea2ee029f5fbf3d92e84d1965ef58fd2cfde1c723068b7304e87c385b3d4023d76445ce4140d8a82d108745feba25a70c4351402a7bfe6326a21256b224062254a5e4397d579c9baf24cc261102b6deae85ba84adc86fb6f0774a0b472a798f1284ef875750cda72dfa169dd3cf1e48aba0275586aea2fe43612d7811fd7ff25a42974cf3c32abbc65a0fe07654c9b24483133020784140ccbb6afee7362486705add45f5ac7fdc388f337c5f5bb7b0324d90764f237b302a3fab3cfa519e43a80c2f31b44597e24a6318f4d668a270406a0b9a8edbcb0504a49aeb02511c5def9add972471aae09230a5d2285fa83efd942e9010cd74b8e7852dca0e6ef89fd61b9750582fd18a526a12765d841e31bfabed5e673084c1935ceb90cef1747a9ab38e5e47df1bbdb04d3096ed78afb0d5ba519a2f317b46b0c8bd4b110fcfdda9e63bdb7327668da70d812d308630d97d55a8211b6e302014a0f343466958bb0df8e53e2bd0504ee6d92d80140d6e2bdbfe18c1d8dc499a8606bc43083fa6c5ca9974efed60c14ce3211fa127c928640dc0de83eff97dd97f8a6107dfd5a1a079128ee35452e7a95b812f0ac253b53e079091b0caf2c7a63e3fdbe147152eb1e9d1ce3249eae167b1fe3da190fd5d004c938b41a0bffd036a2c1d35adc2c4af0b728b2ce6114e8846ad45bbbd506acc753f1fcb5ca14e45155dfe0abbe3609e4ca4e6df86dff247fdb4787642466896b9f24cb35b2b1a717f8d67cdb803d9509430a07d74a4be69341b46c222d1647d66536ca4c4333092d9cf1bf85af4ca8b4ffb413486b7b1b68f04c401a0a262a05a6e0a9dc3c85479821830347a98291e7c6b574881daabc30862ba59339e6684b9efc00945b6435436621189be5531469021cc5a01b08477ab0e4cbafe2ee6b3081cd99e6becc4e7eff578d1c52dec7c0af1f95bdb8c952dfe4bb0730a96b34f2634963cacc309d820a58d76343ce3c7c3f617e9019799f4a155ddafb0655eda52112654e0ece825c8df764f9f10efb843e4e07f05ca7ac35e7a0c9489777409331fa2aba427521b44b1ab2cf1e2d6da2653851578db7d87d548d95e65729393ecdd1b350201101c87a9f073c7e08a10a3e82400f9f20e64d598823e365b7319bb9fca2f5940a9c20ece0648143e2f531744eb90156e13c3c27ea144580232c71f7d8b5101fa6f993bbcced270994138bcf1bf63cc9553a7e3958f8eb999c9e8ca6acabe79059c3e20f4f3884aa8180037474d07e86174f3a266f8fe026d050601e1bcfc8c7df7343f685a5dc9cd0c909944f84dc6d2796bf47022a858f50769d2b31314c90caca9cef18ff6dc6251c1480c73c10cfd12efb14e26a184a367bfc5dbb8efc54b3220fb5d98e6ee562b2973c60014b4a139cc47e8809d19c775fd782167d07883a4f94ec081ec692b18ee1bc103f6fd8bd1ae9c73bb6d80a720de6ab8034f074082bbc7b029207494237d64ba0f6420e468c21ac44a817024e1d6a42f2ac4bff6f67991f2cd3000fb0a7f8b46ccb041a7c9f06f548ac4987e0ba5933610473164b32920c1885c27b9a17f6b065d1231f3416d4db4331019d830fa2b08a41a8ee706d3344b63479192e95e196ae73e63376ed05a66b71659ae257f54a4ec123b19f34dc2be5f53f2ccf95401421642b33d338638046afb002c6d66ffa3e1bc161b4bfc8425a59d40811483d529fc94ee75cfb50c884bc29543e70ab10915b8784f514852c2d8e4f6b5e9f7e09136baa04ac2dd2e47179714d50933454d656c01798928c2bfb945cb05447fee727d425d0db0a245fe338c821d7b3f22b1fdb0ba0763f15329eaf0aa646ee3d582a205e7a1352411a460d986d26e768e8b0eef51090a31a19114ea9160dd24bb85af2f8f3aba54f49e8756a875043e9e2ef170d894c30da11b817ba66f5832f8194c8822aeeb8871fa20edcfbb4d8d5c873c60134110c9173e28faf1a3e9d4e34f089e0d9d4bdb6bb78999a205aba5fee49a407e0dfa7c9f60aecb5589023cc43f3401804edcb6cc6402b756259318d18d94173d23d66f4307d6da9441642957be06ae516ac22e9113b35e360a69deed9fe875998ab4efa90010956aae441f52fe10fd19ed43f4af4bc1da52fbbcead99c8dc237977e024688a5e1642166a2773d9a2b3e7be47e99e567113bd26f16330286474e0ab77f94d5f510eed4dec34b96730aadcdf715407acb6f94112334bf8d72675019c13082a98a4f30b1fce23c8fa0c3918ad65119212f2db1065e5546225627b233340814768af082c1631f00a125effca94260805d890122c74dc3eafc6853c9a56ab2399b1b9482f339b1476ceb5c447c032b8d62bf991fd37a8d040d13c7940317ddce38e88994ad8437ebca94dce847fd6ad02925464a602e9673d48665663477fc7855c12970f7a4ff1f2e9fc50b7f9123237618efb2c53c8f31fcd99595583df779f45a45f020698249d5dd4bad085b0e5560166a44902e98c33e114c160d3b06b20e9eb3a74b4fbe2defdf41006b1eb706b083a50ed287654659fab146897769a33e83a893505644402f9675bc1ebfc407df978a53d6de90cc604eec59ff1549d7195fc2247d0904c5f64713b113f7f0789a409f2539e54130a2fba13c1bb39810d367fa33f6854dc8c465b33563d5790747020d0efd0086d1fe51e0f7609b968a6b4d336691ab22468d0150f5fec97b579a75a167f169c73d565b3d664eada5bca24c50f9fcf83513b33da3024f570b7b558f91ff98eb2366dd3b6d70ab549e8551a5ccb5a29227afbf5da91352bde9f6984390e5bd8401875b8eb3071c48a8614b700a939b9a20df3a9be633e134a8ae038dfc4a9cc56767e4155b59a885fa6f042c6cf447cdf2d7f740929af3c4076ab4c6f4d83b64214bc1071c64d6da61bfdc8a18e772fcdf244d074b1b08b8087c579cbab3fd2f44e328a53000710e69c51875023897f6308fdd5e67d99df3c59498f4b2be", 0xe01}], 0x1}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={&(0x7f00000000c0)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, &(0x7f0000fb3fa9)=""/87, 0x251}, 0x0) 18:15:40 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xc812, r0, 0x0) futex(&(0x7f0000000100), 0x88, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000000140), 0x0) 18:15:40 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031628571") bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(xeta)\x00'}, 0x58) r1 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x1f, 0x0, "8c0eb7912a86ff3e23764a3c01af55410c3d3f813a4513a691be997c7ee1235982875b8ae5c27fc73eb383beca956b51a34191ad3a9f70ebee5f1d003dcd4427c273be993dd363cc8f36cc7f609a2371"}, 0xd8) r2 = dup(r1) setsockopt$inet6_tcp_int(r2, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x81, 0x4) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) sendto$inet6(r1, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ftruncate(r3, 0x7fff) sendfile(r2, r3, &(0x7f0000000040), 0x8000fffffffe) 18:15:40 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xc812, r0, 0x0) futex(&(0x7f0000000100), 0x88, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000000140), 0x0) 18:15:40 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r2 = getpid() ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000002c0)=r2) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0xffffffffffffffff]}, 0x10) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x6478c8501c739e53, 0x120, 0x0, 0x4f) 18:15:40 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f00000000c0)=@abs={0x1}, 0x6e) sendmmsg(r0, &(0x7f000000d8c0)=[{}], 0x1, 0x0) recvfrom(r1, &(0x7f0000003540)=""/68, 0x44, 0x0, &(0x7f0000003640)=@hci, 0x707000) 18:15:40 executing program 2: syz_emit_ethernet(0xfdef, &(0x7f0000000080)={@local, @empty=[0x0, 0x0, 0xfeffffff00000000], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0xffffff89, 0x0, @local={0xac, 0x223}, @dev}, @udp={0x0, 0x0, 0x8}}}}}, &(0x7f00000000c0)) 18:15:40 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00') sendmsg$FOU_CMD_GET(r0, &(0x7f0000000580)={&(0x7f00000004c0), 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, r1, 0x401, 0x0, 0x0, {}, [@FOU_ATTR_AF={0x8, 0x2, 0xa}]}, 0x1c}}, 0x0) [ 309.803052] netlink: 'syz-executor4': attribute type 2 has an invalid length. [ 309.843118] netlink: 'syz-executor4': attribute type 2 has an invalid length. 18:15:41 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000040), 0xc, &(0x7f0000058000)={&(0x7f000023f000)=ANY=[@ANYBLOB="84000800000000002c767000ffffffff0000dffc0c00000000000000000000005b65da62290ffc380c2dbfdc5e9f13e1a04810d464fbc3f4c1b4e2bf501fb1bb949869c2984d914d9f04005e4fcd4dd3050bc1700912dbc3080c91745fa158cf0d70309f7f1969136edfd73294c0356675ffff000044f2a432a15b4ce575154fb2040d"], 0x83}}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f000023f000)=ANY=[@ANYBLOB="840000000000000000000000000000000000ffff"], 0x14}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f000023f000)=0xa, 0x20b) 18:15:41 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10, 0x50000007a000000}, 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)="5500000018007f4812fe01b2a4a280930a06000000a84306910000000b00020035000c00060000001900154002000000000000dc1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4faba7d4", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 18:15:41 executing program 2: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000003fc0), &(0x7f0000004000)=0xfffffffffffffeb4) r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x3, 0x4) sendto$inet(r0, &(0x7f0000004000), 0xffec, 0x0, &(0x7f0000002000), 0x10) 18:15:41 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031628571") bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(xeta)\x00'}, 0x58) r1 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x1f, 0x0, "8c0eb7912a86ff3e23764a3c01af55410c3d3f813a4513a691be997c7ee1235982875b8ae5c27fc73eb383beca956b51a34191ad3a9f70ebee5f1d003dcd4427c273be993dd363cc8f36cc7f609a2371"}, 0xd8) r2 = dup(r1) setsockopt$inet6_tcp_int(r2, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x81, 0x4) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) sendto$inet6(r1, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ftruncate(r3, 0x7fff) sendfile(r2, r3, &(0x7f0000000040), 0x8000fffffffe) 18:15:41 executing program 4: r0 = memfd_create(&(0x7f00000002c0)='$@[GPL^^\x00', 0x0) unshare(0x20400) close(r0) bind$vsock_dgram(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @reserved}, 0x10) [ 310.265594] netlink: 'syz-executor3': attribute type 21 has an invalid length. [ 310.273361] netlink: 13 bytes leftover after parsing attributes in process `syz-executor3'. [ 310.282125] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 310.288688] IPv6: NLM_F_CREATE should be set when creating new route [ 310.295379] IPv6: NLM_F_CREATE should be set when creating new route 18:15:41 executing program 2: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000003fc0), &(0x7f0000004000)=0xfffffffffffffeb4) r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x3, 0x4) sendto$inet(r0, &(0x7f0000004000), 0xffec, 0x0, &(0x7f0000002000), 0x10) 18:15:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x400}]}, 0x10) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x300, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000200)='bbr\x00', 0x4) sendto$inet6(r1, &(0x7f0000000280), 0xffffffffffffffee, 0x2000012c, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000]}}, 0x1c) close(r0) 18:15:41 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000000)="360fae08670f01d1b8c80e8ee0f2a566b9af0300000f320fc75ac70f019af5ffba210066ed0fc79e9c5ebaa000b80118ef"}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000080)=ANY=[]) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) [ 310.596788] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 310.732227] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 18:15:41 executing program 4: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x1ffffffffffffff, @remote, 'syz_tun\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r0, 0x80047437, 0xffffffffffffffff) 18:15:41 executing program 2: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000003fc0), &(0x7f0000004000)=0xfffffffffffffeb4) r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x3, 0x4) sendto$inet(r0, &(0x7f0000004000), 0xffec, 0x0, &(0x7f0000002000), 0x10) 18:15:42 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031628571") bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(xeta)\x00'}, 0x58) r1 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x1f, 0x0, "8c0eb7912a86ff3e23764a3c01af55410c3d3f813a4513a691be997c7ee1235982875b8ae5c27fc73eb383beca956b51a34191ad3a9f70ebee5f1d003dcd4427c273be993dd363cc8f36cc7f609a2371"}, 0xd8) r2 = dup(r1) setsockopt$inet6_tcp_int(r2, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x81, 0x4) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) sendto$inet6(r1, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ftruncate(r3, 0x7fff) sendfile(r2, r3, &(0x7f0000000040), 0x8000fffffffe) 18:15:42 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x400}]}, 0x10) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x300, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000200)='bbr\x00', 0x4) sendto$inet6(r1, &(0x7f0000000280), 0xffffffffffffffee, 0x2000012c, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000]}}, 0x1c) close(r0) 18:15:42 executing program 5: r0 = socket(0x40000000000010, 0x80003, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write(r0, &(0x7f0000c05000)="240000001a0025f0046bbc04fef7001c020b49ff00000000801c08000800030001000000", 0x24) [ 311.092263] not chained 70000 origins [ 311.096134] CPU: 1 PID: 10207 Comm: syz-executor1 Not tainted 4.20.0-rc3+ #89 [ 311.103413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.112773] Call Trace: [ 311.115386] dump_stack+0x32d/0x480 [ 311.119034] kmsan_internal_chain_origin+0x222/0x240 [ 311.124157] ? save_stack_trace+0xc6/0x110 [ 311.128394] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 311.133502] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 311.138864] ? __module_address+0x6a/0x5f0 [ 311.143103] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 311.148465] ? is_bpf_text_address+0x49e/0x4d0 [ 311.153046] ? INIT_INT+0xc/0x30 [ 311.156423] __msan_chain_origin+0x6d/0xb0 [ 311.160661] __save_stack_trace+0xaff/0xc60 [ 311.164999] save_stack_trace+0xc6/0x110 [ 311.169066] kmsan_internal_chain_origin+0x136/0x240 [ 311.174168] ? do_syscall_64+0xcf/0x110 [ 311.178164] ? kmsan_internal_chain_origin+0x136/0x240 [ 311.183445] ? kmsan_memcpy_origins+0x13d/0x190 [ 311.188113] ? __msan_memcpy+0x6f/0x80 [ 311.192001] ? skb_copy_bits+0x1d2/0xc90 [ 311.196060] ? skb_copy+0x56c/0xba0 [ 311.199681] ? tcp_send_synack+0x7a3/0x18f0 [ 311.204000] ? tcp_rcv_state_process+0x275d/0x6c60 [ 311.208931] ? tcp_v6_do_rcv+0x112b/0x21b0 [ 311.213237] ? __release_sock+0x32d/0x750 [ 311.217377] ? release_sock+0x99/0x2a0 [ 311.221261] ? __inet_stream_connect+0xdff/0x15d0 [ 311.226100] ? tcp_sendmsg_locked+0x6655/0x6c30 [ 311.230764] ? tcp_sendmsg+0xb2/0x100 [ 311.234573] ? inet_sendmsg+0x4e9/0x800 [ 311.238553] ? __sys_sendto+0x940/0xb80 [ 311.242523] ? __se_sys_sendto+0x107/0x130 [ 311.246762] ? __x64_sys_sendto+0x6e/0x90 [ 311.250903] ? do_syscall_64+0xcf/0x110 [ 311.254879] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 311.260246] ? memcg_kmem_put_cache+0x73/0x460 [ 311.264854] ? __msan_get_context_state+0x9/0x20 [ 311.269606] ? INIT_INT+0xc/0x30 [ 311.272968] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 311.278329] ? __msan_get_context_state+0x9/0x20 [ 311.283088] kmsan_memcpy_origins+0x13d/0x190 [ 311.287588] __msan_memcpy+0x6f/0x80 [ 311.291298] skb_copy_bits+0x1d2/0xc90 [ 311.295212] skb_copy+0x56c/0xba0 [ 311.298680] tcp_send_synack+0x7a3/0x18f0 [ 311.302833] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 311.308307] tcp_rcv_state_process+0x275d/0x6c60 [ 311.313075] ? tcp_connect+0x544e/0x6220 [ 311.317153] tcp_v6_do_rcv+0x112b/0x21b0 [ 311.321224] ? tcp_v6_destroy_sock+0x60/0x60 [ 311.325635] __release_sock+0x32d/0x750 [ 311.329619] release_sock+0x99/0x2a0 [ 311.333335] __inet_stream_connect+0xdff/0x15d0 [ 311.338015] ? wait_woken+0x5b0/0x5b0 [ 311.341820] tcp_sendmsg_locked+0x6655/0x6c30 [ 311.346319] ? aa_label_sk_perm+0xda/0x960 [ 311.350567] ? kmsan_set_origin+0x7f/0x100 [ 311.354808] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 311.360170] ? __msan_poison_alloca+0x1e0/0x270 [ 311.364840] ? __local_bh_enable_ip+0x46/0x260 [ 311.369436] ? __msan_poison_alloca+0x1e0/0x270 [ 311.374103] tcp_sendmsg+0xb2/0x100 [ 311.377730] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 311.382400] inet_sendmsg+0x4e9/0x800 [ 311.386219] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 311.391587] ? security_socket_sendmsg+0x1bd/0x200 [ 311.396533] ? inet_getname+0x490/0x490 [ 311.400517] __sys_sendto+0x940/0xb80 [ 311.404342] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 311.409786] ? prepare_exit_to_usermode+0x182/0x4c0 [ 311.414801] __se_sys_sendto+0x107/0x130 [ 311.418870] __x64_sys_sendto+0x6e/0x90 [ 311.422843] do_syscall_64+0xcf/0x110 [ 311.426646] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 311.431827] RIP: 0033:0x457569 [ 311.435020] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 311.454002] RSP: 002b:00007f43371c3c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 311.461703] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 311.468972] RDX: 00000000000002bd RSI: 0000000020e77fff RDI: 0000000000000004 [ 311.476237] RBP: 000000000072bf00 R08: 00000000208d4fe4 R09: 000000000000001c [ 311.483501] R10: 0000000020000008 R11: 0000000000000246 R12: 00007f43371c46d4 [ 311.490766] R13: 00000000004c3c1d R14: 00000000004d5e98 R15: 00000000ffffffff [ 311.498036] Uninit was stored to memory at: [ 311.502357] kmsan_internal_chain_origin+0x136/0x240 [ 311.507452] __msan_chain_origin+0x6d/0xb0 [ 311.511685] __save_stack_trace+0x8be/0xc60 [ 311.516002] save_stack_trace+0xc6/0x110 [ 311.520056] kmsan_internal_chain_origin+0x136/0x240 [ 311.525153] kmsan_memcpy_origins+0x13d/0x190 [ 311.529639] __msan_memcpy+0x6f/0x80 [ 311.533348] skb_copy_bits+0x1d2/0xc90 [ 311.537249] skb_copy+0x56c/0xba0 [ 311.540693] tcp_send_synack+0x7a3/0x18f0 [ 311.544836] tcp_rcv_state_process+0x275d/0x6c60 [ 311.549583] tcp_v6_do_rcv+0x112b/0x21b0 [ 311.553640] __release_sock+0x32d/0x750 [ 311.557604] release_sock+0x99/0x2a0 [ 311.561318] __inet_stream_connect+0xdff/0x15d0 [ 311.565985] tcp_sendmsg_locked+0x6655/0x6c30 [ 311.570477] tcp_sendmsg+0xb2/0x100 [ 311.574095] inet_sendmsg+0x4e9/0x800 [ 311.577890] __sys_sendto+0x940/0xb80 [ 311.581686] __se_sys_sendto+0x107/0x130 [ 311.585740] __x64_sys_sendto+0x6e/0x90 [ 311.589704] do_syscall_64+0xcf/0x110 [ 311.593500] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 311.598688] [ 311.600305] Uninit was stored to memory at: [ 311.604623] kmsan_internal_chain_origin+0x136/0x240 [ 311.609722] __msan_chain_origin+0x6d/0xb0 [ 311.613950] __save_stack_trace+0x8be/0xc60 [ 311.618264] save_stack_trace+0xc6/0x110 [ 311.622324] kmsan_internal_chain_origin+0x136/0x240 [ 311.627418] kmsan_memcpy_origins+0x13d/0x190 [ 311.631911] __msan_memcpy+0x6f/0x80 [ 311.635622] skb_copy_bits+0x1d2/0xc90 [ 311.639500] skb_copy+0x56c/0xba0 [ 311.642945] tcp_send_synack+0x7a3/0x18f0 [ 311.647086] tcp_rcv_state_process+0x275d/0x6c60 [ 311.651840] tcp_v6_do_rcv+0x112b/0x21b0 [ 311.655896] __release_sock+0x32d/0x750 [ 311.659865] release_sock+0x99/0x2a0 [ 311.663574] __inet_stream_connect+0xdff/0x15d0 [ 311.668238] tcp_sendmsg_locked+0x6655/0x6c30 [ 311.672730] tcp_sendmsg+0xb2/0x100 [ 311.676349] inet_sendmsg+0x4e9/0x800 [ 311.680144] __sys_sendto+0x940/0xb80 [ 311.683939] __se_sys_sendto+0x107/0x130 [ 311.687992] __x64_sys_sendto+0x6e/0x90 [ 311.691955] do_syscall_64+0xcf/0x110 [ 311.695746] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 311.700938] [ 311.702558] Uninit was stored to memory at: [ 311.706875] kmsan_internal_chain_origin+0x136/0x240 [ 311.711973] __msan_chain_origin+0x6d/0xb0 [ 311.716198] __save_stack_trace+0x8be/0xc60 [ 311.720511] save_stack_trace+0xc6/0x110 [ 311.724574] kmsan_internal_chain_origin+0x136/0x240 [ 311.729669] kmsan_memcpy_origins+0x13d/0x190 [ 311.734520] __msan_memcpy+0x6f/0x80 [ 311.738236] skb_copy_bits+0x1d2/0xc90 [ 311.742116] skb_copy+0x56c/0xba0 [ 311.745567] tcp_send_synack+0x7a3/0x18f0 [ 311.749712] tcp_rcv_state_process+0x275d/0x6c60 [ 311.754473] tcp_v6_do_rcv+0x112b/0x21b0 [ 311.758525] __release_sock+0x32d/0x750 [ 311.762496] release_sock+0x99/0x2a0 [ 311.766206] __inet_stream_connect+0xdff/0x15d0 [ 311.770870] tcp_sendmsg_locked+0x6655/0x6c30 [ 311.775357] tcp_sendmsg+0xb2/0x100 [ 311.778976] inet_sendmsg+0x4e9/0x800 [ 311.782774] __sys_sendto+0x940/0xb80 [ 311.786571] __se_sys_sendto+0x107/0x130 [ 311.790623] __x64_sys_sendto+0x6e/0x90 [ 311.794592] do_syscall_64+0xcf/0x110 [ 311.798392] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 311.803574] [ 311.805189] Uninit was stored to memory at: [ 311.809507] kmsan_internal_chain_origin+0x136/0x240 [ 311.814608] __msan_chain_origin+0x6d/0xb0 [ 311.818848] __save_stack_trace+0x8be/0xc60 [ 311.823162] save_stack_trace+0xc6/0x110 [ 311.827215] kmsan_internal_chain_origin+0x136/0x240 [ 311.832316] kmsan_memcpy_origins+0x13d/0x190 [ 311.836805] __msan_memcpy+0x6f/0x80 [ 311.840511] skb_copy_bits+0x1d2/0xc90 [ 311.844398] skb_copy+0x56c/0xba0 [ 311.847849] tcp_send_synack+0x7a3/0x18f0 [ 311.851991] tcp_rcv_state_process+0x275d/0x6c60 [ 311.856742] tcp_v6_do_rcv+0x112b/0x21b0 [ 311.860798] __release_sock+0x32d/0x750 [ 311.864768] release_sock+0x99/0x2a0 [ 311.868475] __inet_stream_connect+0xdff/0x15d0 [ 311.873138] tcp_sendmsg_locked+0x6655/0x6c30 [ 311.877628] tcp_sendmsg+0xb2/0x100 [ 311.881260] inet_sendmsg+0x4e9/0x800 [ 311.885056] __sys_sendto+0x940/0xb80 [ 311.888850] __se_sys_sendto+0x107/0x130 [ 311.892905] __x64_sys_sendto+0x6e/0x90 [ 311.896874] do_syscall_64+0xcf/0x110 [ 311.900668] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 311.905841] [ 311.907455] Uninit was stored to memory at: [ 311.911775] kmsan_internal_chain_origin+0x136/0x240 [ 311.916875] __msan_chain_origin+0x6d/0xb0 [ 311.921103] __save_stack_trace+0x8be/0xc60 [ 311.925421] save_stack_trace+0xc6/0x110 [ 311.929487] kmsan_internal_chain_origin+0x136/0x240 [ 311.934586] kmsan_memcpy_origins+0x13d/0x190 [ 311.939077] __msan_memcpy+0x6f/0x80 [ 311.942788] skb_copy_bits+0x1d2/0xc90 [ 311.946669] skb_copy+0x56c/0xba0 [ 311.950112] tcp_send_synack+0x7a3/0x18f0 [ 311.954257] tcp_rcv_state_process+0x275d/0x6c60 [ 311.959005] tcp_v6_do_rcv+0x112b/0x21b0 [ 311.963062] __release_sock+0x32d/0x750 [ 311.967041] release_sock+0x99/0x2a0 [ 311.970750] __inet_stream_connect+0xdff/0x15d0 [ 311.975411] tcp_sendmsg_locked+0x6655/0x6c30 [ 311.979899] tcp_sendmsg+0xb2/0x100 [ 311.984018] inet_sendmsg+0x4e9/0x800 [ 311.987811] __sys_sendto+0x940/0xb80 [ 311.991612] __se_sys_sendto+0x107/0x130 [ 311.995668] __x64_sys_sendto+0x6e/0x90 [ 311.999638] do_syscall_64+0xcf/0x110 [ 312.003435] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 312.008623] [ 312.010239] Uninit was stored to memory at: [ 312.014560] kmsan_internal_chain_origin+0x136/0x240 [ 312.019655] __msan_chain_origin+0x6d/0xb0 [ 312.023890] __save_stack_trace+0x8be/0xc60 [ 312.028215] save_stack_trace+0xc6/0x110 [ 312.032274] kmsan_internal_chain_origin+0x136/0x240 [ 312.037379] kmsan_memcpy_origins+0x13d/0x190 [ 312.041867] __msan_memcpy+0x6f/0x80 [ 312.045576] skb_copy_bits+0x1d2/0xc90 [ 312.049460] skb_copy+0x56c/0xba0 [ 312.052906] tcp_send_synack+0x7a3/0x18f0 [ 312.057052] tcp_rcv_state_process+0x275d/0x6c60 [ 312.061801] tcp_v6_do_rcv+0x112b/0x21b0 [ 312.065854] __release_sock+0x32d/0x750 [ 312.069820] release_sock+0x99/0x2a0 [ 312.073529] __inet_stream_connect+0xdff/0x15d0 [ 312.078196] tcp_sendmsg_locked+0x6655/0x6c30 [ 312.082686] tcp_sendmsg+0xb2/0x100 [ 312.086312] inet_sendmsg+0x4e9/0x800 [ 312.090107] __sys_sendto+0x940/0xb80 [ 312.093903] __se_sys_sendto+0x107/0x130 [ 312.097956] __x64_sys_sendto+0x6e/0x90 [ 312.101924] do_syscall_64+0xcf/0x110 [ 312.105718] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 312.110892] [ 312.112510] Uninit was stored to memory at: [ 312.116841] kmsan_internal_chain_origin+0x136/0x240 [ 312.121941] __msan_chain_origin+0x6d/0xb0 [ 312.126167] __save_stack_trace+0x8be/0xc60 [ 312.130489] save_stack_trace+0xc6/0x110 [ 312.134550] kmsan_internal_chain_origin+0x136/0x240 [ 312.139646] kmsan_memcpy_origins+0x13d/0x190 [ 312.144135] __msan_memcpy+0x6f/0x80 [ 312.147840] skb_copy_bits+0x1d2/0xc90 [ 312.151721] skb_copy+0x56c/0xba0 [ 312.155255] tcp_send_synack+0x7a3/0x18f0 [ 312.159395] tcp_rcv_state_process+0x275d/0x6c60 [ 312.164148] tcp_v6_do_rcv+0x112b/0x21b0 [ 312.168199] __release_sock+0x32d/0x750 [ 312.172167] release_sock+0x99/0x2a0 [ 312.175876] __inet_stream_connect+0xdff/0x15d0 [ 312.180536] tcp_sendmsg_locked+0x6655/0x6c30 [ 312.185035] tcp_sendmsg+0xb2/0x100 [ 312.188655] inet_sendmsg+0x4e9/0x800 [ 312.192451] __sys_sendto+0x940/0xb80 [ 312.196243] __se_sys_sendto+0x107/0x130 [ 312.200299] __x64_sys_sendto+0x6e/0x90 [ 312.204274] do_syscall_64+0xcf/0x110 [ 312.208071] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 312.213247] [ 312.214867] Local variable description: ----state.i.i@ip6_finish_output2 [ 312.221690] Variable was created at: [ 312.225409] ip6_finish_output2+0x87/0x22d0 [ 312.229725] ip6_finish_output+0xc13/0xca0 18:15:43 executing program 2: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000003fc0), &(0x7f0000004000)=0xfffffffffffffeb4) r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x3, 0x4) sendto$inet(r0, &(0x7f0000004000), 0xffec, 0x0, &(0x7f0000002000), 0x10) 18:15:43 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000000)="360fae08670f01d1b8c80e8ee0f2a566b9af0300000f320fc75ac70f019af5ffba210066ed0fc79e9c5ebaa000b80118ef"}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000080)=ANY=[]) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) 18:15:43 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0]) 18:15:43 executing program 5: r0 = socket(0x40000000000010, 0x80003, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write(r0, &(0x7f0000c05000)="240000001a0025f0046bbc04fef7001c020b49ff00000000801c08000800030001000000", 0x24) [ 312.588704] not chained 80000 origins [ 312.592568] CPU: 0 PID: 10225 Comm: syz-executor3 Not tainted 4.20.0-rc3+ #89 [ 312.599853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 312.609211] Call Trace: [ 312.611821] dump_stack+0x32d/0x480 [ 312.615478] kmsan_internal_chain_origin+0x222/0x240 [ 312.620611] ? kmsan_internal_chain_origin+0x136/0x240 [ 312.625905] ? __msan_chain_origin+0x6d/0xb0 [ 312.630335] ? __save_stack_trace+0x8be/0xc60 [ 312.634848] ? save_stack_trace+0xc6/0x110 [ 312.639103] ? kmsan_internal_chain_origin+0x136/0x240 [ 312.644400] ? kmsan_memcpy_origins+0x13d/0x190 [ 312.649104] ? __msan_memcpy+0x6f/0x80 [ 312.653005] ? fxregs_fixup+0xfd/0x140 [ 312.656907] ? em_fxrstor+0x874/0xa30 [ 312.660733] ? x86_emulate_insn+0x24cf/0xa670 [ 312.665252] ? x86_emulate_instruction+0x12da/0x7a00 [ 312.670374] ? kvm_mmu_page_fault+0xd70/0x2c20 [ 312.674974] ? handle_ept_violation+0x7f1/0x830 [ 312.679663] ? vmx_handle_exit+0x21bd/0xb980 [ 312.684089] ? kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 312.689300] ? kvm_vcpu_ioctl+0xfb1/0x1f90 [ 312.693556] ? do_vfs_ioctl+0xfbc/0x2f70 [ 312.697642] ? __se_sys_ioctl+0x1da/0x270 [ 312.701830] ? __x64_sys_ioctl+0x4a/0x70 [ 312.705909] ? do_syscall_64+0xcf/0x110 [ 312.709910] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 312.715300] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 312.720680] ? __module_address+0x6a/0x5f0 [ 312.724964] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 312.730348] ? is_bpf_text_address+0x49e/0x4d0 [ 312.734954] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 312.740426] ? in_task_stack+0x12c/0x210 [ 312.744514] __msan_chain_origin+0x6d/0xb0 [ 312.748772] ? __x64_sys_ioctl+0x4a/0x70 [ 312.752858] __save_stack_trace+0x8be/0xc60 [ 312.757215] ? __x64_sys_ioctl+0x4a/0x70 [ 312.761327] save_stack_trace+0xc6/0x110 [ 312.765416] kmsan_internal_chain_origin+0x136/0x240 [ 312.770552] ? kmsan_internal_chain_origin+0x136/0x240 [ 312.775844] ? kmsan_memcpy_origins+0x13d/0x190 [ 312.780523] ? __msan_memcpy+0x6f/0x80 [ 312.784433] ? fxregs_fixup+0xfd/0x140 [ 312.788332] ? em_fxrstor+0x874/0xa30 [ 312.792141] ? x86_emulate_insn+0x24cf/0xa670 [ 312.796649] ? x86_emulate_instruction+0x12da/0x7a00 [ 312.801769] ? kvm_mmu_page_fault+0xd70/0x2c20 [ 312.806379] ? handle_ept_violation+0x7f1/0x830 [ 312.811064] ? vmx_handle_exit+0x21bd/0xb980 [ 312.815763] ? kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 312.820968] ? kvm_vcpu_ioctl+0xfb1/0x1f90 [ 312.825217] ? do_vfs_ioctl+0xfbc/0x2f70 [ 312.829293] ? __se_sys_ioctl+0x1da/0x270 [ 312.833458] ? __x64_sys_ioctl+0x4a/0x70 [ 312.837531] ? do_syscall_64+0xcf/0x110 [ 312.841530] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 312.846923] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 312.852213] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 312.857597] ? kmsan_internal_chain_origin+0x136/0x240 [ 312.862896] ? __msan_chain_origin+0x6d/0xb0 [ 312.867321] ? emulator_get_segment+0x7d1/0x850 [ 312.872001] ? linearize+0x4e1/0xe00 [ 312.875729] ? em_fxrstor+0x614/0xa30 [ 312.879554] ? x86_emulate_insn+0x24cf/0xa670 [ 312.884068] ? x86_emulate_instruction+0x12da/0x7a00 [ 312.889190] ? kvm_mmu_page_fault+0xd70/0x2c20 [ 312.893785] ? handle_ept_violation+0x7f1/0x830 [ 312.898474] ? vmx_handle_exit+0x21bd/0xb980 [ 312.902896] ? kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 312.908100] ? kvm_vcpu_ioctl+0xfb1/0x1f90 [ 312.912347] ? do_vfs_ioctl+0xfbc/0x2f70 [ 312.916417] ? __se_sys_ioctl+0x1da/0x270 [ 312.920586] ? __x64_sys_ioctl+0x4a/0x70 [ 312.924663] ? do_syscall_64+0xcf/0x110 [ 312.928667] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 312.934054] kmsan_memcpy_origins+0x13d/0x190 [ 312.938578] __msan_memcpy+0x6f/0x80 [ 312.942308] fxregs_fixup+0xfd/0x140 [ 312.946087] em_fxrstor+0x874/0xa30 [ 312.949786] ? em_fxsave+0x850/0x850 [ 312.953523] x86_emulate_insn+0x24cf/0xa670 [ 312.957887] x86_emulate_instruction+0x12da/0x7a00 [ 312.962840] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 312.968244] kvm_mmu_page_fault+0xd70/0x2c20 [ 312.972685] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 312.978153] ? kvm_requeue_exception+0x53c/0x630 [ 312.983118] ? __vmx_complete_interrupts+0x348/0x7e0 [ 312.988253] ? vmx_handle_exit+0x21bd/0xb980 [ 312.992681] handle_ept_violation+0x7f1/0x830 [ 312.997197] ? handle_desc+0x120/0x120 [ 313.001105] vmx_handle_exit+0x21bd/0xb980 [ 313.005358] ? vmalloc_to_page+0x585/0x6c0 [ 313.010071] ? kmsan_get_shadow_origin_ptr+0x142/0x410 [ 313.015371] ? vmx_flush_tlb_gva+0x480/0x480 [ 313.019807] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 313.024950] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 313.030331] ? update_load_avg+0x12ae/0x1db0 [ 313.034807] ? kmsan_set_origin+0x7f/0x100 [ 313.039060] ? __msan_poison_alloca+0x1e0/0x270 [ 313.043740] ? kmsan_set_origin+0x7f/0x100 [ 313.047996] ? put_pid+0x71/0x410 [ 313.051469] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 313.055815] ? put_pid+0x330/0x410 [ 313.059368] ? get_task_pid+0x19d/0x290 [ 313.063362] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 313.067447] ? do_vfs_ioctl+0x184/0x2f70 [ 313.071521] ? __se_sys_ioctl+0x1da/0x270 [ 313.075691] ? kvm_vm_release+0x90/0x90 [ 313.079686] do_vfs_ioctl+0xfbc/0x2f70 [ 313.083605] ? security_file_ioctl+0x92/0x200 [ 313.088126] __se_sys_ioctl+0x1da/0x270 [ 313.092121] __x64_sys_ioctl+0x4a/0x70 [ 313.096024] do_syscall_64+0xcf/0x110 [ 313.099852] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 313.105056] RIP: 0033:0x457569 [ 313.108263] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 313.127173] RSP: 002b:00007f36711adc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 313.134903] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 313.142178] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 313.149459] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 313.156738] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f36711ae6d4 [ 313.164040] R13: 00000000004c028e R14: 00000000004d06d8 R15: 00000000ffffffff [ 313.171329] Uninit was stored to memory at: [ 313.175669] kmsan_internal_chain_origin+0x136/0x240 [ 313.180786] __msan_chain_origin+0x6d/0xb0 [ 313.185040] __save_stack_trace+0x8be/0xc60 [ 313.189369] save_stack_trace+0xc6/0x110 [ 313.193441] kmsan_internal_chain_origin+0x136/0x240 [ 313.198572] kmsan_memcpy_origins+0x13d/0x190 [ 313.203084] __msan_memcpy+0x6f/0x80 [ 313.206815] fxregs_fixup+0xfd/0x140 [ 313.210553] em_fxrstor+0x874/0xa30 [ 313.214199] x86_emulate_insn+0x24cf/0xa670 [ 313.218552] x86_emulate_instruction+0x12da/0x7a00 [ 313.223505] kvm_mmu_page_fault+0xd70/0x2c20 [ 313.227927] handle_ept_violation+0x7f1/0x830 [ 313.232439] vmx_handle_exit+0x21bd/0xb980 [ 313.236685] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 313.241717] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 313.245795] do_vfs_ioctl+0xfbc/0x2f70 [ 313.249699] __se_sys_ioctl+0x1da/0x270 [ 313.253680] __x64_sys_ioctl+0x4a/0x70 [ 313.257589] do_syscall_64+0xcf/0x110 [ 313.261415] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 313.266608] [ 313.268237] Uninit was stored to memory at: [ 313.272580] kmsan_internal_chain_origin+0x136/0x240 [ 313.277719] __msan_chain_origin+0x6d/0xb0 [ 313.281964] __save_stack_trace+0x8be/0xc60 [ 313.286300] save_stack_trace+0xc6/0x110 [ 313.290376] kmsan_internal_chain_origin+0x136/0x240 [ 313.295493] kmsan_memcpy_origins+0x13d/0x190 [ 313.300006] __msan_memcpy+0x6f/0x80 [ 313.303739] fxregs_fixup+0xfd/0x140 [ 313.307468] em_fxrstor+0x874/0xa30 [ 313.311110] x86_emulate_insn+0x24cf/0xa670 [ 313.315443] x86_emulate_instruction+0x12da/0x7a00 [ 313.320385] kvm_mmu_page_fault+0xd70/0x2c20 [ 313.325587] handle_ept_violation+0x7f1/0x830 [ 313.330183] vmx_handle_exit+0x21bd/0xb980 [ 313.334435] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 313.339463] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 313.343537] do_vfs_ioctl+0xfbc/0x2f70 [ 313.347442] __se_sys_ioctl+0x1da/0x270 [ 313.351422] __x64_sys_ioctl+0x4a/0x70 [ 313.355318] do_syscall_64+0xcf/0x110 [ 313.359142] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 313.364332] [ 313.365963] Uninit was stored to memory at: [ 313.370301] kmsan_internal_chain_origin+0x136/0x240 [ 313.375416] __msan_chain_origin+0x6d/0xb0 [ 313.379665] __save_stack_trace+0x8be/0xc60 [ 313.384082] save_stack_trace+0xc6/0x110 [ 313.388153] kmsan_internal_chain_origin+0x136/0x240 [ 313.393263] kmsan_memcpy_origins+0x13d/0x190 [ 313.397765] __msan_memcpy+0x6f/0x80 [ 313.401490] fxregs_fixup+0xfd/0x140 [ 313.405214] em_fxrstor+0x874/0xa30 [ 313.408854] x86_emulate_insn+0x24cf/0xa670 [ 313.413187] x86_emulate_instruction+0x12da/0x7a00 [ 313.418126] kvm_mmu_page_fault+0xd70/0x2c20 [ 313.422539] handle_ept_violation+0x7f1/0x830 [ 313.427054] vmx_handle_exit+0x21bd/0xb980 [ 313.431299] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 313.436324] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 313.440391] do_vfs_ioctl+0xfbc/0x2f70 [ 313.444288] __se_sys_ioctl+0x1da/0x270 [ 313.448278] __x64_sys_ioctl+0x4a/0x70 [ 313.452208] do_syscall_64+0xcf/0x110 [ 313.456029] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 313.461223] [ 313.462853] Uninit was stored to memory at: [ 313.467190] kmsan_internal_chain_origin+0x136/0x240 [ 313.472311] __msan_chain_origin+0x6d/0xb0 [ 313.476646] __save_stack_trace+0x8be/0xc60 [ 313.480987] save_stack_trace+0xc6/0x110 [ 313.485065] kmsan_internal_chain_origin+0x136/0x240 [ 313.490182] kmsan_memcpy_origins+0x13d/0x190 [ 313.494687] __msan_memcpy+0x6f/0x80 [ 313.498413] fxregs_fixup+0xfd/0x140 [ 313.502141] em_fxrstor+0x874/0xa30 [ 313.505786] x86_emulate_insn+0x24cf/0xa670 [ 313.510134] x86_emulate_instruction+0x12da/0x7a00 [ 313.515085] kvm_mmu_page_fault+0xd70/0x2c20 [ 313.519512] handle_ept_violation+0x7f1/0x830 [ 313.524032] vmx_handle_exit+0x21bd/0xb980 [ 313.528287] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 313.533316] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 313.537387] do_vfs_ioctl+0xfbc/0x2f70 [ 313.541287] __se_sys_ioctl+0x1da/0x270 [ 313.545278] __x64_sys_ioctl+0x4a/0x70 [ 313.549176] do_syscall_64+0xcf/0x110 [ 313.552995] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 313.558186] [ 313.559824] Uninit was stored to memory at: [ 313.564160] kmsan_internal_chain_origin+0x136/0x240 [ 313.569275] __msan_chain_origin+0x6d/0xb0 [ 313.573525] __save_stack_trace+0x8be/0xc60 [ 313.577862] save_stack_trace+0xc6/0x110 [ 313.581944] kmsan_internal_chain_origin+0x136/0x240 [ 313.587144] kmsan_memcpy_origins+0x13d/0x190 [ 313.591651] __msan_memcpy+0x6f/0x80 [ 313.595372] fxregs_fixup+0xfd/0x140 [ 313.599093] em_fxrstor+0x874/0xa30 [ 313.602731] x86_emulate_insn+0x24cf/0xa670 [ 313.607061] x86_emulate_instruction+0x12da/0x7a00 [ 313.612003] kvm_mmu_page_fault+0xd70/0x2c20 [ 313.616423] handle_ept_violation+0x7f1/0x830 [ 313.620933] vmx_handle_exit+0x21bd/0xb980 [ 313.625185] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 313.630215] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 313.634285] do_vfs_ioctl+0xfbc/0x2f70 [ 313.638183] __se_sys_ioctl+0x1da/0x270 [ 313.642165] __x64_sys_ioctl+0x4a/0x70 [ 313.646063] do_syscall_64+0xcf/0x110 [ 313.649877] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 313.655068] [ 313.656703] Uninit was stored to memory at: [ 313.661041] kmsan_internal_chain_origin+0x136/0x240 [ 313.666159] __msan_chain_origin+0x6d/0xb0 [ 313.670404] __save_stack_trace+0x8be/0xc60 [ 313.674743] save_stack_trace+0xc6/0x110 [ 313.678822] kmsan_internal_chain_origin+0x136/0x240 [ 313.683938] kmsan_memcpy_origins+0x13d/0x190 [ 313.688443] __msan_memcpy+0x6f/0x80 [ 313.692166] fxregs_fixup+0xfd/0x140 [ 313.695888] em_fxrstor+0x874/0xa30 [ 313.699526] x86_emulate_insn+0x24cf/0xa670 [ 313.703865] x86_emulate_instruction+0x12da/0x7a00 [ 313.708815] kvm_mmu_page_fault+0xd70/0x2c20 [ 313.713243] handle_ept_violation+0x7f1/0x830 [ 313.717757] vmx_handle_exit+0x21bd/0xb980 [ 313.722011] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 313.727047] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 313.731123] do_vfs_ioctl+0xfbc/0x2f70 [ 313.735024] __se_sys_ioctl+0x1da/0x270 [ 313.739012] __x64_sys_ioctl+0x4a/0x70 [ 313.742919] do_syscall_64+0xcf/0x110 [ 313.746739] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 313.752020] [ 313.753655] Uninit was stored to memory at: [ 313.757994] kmsan_internal_chain_origin+0x136/0x240 [ 313.763114] __msan_chain_origin+0x6d/0xb0 [ 313.767361] __save_stack_trace+0x8be/0xc60 [ 313.771691] save_stack_trace+0xc6/0x110 [ 313.775762] kmsan_internal_chain_origin+0x136/0x240 [ 313.780881] kmsan_memcpy_origins+0x13d/0x190 [ 313.785393] __msan_memcpy+0x6f/0x80 [ 313.789116] fxregs_fixup+0xfd/0x140 [ 313.792851] em_fxrstor+0x874/0xa30 [ 313.796491] x86_emulate_insn+0x24cf/0xa670 [ 313.800836] x86_emulate_instruction+0x12da/0x7a00 [ 313.805783] kvm_mmu_page_fault+0xd70/0x2c20 [ 313.810217] handle_ept_violation+0x7f1/0x830 [ 313.814964] vmx_handle_exit+0x21bd/0xb980 [ 313.819215] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 313.824250] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 313.828322] do_vfs_ioctl+0xfbc/0x2f70 [ 313.832219] __se_sys_ioctl+0x1da/0x270 [ 313.836204] __x64_sys_ioctl+0x4a/0x70 [ 313.840102] do_syscall_64+0xcf/0x110 18:15:44 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031628571") bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(xeta)\x00'}, 0x58) r1 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x1f, 0x0, "8c0eb7912a86ff3e23764a3c01af55410c3d3f813a4513a691be997c7ee1235982875b8ae5c27fc73eb383beca956b51a34191ad3a9f70ebee5f1d003dcd4427c273be993dd363cc8f36cc7f609a2371"}, 0xd8) r2 = dup(r1) setsockopt$inet6_tcp_int(r2, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x81, 0x4) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) sendto$inet6(r1, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ftruncate(r3, 0x7fff) sendfile(r2, r3, &(0x7f0000000040), 0x8000fffffffe) 18:15:44 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x400}]}, 0x10) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x300, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000200)='bbr\x00', 0x4) sendto$inet6(r1, &(0x7f0000000280), 0xffffffffffffffee, 0x2000012c, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000]}}, 0x1c) close(r0) 18:15:44 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) unshare(0x2000400) ioctl(r0, 0x82000004141, &(0x7f0000000040)) 18:15:44 executing program 5: r0 = socket(0x40000000000010, 0x80003, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write(r0, &(0x7f0000c05000)="240000001a0025f0046bbc04fef7001c020b49ff00000000801c08000800030001000000", 0x24) 18:15:44 executing program 2: socketpair(0x8000000000001e, 0x1, 0x0, &(0x7f0000a77ff8)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg(r0, &(0x7f000000db00)=[{{0x0, 0x0, &(0x7f0000004100), 0x0, &(0x7f0000009dc0)}}, {{&(0x7f000000bf40)=@vsock={0x1e, 0x0, 0x0, @my}, 0x80, &(0x7f000000c440), 0x0, &(0x7f000000c4c0)}}], 0x2, 0x0) 18:15:44 executing program 2: socketpair(0x8000000000001e, 0x1, 0x0, &(0x7f0000a77ff8)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg(r0, &(0x7f000000db00)=[{{0x0, 0x0, &(0x7f0000004100), 0x0, &(0x7f0000009dc0)}}, {{&(0x7f000000bf40)=@vsock={0x1e, 0x0, 0x0, @my}, 0x80, &(0x7f000000c440), 0x0, &(0x7f000000c4c0)}}], 0x2, 0x0) 18:15:44 executing program 5: r0 = socket(0x40000000000010, 0x80003, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write(r0, &(0x7f0000c05000)="240000001a0025f0046bbc04fef7001c020b49ff00000000801c08000800030001000000", 0x24) 18:15:44 executing program 2: socketpair(0x8000000000001e, 0x1, 0x0, &(0x7f0000a77ff8)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg(r0, &(0x7f000000db00)=[{{0x0, 0x0, &(0x7f0000004100), 0x0, &(0x7f0000009dc0)}}, {{&(0x7f000000bf40)=@vsock={0x1e, 0x0, 0x0, @my}, 0x80, &(0x7f000000c440), 0x0, &(0x7f000000c4c0)}}], 0x2, 0x0) 18:15:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000015c0)={r3, 0x0, 0x2, r2}) r4 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r2, 0x4, 0x2, r4}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r4, 0x7, 0x2, r2}) [ 313.843916] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 313.849102] [ 313.850731] Local variable description: ----v.addr.i.i.i@__inc_numa_state [ 313.857661] Variable was created at: [ 313.861389] __inc_numa_state+0x96/0x4a0 [ 313.865469] rmqueue_pcplist+0x57a8/0x5a10 [ 313.963517] irq bypass consumer (token 000000006110d31b) registration fails: -16 18:15:45 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000000)="360fae08670f01d1b8c80e8ee0f2a566b9af0300000f320fc75ac70f019af5ffba210066ed0fc79e9c5ebaa000b80118ef"}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000080)=ANY=[]) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) 18:15:45 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={"0000000000000000000000000200", 0x20000005001}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f0000000240), 0xc, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) write$tun(r0, &(0x7f0000000340)={@void, @val={0x0, 0x1, 0x0, 0x7}, @x25}, 0xd) 18:15:45 executing program 2: socketpair(0x8000000000001e, 0x1, 0x0, &(0x7f0000a77ff8)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg(r0, &(0x7f000000db00)=[{{0x0, 0x0, &(0x7f0000004100), 0x0, &(0x7f0000009dc0)}}, {{&(0x7f000000bf40)=@vsock={0x1e, 0x0, 0x0, @my}, 0x80, &(0x7f000000c440), 0x0, &(0x7f000000c4c0)}}], 0x2, 0x0) 18:15:45 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x400}]}, 0x10) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x300, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000200)='bbr\x00', 0x4) sendto$inet6(r1, &(0x7f0000000280), 0xffffffffffffffee, 0x2000012c, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000]}}, 0x1c) close(r0) 18:15:45 executing program 5: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x3, 0x0) r1 = dup(r0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r1, 0xc0285628, &(0x7f0000000080)) 18:15:45 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) fstat(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x2, &(0x7f00000001c0)=[0xee01, 0xee01]) setresgid(r1, 0x0, r2) [ 314.497471] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 314.504321] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 18:15:45 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000b6dfc8)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x3, 0x13, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40030000000000], [], @rand_addr}}}, @sadb_address={0x5, 0x9, 0xffffff80, 0x0, 0x0, @in6}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x98}}, 0x0) [ 314.574377] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 314.698888] not chained 90000 origins [ 314.702742] CPU: 1 PID: 10278 Comm: syz-executor3 Not tainted 4.20.0-rc3+ #89 [ 314.710006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.719352] Call Trace: [ 314.721947] dump_stack+0x32d/0x480 [ 314.725585] ? save_stack_trace+0xc6/0x110 [ 314.729826] kmsan_internal_chain_origin+0x222/0x240 [ 314.734936] ? kmsan_internal_chain_origin+0x136/0x240 [ 314.740207] ? __msan_chain_origin+0x6d/0xb0 [ 314.744613] ? __save_stack_trace+0x8be/0xc60 [ 314.749102] ? save_stack_trace+0xc6/0x110 [ 314.753332] ? kmsan_internal_chain_origin+0x136/0x240 [ 314.758608] ? kmsan_memcpy_origins+0x13d/0x190 [ 314.763271] ? __msan_memcpy+0x6f/0x80 [ 314.767157] ? fxregs_fixup+0xfd/0x140 [ 314.771036] ? em_fxrstor+0x874/0xa30 [ 314.774834] ? x86_emulate_insn+0x24cf/0xa670 [ 314.779329] ? x86_emulate_instruction+0x12da/0x7a00 [ 314.784434] ? kvm_mmu_page_fault+0xd70/0x2c20 [ 314.789014] ? handle_ept_violation+0x7f1/0x830 [ 314.793679] ? vmx_handle_exit+0x21bd/0xb980 [ 314.798083] ? kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 314.803269] ? kvm_vcpu_ioctl+0xfb1/0x1f90 [ 314.807497] ? do_vfs_ioctl+0xfbc/0x2f70 [ 314.811569] ? __se_sys_ioctl+0x1da/0x270 [ 314.815950] ? __x64_sys_ioctl+0x4a/0x70 [ 314.820009] ? do_syscall_64+0xcf/0x110 [ 314.823986] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 314.829355] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 314.834719] ? __module_address+0x6a/0x5f0 [ 314.838955] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 314.844316] ? is_bpf_text_address+0x49e/0x4d0 [ 314.848915] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 314.854373] ? in_task_stack+0x12c/0x210 [ 314.858438] __msan_chain_origin+0x6d/0xb0 [ 314.862671] ? em_fxrstor+0x874/0xa30 [ 314.866474] __save_stack_trace+0x8be/0xc60 [ 314.870820] ? em_fxrstor+0x874/0xa30 [ 314.874624] save_stack_trace+0xc6/0x110 [ 314.878687] kmsan_internal_chain_origin+0x136/0x240 [ 314.883795] ? kmsan_internal_chain_origin+0x136/0x240 [ 314.889068] ? kmsan_memcpy_origins+0x13d/0x190 [ 314.893736] ? __msan_memcpy+0x6f/0x80 [ 314.897662] ? fxregs_fixup+0xfd/0x140 [ 314.901558] ? em_fxrstor+0x874/0xa30 [ 314.905367] ? x86_emulate_insn+0x24cf/0xa670 [ 314.909880] ? x86_emulate_instruction+0x12da/0x7a00 [ 314.914982] ? kvm_mmu_page_fault+0xd70/0x2c20 [ 314.919563] ? handle_ept_violation+0x7f1/0x830 [ 314.924227] ? vmx_handle_exit+0x21bd/0xb980 [ 314.928634] ? kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 314.933872] ? kvm_vcpu_ioctl+0xfb1/0x1f90 [ 314.938103] ? do_vfs_ioctl+0xfbc/0x2f70 [ 314.942162] ? __se_sys_ioctl+0x1da/0x270 [ 314.946309] ? __x64_sys_ioctl+0x4a/0x70 [ 314.950367] ? do_syscall_64+0xcf/0x110 [ 314.954339] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 314.959710] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 314.965248] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 314.970618] ? kmsan_internal_chain_origin+0x136/0x240 [ 314.975895] ? __msan_chain_origin+0x6d/0xb0 [ 314.980299] ? emulator_get_segment+0x7d1/0x850 [ 314.985503] ? linearize+0x4e1/0xe00 [ 314.989215] ? em_fxrstor+0x614/0xa30 [ 314.993016] ? x86_emulate_insn+0x24cf/0xa670 [ 314.997505] ? x86_emulate_instruction+0x12da/0x7a00 [ 315.002604] ? kvm_mmu_page_fault+0xd70/0x2c20 [ 315.007183] ? handle_ept_violation+0x7f1/0x830 [ 315.011858] ? vmx_handle_exit+0x21bd/0xb980 [ 315.016263] ? kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 315.021448] ? kvm_vcpu_ioctl+0xfb1/0x1f90 [ 315.025680] ? do_vfs_ioctl+0xfbc/0x2f70 [ 315.029737] ? __se_sys_ioctl+0x1da/0x270 [ 315.033888] ? __x64_sys_ioctl+0x4a/0x70 [ 315.037959] ? do_syscall_64+0xcf/0x110 [ 315.041937] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 315.047310] kmsan_memcpy_origins+0x13d/0x190 [ 315.051813] __msan_memcpy+0x6f/0x80 [ 315.055528] fxregs_fixup+0xfd/0x140 [ 315.059283] em_fxrstor+0x874/0xa30 [ 315.062947] ? em_fxsave+0x850/0x850 [ 315.066661] x86_emulate_insn+0x24cf/0xa670 [ 315.071003] x86_emulate_instruction+0x12da/0x7a00 [ 315.075929] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 315.081314] kvm_mmu_page_fault+0xd70/0x2c20 [ 315.085745] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 315.091193] ? kvm_requeue_exception+0x53c/0x630 [ 315.095952] ? __vmx_complete_interrupts+0x348/0x7e0 [ 315.101062] ? vmx_handle_exit+0x21bd/0xb980 [ 315.105494] handle_ept_violation+0x7f1/0x830 [ 315.109991] ? handle_desc+0x120/0x120 [ 315.113875] vmx_handle_exit+0x21bd/0xb980 [ 315.118108] ? vmalloc_to_page+0x585/0x6c0 [ 315.122346] ? kmsan_get_shadow_origin_ptr+0x142/0x410 [ 315.127713] ? vmx_flush_tlb_gva+0x480/0x480 [ 315.132123] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 315.137205] ? futex_wait+0x942/0xc50 [ 315.141024] ? kmsan_set_origin+0x7f/0x100 [ 315.145263] ? __msan_poison_alloca+0x1e0/0x270 [ 315.149926] ? kmsan_set_origin+0x7f/0x100 [ 315.154160] ? put_pid+0x71/0x410 [ 315.157612] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 315.161931] ? put_pid+0x330/0x410 [ 315.165570] ? get_task_pid+0x19d/0x290 [ 315.169566] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 315.173717] ? do_vfs_ioctl+0x184/0x2f70 [ 315.177775] ? __se_sys_ioctl+0x1da/0x270 [ 315.181925] ? kvm_vm_release+0x90/0x90 [ 315.185897] do_vfs_ioctl+0xfbc/0x2f70 [ 315.189791] ? security_file_ioctl+0x92/0x200 [ 315.194286] __se_sys_ioctl+0x1da/0x270 [ 315.198267] __x64_sys_ioctl+0x4a/0x70 [ 315.202150] do_syscall_64+0xcf/0x110 [ 315.205948] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 315.211129] RIP: 0033:0x457569 [ 315.214321] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 315.233320] RSP: 002b:00007f36711adc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 315.241020] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 315.248287] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 315.255561] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 315.262839] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f36711ae6d4 [ 315.270101] R13: 00000000004c028e R14: 00000000004d06d8 R15: 00000000ffffffff [ 315.277373] Uninit was stored to memory at: [ 315.281694] kmsan_internal_chain_origin+0x136/0x240 [ 315.286790] __msan_chain_origin+0x6d/0xb0 [ 315.291109] __save_stack_trace+0x8be/0xc60 [ 315.295424] save_stack_trace+0xc6/0x110 [ 315.299482] kmsan_internal_chain_origin+0x136/0x240 [ 315.304583] kmsan_memcpy_origins+0x13d/0x190 [ 315.309084] __msan_memcpy+0x6f/0x80 [ 315.312789] fxregs_fixup+0xfd/0x140 [ 315.316496] em_fxrstor+0x874/0xa30 [ 315.320115] x86_emulate_insn+0x24cf/0xa670 [ 315.324434] x86_emulate_instruction+0x12da/0x7a00 [ 315.329357] kvm_mmu_page_fault+0xd70/0x2c20 [ 315.333757] handle_ept_violation+0x7f1/0x830 [ 315.338260] vmx_handle_exit+0x21bd/0xb980 [ 315.342493] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 315.347510] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 315.351578] do_vfs_ioctl+0xfbc/0x2f70 [ 315.355475] __se_sys_ioctl+0x1da/0x270 [ 315.359439] __x64_sys_ioctl+0x4a/0x70 [ 315.363320] do_syscall_64+0xcf/0x110 [ 315.367119] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 315.372297] [ 315.373919] Uninit was stored to memory at: [ 315.378238] kmsan_internal_chain_origin+0x136/0x240 [ 315.383334] __msan_chain_origin+0x6d/0xb0 [ 315.387570] __save_stack_trace+0x8be/0xc60 [ 315.391885] save_stack_trace+0xc6/0x110 [ 315.395938] kmsan_internal_chain_origin+0x136/0x240 [ 315.401039] kmsan_memcpy_origins+0x13d/0x190 [ 315.405527] __msan_memcpy+0x6f/0x80 [ 315.409253] fxregs_fixup+0xfd/0x140 [ 315.412963] em_fxrstor+0x874/0xa30 [ 315.416585] x86_emulate_insn+0x24cf/0xa670 [ 315.420901] x86_emulate_instruction+0x12da/0x7a00 [ 315.425837] kvm_mmu_page_fault+0xd70/0x2c20 [ 315.430236] handle_ept_violation+0x7f1/0x830 [ 315.434724] vmx_handle_exit+0x21bd/0xb980 [ 315.438952] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 315.443963] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 315.448017] do_vfs_ioctl+0xfbc/0x2f70 [ 315.451895] __se_sys_ioctl+0x1da/0x270 [ 315.455872] __x64_sys_ioctl+0x4a/0x70 [ 315.459754] do_syscall_64+0xcf/0x110 [ 315.463560] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 315.468738] [ 315.470357] Uninit was stored to memory at: [ 315.474680] kmsan_internal_chain_origin+0x136/0x240 [ 315.479778] __msan_chain_origin+0x6d/0xb0 [ 315.484009] __save_stack_trace+0x8be/0xc60 [ 315.488339] save_stack_trace+0xc6/0x110 [ 315.492393] kmsan_internal_chain_origin+0x136/0x240 [ 315.497491] kmsan_memcpy_origins+0x13d/0x190 [ 315.501983] __msan_memcpy+0x6f/0x80 [ 315.505690] fxregs_fixup+0xfd/0x140 [ 315.509395] em_fxrstor+0x874/0xa30 [ 315.513019] x86_emulate_insn+0x24cf/0xa670 [ 315.517338] x86_emulate_instruction+0x12da/0x7a00 [ 315.522264] kvm_mmu_page_fault+0xd70/0x2c20 [ 315.526674] handle_ept_violation+0x7f1/0x830 [ 315.531165] vmx_handle_exit+0x21bd/0xb980 [ 315.535396] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 315.540403] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 315.544461] do_vfs_ioctl+0xfbc/0x2f70 [ 315.548339] __se_sys_ioctl+0x1da/0x270 [ 315.552313] __x64_sys_ioctl+0x4a/0x70 [ 315.556201] do_syscall_64+0xcf/0x110 [ 315.560001] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 315.565176] [ 315.566797] Uninit was stored to memory at: [ 315.571113] kmsan_internal_chain_origin+0x136/0x240 [ 315.576214] __msan_chain_origin+0x6d/0xb0 [ 315.580446] __save_stack_trace+0x8be/0xc60 [ 315.584771] save_stack_trace+0xc6/0x110 [ 315.588836] kmsan_internal_chain_origin+0x136/0x240 [ 315.593953] kmsan_memcpy_origins+0x13d/0x190 [ 315.598454] __msan_memcpy+0x6f/0x80 [ 315.602163] fxregs_fixup+0xfd/0x140 [ 315.605871] em_fxrstor+0x874/0xa30 [ 315.609495] x86_emulate_insn+0x24cf/0xa670 [ 315.613814] x86_emulate_instruction+0x12da/0x7a00 [ 315.618740] kvm_mmu_page_fault+0xd70/0x2c20 [ 315.623144] handle_ept_violation+0x7f1/0x830 [ 315.627815] vmx_handle_exit+0x21bd/0xb980 [ 315.632043] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 315.637050] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 315.641104] do_vfs_ioctl+0xfbc/0x2f70 [ 315.644983] __se_sys_ioctl+0x1da/0x270 [ 315.648961] __x64_sys_ioctl+0x4a/0x70 [ 315.652846] do_syscall_64+0xcf/0x110 [ 315.656646] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 315.661824] [ 315.663437] Uninit was stored to memory at: [ 315.667754] kmsan_internal_chain_origin+0x136/0x240 [ 315.672852] __msan_chain_origin+0x6d/0xb0 [ 315.677092] __save_stack_trace+0x8be/0xc60 [ 315.681405] save_stack_trace+0xc6/0x110 [ 315.685458] kmsan_internal_chain_origin+0x136/0x240 [ 315.690561] kmsan_memcpy_origins+0x13d/0x190 [ 315.695055] __msan_memcpy+0x6f/0x80 [ 315.698761] fxregs_fixup+0xfd/0x140 [ 315.702469] em_fxrstor+0x874/0xa30 [ 315.706093] x86_emulate_insn+0x24cf/0xa670 [ 315.710406] x86_emulate_instruction+0x12da/0x7a00 [ 315.715335] kvm_mmu_page_fault+0xd70/0x2c20 [ 315.719748] handle_ept_violation+0x7f1/0x830 [ 315.724237] vmx_handle_exit+0x21bd/0xb980 [ 315.728465] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 315.733473] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 315.737525] do_vfs_ioctl+0xfbc/0x2f70 [ 315.741409] __se_sys_ioctl+0x1da/0x270 [ 315.745374] __x64_sys_ioctl+0x4a/0x70 [ 315.749255] do_syscall_64+0xcf/0x110 [ 315.753049] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 315.758221] [ 315.759839] Uninit was stored to memory at: [ 315.764156] kmsan_internal_chain_origin+0x136/0x240 [ 315.769251] __msan_chain_origin+0x6d/0xb0 [ 315.773477] __save_stack_trace+0x8be/0xc60 [ 315.777793] save_stack_trace+0xc6/0x110 [ 315.781854] kmsan_internal_chain_origin+0x136/0x240 [ 315.786947] kmsan_memcpy_origins+0x13d/0x190 [ 315.791435] __msan_memcpy+0x6f/0x80 [ 315.795143] fxregs_fixup+0xfd/0x140 [ 315.798849] em_fxrstor+0x874/0xa30 [ 315.802472] x86_emulate_insn+0x24cf/0xa670 [ 315.806789] x86_emulate_instruction+0x12da/0x7a00 [ 315.811713] kvm_mmu_page_fault+0xd70/0x2c20 [ 315.816112] handle_ept_violation+0x7f1/0x830 [ 315.820598] vmx_handle_exit+0x21bd/0xb980 [ 315.824833] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 315.829841] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 315.833894] do_vfs_ioctl+0xfbc/0x2f70 [ 315.837776] __se_sys_ioctl+0x1da/0x270 [ 315.841743] __x64_sys_ioctl+0x4a/0x70 [ 315.845621] do_syscall_64+0xcf/0x110 [ 315.849417] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 315.854592] [ 315.856207] Uninit was stored to memory at: [ 315.860523] kmsan_internal_chain_origin+0x136/0x240 [ 315.865629] __msan_chain_origin+0x6d/0xb0 [ 315.869860] __save_stack_trace+0x8be/0xc60 [ 315.874186] save_stack_trace+0xc6/0x110 [ 315.878242] kmsan_internal_chain_origin+0x136/0x240 [ 315.883341] kmsan_memcpy_origins+0x13d/0x190 [ 315.887848] __msan_memcpy+0x6f/0x80 [ 315.891577] fxregs_fixup+0xfd/0x140 [ 315.895292] em_fxrstor+0x874/0xa30 [ 315.898921] x86_emulate_insn+0x24cf/0xa670 [ 315.903241] x86_emulate_instruction+0x12da/0x7a00 [ 315.908165] kvm_mmu_page_fault+0xd70/0x2c20 [ 315.912571] handle_ept_violation+0x7f1/0x830 [ 315.917059] vmx_handle_exit+0x21bd/0xb980 [ 315.921292] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 315.926314] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 315.930369] do_vfs_ioctl+0xfbc/0x2f70 [ 315.934252] __se_sys_ioctl+0x1da/0x270 [ 315.938216] __x64_sys_ioctl+0x4a/0x70 [ 315.942108] do_syscall_64+0xcf/0x110 [ 315.945906] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 315.951082] 18:15:47 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000240)="66642f33000a62f60acb3456f6ace97aaa1684b93a8526d2554a7928b46823c8aeca3d196c10f09f2e5f9a239d308e3bc223f660940f24e7b5c2fdfcfb8e07dbf7a70e9178e30012b34bc9") [ 315.952702] Local variable description: ----v.addr.i.i.i@__inc_numa_state [ 315.959625] Variable was created at: [ 315.963330] __inc_numa_state+0x96/0x4a0 [ 315.967383] rmqueue_pcplist+0x57a8/0x5a10 [ 316.015412] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 18:15:47 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r1, &(0x7f00000032c0)=[{{0x0, 0x3e2, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f0000000140)=""/225, 0xe1}, {&(0x7f00000012c0)=""/123, 0x11f}, {&(0x7f0000001340)=""/158, 0x9e}], 0x4, &(0x7f0000000240)=""/35, 0x23}}, {{&(0x7f00000019c0)=@nl, 0x80, &(0x7f0000001ac0), 0x3b8}}], 0x2, 0x0, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0xfffffff0}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x28, 0xb01, 0x0, 0x0, {0x10}}, 0x165}}, 0x0) 18:15:47 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'vlan0\x00', 0x2003}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)) 18:15:47 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000000)=@setneightbl={0x14, 0x43, 0x301}, 0x14}}, 0x0) sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) 18:15:47 executing program 1: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000000) clone(0x0, &(0x7f0000000040), &(0x7f0000000100), &(0x7f0000c35ffc), &(0x7f0000000140)) wait4(0x0, 0x0, 0x40000000, &(0x7f0000000500)) clone(0x0, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000380)="ade35991ad75b8e986599b89f72c7c917c68d6c5bc") 18:15:47 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000000)="360fae08670f01d1b8c80e8ee0f2a566b9af0300000f320fc75ac70f019af5ffba210066ed0fc79e9c5ebaa000b80118ef"}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000080)=ANY=[]) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) 18:15:48 executing program 4: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153b6234488dd25d766070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_UPDELAY={0x8, 0xc}]}}}]}, 0x3c}}, 0x0) 18:15:48 executing program 1: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000000) clone(0x0, &(0x7f0000000040), &(0x7f0000000100), &(0x7f0000c35ffc), &(0x7f0000000140)) wait4(0x0, 0x0, 0x40000000, &(0x7f0000000500)) clone(0x0, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000380)="ade35991ad75b8e986599b89f72c7c917c68d6c5bc") 18:15:48 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000014c0)='loginuid\x00') read$eventfd(r0, &(0x7f00000000c0), 0x8) sendfile(r0, r0, &(0x7f0000000000), 0x40) 18:15:48 executing program 5: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r0, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 18:15:49 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'vlan0\x00', 0x2003}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)) 18:15:49 executing program 2: r0 = syz_open_dev$video(&(0x7f0000000180)='/dev/video#\x00', 0x0, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000004c0)={0x5, @vbi}) [ 318.098998] netlink: 'syz-executor4': attribute type 12 has an invalid length. 18:15:49 executing program 3: perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0xfec3, &(0x7f0000000000)={@link_local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0xfeb5, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @broadcast}, @icmp=@parameter_prob={0x21, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @multicast1}}}}}}, &(0x7f0000000040)) 18:15:49 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='fuse\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 18:15:49 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'vlan0\x00', 0x2003}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)) 18:15:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x3) 18:15:49 executing program 4: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153b6234488dd25d766070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_UPDELAY={0x8, 0xc}]}}}]}, 0x3c}}, 0x0) 18:15:49 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f00000001c0)={0xc, 0x8, 0xfa0e, {&(0x7f0000000040)}}, 0x10) dup3(r0, r2, 0x0) tkill(r1, 0x1002000000013) 18:15:49 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='fuse\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 18:15:49 executing program 1: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000000) clone(0x0, &(0x7f0000000040), &(0x7f0000000100), &(0x7f0000c35ffc), &(0x7f0000000140)) wait4(0x0, 0x0, 0x40000000, &(0x7f0000000500)) clone(0x0, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000380)="ade35991ad75b8e986599b89f72c7c917c68d6c5bc") [ 318.833564] netlink: 'syz-executor4': attribute type 12 has an invalid length. 18:15:50 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'vlan0\x00', 0x2003}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)) 18:15:50 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x10003) accept4(r0, &(0x7f0000000100)=@alg, &(0x7f0000000180)=0xffffffffffffffa8, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value, 0x8) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000240)=ANY=[], 0x0) 18:15:50 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0x45}}, &(0x7f0000000000)="504c20004cf7d12af11ce92537b5e3191e66de5d4ec18e4c2df01484a86d77842f624946eae310794c8c96ff1466232e25951139bda5d2990e523f8ec3080ffc1224d8dc4c84a9c8e8ab31576806715523fa749e8615c61049b8b1be6aa7740702cc5add", 0x1, 0x5ed, &(0x7f000000cf3d)=""/195}, 0x48) 18:15:50 executing program 4: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153b6234488dd25d766070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_UPDELAY={0x8, 0xc}]}}}]}, 0x3c}}, 0x0) 18:15:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f00000002c0)={0x7e, 0x0, [0x40000100]}) 18:15:50 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='fuse\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 18:15:50 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x800000000000008) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000040)={@my}) [ 319.518613] netlink: 'syz-executor4': attribute type 12 has an invalid length. 18:15:50 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0x45}}, &(0x7f0000000000)="504c20004cf7d12af11ce92537b5e3191e66de5d4ec18e4c2df01484a86d77842f624946eae310794c8c96ff1466232e25951139bda5d2990e523f8ec3080ffc1224d8dc4c84a9c8e8ab31576806715523fa749e8615c61049b8b1be6aa7740702cc5add", 0x1, 0x5ed, &(0x7f000000cf3d)=""/195}, 0x48) 18:15:50 executing program 1: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000000) clone(0x0, &(0x7f0000000040), &(0x7f0000000100), &(0x7f0000c35ffc), &(0x7f0000000140)) wait4(0x0, 0x0, 0x40000000, &(0x7f0000000500)) clone(0x0, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000380)="ade35991ad75b8e986599b89f72c7c917c68d6c5bc") 18:15:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f00000002c0)={0x7e, 0x0, [0x40000100]}) 18:15:51 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='fuse\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 18:15:51 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0x45}}, &(0x7f0000000000)="504c20004cf7d12af11ce92537b5e3191e66de5d4ec18e4c2df01484a86d77842f624946eae310794c8c96ff1466232e25951139bda5d2990e523f8ec3080ffc1224d8dc4c84a9c8e8ab31576806715523fa749e8615c61049b8b1be6aa7740702cc5add", 0x1, 0x5ed, &(0x7f000000cf3d)=""/195}, 0x48) 18:15:51 executing program 2: unshare(0x8000400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") fsync(r0) 18:15:51 executing program 4: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153b6234488dd25d766070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_UPDELAY={0x8, 0xc}]}}}]}, 0x3c}}, 0x0) 18:15:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f00000002c0)={0x7e, 0x0, [0x40000100]}) [ 320.301967] netlink: 'syz-executor4': attribute type 12 has an invalid length. 18:15:51 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0x45}}, &(0x7f0000000000)="504c20004cf7d12af11ce92537b5e3191e66de5d4ec18e4c2df01484a86d77842f624946eae310794c8c96ff1466232e25951139bda5d2990e523f8ec3080ffc1224d8dc4c84a9c8e8ab31576806715523fa749e8615c61049b8b1be6aa7740702cc5add", 0x1, 0x5ed, &(0x7f000000cf3d)=""/195}, 0x48) 18:15:51 executing program 5: r0 = socket$inet_dccp(0x2, 0x6, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) unshare(0x24020400) setsockopt(r0, 0x200000000000010d, 0x800000000f, &(0x7f00000000c0)="03", 0x1) 18:15:51 executing program 2: unshare(0x8000400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") fsync(r0) 18:15:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f00000002c0)={0x7e, 0x0, [0x40000100]}) 18:15:51 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x178, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000180)=0x9, 0x4) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @ipv4={[], [], @rand_addr}}, 0x1c) recvfrom$inet6(r0, &(0x7f0000000080)=""/49, 0x31, 0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x709000) 18:15:51 executing program 4: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) fstat(r0, &(0x7f0000000100)) writev(r0, &(0x7f0000000100), 0x233) 18:15:52 executing program 3: r0 = epoll_create1(0x0) r1 = socket(0x11, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000e47000)={0xffffffff8000201f}) epoll_wait(r0, &(0x7f0000000440)=[{}], 0x16a7, 0x0) 18:15:52 executing program 2: unshare(0x8000400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") fsync(r0) 18:15:52 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x805, 0x0) write(r0, &(0x7f0000000000), 0x0) 18:15:52 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x178, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000180)=0x9, 0x4) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @ipv4={[], [], @rand_addr}}, 0x1c) recvfrom$inet6(r0, &(0x7f0000000080)=""/49, 0x31, 0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x709000) 18:15:52 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000000380)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) socket$pppoe(0x18, 0x1, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000180)={0x0, r1}) 18:15:52 executing program 3: socketpair(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2002000000004b, 0x20000000000e}, 0x2c) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000100)="6c6f00966fd651b159a9c84a2c60d29800000020") 18:15:52 executing program 4: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) fstat(r0, &(0x7f0000000100)) writev(r0, &(0x7f0000000100), 0x233) 18:15:52 executing program 5: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x4, 0x802) r1 = dup2(r0, r0) write$binfmt_elf32(r1, &(0x7f0000001340)=ANY=[], 0x10ff) mmap$binder(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000002, 0x13, r1, 0x0) 18:15:52 executing program 2: unshare(0x8000400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") fsync(r0) 18:15:52 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x178, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000180)=0x9, 0x4) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @ipv4={[], [], @rand_addr}}, 0x1c) recvfrom$inet6(r0, &(0x7f0000000080)=""/49, 0x31, 0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x709000) 18:15:52 executing program 3: perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000000100)={0xfffffffffffffffe}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0x7, &(0x7f00000000c0)) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000002d40), 0x8, 0x0) read(r2, &(0x7f0000000000)=""/128, 0x80) signalfd4(r2, &(0x7f0000000140)={0x4000000020064}, 0x8, 0x0) 18:15:52 executing program 4: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) fstat(r0, &(0x7f0000000100)) writev(r0, &(0x7f0000000100), 0x233) 18:15:52 executing program 2: unshare(0x20020000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) mount(&(0x7f0000002800)=ANY=[], &(0x7f00000001c0)='./file1\x00', &(0x7f0000003980)="72616d667300d971abaf50e52c683ac7923627a5744cd7d1b96b8d4618e24e36049b5844a75fe6f6d4200b92b0749fdd17fc0d8c51663f69b78999dff00ad5d5f2a5940579d3189bfa01a1fe357cacc04a77d5ebfe32e5b27547a1e8d9069f53814969fc451b9223e747c9d972c0c2fb93bb23f6a8a43261fa33fcbfbe5071cf48002b25fabc803bd3e52cc10a1bce00c7e3bf430fb3422b8a3219edd913fce89d56b7f4df27a46c63aacd69c9a1184731ca152e528709dfe5f7cdd5f5a8784c82896cc9a067073488f4fd1d3ec0c3aff2685fcfd3e22bd62311fb2779727bf10fa24555eda72c69e74a2a699330344c9794d3fec36a74ea455fa3f7a766f25315bd2a8626da1c5d01622bb2661d12c18e286e2c0ae2efa2ea54f99f03a389b8ca1fa0b844ae2f5b5ba75ba877f39ad3db2ec233bd64746a6cc0af7ad86d46197c15c877b3d987f04cd3cb726154ac5ea51bac74768da74448091adb6bacda6c43199de368a6e69e442cf1a7dd16f3b8de32d669e826fe856d56cf89c5dc12d51408cd8457e7f9088d0188f312a3f882855c82f95fc7378a0dc56cd965ba80a9d12863a96a068a63e8a6", 0x0, &(0x7f0000003b40)) poll(&(0x7f0000000400), 0x0, 0x400007f) rename(&(0x7f0000000300)='./file1\x00', &(0x7f0000000340)='./file0\x00') 18:15:53 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fcntl$lock(r0, 0x7, &(0x7f00000001c0)={0x0, 0x0, 0xffffffffffffffff}) 18:15:53 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x178, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000180)=0x9, 0x4) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @ipv4={[], [], @rand_addr}}, 0x1c) recvfrom$inet6(r0, &(0x7f0000000080)=""/49, 0x31, 0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x709000) 18:15:53 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000000380)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) socket$pppoe(0x18, 0x1, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000180)={0x0, r1}) 18:15:53 executing program 3: r0 = syz_open_dev$video(&(0x7f00000002c0)='/dev/video#\x00', 0x0, 0x0) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x0, 0x8, 0x0, "9859267e41321181e1da4f476661d3b01839e02406a4e43453d5e7ac7e609362"}) 18:15:53 executing program 4: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) fstat(r0, &(0x7f0000000100)) writev(r0, &(0x7f0000000100), 0x233) 18:15:53 executing program 1: r0 = socket(0xa, 0x1, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000040)={0x8, 0x0, 0x2, 0x7, 0x2, [{0x50, 0xfff, 0x5}, {0x4, 0x3, 0x0, 0x0, 0x0, 0x400}]}) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000000)={0xfffffffffffffffd, 'nr0\x00', 0x8}, 0x18) r1 = syz_open_dev$vcsa(&(0x7f0000000200)='/dev/vcsa#\x00', 0x5, 0x0) ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f0000000240)="6d74e0a9bb236fa9af9f265a9297ec07d5434a0d8b532245b83480c7d65b46c71a4dfadb8deab58e3c5103193ec47e25d40a170bf3682c27f2a1362b550877bfa1182a1e9ec38acda14312a19737a9f9eb464130b08946d563874b5a4d7c95cae0f4e11b403b6b1ce2982f2fbf632a05b14005a9d3ce609c2a596e2d44334843acb63ce198a312d648b75958682227cc1b6fa20244a5b06e43f1cae2d2c8c6d95ef8fea9743ad88f8da3c082863b8b41f523fd9575162599c900128a6aef38d62abfcc3093067a9b3dde4da6ad58124d556cbabc8c95844cf2a4031c9d5c2a6bee1c") setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000001c0)={0x1, 'ip6gre0\x00', 0x1}, 0x18) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x106, 0x100f}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000340)={0x8, 0x120, 0xfa00, {0x0, {0x7ff, 0x0, "99046da62f74e0bdcd9eff287d4fdeb79f623845d6982a39d6e6c89c9b3673a00c62dae1ab6ef4a212789d251cc5bf764f5f774db5da25e29d07dd74923baca538a20cd1928a5810605ee828ca91054bbbcf656fb51f1a3a6bdb52644a13dad8adebf42559d3f0cd7a4794f9bc6b14f625d855b8c8e3261e0915e540fba02bf0ea12d1621da57fcbe47ef21d8cb74bad19f671f4f463ce612eb71048aedb9ba9bdc6d62168a7424f597538d492a59bc213858190ed4042e030c9eede6fe442d675ef824d8071db2a4a8fd17d6e51374f5d3737c732b8d63b325e85ce2dc712b8598e019fc121c436af6d70cce5b7109643203e926a192b88b2ce29c3206027b7", 0x4a, 0x8, 0x1, 0x200, 0xa3d8, 0x3ff, 0x100, 0x1}, r2}}, 0x128) ioctl(r0, 0x8916, &(0x7f0000000000)) 18:15:53 executing program 5: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000240)={0x0, 0x0, 0x0, {0x9, @sdr}}) 18:15:53 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semget(0xffffffffffffffff, 0x0, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000527ff8), 0x0, 0x0) clone(0x0, &(0x7f0000000100), &(0x7f00000001c0), &(0x7f0000001000), &(0x7f0000000200)) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc01e00, 0x0, &(0x7f00000000c0), 0x1, 0x2000000000002) 18:15:53 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000000380)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) socket$pppoe(0x18, 0x1, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000180)={0x0, r1}) 18:15:53 executing program 4: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f00000002c0)='X', 0x1, 0xfffffffffffffffe) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000140)='tasks\x00', 0x2, 0x0) r1 = add_key$user(&(0x7f0000000640)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000300)={r0, r1, r1}, &(0x7f0000000080)=""/107, 0x6b, &(0x7f0000000200)={&(0x7f0000000100)={'rmd256-generic\x00'}, &(0x7f0000000280)}) 18:15:53 executing program 1: r0 = socket(0xa, 0x1, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000040)={0x8, 0x0, 0x2, 0x7, 0x2, [{0x50, 0xfff, 0x5}, {0x4, 0x3, 0x0, 0x0, 0x0, 0x400}]}) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000000)={0xfffffffffffffffd, 'nr0\x00', 0x8}, 0x18) r1 = syz_open_dev$vcsa(&(0x7f0000000200)='/dev/vcsa#\x00', 0x5, 0x0) ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f0000000240)="6d74e0a9bb236fa9af9f265a9297ec07d5434a0d8b532245b83480c7d65b46c71a4dfadb8deab58e3c5103193ec47e25d40a170bf3682c27f2a1362b550877bfa1182a1e9ec38acda14312a19737a9f9eb464130b08946d563874b5a4d7c95cae0f4e11b403b6b1ce2982f2fbf632a05b14005a9d3ce609c2a596e2d44334843acb63ce198a312d648b75958682227cc1b6fa20244a5b06e43f1cae2d2c8c6d95ef8fea9743ad88f8da3c082863b8b41f523fd9575162599c900128a6aef38d62abfcc3093067a9b3dde4da6ad58124d556cbabc8c95844cf2a4031c9d5c2a6bee1c") setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000001c0)={0x1, 'ip6gre0\x00', 0x1}, 0x18) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x106, 0x100f}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000340)={0x8, 0x120, 0xfa00, {0x0, {0x7ff, 0x0, "99046da62f74e0bdcd9eff287d4fdeb79f623845d6982a39d6e6c89c9b3673a00c62dae1ab6ef4a212789d251cc5bf764f5f774db5da25e29d07dd74923baca538a20cd1928a5810605ee828ca91054bbbcf656fb51f1a3a6bdb52644a13dad8adebf42559d3f0cd7a4794f9bc6b14f625d855b8c8e3261e0915e540fba02bf0ea12d1621da57fcbe47ef21d8cb74bad19f671f4f463ce612eb71048aedb9ba9bdc6d62168a7424f597538d492a59bc213858190ed4042e030c9eede6fe442d675ef824d8071db2a4a8fd17d6e51374f5d3737c732b8d63b325e85ce2dc712b8598e019fc121c436af6d70cce5b7109643203e926a192b88b2ce29c3206027b7", 0x4a, 0x8, 0x1, 0x200, 0xa3d8, 0x3ff, 0x100, 0x1}, r2}}, 0x128) ioctl(r0, 0x8916, &(0x7f0000000000)) 18:15:54 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000040), 0x0) sendmsg$unix(r1, &(0x7f0000000d00)={&(0x7f00000002c0)=@abs, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000340)="8e", 0x1}], 0x1, &(0x7f0000000bc0)}, 0x8000) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)={0x7}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f00000000c0)={0x1}) 18:15:54 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000180)='/dev/snd/controlC#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, 0xfffffffffffffffe) 18:15:54 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000000380)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) socket$pppoe(0x18, 0x1, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000180)={0x0, r1}) 18:15:54 executing program 4: r0 = socket$inet6(0xa, 0x5, 0x0) select(0x40, &(0x7f0000002000), &(0x7f0000000040), &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000001000)={0x0, 0x2710}) setsockopt$inet6_buf(r0, 0x29, 0x40, &(0x7f0000000f9b), 0x0) 18:15:54 executing program 1: r0 = socket(0xa, 0x1, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000040)={0x8, 0x0, 0x2, 0x7, 0x2, [{0x50, 0xfff, 0x5}, {0x4, 0x3, 0x0, 0x0, 0x0, 0x400}]}) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000000)={0xfffffffffffffffd, 'nr0\x00', 0x8}, 0x18) r1 = syz_open_dev$vcsa(&(0x7f0000000200)='/dev/vcsa#\x00', 0x5, 0x0) ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f0000000240)="6d74e0a9bb236fa9af9f265a9297ec07d5434a0d8b532245b83480c7d65b46c71a4dfadb8deab58e3c5103193ec47e25d40a170bf3682c27f2a1362b550877bfa1182a1e9ec38acda14312a19737a9f9eb464130b08946d563874b5a4d7c95cae0f4e11b403b6b1ce2982f2fbf632a05b14005a9d3ce609c2a596e2d44334843acb63ce198a312d648b75958682227cc1b6fa20244a5b06e43f1cae2d2c8c6d95ef8fea9743ad88f8da3c082863b8b41f523fd9575162599c900128a6aef38d62abfcc3093067a9b3dde4da6ad58124d556cbabc8c95844cf2a4031c9d5c2a6bee1c") setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000001c0)={0x1, 'ip6gre0\x00', 0x1}, 0x18) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x106, 0x100f}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000340)={0x8, 0x120, 0xfa00, {0x0, {0x7ff, 0x0, "99046da62f74e0bdcd9eff287d4fdeb79f623845d6982a39d6e6c89c9b3673a00c62dae1ab6ef4a212789d251cc5bf764f5f774db5da25e29d07dd74923baca538a20cd1928a5810605ee828ca91054bbbcf656fb51f1a3a6bdb52644a13dad8adebf42559d3f0cd7a4794f9bc6b14f625d855b8c8e3261e0915e540fba02bf0ea12d1621da57fcbe47ef21d8cb74bad19f671f4f463ce612eb71048aedb9ba9bdc6d62168a7424f597538d492a59bc213858190ed4042e030c9eede6fe442d675ef824d8071db2a4a8fd17d6e51374f5d3737c732b8d63b325e85ce2dc712b8598e019fc121c436af6d70cce5b7109643203e926a192b88b2ce29c3206027b7", 0x4a, 0x8, 0x1, 0x200, 0xa3d8, 0x3ff, 0x100, 0x1}, r2}}, 0x128) ioctl(r0, 0x8916, &(0x7f0000000000)) 18:15:54 executing program 1: r0 = socket(0xa, 0x1, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000040)={0x8, 0x0, 0x2, 0x7, 0x2, [{0x50, 0xfff, 0x5}, {0x4, 0x3, 0x0, 0x0, 0x0, 0x400}]}) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000000)={0xfffffffffffffffd, 'nr0\x00', 0x8}, 0x18) r1 = syz_open_dev$vcsa(&(0x7f0000000200)='/dev/vcsa#\x00', 0x5, 0x0) ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f0000000240)="6d74e0a9bb236fa9af9f265a9297ec07d5434a0d8b532245b83480c7d65b46c71a4dfadb8deab58e3c5103193ec47e25d40a170bf3682c27f2a1362b550877bfa1182a1e9ec38acda14312a19737a9f9eb464130b08946d563874b5a4d7c95cae0f4e11b403b6b1ce2982f2fbf632a05b14005a9d3ce609c2a596e2d44334843acb63ce198a312d648b75958682227cc1b6fa20244a5b06e43f1cae2d2c8c6d95ef8fea9743ad88f8da3c082863b8b41f523fd9575162599c900128a6aef38d62abfcc3093067a9b3dde4da6ad58124d556cbabc8c95844cf2a4031c9d5c2a6bee1c") setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000001c0)={0x1, 'ip6gre0\x00', 0x1}, 0x18) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x106, 0x100f}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000340)={0x8, 0x120, 0xfa00, {0x0, {0x7ff, 0x0, "99046da62f74e0bdcd9eff287d4fdeb79f623845d6982a39d6e6c89c9b3673a00c62dae1ab6ef4a212789d251cc5bf764f5f774db5da25e29d07dd74923baca538a20cd1928a5810605ee828ca91054bbbcf656fb51f1a3a6bdb52644a13dad8adebf42559d3f0cd7a4794f9bc6b14f625d855b8c8e3261e0915e540fba02bf0ea12d1621da57fcbe47ef21d8cb74bad19f671f4f463ce612eb71048aedb9ba9bdc6d62168a7424f597538d492a59bc213858190ed4042e030c9eede6fe442d675ef824d8071db2a4a8fd17d6e51374f5d3737c732b8d63b325e85ce2dc712b8598e019fc121c436af6d70cce5b7109643203e926a192b88b2ce29c3206027b7", 0x4a, 0x8, 0x1, 0x200, 0xa3d8, 0x3ff, 0x100, 0x1}, r2}}, 0x128) ioctl(r0, 0x8916, &(0x7f0000000000)) 18:15:54 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) nanosleep(&(0x7f0000000040)={0x0, r1+30000000}, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x6, 0x100000000000031, 0xffffffffffffffff, 0x0) tkill(r0, 0x1000000000016) 18:15:54 executing program 0: r0 = socket$inet6(0xa, 0x2000000802, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f000089b000)=0x1, 0x4) sendmsg(r0, &(0x7f0000000000)={&(0x7f0000000100)=@in6={0xa, 0x4e24, 0x800, @dev}, 0x80, &(0x7f0000000180), 0x0, &(0x7f0000000340)=[{0x18, 0x29, 0x4, 's%'}], 0x18}, 0x0) 18:15:54 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4) r1 = socket(0x40000000011, 0x80002, 0x0) bind$packet(r1, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x0, 0x9ffc}, 0x4) 18:15:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) clone(0x0, &(0x7f0000000100), &(0x7f00000001c0), &(0x7f0000001000), &(0x7f0000000200)) 18:15:54 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000ac0)=[{&(0x7f00000001c0)=""/46, 0x8}, {&(0x7f0000000300)=""/76, 0x112}, {&(0x7f0000000380)=""/65}, {&(0x7f0000000400)=""/30, 0xffffffee}, {&(0x7f0000000b40)=""/4096, 0xd3}, {&(0x7f0000000480)=""/58}, {&(0x7f00000000c0)=""/183, 0x1aa}], 0x10) 18:15:54 executing program 1: r0 = socket$inet6(0xa, 0x1040000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r2, r3) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000400)) 18:15:54 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000003c0)={0x0, {}, {0x2, 0x0, @dev}, {}, 0x40, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)='veth1_to_bridge\x00'}) 18:15:55 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f00000000c0)='/dev/snd/controlC#\x00', 0xd611, 0x0) perf_event_open(&(0x7f0000001000)={0xb, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000005000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc4c85513, &(0x7f0000001000)) 18:15:55 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000ac0)=[{&(0x7f00000001c0)=""/46, 0x8}, {&(0x7f0000000300)=""/76, 0x112}, {&(0x7f0000000380)=""/65}, {&(0x7f0000000400)=""/30, 0xffffffee}, {&(0x7f0000000b40)=""/4096, 0xd3}, {&(0x7f0000000480)=""/58}, {&(0x7f00000000c0)=""/183, 0x1aa}], 0x10) 18:15:55 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x11, 0x2, 0x0) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000100), &(0x7f00000001c0)=0x4) 18:15:55 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4) r1 = socket(0x40000000011, 0x80002, 0x0) bind$packet(r1, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x0, 0x9ffc}, 0x4) 18:15:55 executing program 1: clock_adjtime(0x0, &(0x7f0000000180)={0xf0db}) 18:15:55 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="7f454c4600000000000000f6c0e645fb90ca8fd842140000000000000000000000000000000000000000"], 0x2a) write$binfmt_elf32(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="7f454c46000000ff00000000000000000000000000000000000000003800000000010000000000000000200000000000000000200000000000000000000000000000000000000000000000000000000000000000007e2f3d"], 0x58) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") write$FUSE_STATFS(r0, &(0x7f0000000180)={0x60}, 0x60) 18:15:55 executing program 3: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r0 = socket(0x848000000015, 0x805, 0x0) getsockopt(r0, 0x114, 0x5, &(0x7f0000000140)=""/13, &(0x7f0000000000)=0xd) 18:15:55 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000ac0)=[{&(0x7f00000001c0)=""/46, 0x8}, {&(0x7f0000000300)=""/76, 0x112}, {&(0x7f0000000380)=""/65}, {&(0x7f0000000400)=""/30, 0xffffffee}, {&(0x7f0000000b40)=""/4096, 0xd3}, {&(0x7f0000000480)=""/58}, {&(0x7f00000000c0)=""/183, 0x1aa}], 0x10) 18:15:55 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000028c0)="b7f2288a933d559166593ae164c990a0", 0x10) r1 = accept$alg(r0, 0x0, 0x0) recvfrom(0xffffffffffffffff, &(0x7f0000002900)=""/4096, 0xfffffffffffffef6, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640), 0x0, &(0x7f0000000700)=[@iv={0x18}], 0x18}, 0x40) 18:15:55 executing program 1: keyctl$instantiate(0xc, 0x0, &(0x7f0000000200)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', 'user\x00'}, 0xfffffffffffffdfd, 0x0) 18:15:55 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4) r1 = socket(0x40000000011, 0x80002, 0x0) bind$packet(r1, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x0, 0x9ffc}, 0x4) 18:15:55 executing program 3: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10, 0x600}, 0x80, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007f5f00fe01b2a4a280930a06000000a84306910000003900090035000c00060000001900150003000000000000dc1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 18:15:55 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000ac0)=[{&(0x7f00000001c0)=""/46, 0x8}, {&(0x7f0000000300)=""/76, 0x112}, {&(0x7f0000000380)=""/65}, {&(0x7f0000000400)=""/30, 0xffffffee}, {&(0x7f0000000b40)=""/4096, 0xd3}, {&(0x7f0000000480)=""/58}, {&(0x7f00000000c0)=""/183, 0x1aa}], 0x10) 18:15:56 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") prctl$intptr(0xe, 0x0) 18:15:56 executing program 1: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={&(0x7f0000000b40), 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8, 0x22, 0xa503}]}}}]}, 0x44}}, 0x0) [ 325.006735] netlink: 13 bytes leftover after parsing attributes in process `syz-executor3'. 18:15:56 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000200)=""/28, 0x1c) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000400)={0xbf}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0605345, &(0x7f0000000480)={0x0, 0x0, 0x0, "717565756531000000000000001f00"}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc0105303, &(0x7f00000002c0)) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, &(0x7f0000000180)) tkill(r1, 0x1000000000013) 18:15:56 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4), 0xc, &(0x7f00000bfff0)={&(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ac83fd25f18e33ffe5de00ca2a76a6000000000000000000000000000000000000000000"], 0x1}}, 0x0) 18:15:56 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0xfffffff0}, 0xc, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, 0x28, 0xb01, 0x0, 0x0, {0x7}, [@typed={0x6, 0x2, @u32}]}, 0x1c}}, 0x0) 18:15:56 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4) r1 = socket(0x40000000011, 0x80002, 0x0) bind$packet(r1, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x0, 0x9ffc}, 0x4) 18:15:56 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0x7000028]}, 0x10) mincore(&(0x7f00000be000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/29) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x389756b1353686c0, 0x120, 0x0, 0xffffffffffffffeb) 18:15:56 executing program 1: r0 = memfd_create(&(0x7f0000000000)="2b8b8a163cee7f0400000000000004004b13ad4f", 0x3) write$binfmt_misc(r0, &(0x7f0000000540)=ANY=[@ANYRES32], 0xfffffda2) fcntl$addseals(r0, 0x409, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 18:15:56 executing program 3: socket$inet6(0xa, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x80000000009, 0x1000000000000001) ioctl$FS_IOC_FSGETXATTR(r0, 0x802c550a, &(0x7f0000000080)={0x8002, 0x0, 0x0, 0x730068, 0xffffffff7ff0bdbe}) [ 325.629457] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 18:15:56 executing program 4: ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000580)="9e61c829c3", 0x0, 0x5}) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={&(0x7f0000000200), 0xc, &(0x7f0000000240)={&(0x7f0000000500)=@migrate={0xac, 0x21, 0x21, 0x0, 0x0, {{@in=@local}, 0x0, 0x13}, [@migrate={0x5c, 0x11, [{@in6=@loopback, @in=@local}, {@in=@broadcast, @in6=@empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}}]}]}, 0xac}}, 0x0) 18:15:56 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl(r0, 0x20000000008912, &(0x7f0000000200)="0a5c2d0240316285717070") setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000000)={@in={{0x2, 0x0, @remote}}, 0x0, 0xfffffffffffffffb, 0x0, "293943961166c34f299b61de4dd2f943fc0e49ba04336f46f64921433462bc285e47a400d2185cd2bee8a18fb58ace6f32d95e8da032aa009f5d90147cad01c6a30197b71eb11d5817346b8353a1e0e2"}, 0xd8) 18:15:56 executing program 1: r0 = memfd_create(&(0x7f0000000000)="2b8b8a163cee7f0400000000000004004b13ad4f", 0x3) write$binfmt_misc(r0, &(0x7f0000000540)=ANY=[@ANYRES32], 0xfffffda2) fcntl$addseals(r0, 0x409, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 18:15:57 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0xc001, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x65, &(0x7f0000000000)=0x80000000, 0x4) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) ioctl$EVIOCGID(r2, 0x80084502, &(0x7f0000000140)=""/29) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000000440)="025cc80700145f8f764070") r4 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0x80200000000002, &(0x7f0000000540)=0x82, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e22, @loopback}}, 0x0, 0x2, 0x3, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r5, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r5, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000580)='./file0\x00', &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setregid(r7, r6) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000100)=0x3ff, 0x4) setsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f0000000400)=0x2, 0x4) r8 = openat$full(0xffffffffffffff9c, &(0x7f0000003a40)='/dev/full\x00', 0x0, 0x0) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000180)) sysfs$1(0x1, &(0x7f0000000600)='erspan0\x00') open_by_handle_at(r4, &(0x7f0000001940)=ANY=[@ANYBLOB="6f00000009919100a98f74f78fa4bf3cb0154fe18d9bc1fe19499e4d111667c68b2867f9569885086b3a47eac325ffb7398b963ce3e40b3b93288c922ac1991224a987abe1a662316e485ee97c75c3a70fb6ef1e69c9bc9e48f7fb771ab8563f869ae530c2e1a7a402e79826e19659af50f53f35646359ac1db2891dfb1e09f58eda42086cb3"], 0x80) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) write$P9_RSYMLINK(r2, &(0x7f0000001680)={0x14, 0x11, 0x2, {0x80, 0x3}}, 0x14) ioctl$FICLONE(r8, 0x40049409, r1) sendmsg$nl_generic(r5, &(0x7f0000001900)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2030}, 0xc, &(0x7f00000003c0)={&(0x7f0000000640)={0x18, 0x2d, 0x0, 0x70bd2b, 0x25dfdbfb, {0x17}, [@nested={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000004}, 0x4011) recvmsg(r5, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) 18:15:57 executing program 2: capset(0xfffffffffffffffd, &(0x7f0000000000)) 18:15:57 executing program 5: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x4) syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x40000) ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0) listen(r0, 0x2) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@local, 0x0, 0x0, 0x2, 0x8, 0x1}, 0x20) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x4) syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x0, 0x0) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$inet6(0xa, 0xa, 0x800, &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0xa, 0x0, @dev, [0xf401000000006000, 0x300000003000000, 0x0, 0x0, 0x4000000]}}, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x98) 18:15:57 executing program 3: open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mlock2(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000000180), &(0x7f00000001c0)) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 18:15:57 executing program 1: r0 = memfd_create(&(0x7f0000000000)="2b8b8a163cee7f0400000000000004004b13ad4f", 0x3) write$binfmt_misc(r0, &(0x7f0000000540)=ANY=[@ANYRES32], 0xfffffda2) fcntl$addseals(r0, 0x409, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 18:15:57 executing program 2: semop(0x0, &(0x7f0000001200)=[{0x0, 0x7fffffff}], 0x1) 18:15:58 executing program 1: r0 = memfd_create(&(0x7f0000000000)="2b8b8a163cee7f0400000000000004004b13ad4f", 0x3) write$binfmt_misc(r0, &(0x7f0000000540)=ANY=[@ANYRES32], 0xfffffda2) fcntl$addseals(r0, 0x409, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 18:15:58 executing program 4: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f0000000080)=ANY=[], &(0x7f0000027000)='./file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, &(0x7f000000a000)) capset(&(0x7f0000000140)={0x20071026}, &(0x7f0000000180)) mknod(&(0x7f00000000c0)='./file0/file0\x00', 0x1000, 0x0) 18:15:58 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000140)={0x1, &(0x7f00000001c0)=[{0x74, 0x0, 0x0, 0x100}]}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) 18:15:58 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0x7000028]}, 0x10) mincore(&(0x7f00000be000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/29) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x389756b1353686c0, 0x120, 0x0, 0xffffffffffffffeb) 18:15:58 executing program 5: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x4) syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x40000) ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0) listen(r0, 0x2) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@local, 0x0, 0x0, 0x2, 0x8, 0x1}, 0x20) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x4) syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x0, 0x0) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$inet6(0xa, 0xa, 0x800, &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0xa, 0x0, @dev, [0xf401000000006000, 0x300000003000000, 0x0, 0x0, 0x4000000]}}, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x98) 18:15:58 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0x7000028]}, 0x10) mincore(&(0x7f00000be000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/29) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x389756b1353686c0, 0x120, 0x0, 0xffffffffffffffeb) 18:15:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000200)="420f09c463415c77150a43dbc70f01c8430f07c481ca10dc66460f6ced48b800880000000000000f23d80f21f835000000800f23f8460f220348b8fcffffffff7f00000f23d80f21f835c00000b00f23f8", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, [0x2]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000180)="c4e39549a503000000ea0f20e035000010000f22e0360f23070f23922ef2f082350700000001650f0098b09931930f235fb9b6020000b800800000ba000000000f3066b8b4000f00d0c744240085290000c744240209000000c7442406000000000f011c24", 0x65}], 0x1, 0xfffffffffffffffd, &(0x7f0000000240), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:15:59 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000080)="0a5c2d0240316285717070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f00004cfff3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, &(0x7f0000006fa8)={{0x50f}, 0x1}) 18:15:59 executing program 5: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x4) syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x40000) ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0) listen(r0, 0x2) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@local, 0x0, 0x0, 0x2, 0x8, 0x1}, 0x20) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x4) syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x0, 0x0) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$inet6(0xa, 0xa, 0x800, &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0xa, 0x0, @dev, [0xf401000000006000, 0x300000003000000, 0x0, 0x0, 0x4000000]}}, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x98) 18:15:59 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x2, 0x15, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0xa0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x38}}, 0x0) 18:15:59 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x8) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) ioctl$NBD_SET_BLKSIZE(r1, 0x1267, 0x70e000) 18:15:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000200)="420f09c463415c77150a43dbc70f01c8430f07c481ca10dc66460f6ced48b800880000000000000f23d80f21f835000000800f23f8460f220348b8fcffffffff7f00000f23d80f21f835c00000b00f23f8", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, [0x2]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000180)="c4e39549a503000000ea0f20e035000010000f22e0360f23070f23922ef2f082350700000001650f0098b09931930f235fb9b6020000b800800000ba000000000f3066b8b4000f00d0c744240085290000c744240209000000c7442406000000000f011c24", 0x65}], 0x1, 0xfffffffffffffffd, &(0x7f0000000240), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:15:59 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4) setsockopt$inet6_buf(r0, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f00000000c0)=0x99, 0x4) sendto$inet6(r0, &(0x7f0000000280)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e602721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a0e1d0607f57f626a5b8d476636ef1ee76307524009ae49be4db0ab2c8ea0c5ebd1e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408cc4c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669c24c206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb25c89074fcb1bba20c41bddd9ca5cd2f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2ebdfad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c5912a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe9bc88fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f400582bd95e5ad802050d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60be632697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20f4774d66c5ae0a0adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5b4967904daf833d91ae9461ef10036f8be000000", 0x5ad, 0x0, &(0x7f0000809000)={0xa, 0x1000000000004e20, 0x0, @mcast2}, 0x1c) recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000200)=""/80, 0x50}, 0x0) 18:15:59 executing program 5: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x4) syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x40000) ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0) listen(r0, 0x2) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@local, 0x0, 0x0, 0x2, 0x8, 0x1}, 0x20) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x4) syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x0, 0x0) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$inet6(0xa, 0xa, 0x800, &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0xa, 0x0, @dev, [0xf401000000006000, 0x300000003000000, 0x0, 0x0, 0x4000000]}}, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x98) 18:16:00 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000100)={'bridge0\x00', &(0x7f0000000140)=@ethtool_ringparam={0x11, 0x0, 0x10001}}) 18:16:01 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0x7000028]}, 0x10) mincore(&(0x7f00000be000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/29) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x389756b1353686c0, 0x120, 0x0, 0xffffffffffffffeb) 18:16:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000200)="420f09c463415c77150a43dbc70f01c8430f07c481ca10dc66460f6ced48b800880000000000000f23d80f21f835000000800f23f8460f220348b8fcffffffff7f00000f23d80f21f835c00000b00f23f8", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, [0x2]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000180)="c4e39549a503000000ea0f20e035000010000f22e0360f23070f23922ef2f082350700000001650f0098b09931930f235fb9b6020000b800800000ba000000000f3066b8b4000f00d0c744240085290000c744240209000000c7442406000000000f011c24", 0x65}], 0x1, 0xfffffffffffffffd, &(0x7f0000000240), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 330.190029] not chained 100000 origins [ 330.193984] CPU: 0 PID: 10774 Comm: syz-executor0 Not tainted 4.20.0-rc3+ #89 [ 330.201533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.210906] Call Trace: [ 330.213498] dump_stack+0x32d/0x480 [ 330.217136] kmsan_internal_chain_origin+0x222/0x240 [ 330.222255] ? save_stack_trace+0xc6/0x110 [ 330.226486] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 330.231596] ? kmsan_internal_chain_origin+0x90/0x240 [ 330.236799] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 330.242167] ? is_bpf_text_address+0x49e/0x4d0 [ 330.246751] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 330.252197] ? in_task_stack+0x12c/0x210 [ 330.256262] __msan_chain_origin+0x6d/0xb0 [ 330.260502] ? __x64_sys_sendto+0x6e/0x90 [ 330.264651] __save_stack_trace+0x8be/0xc60 [ 330.268986] ? __x64_sys_sendto+0x6e/0x90 [ 330.273133] save_stack_trace+0xc6/0x110 [ 330.277198] kmsan_internal_chain_origin+0x136/0x240 [ 330.282306] ? kmsan_internal_chain_origin+0x136/0x240 [ 330.287582] ? kmsan_memcpy_origins+0x13d/0x190 [ 330.292246] ? __msan_memcpy+0x6f/0x80 [ 330.296133] ? skb_copy_bits+0x1d2/0xc90 [ 330.300278] ? skb_copy+0x56c/0xba0 [ 330.303899] ? tcp_send_synack+0x7a3/0x18f0 [ 330.308220] ? tcp_rcv_state_process+0x275d/0x6c60 [ 330.313143] ? tcp_v4_do_rcv+0xb25/0xd80 [ 330.317200] ? __release_sock+0x32d/0x750 [ 330.321342] ? release_sock+0x99/0x2a0 [ 330.325227] ? __inet_stream_connect+0xdff/0x15d0 [ 330.330069] ? tcp_sendmsg_locked+0x6655/0x6c30 [ 330.334732] ? tcp_sendmsg+0xb2/0x100 [ 330.338529] ? inet_sendmsg+0x4e9/0x800 [ 330.342503] ? __sys_sendto+0x940/0xb80 [ 330.346478] ? __se_sys_sendto+0x107/0x130 [ 330.350706] ? __x64_sys_sendto+0x6e/0x90 [ 330.354850] ? do_syscall_64+0xcf/0x110 [ 330.358823] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 330.364192] ? memcg_kmem_put_cache+0x73/0x460 [ 330.368771] ? __kmalloc_node_track_caller+0x1010/0x14e0 [ 330.374236] ? __msan_get_context_state+0x9/0x20 [ 330.378991] ? INIT_INT+0xc/0x30 [ 330.382357] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 330.387720] ? __msan_get_context_state+0x9/0x20 [ 330.392483] kmsan_memcpy_origins+0x13d/0x190 [ 330.396982] __msan_memcpy+0x6f/0x80 [ 330.400719] skb_copy_bits+0x1d2/0xc90 [ 330.404711] skb_copy+0x56c/0xba0 [ 330.408174] tcp_send_synack+0x7a3/0x18f0 [ 330.412321] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 330.417778] tcp_rcv_state_process+0x275d/0x6c60 [ 330.422561] tcp_v4_do_rcv+0xb25/0xd80 [ 330.426445] ? __local_bh_enable_ip+0x11f/0x260 [ 330.431114] ? inet_sk_rx_dst_set+0x200/0x200 [ 330.435608] __release_sock+0x32d/0x750 [ 330.439590] release_sock+0x99/0x2a0 [ 330.443309] __inet_stream_connect+0xdff/0x15d0 [ 330.447989] ? wait_woken+0x5b0/0x5b0 [ 330.451811] tcp_sendmsg_locked+0x6655/0x6c30 [ 330.456322] ? aa_label_sk_perm+0xda/0x960 [ 330.460570] ? kmsan_set_origin+0x7f/0x100 [ 330.464810] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 330.470175] ? __msan_poison_alloca+0x1e0/0x270 [ 330.474841] ? __local_bh_enable_ip+0x46/0x260 [ 330.479440] ? __msan_poison_alloca+0x1e0/0x270 [ 330.484113] tcp_sendmsg+0xb2/0x100 [ 330.487739] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 330.492405] inet_sendmsg+0x4e9/0x800 [ 330.496209] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 330.501580] ? security_socket_sendmsg+0x1bd/0x200 [ 330.506519] ? inet_getname+0x490/0x490 [ 330.510497] __sys_sendto+0x940/0xb80 [ 330.514311] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 330.519758] ? prepare_exit_to_usermode+0x182/0x4c0 [ 330.524788] __se_sys_sendto+0x107/0x130 [ 330.528859] __x64_sys_sendto+0x6e/0x90 [ 330.532835] do_syscall_64+0xcf/0x110 [ 330.536649] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 330.541835] RIP: 0033:0x457569 [ 330.545028] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 330.563922] RSP: 002b:00007fbbf9bdfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 330.571629] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 330.578891] RDX: fffffffffffffeb4 RSI: 0000000020000200 RDI: 0000000000000003 [ 330.586157] RBP: 000000000072bf00 R08: 0000000020db4ff0 R09: 0000000000000010 [ 330.593422] R10: 0000000020008011 R11: 0000000000000246 R12: 00007fbbf9be06d4 [ 330.600696] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 330.607970] Uninit was stored to memory at: [ 330.612294] kmsan_internal_chain_origin+0x136/0x240 [ 330.617392] __msan_chain_origin+0x6d/0xb0 [ 330.621624] __save_stack_trace+0x8be/0xc60 [ 330.625938] save_stack_trace+0xc6/0x110 [ 330.629991] kmsan_internal_chain_origin+0x136/0x240 [ 330.635091] kmsan_memcpy_origins+0x13d/0x190 [ 330.639591] __msan_memcpy+0x6f/0x80 [ 330.643299] skb_copy_bits+0x1d2/0xc90 [ 330.647184] skb_copy+0x56c/0xba0 [ 330.650628] tcp_send_synack+0x7a3/0x18f0 [ 330.654775] tcp_rcv_state_process+0x275d/0x6c60 [ 330.659530] tcp_v4_do_rcv+0xb25/0xd80 [ 330.663423] __release_sock+0x32d/0x750 [ 330.667390] release_sock+0x99/0x2a0 [ 330.671098] __inet_stream_connect+0xdff/0x15d0 [ 330.675760] tcp_sendmsg_locked+0x6655/0x6c30 [ 330.680251] tcp_sendmsg+0xb2/0x100 [ 330.683871] inet_sendmsg+0x4e9/0x800 [ 330.687665] __sys_sendto+0x940/0xb80 [ 330.691461] __se_sys_sendto+0x107/0x130 [ 330.695520] __x64_sys_sendto+0x6e/0x90 [ 330.699497] do_syscall_64+0xcf/0x110 [ 330.703301] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 330.708479] [ 330.710095] Uninit was stored to memory at: [ 330.714417] kmsan_internal_chain_origin+0x136/0x240 [ 330.719516] __msan_chain_origin+0x6d/0xb0 [ 330.723755] __save_stack_trace+0x8be/0xc60 [ 330.728072] save_stack_trace+0xc6/0x110 [ 330.732127] kmsan_internal_chain_origin+0x136/0x240 [ 330.737223] kmsan_memcpy_origins+0x13d/0x190 [ 330.741712] __msan_memcpy+0x6f/0x80 [ 330.745423] skb_copy_bits+0x1d2/0xc90 [ 330.749317] skb_copy+0x56c/0xba0 [ 330.752766] tcp_send_synack+0x7a3/0x18f0 [ 330.756913] tcp_rcv_state_process+0x275d/0x6c60 [ 330.761666] tcp_v4_do_rcv+0xb25/0xd80 [ 330.765553] __release_sock+0x32d/0x750 [ 330.769523] release_sock+0x99/0x2a0 [ 330.773251] __inet_stream_connect+0xdff/0x15d0 [ 330.777922] tcp_sendmsg_locked+0x6655/0x6c30 [ 330.782410] tcp_sendmsg+0xb2/0x100 [ 330.786029] inet_sendmsg+0x4e9/0x800 [ 330.789830] __sys_sendto+0x940/0xb80 [ 330.793628] __se_sys_sendto+0x107/0x130 [ 330.797687] __x64_sys_sendto+0x6e/0x90 [ 330.801663] do_syscall_64+0xcf/0x110 [ 330.805459] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 330.810652] [ 330.812286] Uninit was stored to memory at: [ 330.816875] kmsan_internal_chain_origin+0x136/0x240 [ 330.821974] __msan_chain_origin+0x6d/0xb0 [ 330.826207] __save_stack_trace+0x8be/0xc60 [ 330.830521] save_stack_trace+0xc6/0x110 [ 330.834587] kmsan_internal_chain_origin+0x136/0x240 [ 330.839683] kmsan_memcpy_origins+0x13d/0x190 [ 330.844170] __msan_memcpy+0x6f/0x80 [ 330.847878] skb_copy_bits+0x1d2/0xc90 [ 330.851764] skb_copy+0x56c/0xba0 [ 330.855229] tcp_send_synack+0x7a3/0x18f0 [ 330.859379] tcp_rcv_state_process+0x275d/0x6c60 [ 330.864134] tcp_v4_do_rcv+0xb25/0xd80 [ 330.868021] __release_sock+0x32d/0x750 [ 330.872004] release_sock+0x99/0x2a0 [ 330.875715] __inet_stream_connect+0xdff/0x15d0 [ 330.880395] tcp_sendmsg_locked+0x6655/0x6c30 [ 330.884883] tcp_sendmsg+0xb2/0x100 [ 330.888506] inet_sendmsg+0x4e9/0x800 [ 330.892305] __sys_sendto+0x940/0xb80 [ 330.896102] __se_sys_sendto+0x107/0x130 [ 330.900169] __x64_sys_sendto+0x6e/0x90 [ 330.904140] do_syscall_64+0xcf/0x110 [ 330.907935] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 330.913108] [ 330.914722] Uninit was stored to memory at: [ 330.919040] kmsan_internal_chain_origin+0x136/0x240 [ 330.924137] __msan_chain_origin+0x6d/0xb0 [ 330.928369] __save_stack_trace+0x8be/0xc60 [ 330.932685] save_stack_trace+0xc6/0x110 [ 330.936741] kmsan_internal_chain_origin+0x136/0x240 [ 330.941847] kmsan_memcpy_origins+0x13d/0x190 [ 330.946339] __msan_memcpy+0x6f/0x80 [ 330.950049] skb_copy_bits+0x1d2/0xc90 [ 330.953931] skb_copy+0x56c/0xba0 [ 330.957375] tcp_send_synack+0x7a3/0x18f0 [ 330.961517] tcp_rcv_state_process+0x275d/0x6c60 [ 330.966368] tcp_v4_do_rcv+0xb25/0xd80 [ 330.970249] __release_sock+0x32d/0x750 [ 330.974215] release_sock+0x99/0x2a0 [ 330.977928] __inet_stream_connect+0xdff/0x15d0 [ 330.982840] tcp_sendmsg_locked+0x6655/0x6c30 [ 330.987333] tcp_sendmsg+0xb2/0x100 [ 330.990957] inet_sendmsg+0x4e9/0x800 [ 330.994753] __sys_sendto+0x940/0xb80 [ 330.998555] __se_sys_sendto+0x107/0x130 [ 331.002618] __x64_sys_sendto+0x6e/0x90 [ 331.006603] do_syscall_64+0xcf/0x110 [ 331.010404] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 331.015583] [ 331.017201] Uninit was stored to memory at: [ 331.021522] kmsan_internal_chain_origin+0x136/0x240 [ 331.026637] __msan_chain_origin+0x6d/0xb0 [ 331.030865] __save_stack_trace+0x8be/0xc60 [ 331.035179] save_stack_trace+0xc6/0x110 [ 331.039233] kmsan_internal_chain_origin+0x136/0x240 [ 331.044328] kmsan_memcpy_origins+0x13d/0x190 [ 331.048826] __msan_memcpy+0x6f/0x80 [ 331.052535] skb_copy_bits+0x1d2/0xc90 [ 331.056425] skb_copy+0x56c/0xba0 [ 331.059874] tcp_send_synack+0x7a3/0x18f0 [ 331.064018] tcp_rcv_state_process+0x275d/0x6c60 [ 331.068769] tcp_v4_do_rcv+0xb25/0xd80 [ 331.072655] __release_sock+0x32d/0x750 [ 331.076624] release_sock+0x99/0x2a0 [ 331.080348] __inet_stream_connect+0xdff/0x15d0 [ 331.085009] tcp_sendmsg_locked+0x6655/0x6c30 [ 331.089499] tcp_sendmsg+0xb2/0x100 [ 331.093116] inet_sendmsg+0x4e9/0x800 [ 331.096911] __sys_sendto+0x940/0xb80 [ 331.100705] __se_sys_sendto+0x107/0x130 [ 331.104768] __x64_sys_sendto+0x6e/0x90 [ 331.108741] do_syscall_64+0xcf/0x110 [ 331.112540] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 331.117724] [ 331.119340] Uninit was stored to memory at: [ 331.123658] kmsan_internal_chain_origin+0x136/0x240 [ 331.128761] __msan_chain_origin+0x6d/0xb0 [ 331.132993] __save_stack_trace+0x8be/0xc60 [ 331.137320] save_stack_trace+0xc6/0x110 [ 331.141378] kmsan_internal_chain_origin+0x136/0x240 [ 331.146475] kmsan_memcpy_origins+0x13d/0x190 [ 331.150972] __msan_memcpy+0x6f/0x80 [ 331.154685] skb_copy_bits+0x1d2/0xc90 [ 331.158570] skb_copy+0x56c/0xba0 [ 331.162030] tcp_send_synack+0x7a3/0x18f0 [ 331.166172] tcp_rcv_state_process+0x275d/0x6c60 [ 331.170918] tcp_v4_do_rcv+0xb25/0xd80 [ 331.174807] __release_sock+0x32d/0x750 [ 331.178772] release_sock+0x99/0x2a0 [ 331.182481] __inet_stream_connect+0xdff/0x15d0 [ 331.187155] tcp_sendmsg_locked+0x6655/0x6c30 [ 331.191643] tcp_sendmsg+0xb2/0x100 [ 331.195263] inet_sendmsg+0x4e9/0x800 [ 331.199060] __sys_sendto+0x940/0xb80 [ 331.202858] __se_sys_sendto+0x107/0x130 [ 331.206917] __x64_sys_sendto+0x6e/0x90 [ 331.210882] do_syscall_64+0xcf/0x110 [ 331.214677] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 331.219854] [ 331.221467] Uninit was stored to memory at: [ 331.225785] kmsan_internal_chain_origin+0x136/0x240 [ 331.230884] __msan_chain_origin+0x6d/0xb0 [ 331.235112] __save_stack_trace+0x8be/0xc60 [ 331.239447] save_stack_trace+0xc6/0x110 [ 331.243521] kmsan_internal_chain_origin+0x136/0x240 [ 331.248632] kmsan_memcpy_origins+0x13d/0x190 [ 331.253124] __msan_memcpy+0x6f/0x80 [ 331.256878] skb_copy_bits+0x1d2/0xc90 [ 331.260771] skb_copy+0x56c/0xba0 [ 331.264225] tcp_send_synack+0x7a3/0x18f0 [ 331.268377] tcp_rcv_state_process+0x275d/0x6c60 [ 331.273126] tcp_v4_do_rcv+0xb25/0xd80 [ 331.277009] __release_sock+0x32d/0x750 [ 331.280978] release_sock+0x99/0x2a0 [ 331.284685] __inet_stream_connect+0xdff/0x15d0 [ 331.289348] tcp_sendmsg_locked+0x6655/0x6c30 [ 331.293835] tcp_sendmsg+0xb2/0x100 [ 331.297458] inet_sendmsg+0x4e9/0x800 [ 331.301253] __sys_sendto+0x940/0xb80 [ 331.305048] __se_sys_sendto+0x107/0x130 [ 331.309108] __x64_sys_sendto+0x6e/0x90 [ 331.313076] do_syscall_64+0xcf/0x110 [ 331.316875] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 331.322049] [ 331.323665] Local variable description: ----_tcph.i@ip_vs_in [ 331.329449] Variable was created at: [ 331.333159] ip_vs_in+0xe9/0x3250 [ 331.336616] ip_vs_local_request4+0xec/0x130 18:16:02 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0x7000028]}, 0x10) mincore(&(0x7f00000be000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/29) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x389756b1353686c0, 0x120, 0x0, 0xffffffffffffffeb) 18:16:02 executing program 1: r0 = socket$inet6(0xa, 0x2100000000000002, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @ipv4}, 0x1c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f0000001680)}, 0x0) 18:16:02 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x2, 0x16, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x6e6bb7, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@dev, @in6}}]}, 0x50}}, 0x0) 18:16:02 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4) setsockopt$inet6_buf(r0, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f00000000c0)=0x99, 0x4) sendto$inet6(r0, &(0x7f0000000280)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e602721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a0e1d0607f57f626a5b8d476636ef1ee76307524009ae49be4db0ab2c8ea0c5ebd1e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408cc4c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669c24c206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb25c89074fcb1bba20c41bddd9ca5cd2f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2ebdfad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c5912a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe9bc88fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f400582bd95e5ad802050d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60be632697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20f4774d66c5ae0a0adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5b4967904daf833d91ae9461ef10036f8be000000", 0x5ad, 0x0, &(0x7f0000809000)={0xa, 0x1000000000004e20, 0x0, @mcast2}, 0x1c) recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000200)=""/80, 0x50}, 0x0) 18:16:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000200)="420f09c463415c77150a43dbc70f01c8430f07c481ca10dc66460f6ced48b800880000000000000f23d80f21f835000000800f23f8460f220348b8fcffffffff7f00000f23d80f21f835c00000b00f23f8", 0x51}], 0x1, 0x0, &(0x7f0000000140), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, [0x2]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000180)="c4e39549a503000000ea0f20e035000010000f22e0360f23070f23922ef2f082350700000001650f0098b09931930f235fb9b6020000b800800000ba000000000f3066b8b4000f00d0c744240085290000c744240209000000c7442406000000000f011c24", 0x65}], 0x1, 0xfffffffffffffffd, &(0x7f0000000240), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:16:02 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000872936)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000000100)=[@enter_looper], 0x1, 0x0, &(0x7f0000000180)='T'}) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x1004000000016) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x10, 0x0, &(0x7f0000005fd4)=[@acquire, @acquire={0x400c630e}], 0xfffffffffffffced, 0x0, &(0x7f0000000040)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x8, 0x0, &(0x7f00000000c0)=[@release={0x400c630f}], 0x0, 0x0, &(0x7f0000000f4d)}) 18:16:03 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$getreaper(0x2b, &(0x7f0000000100)) 18:16:03 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4) setsockopt$inet6_buf(r0, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f00000000c0)=0x99, 0x4) sendto$inet6(r0, &(0x7f0000000280)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e602721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a0e1d0607f57f626a5b8d476636ef1ee76307524009ae49be4db0ab2c8ea0c5ebd1e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408cc4c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669c24c206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb25c89074fcb1bba20c41bddd9ca5cd2f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2ebdfad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c5912a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe9bc88fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f400582bd95e5ad802050d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60be632697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20f4774d66c5ae0a0adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5b4967904daf833d91ae9461ef10036f8be000000", 0x5ad, 0x0, &(0x7f0000809000)={0xa, 0x1000000000004e20, 0x0, @mcast2}, 0x1c) recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000200)=""/80, 0x50}, 0x0) [ 332.062633] binder: 10795 RLIMIT_NICE not set 18:16:03 executing program 4: r0 = socket(0x40000000015, 0x805, 0x0) bind$inet(r0, &(0x7f00000a9000)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) sendmsg$inet_sctp(r0, &(0x7f0000000380)={&(0x7f00000007c0)=@in={0x2, 0x0, @remote}, 0x10, &(0x7f0000000780), 0x0, &(0x7f0000000480)=[@authinfo={0x18}], 0x18}, 0x4000000) [ 332.165345] binder: 10795 RLIMIT_NICE not set [ 332.196270] binder: 10802 RLIMIT_NICE not set [ 332.224030] binder: BINDER_SET_CONTEXT_MGR already set [ 332.229641] binder: 10794:10795 ioctl 40046207 0 returned -16 [ 332.283080] binder: 10802 RLIMIT_NICE not set [ 332.312424] binder: undelivered death notification, 0000000000000000 18:16:03 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0x7000028]}, 0x10) mincore(&(0x7f00000be000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/29) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x389756b1353686c0, 0x120, 0x0, 0xffffffffffffffeb) 18:16:03 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x410000, 0x0) ioctl(r0, 0x0, &(0x7f0000000040)="0a5c2d0240316285717070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) sendto$inet(r1, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)) r2 = syz_open_dev$sndpcmp(&(0x7f0000000380)='/dev/snd/pcmC#D#p\x00', 0x1, 0x300) mkdirat(r2, &(0x7f00000003c0)='\x00', 0x0) keyctl$invalidate(0x15, 0x0) recvfrom(r1, &(0x7f0000000240)=""/101, 0x6478c8501c739e53, 0x120, 0x0, 0xfffffffffffffe2b) ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) munmap(&(0x7f0000003000/0x1000)=nil, 0x1000) mremap(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil) 18:16:03 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4) setsockopt$inet6_buf(r0, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f00000000c0)=0x99, 0x4) sendto$inet6(r0, &(0x7f0000000280)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e602721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a0e1d0607f57f626a5b8d476636ef1ee76307524009ae49be4db0ab2c8ea0c5ebd1e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408cc4c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669c24c206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb25c89074fcb1bba20c41bddd9ca5cd2f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2ebdfad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c5912a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe9bc88fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f400582bd95e5ad802050d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60be632697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20f4774d66c5ae0a0adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5b4967904daf833d91ae9461ef10036f8be000000", 0x5ad, 0x0, &(0x7f0000809000)={0xa, 0x1000000000004e20, 0x0, @mcast2}, 0x1c) recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000200)=""/80, 0x50}, 0x0) 18:16:04 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0x7000028]}, 0x10) mincore(&(0x7f00000be000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/29) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x389756b1353686c0, 0x120, 0x0, 0xffffffffffffffeb) 18:16:04 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)={0x6, 0x0, [{0xc0010058, 0x0, 0x223}]}) 18:16:04 executing program 4: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000001c0)) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000140)) close(r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f00000000c0)) tkill(r0, 0x1000000000016) 18:16:04 executing program 3: r0 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000240)={'syz'}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) request_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='\x00', 0xfffffffffffffffe) 18:16:04 executing program 5: mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000) mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000040)=0x9, 0x7, 0x0) mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) [ 333.924097] kvm [10826]: vcpu0, guest rIP: 0xfff0 unimplemented MMIO_CONF_BASE wrmsr: 0x223 18:16:05 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), 0x8) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r2, &(0x7f0000000700), 0x1000000000000110) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 18:16:05 executing program 0: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) wait4(0x0, &(0x7f0000000040), 0x80000000, &(0x7f0000000400)) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='timers\x00') r1 = socket$inet(0x2, 0x4000000000000001, 0x0) writev(r1, &(0x7f0000000a80)=[{&(0x7f00000000c0)="a4", 0x1}], 0x1) sendfile(r0, r0, &(0x7f0000000000), 0x7) 18:16:05 executing program 5: r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) ftruncate(r0, 0x8200) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) lstat(&(0x7f0000000080)='./bus\x00', &(0x7f0000002bc0)) fallocate(r0, 0x0, 0x0, 0x8000) 18:16:05 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) unshare(0x24020400) setsockopt$packet_int(r0, 0x107, 0x17, &(0x7f0000000000)=0x2, 0x4) 18:16:05 executing program 0: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) wait4(0x0, &(0x7f0000000040), 0x80000000, &(0x7f0000000400)) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='timers\x00') r1 = socket$inet(0x2, 0x4000000000000001, 0x0) writev(r1, &(0x7f0000000a80)=[{&(0x7f00000000c0)="a4", 0x1}], 0x1) sendfile(r0, r0, &(0x7f0000000000), 0x7) 18:16:05 executing program 4: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000001c0)) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000140)) close(r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f00000000c0)) tkill(r0, 0x1000000000016) 18:16:05 executing program 0: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) wait4(0x0, &(0x7f0000000040), 0x80000000, &(0x7f0000000400)) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='timers\x00') r1 = socket$inet(0x2, 0x4000000000000001, 0x0) writev(r1, &(0x7f0000000a80)=[{&(0x7f00000000c0)="a4", 0x1}], 0x1) sendfile(r0, r0, &(0x7f0000000000), 0x7) 18:16:06 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), 0x8) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r2, &(0x7f0000000700), 0x1000000000000110) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 18:16:06 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x10000017) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) clock_gettime(0x0, &(0x7f0000003940)) r2 = accept4(r0, 0x0, &(0x7f0000000040), 0x0) sendmsg$key(r2, &(0x7f0000000200)={0x0, 0xd0daffff, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="100000000200000000000000000000009e6b134784d0344b81c3b7b1cc8c575553f966904e0e99bc40fa98e95807816de6855a94bb69229e497efa201b9dc84833ba98f3f1ca"], 0x46}}, 0x0) recvmmsg(r1, &(0x7f0000006940)=[{{&(0x7f0000004fc0)=@hci, 0x80, &(0x7f0000006080)=[{&(0x7f0000005080)=""/4096, 0x19de0}], 0x1}}], 0xffffff1f, 0x0, &(0x7f0000006a40)={0x77359400}) 18:16:06 executing program 1: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x1cae, 0x0) ppoll(&(0x7f00000000c0)=[{r0}], 0x1, &(0x7f0000000100)={0x77359400}, &(0x7f0000000140), 0x8) r1 = syz_open_dev$vcsn(&(0x7f0000000180)='/dev/vcs#\x00', 0x6, 0x82) write$FUSE_STATFS(r1, &(0x7f0000001900)={0x60}, 0x60) 18:16:06 executing program 4: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000001c0)) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000140)) close(r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f00000000c0)) tkill(r0, 0x1000000000016) 18:16:06 executing program 0: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) wait4(0x0, &(0x7f0000000040), 0x80000000, &(0x7f0000000400)) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='timers\x00') r1 = socket$inet(0x2, 0x4000000000000001, 0x0) writev(r1, &(0x7f0000000a80)=[{&(0x7f00000000c0)="a4", 0x1}], 0x1) sendfile(r0, r0, &(0x7f0000000000), 0x7) 18:16:06 executing program 2: msync(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x5) 18:16:06 executing program 0: mlock2(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x101) 18:16:06 executing program 2: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000380)={r1, @in6}, &(0x7f00000000c0)=0x100) 18:16:06 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000200)={0x2}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0x8000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000340)="643e67660f3a61ca9bbaf80c66b8bc5d158866efbafc0c66ed66b9800000c00f326635001000000f30f40f38c94bf80f380b5775260f01ca0f21360f180ad810", 0x40}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:16:06 executing program 0: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x4004510f, &(0x7f0000b18000)={{}, {0x0, 0xfffffdfd}}) 18:16:07 executing program 4: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000040)=""/11, 0xfd32) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000001c0)) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000240)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000140)) close(r1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f00000000c0)) tkill(r0, 0x1000000000016) 18:16:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), 0x8) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r2, &(0x7f0000000700), 0x1000000000000110) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 18:16:07 executing program 0: unshare(0x20400) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu\x00', 0x200002, 0x0) fdatasync(r0) 18:16:11 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) unshare(0x400) fcntl$setpipe(r0, 0x407, 0x0) 18:16:11 executing program 1: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa283000c200a0009000100061d85680c1baba20400ff7e", 0x24}], 0x1, 0x0, 0x0, 0x8000}, 0x4000000) 18:16:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), 0x8) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r2, &(0x7f0000000700), 0x1000000000000110) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 18:16:11 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000300)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af300200f5abfb9845f9e19859c9693206f2c60b0000000719e1d66e970123d893d974e5b9c3285677b2139823e5500c92ab5b94da3a7de19f063bb765b02bd5b660fb7fa898c6f5c6369c3f363068d10af833f6475bbe8b7967255b177607ba100f6c4654718232dbda64aa1f69cf9ab5b3ea3ed63452b7ebd37c9dae664e322e08ad8f6029fe8fd0b34c7117480471aeca0a3fc9eceb28509ca8a83e4f8b85131808bc5cfb4dc24e1901769c084c082712b470666b6dddf74ced693973ba1ded8b2920bb80740c97d59516") readahead(r0, 0x0, 0x0) 18:16:11 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d0240316285717070") r1 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r1, 0x82000004141, &(0x7f0000000040)) 18:16:11 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r0, 0x2279) [ 340.283423] netlink: 'syz-executor1': attribute type 1 has an invalid length. [ 340.309695] netlink: 'syz-executor1': attribute type 1 has an invalid length. 18:16:11 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/32, 0x18}, {&(0x7f0000000240)=""/80, 0x15}], 0x2) 18:16:11 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000300)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af300200f5abfb9845f9e19859c9693206f2c60b0000000719e1d66e970123d893d974e5b9c3285677b2139823e5500c92ab5b94da3a7de19f063bb765b02bd5b660fb7fa898c6f5c6369c3f363068d10af833f6475bbe8b7967255b177607ba100f6c4654718232dbda64aa1f69cf9ab5b3ea3ed63452b7ebd37c9dae664e322e08ad8f6029fe8fd0b34c7117480471aeca0a3fc9eceb28509ca8a83e4f8b85131808bc5cfb4dc24e1901769c084c082712b470666b6dddf74ced693973ba1ded8b2920bb80740c97d59516") readahead(r0, 0x0, 0x0) 18:16:11 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xe}]}, 0x18}}, 0x0) 18:16:11 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f000000dff8)=@file={0x1}, 0x2) add_key(&(0x7f0000bbaff8)='trusted\x00', &(0x7f0000c33ffb), &(0x7f00000d6000), 0x0, 0xffffffffffffffff) listen(r1, 0x0) add_key(&(0x7f0000efeffa)='logon\x00', &(0x7f0000accffb), &(0x7f0000bd9faa), 0x0, 0xfffffffffffffffe) dup3(r0, r1, 0x0) 18:16:11 executing program 5: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x72}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000909000/0x4000)=nil, 0x4000}, 0x1}) mremap(&(0x7f000090a000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000ffd000/0x1000)=nil) clone(0x0, &(0x7f00007d1fff), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000080)) read(r0, &(0x7f0000009f9c)=""/100, 0x64) 18:16:11 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000300)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af300200f5abfb9845f9e19859c9693206f2c60b0000000719e1d66e970123d893d974e5b9c3285677b2139823e5500c92ab5b94da3a7de19f063bb765b02bd5b660fb7fa898c6f5c6369c3f363068d10af833f6475bbe8b7967255b177607ba100f6c4654718232dbda64aa1f69cf9ab5b3ea3ed63452b7ebd37c9dae664e322e08ad8f6029fe8fd0b34c7117480471aeca0a3fc9eceb28509ca8a83e4f8b85131808bc5cfb4dc24e1901769c084c082712b470666b6dddf74ced693973ba1ded8b2920bb80740c97d59516") readahead(r0, 0x0, 0x0) 18:16:11 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000480)='/dev/loop#\x00', 0x0, 0x1100082) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x0, 0x32, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "7001e0f57c8cf6270b24e415e96042aae51d871554c11cd59cc8fb47081025bad6b39d778066f9d1ac8a570e3a42f70a7c0f30f66157a96aae15813f0dceb297", "a8a4cd01e527e6fd3de45387daf7b1ac786d0e8a75e8904655361fe06f308fe6033a61edb75c8d51c055faf7f4fdb16e0cdaa4276939a341033400", "2f18ffffffffffff4116893616105829576914e70bfeb59800f97c97644ab8a7"}) 18:16:12 executing program 1: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x800, 0x0) io_setup(0x9, &(0x7f0000001300)=0x0) preadv(r0, &(0x7f0000000700)=[{&(0x7f0000000040)=""/20, 0x14}], 0x1, 0x0) io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000001340)}]) 18:16:12 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000300)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af300200f5abfb9845f9e19859c9693206f2c60b0000000719e1d66e970123d893d974e5b9c3285677b2139823e5500c92ab5b94da3a7de19f063bb765b02bd5b660fb7fa898c6f5c6369c3f363068d10af833f6475bbe8b7967255b177607ba100f6c4654718232dbda64aa1f69cf9ab5b3ea3ed63452b7ebd37c9dae664e322e08ad8f6029fe8fd0b34c7117480471aeca0a3fc9eceb28509ca8a83e4f8b85131808bc5cfb4dc24e1901769c084c082712b470666b6dddf74ced693973ba1ded8b2920bb80740c97d59516") readahead(r0, 0x0, 0x0) 18:16:12 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bind$inet(r0, &(0x7f00001edff0)={0x2, 0x0, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000001140)={0x2, 0x0, @multicast1}, 0x10) 18:16:12 executing program 3: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) unshare(0x400) pselect6(0x40, &(0x7f0000000080), &(0x7f00000004c0)={0x9}, &(0x7f0000000300), &(0x7f0000000380)={0x0, 0x989680}, &(0x7f0000000400)={&(0x7f00000003c0), 0x8}) 18:16:12 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000000)="1a6f2d0201000000717070") r1 = socket$inet(0x2, 0x803, 0x4) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001840)={{{@in=@broadcast, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in=@broadcast, 0x0, 0xff}, 0x0, @in6=@loopback}}, 0xe8) syz_emit_ethernet(0x4a, &(0x7f0000000240)={@link_local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0xe805, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @broadcast}, @udp={0x0, 0x0, 0x28}}}}}, &(0x7f0000000380)) [ 341.331682] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x1 [ 341.364525] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x1 18:16:12 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000707ff0)={0x0, 0x10, &(0x7f0000f3eff0)=[@in={0x2, 0x0, @local={0xac, 0x2c0, 0xffffffffffffffff}}]}, &(0x7f00000001c0)=0x10) shutdown(r0, 0x2000000000000002) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000040), &(0x7f0000000080)=0x4) 18:16:12 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={"62726f7574650074881e070a1100056c0000000100000200", 0x20, 0x2, 0x210, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200006c0], 0x0, &(0x7f00000000c0), &(0x7f00000006c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x9, 0x0, 0x0, 'vlan0\x00', 'vcan0\x00', 'yam0\x00', 'erspan0\x00', @link_local, [], @empty, [], 0x70, 0x70, 0xa0}}, @common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffe}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xfffffffffffffffc, 0x1, [{{{0x3, 0x0, 0x0, 'bond_slave_1\x00', 'ip6gretap0\x00', 'bond_slave_1\x00', 'veth0\x00', @broadcast, [], @link_local, [], 0xb0, 0xb0, 0xe0, [@connbytes={'connbytes\x00', 0x18}]}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}]}, 0x288) 18:16:12 executing program 4: syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp\x00') ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000280)={0x0, &(0x7f0000000240)}) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40106436, &(0x7f0000000080)) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) sigaltstack(&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000440)) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r1, r2, &(0x7f0000000180), 0x100000001) rmdir(&(0x7f0000000480)='./file0\x00') 18:16:12 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000001c40)={&(0x7f0000000140)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001300), 0x0, &(0x7f0000000040)=[@rdma_map={0x2f, 0x114, 0x3, {{&(0x7f00000001c0)=""/4096, 0x1000}}}], 0x30}, 0x0) [ 341.655340] sctp: [Deprecated]: syz-executor1 (pid 10999) Use of int in maxseg socket option. [ 341.655340] Use struct sctp_assoc_value instead 18:16:12 executing program 5: r0 = socket$inet(0x2, 0x8000a, 0x0) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x0, @loopback}, 0x10) 18:16:12 executing program 3: process_vm_writev(0x0, &(0x7f0000002800), 0x0, &(0x7f0000000780)=[{&(0x7f00000028c0)=""/224, 0xe0}], 0x1, 0x0) r0 = socket(0x10, 0x803, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000700)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f00000002c0), 0x72, &(0x7f0000000e00)=""/241, 0xf1}, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000140)=@hci, 0x80, &(0x7f0000000d00), 0x0, &(0x7f00000024c0)=""/129, 0x81}, 0x0) process_vm_writev(0x0, &(0x7f0000000b80)=[{&(0x7f00000007c0)=""/186, 0xba}, {&(0x7f00000001c0)=""/19, 0x13}, {&(0x7f0000000d00)=""/226, 0xe2}, {&(0x7f0000000980)=""/69, 0x45}], 0x4, &(0x7f0000002180), 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f00000000c0)=""/85, 0xb}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/120, 0x6c}, {&(0x7f0000000480)=""/60, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x40d}, {&(0x7f0000000340)=""/22, 0x16}], 0x161, &(0x7f0000000600)=""/191, 0xbf}}], 0x40000000000020a, 0x0, &(0x7f0000003700)={0x77359400}) [ 341.823195] xt_connbytes: cannot load conntrack support for proto=7 [ 341.829843] xt_connbytes: Forcing CT accounting to be enabled [ 341.898895] syz-executor5 uses obsolete (PF_INET,SOCK_PACKET) 18:16:13 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000001c40)={&(0x7f0000000140)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001300), 0x0, &(0x7f0000000040)=[@rdma_map={0x2f, 0x114, 0x3, {{&(0x7f00000001c0)=""/4096, 0x1000}}}], 0x30}, 0x0) 18:16:13 executing program 1: socketpair$inet(0x1e, 0x802, 0x0, &(0x7f0000000040)={0x0}) sendmsg$key(r0, &(0x7f0000f22000)={0x0, 0x0, &(0x7f0000f22000)={&(0x7f00001d7000)=ANY=[@ANYBLOB="1e000200010020000000000000000000"], 0x10}}, 0x0) 18:16:13 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x900, 0x0) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000040)={0x1, 0x0, {0x0, 0x0, 0x0, 0x1f, 0x0, 0x60}}) preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000500)=""/89, 0x4}, {&(0x7f0000000580), 0xfc5d}, {&(0x7f00000005c0)=""/81, 0x51}, {&(0x7f0000000640)=""/232, 0xe8}], 0x1000000000000030, 0x0) 18:16:13 executing program 3: r0 = socket$unix(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x80000000003, 0x0, &(0x7f0000000100)={0x0, 0x0}) bind$unix(r0, &(0x7f0000003100)=@file={0x1, './file0\x00'}, 0x6e) dup3(r1, r0, 0x0) sendmmsg(r2, &(0x7f0000008600)=[{{0x0, 0x0, &(0x7f0000003140)}}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0\x00'}, 0xa, &(0x7f0000007380), 0x0, &(0x7f0000000600)}}], 0x2, 0x0) 18:16:13 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") sendto$inet(r0, &(0x7f00000002c0), 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) sendmmsg(r0, &(0x7f00000053c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="85", 0x1}], 0x1, &(0x7f0000000880)=[{0x10}], 0x10, 0x8000}, 0xffffffff80000001}], 0x1, 0x20008000) 18:16:13 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000001c40)={&(0x7f0000000140)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001300), 0x0, &(0x7f0000000040)=[@rdma_map={0x2f, 0x114, 0x3, {{&(0x7f00000001c0)=""/4096, 0x1000}}}], 0x30}, 0x0) 18:16:13 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x100002102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[@ANYRES64], 0x8) recvfrom(r1, &(0x7f00000003c0)=""/39, 0xffffffca, 0x0, 0x0, 0x0) recvfrom(r2, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 18:16:13 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0xb, 0x0, 0x0, "766c616e30860701ace235008a00", 'team_slave_1\x00', 'veth0_to_team\x00', 'ip_vti0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x1a8) r1 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0xd}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0xfd90, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendto$inet(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) 18:16:13 executing program 4: syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp\x00') ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000280)={0x0, &(0x7f0000000240)}) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40106436, &(0x7f0000000080)) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) sigaltstack(&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000440)) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r1, r2, &(0x7f0000000180), 0x100000001) rmdir(&(0x7f0000000480)='./file0\x00') 18:16:13 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400020000000000000000000000000000000001"], 0x1}}, 0x0) r4 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000140), 0x6b7, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10440, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000040)=0x1) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000140)={0x7}, 0x7) sync() clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 18:16:13 executing program 5: futex(&(0x7f000000cffc), 0x5, 0x0, &(0x7f00000000c0), &(0x7f0000000080), 0x13000002) 18:16:13 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000001c40)={&(0x7f0000000140)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001300), 0x0, &(0x7f0000000040)=[@rdma_map={0x2f, 0x114, 0x3, {{&(0x7f00000001c0)=""/4096, 0x1000}}}], 0x30}, 0x0) 18:16:13 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0xb, 0x0, 0x0, "766c616e30860701ace235008a00", 'team_slave_1\x00', 'veth0_to_team\x00', 'ip_vti0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x1a8) r1 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0xd}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0xfd90, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendto$inet(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) 18:16:14 executing program 5: r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x2, {{0x2, 0x0, @rand_addr=0xffffffffedddb9a5}}}, 0x88) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x0) close(r0) 18:16:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000100), 0x1e2) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @pic={0x0, 0x6, 0x0, 0x97, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0x8}}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:16:14 executing program 4: syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp\x00') ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000280)={0x0, &(0x7f0000000240)}) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40106436, &(0x7f0000000080)) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) sigaltstack(&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000440)) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r1, r2, &(0x7f0000000180), 0x100000001) rmdir(&(0x7f0000000480)='./file0\x00') 18:16:14 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0xb, 0x0, 0x0, "766c616e30860701ace235008a00", 'team_slave_1\x00', 'veth0_to_team\x00', 'ip_vti0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x1a8) r1 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0xd}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0xfd90, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendto$inet(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) 18:16:14 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x100002102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[@ANYRES64], 0x8) recvfrom(r1, &(0x7f00000003c0)=""/39, 0xffffffca, 0x0, 0x0, 0x0) recvfrom(r2, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 18:16:14 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x8) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000400)="d3ab27191a01002356ba602dff05000b", 0x10) write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[], 0x48d) recvmmsg(r1, &(0x7f00000062c0)=[{{&(0x7f0000002bc0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000003ec0), 0x3, &(0x7f0000000440)=""/190, 0xfb}}, {{&(0x7f0000004000)=@ipx, 0x80, &(0x7f0000006180), 0x228, &(0x7f00000061c0)=""/240, 0xf0}}], 0x400000000000399, 0x0, &(0x7f0000006400)={0x77359400}) 18:16:14 executing program 2: futex(&(0x7f000000cffc), 0x80000000000b, 0x0, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0x4, 0x0, &(0x7f0000fd7ff0)={0x77359400}, &(0x7f0000048000), 0x4) 18:16:14 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0xb, 0x0, 0x0, "766c616e30860701ace235008a00", 'team_slave_1\x00', 'veth0_to_team\x00', 'ip_vti0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x1a8) r1 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0xd}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0xfd90, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendto$inet(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) 18:16:14 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400020000000000000000000000000000000001"], 0x1}}, 0x0) r4 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000140), 0x6b7, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10440, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000040)=0x1) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000140)={0x7}, 0x7) sync() clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 18:16:15 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x8) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000400)="d3ab27191a01002356ba602dff05000b", 0x10) write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[], 0x48d) recvmmsg(r1, &(0x7f00000062c0)=[{{&(0x7f0000002bc0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000003ec0), 0x3, &(0x7f0000000440)=""/190, 0xfb}}, {{&(0x7f0000004000)=@ipx, 0x80, &(0x7f0000006180), 0x228, &(0x7f00000061c0)=""/240, 0xf0}}], 0x400000000000399, 0x0, &(0x7f0000006400)={0x77359400}) 18:16:15 executing program 4: syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp\x00') ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000280)={0x0, &(0x7f0000000240)}) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40106436, &(0x7f0000000080)) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) sigaltstack(&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000440)) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") sendfile(r1, r2, &(0x7f0000000180), 0x100000001) rmdir(&(0x7f0000000480)='./file0\x00') 18:16:15 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400020000000000000000000000000000000001"], 0x1}}, 0x0) r4 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000140), 0x6b7, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10440, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000040)=0x1) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000140)={0x7}, 0x7) sync() clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 18:16:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400020000000000000000000000000000000001"], 0x1}}, 0x0) r4 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000140), 0x6b7, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10440, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000040)=0x1) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000140)={0x7}, 0x7) sync() clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 18:16:15 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x100002102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[@ANYRES64], 0x8) recvfrom(r1, &(0x7f00000003c0)=""/39, 0xffffffca, 0x0, 0x0, 0x0) recvfrom(r2, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 18:16:15 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x8) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000400)="d3ab27191a01002356ba602dff05000b", 0x10) write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[], 0x48d) recvmmsg(r1, &(0x7f00000062c0)=[{{&(0x7f0000002bc0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000003ec0), 0x3, &(0x7f0000000440)=""/190, 0xfb}}, {{&(0x7f0000004000)=@ipx, 0x80, &(0x7f0000006180), 0x228, &(0x7f00000061c0)=""/240, 0xf0}}], 0x400000000000399, 0x0, &(0x7f0000006400)={0x77359400}) 18:16:15 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x8) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000400)="d3ab27191a01002356ba602dff05000b", 0x10) write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[], 0x48d) recvmmsg(r1, &(0x7f00000062c0)=[{{&(0x7f0000002bc0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000003ec0), 0x3, &(0x7f0000000440)=""/190, 0xfb}}, {{&(0x7f0000004000)=@ipx, 0x80, &(0x7f0000006180), 0x228, &(0x7f00000061c0)=""/240, 0xf0}}], 0x400000000000399, 0x0, &(0x7f0000006400)={0x77359400}) 18:16:15 executing program 2: futex(&(0x7f000000cffc), 0x80000000000b, 0x0, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0x4, 0x0, &(0x7f0000fd7ff0)={0x77359400}, &(0x7f0000048000), 0x4) 18:16:15 executing program 4: r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x6287, 0x0) r1 = dup2(r0, r0) ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f0000000280)={0x2, @output}) 18:16:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400020000000000000000000000000000000001"], 0x1}}, 0x0) r4 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000140), 0x6b7, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10440, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000040)=0x1) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000140)={0x7}, 0x7) sync() clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 18:16:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400020000000000000000000000000000000001"], 0x1}}, 0x0) r4 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000140), 0x6b7, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10440, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000040)=0x1) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000140)={0x7}, 0x7) sync() clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 18:16:16 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000280)={0x5, @raw_data="133c10aa7b2eaf3b168df4ff524b9e73293cc5d915284da03145743f25fe430a4782190735939edf84104bc561359343f6707b0c4e655677f99f5e225c3e76c9141b41a0c27506d57ee2a7eb7bb657b23d4bd8e15db06ca3afe8b14368deb7d7ff8a7d1defe88bdcc489820cd1b354d562a60b07cc41cbb6ced22556697f8399c6febefd30f92b5ab273553f242b608805937b132fbd2b68c45097db56115d038beb2a312ce49d3e0c746615def2810f08a381756b9df57922d03fcdd20a57f0b304f13ff8e14212"}) 18:16:16 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x100002102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[@ANYRES64], 0x8) recvfrom(r1, &(0x7f00000003c0)=""/39, 0xffffffca, 0x0, 0x0, 0x0) recvfrom(r2, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 18:16:16 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000240)={{0xa, 0x0, 0x3e5, @dev}, {0xa, 0x0, 0xffffffffffffff80}, 0x0, [0x0, 0x3]}, 0x5c) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x3, 0x0, @ipv4}, 0x1c) listen(r1, 0x43) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x3, 0x0, @loopback}, 0x1c) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='gre0\x00', 0x10) sendmmsg(r2, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f00007ed000)=[{&(0x7f0000000000)='u', 0x1}], 0x1, &(0x7f0000275000)}}], 0x1, 0x48084) shutdown(r2, 0x2) 18:16:16 executing program 5: socketpair$unix(0x1, 0x801, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x25, 0x1, 0x188, [0x20000500, 0x0, 0x20000530, 0x0, 0x0, 0x20000658], 0x0, &(0x7f0000000080), &(0x7f0000000500)=[{}, {0x0, '\x00', 0x0, 0x0, 0x1, [{{{0x11, 0x0, 0x0, 'vcan0\x00', 'ip_vti0\x00', 'lo\x00', 'syz_tun\x00', @link_local, [], @empty, [], 0x70, 0xa8, 0xf8}, [@common=@mark={'mark\x00', 0x10}]}, @common=@log={'log\x00', 0x28, {{0x0, "3643398478e3faccb16212322238e5f17050f5379caf7076f10f0e3ba626"}}}}]}, {0x0, '\x00', 0x1}]}, 0x200) 18:16:16 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x2000000000020, 0x7, 0x20000000000001}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f00000000c0), &(0x7f0000000540)=""/95}, 0x18) [ 345.625656] kernel msg: ebtables bug: please report to author: bad policy [ 345.655617] kernel msg: ebtables bug: please report to author: bad policy 18:16:16 executing program 5: r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1) unshare(0x400) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000140)) 18:16:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400020000000000000000000000000000000001"], 0x1}}, 0x0) r4 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000140), 0x6b7, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10440, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000040)=0x1) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000140)={0x7}, 0x7) sync() clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 18:16:16 executing program 4: epoll_pwait(0xffffffffffffffff, 0xfffffffffffffffe, 0x149, 0x0, &(0x7f0000000140), 0x8) 18:16:17 executing program 2: futex(&(0x7f000000cffc), 0x80000000000b, 0x0, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0x4, 0x0, &(0x7f0000fd7ff0)={0x77359400}, &(0x7f0000048000), 0x4) 18:16:17 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)="2f007e574d000330809022cfde26555dc9ecfe1974406edad38364782d63b6612854b9e49dbdcaef718197e37e870a308b1e3a798fa788a46d3025ef933e51828ab675064e2adbe9126423b4a73d68fbe99c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f3a9c1f60660bd4fd2fa31d2c0a775242289bce062d10d24ded5406918a66b2c75c43fe1ff458ae5cd9fec63039ba5a7b66a60ede5ccdabc7ee77660ef2358ccdff02226021384b0c235f114ed9ade92767aecc256acdeb610df42e7169f240357f735ae5fe29017e51e27252f48b95bfbbb3a865535298bdc36d71db635f41c57771db77aeaff883feb3dc3cc24bd3c036e396ad3af37945058839e812270bc40901fa654e7cc3292a82fc80c374dc07142a1c2e9d3e2528e4fdac32bcaefe910ebd3b948a3bfebef5fa8d82473c7fbf3ec", 0x0, 0x0) fcntl$notify(r1, 0x402, 0x800000000000000d) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)="2f007e574d000330809022cfde26555dc9ecfe1974406edad38364782d63b6612854b9e49dbdcaef718197e37e870a308b1e3a798fa788a46d3025ef933e51828ab675064e2adbe9126423b4a73d68fbe99c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f3a9c1f60660bd4fd2fa31d2c0a775242289bce062d10d24ded5406918a66b2c75c43fe1ff458ae5cd9fec63039ba5a7b66a60ede5ccdabc7ee77660ef2358ccdff02226021384b0c235f114ed9ade92767aecc256acdeb610df42e7169f240357f735ae5fe29017e51e27252f48b95bfbbb3a865535298bdc36d71db635f41c57771db77aeaff883feb3dc3cc24bd3c036e396ad3af37945058839e812270bc40901fa654e7cc3292a82fc80c374dc07142a1c2e9d3e2528e4fdac32bcaefe910ebd3b948a3bfebef5fa8d82473c7fbf3ec", 0x0, 0x0) unshare(0x400) fcntl$notify(r2, 0x402, 0x0) 18:16:17 executing program 5: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000008fd0)={0x8, 0x0, &(0x7f000000dff8)=[@release={0x400c630e}], 0x0, 0x0, &(0x7f00000001c0)}) 18:16:17 executing program 4: socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@remote, @rand_addr}, 0xc) setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000340)={{{@in=@broadcast, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in6=@local}, 0x0, @in6=@local}}, 0xe8) close(r3) dup3(r1, r2, 0x0) 18:16:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = dup(r0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0xc008ae88, &(0x7f0000000340)={0x79, 0x0, [0x48f]}) [ 346.402674] binder: 11189:11190 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 18:16:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) connect$inet(r0, &(0x7f0000606ff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000040)="99", 0x1, 0x400c000, &(0x7f0000000140)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000000)="df", 0x1}], 0x1, &(0x7f0000001100)}}], 0x1, 0x0) 18:16:17 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f00000000c0)=0x5e7, 0x2b0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000000)=0x80000001, 0x4) getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000c86000), &(0x7f0000000040)=0x28f) 18:16:17 executing program 5: r0 = socket$inet(0x15, 0x5, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x20, @local}, 0x10) getsockopt$inet_mreqsrc(r0, 0x0, 0x2f, &(0x7f0000000180)={@empty, @multicast2, @local}, &(0x7f00000001c0)=0xc) r1 = socket$inet(0x2, 0x80006, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000480)='/dev/amidi#\x00', 0x401, 0x10d800) r3 = dup(r0) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000380)={{{@in=@multicast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@mcast2}}, &(0x7f00000004c0)=0xe8) getgroups(0x2, &(0x7f0000000500)=[0xee01, 0xffffffffffffffff]) lchown(&(0x7f0000000340)='./file0\x00', r4, r5) r6 = accept$inet6(r2, 0x0, &(0x7f0000000000)) getsockopt$inet6_udp_int(r6, 0x11, 0x65, &(0x7f0000000040), &(0x7f00000000c0)=0x4) getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000240)=@assoc_value={0x0}, &(0x7f0000000280)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f00000002c0)={r7, 0xffffffffffffff80}, 0x8) write(0xffffffffffffffff, &(0x7f0000000200), 0x0) bind$inet(r1, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300)=0x2, 0x4) connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) 18:16:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$inet_tcp_int(r3, 0x6, 0x4000000000014, &(0x7f00000000c0)=0x80400000001, 0x240) connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @remote}, 0x10) sendto$inet(r3, &(0x7f0000000100), 0xffffffffffffff1f, 0x0, 0x0, 0x56c3) getsockopt$IPT_SO_GET_REVISION_MATCH(r3, 0x0, 0x42, &(0x7f0000000080)={'ah\x00'}, &(0x7f0000000100)=0x1e) close(r3) dup3(r1, r2, 0x0) 18:16:17 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='\x00\x00\x00\x00\x00') perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat(r0, &(0x7f0000000040)='./file0\x00', 0x1c0, 0x0) 18:16:17 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000280)="6e6574002dcddc23d866a463a9455ad4fabc44684218958ac66ce169a1a4ffe8bd24da80f3904082d10f24f4bb6250562f4d79c0de9f4827ce7269c72153e4dbfe5875fc3e93383738a2cadf7680bbff16b7bddce3c94b9e3ed0b065785330c0c7ff61657caddf7900f7ce5f927571da527148f47c5cc754badd9c28717de5eb7ed05bdbf818c63f653fe4b4b27822ef4cf2cd08b6") getdents64(r0, &(0x7f00000000c0)=""/35, 0x23) 18:16:18 executing program 3: r0 = socket(0x11, 0x2, 0x0) unshare(0x8000400) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000340), 0x4) 18:16:18 executing program 2: futex(&(0x7f000000cffc), 0x80000000000b, 0x0, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0x4, 0x0, &(0x7f0000fd7ff0)={0x77359400}, &(0x7f0000048000), 0x4) 18:16:18 executing program 0: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001fc0)={'ip_vti0\x00'}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000400)={@ipv4={[], [], @remote}}, 0x14) 18:16:18 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000280)="6e6574002dcddc23d866a463a9455ad4fabc44684218958ac66ce169a1a4ffe8bd24da80f3904082d10f24f4bb6250562f4d79c0de9f4827ce7269c72153e4dbfe5875fc3e93383738a2cadf7680bbff16b7bddce3c94b9e3ed0b065785330c0c7ff61657caddf7900f7ce5f927571da527148f47c5cc754badd9c28717de5eb7ed05bdbf818c63f653fe4b4b27822ef4cf2cd08b6") getdents64(r0, &(0x7f00000000c0)=""/35, 0x23) 18:16:18 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000002b00)=[{&(0x7f00000000c0)=@in6, 0x1c, &(0x7f00000001c0), 0x0, &(0x7f00000004c0)=[@sndrcv={0x30}, @prinfo={0x18, 0x84, 0x5, {0x10}}], 0x48}], 0x1, 0x0) 18:16:18 executing program 0: shmat(0x0, &(0x7f0000ff9000/0x4000)=nil, 0xabfe1e1f26f2a185) 18:16:18 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000280)="6e6574002dcddc23d866a463a9455ad4fabc44684218958ac66ce169a1a4ffe8bd24da80f3904082d10f24f4bb6250562f4d79c0de9f4827ce7269c72153e4dbfe5875fc3e93383738a2cadf7680bbff16b7bddce3c94b9e3ed0b065785330c0c7ff61657caddf7900f7ce5f927571da527148f47c5cc754badd9c28717de5eb7ed05bdbf818c63f653fe4b4b27822ef4cf2cd08b6") getdents64(r0, &(0x7f00000000c0)=""/35, 0x23) 18:16:18 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d0240316285717070") r1 = syz_open_dev$sndctrl(&(0x7f00000004c0)='/dev/snd/controlC#\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc0405519, &(0x7f00000000c0)={0x0, 0x3, 0x0, 0x0, [], [], [], 0x0, 0x0, 0x0, 0x0, "bcfe536e6708ac52cbc800002000"}) 18:16:18 executing program 5: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x10001) 18:16:18 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"6e72300100", 0x2}) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000010000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000240)={0x0, 0x8, [@broadcast, @broadcast, @dev, @remote, @dev, @dev={[], 0x17}, @dev, @link_local]}) 18:16:18 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff) ioctl$FS_IOC_GETFLAGS(r0, 0x81785501, &(0x7f0000000080)) 18:16:18 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000280)="6e6574002dcddc23d866a463a9455ad4fabc44684218958ac66ce169a1a4ffe8bd24da80f3904082d10f24f4bb6250562f4d79c0de9f4827ce7269c72153e4dbfe5875fc3e93383738a2cadf7680bbff16b7bddce3c94b9e3ed0b065785330c0c7ff61657caddf7900f7ce5f927571da527148f47c5cc754badd9c28717de5eb7ed05bdbf818c63f653fe4b4b27822ef4cf2cd08b6") getdents64(r0, &(0x7f00000000c0)=""/35, 0x23) 18:16:19 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r1, &(0x7f00000016c0)=""/79, 0x2d1cd2b520aa99d1) lseek(r1, 0xfffffffffffffffc, 0x1) getdents(r1, &(0x7f0000000240)=""/155, 0x9b) 18:16:19 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000040), 0xc, &(0x7f0000058000)={&(0x7f000023f000)=ANY=[@ANYBLOB="840008000000000000bd7000ffffffff0000dffc0c00000000000000000000005b659a620700fc380c2dbfdc5e9f13e1a04810d464fbc3f4c1b4e2bf501fb1bb949869c2984d914d9f04005e4fcd4dd3050bc1700612dbc3080c91745fa158cf0d7030df7f1969136edfd73294c0356675ffff00000000000000004ce56aa166b5040d"], 0x83}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f000023f000)=0xa, 0x263) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x2, 0x0, "7d9de7e7b4b95a6ec9e28b427bf1908e299fffab8c6ee01de63d0f3d19c1ee5fe745f607eb480e21f5c7917ec940e037525b5a95a7b1ad0a5b793ebefe2300"}, 0xd8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1a) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x1000000000016) 18:16:19 executing program 2: r0 = socket(0x4200000000010, 0x2, 0x0) write(r0, &(0x7f0000000000)="2400000024007f8000001200000001000003f6ff010000000000f300f1ffffff5e782c5c", 0x24) 18:16:19 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='cpuset.mems\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000100)={[{0x2f, '\x00\x00'}]}, 0x4) 18:16:19 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000000000)='H', 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f000026cfff)="c6", 0x1, 0x0, &(0x7f0000033ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000140), &(0x7f0000000180)=0x8) 18:16:19 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"6e72300100", 0x2}) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000010000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000240)={0x0, 0x8, [@broadcast, @broadcast, @dev, @remote, @dev, @dev={[], 0x17}, @dev, @link_local]}) 18:16:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) 18:16:19 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'ip_vti0\x00', 0x201e}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001fc0)={'ip_vti0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={@mcast1, 0x28, r3}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={@local, 0x7a, r3}) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000140)) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000080)={@dev, r3}, 0x14) epoll_create1(0x80000) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f00000000c0)=0x4006, 0x4) sendto$inet6(r4, &(0x7f0000000240)="0581c7000500000000000000ffa2ad88050000000000008c39160aaacb57a80000067d1a80e19e33e3c2e7725f4a5861153709000000f7402810247f0139d643ba0708e265756fe5eb8f5972eaecfffc2bd9e9aba5568a12843d4342277bd6adf74af03e90f5490f2a38ff07e4b0a084b53a683747f955a47ddc7100080000395da1a7ba8a7069cdb5f4eff4aae8b98ccd4245ad64ceaa7ad4974418b715a624f2cfdaf236512e17960229a1b3bc79b3603a800292fa7c36fb4f6c1342c60e17e6539f6bfeef0bae71fd57b9798d8b6370", 0xd1, 0x0, &(0x7f0000000000)={0xa, 0x100200000800, 0x8000000000006, @remote}, 0x1c) recvmmsg(r4, &(0x7f0000000100)=[{{&(0x7f0000000580)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000340)=""/246, 0xf6}], 0x1, &(0x7f0000000040)=""/52, 0x34}}], 0x286, 0x0, &(0x7f0000005880)={0x0, 0x1c9c380}) r5 = socket(0x10, 0xffffffffffffffff, 0x8) write(r5, &(0x7f00000001c0)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) ioctl$FS_IOC_SETVERSION(r5, 0x40087602, &(0x7f0000000000)=0x1) write(r5, &(0x7f0000000040)="1f0000000104ffffed3b54c007110000f30501000b000200000400000280cf", 0x1f) 18:16:19 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f0000000100)='/dev/snd/timer\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x0, 0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000040)={0x5, 0xaf5, 0x4, 0x0, 0xf}) 18:16:19 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000040), 0xc, &(0x7f0000058000)={&(0x7f000023f000)=ANY=[@ANYBLOB="840008000000000000bd7000ffffffff0000dffc0c00000000000000000000005b659a620700fc380c2dbfdc5e9f13e1a04810d464fbc3f4c1b4e2bf501fb1bb949869c2984d914d9f04005e4fcd4dd3050bc1700612dbc3080c91745fa158cf0d7030df7f1969136edfd73294c0356675ffff00000000000000004ce56aa166b5040d"], 0x83}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f000023f000)=0xa, 0x263) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x2, 0x0, "7d9de7e7b4b95a6ec9e28b427bf1908e299fffab8c6ee01de63d0f3d19c1ee5fe745f607eb480e21f5c7917ec940e037525b5a95a7b1ad0a5b793ebefe2300"}, 0xd8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1a) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x1000000000016) 18:16:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) 18:16:19 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"6e72300100", 0x2}) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000010000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000240)={0x0, 0x8, [@broadcast, @broadcast, @dev, @remote, @dev, @dev={[], 0x17}, @dev, @link_local]}) 18:16:20 executing program 2: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000140)={&(0x7f0000000100), 0x8}) 18:16:20 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) 18:16:20 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000040), 0xc, &(0x7f0000058000)={&(0x7f000023f000)=ANY=[@ANYBLOB="840008000000000000bd7000ffffffff0000dffc0c00000000000000000000005b659a620700fc380c2dbfdc5e9f13e1a04810d464fbc3f4c1b4e2bf501fb1bb949869c2984d914d9f04005e4fcd4dd3050bc1700612dbc3080c91745fa158cf0d7030df7f1969136edfd73294c0356675ffff00000000000000004ce56aa166b5040d"], 0x83}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f000023f000)=0xa, 0x263) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x2, 0x0, "7d9de7e7b4b95a6ec9e28b427bf1908e299fffab8c6ee01de63d0f3d19c1ee5fe745f607eb480e21f5c7917ec940e037525b5a95a7b1ad0a5b793ebefe2300"}, 0xd8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1a) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x1000000000016) 18:16:20 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"6e72300100", 0x2}) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000010000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000240)={0x0, 0x8, [@broadcast, @broadcast, @dev, @remote, @dev, @dev={[], 0x17}, @dev, @link_local]}) 18:16:20 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x7f, 0x7, 0x3, 0x0, 0xffffffffffffffff, 0x5}, 0xfffffffffffffeb5) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) ftruncate(r0, 0x9d) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") unshare(0x8020000) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x4100, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14) gettid() r2 = getpid() r3 = syz_open_procfs$namespace(r2, &(0x7f00000004c0)='ns/cMroup\x00') perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setns(r3, 0x18020004) r4 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r4, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000002300)={0x9be, 0xff}) listen(r4, 0x20000003) r5 = socket$inet6(0xa, 0x6, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x505002, 0x1) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000340)) ioctl$sock_inet_SIOCSIFBRDADDR(r4, 0x891a, &(0x7f0000000080)={'rose0\x00', {0x2, 0x4e21, @multicast1}}) ioctl$int_in(r4, 0x5452, &(0x7f0000003680)=0x8) connect$inet6(r5, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r6 = accept4(r4, &(0x7f00004d4000)=@nl=@proc, &(0x7f0000047ffc)=0xc, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000003a40)={0x72, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="ff0100000000000004630440060000006d96241b4dbacc3650dc7e6079ad3a8339ca634d377cec422c410d513430379fb7c6536e54cca3f78f4d4e6c71a4387406cc6bc00268790b35f5ce402c1dcc0919f1b4a9821a8acbb586ffc01279c547ebf3756c44c6acb1235eea4d0f8fc552283e"], 0x0, 0x0, &(0x7f0000003a00)}) ioprio_set$pid(0x0, 0x0, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) recvmmsg(r6, &(0x7f0000003700)=[{{0x0, 0x0, &(0x7f00000036c0)}, 0x5}], 0x1, 0x120, 0x0) sendmsg$xdp(r5, &(0x7f0000005d80)={&(0x7f00000037c0), 0x10, &(0x7f0000005d00), 0x0, 0x0, 0x0, 0x20000040}, 0x0) write$FUSE_STATFS(0xffffffffffffffff, &(0x7f0000000180)={0x60}, 0x60) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)=ANY=[], 0x0) connect(r6, &(0x7f00007a8000)=@generic={0x0, "8c36b043d081c3c1503af6a768406b9267f60ac286da2338bd8e3f6ba990189977170a0705ea90c13e26ba0b966b9b9d3289c8784f16963ce7c312649ce2996cd4e7126f704ab2546e516d216ed2fb7a95ff906185874a2d44029a01f46a380e73c5477efe9e01548612afd6c667be500d748038f499a492ef8fe4e62653"}, 0x80) 18:16:20 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) 18:16:20 executing program 2: r0 = socket(0x10, 0x2, 0x0) r1 = socket(0x10, 0x2, 0xc) write(r1, &(0x7f0000594000), 0x0) r2 = socket(0x10, 0x2, 0xc) write(r2, &(0x7f0000594000)="1f0000000104ff00fd4354c007110000f305da2808000100010423dcffdf00", 0x1f) dup2(r0, r1) [ 349.668373] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. [ 349.689779] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. 18:16:20 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'ip_vti0\x00', 0x201e}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001fc0)={'ip_vti0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={@mcast1, 0x28, r3}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={@local, 0x7a, r3}) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000140)) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000080)={@dev, r3}, 0x14) epoll_create1(0x80000) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f00000000c0)=0x4006, 0x4) sendto$inet6(r4, &(0x7f0000000240)="0581c7000500000000000000ffa2ad88050000000000008c39160aaacb57a80000067d1a80e19e33e3c2e7725f4a5861153709000000f7402810247f0139d643ba0708e265756fe5eb8f5972eaecfffc2bd9e9aba5568a12843d4342277bd6adf74af03e90f5490f2a38ff07e4b0a084b53a683747f955a47ddc7100080000395da1a7ba8a7069cdb5f4eff4aae8b98ccd4245ad64ceaa7ad4974418b715a624f2cfdaf236512e17960229a1b3bc79b3603a800292fa7c36fb4f6c1342c60e17e6539f6bfeef0bae71fd57b9798d8b6370", 0xd1, 0x0, &(0x7f0000000000)={0xa, 0x100200000800, 0x8000000000006, @remote}, 0x1c) recvmmsg(r4, &(0x7f0000000100)=[{{&(0x7f0000000580)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000340)=""/246, 0xf6}], 0x1, &(0x7f0000000040)=""/52, 0x34}}], 0x286, 0x0, &(0x7f0000005880)={0x0, 0x1c9c380}) r5 = socket(0x10, 0xffffffffffffffff, 0x8) write(r5, &(0x7f00000001c0)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) ioctl$FS_IOC_SETVERSION(r5, 0x40087602, &(0x7f0000000000)=0x1) write(r5, &(0x7f0000000040)="1f0000000104ffffed3b54c007110000f30501000b000200000400000280cf", 0x1f) 18:16:20 executing program 3: utimensat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={{}, {0x0, 0x7530}}, 0x361d24f4c4c1c3d0) 18:16:20 executing program 0: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000040), 0xc, &(0x7f0000058000)={&(0x7f000023f000)=ANY=[@ANYBLOB="840008000000000000bd7000ffffffff0000dffc0c00000000000000000000005b659a620700fc380c2dbfdc5e9f13e1a04810d464fbc3f4c1b4e2bf501fb1bb949869c2984d914d9f04005e4fcd4dd3050bc1700612dbc3080c91745fa158cf0d7030df7f1969136edfd73294c0356675ffff00000000000000004ce56aa166b5040d"], 0x83}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f000023f000)=0xa, 0x263) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x2, 0x0, "7d9de7e7b4b95a6ec9e28b427bf1908e299fffab8c6ee01de63d0f3d19c1ee5fe745f607eb480e21f5c7917ec940e037525b5a95a7b1ad0a5b793ebefe2300"}, 0xd8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1a) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x1000000000016) 18:16:20 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu\x00', 0x200002, 0x0) openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) 18:16:20 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000040)={&(0x7f0000006240)=@newlink={0x3c, 0x10, 0x707, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @ipip6={{0xc, 0x1, 'ip6tnl\x00'}, {0xc, 0x2, [@tunl6_policy=[@IFLA_IPTUN_FLOWINFO={0x8}]]}}}]}, 0x3c}}, 0x0) 18:16:21 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'ip_vti0\x00', 0x201e}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001fc0)={'ip_vti0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={@mcast1, 0x28, r3}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={@local, 0x7a, r3}) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000140)) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000080)={@dev, r3}, 0x14) epoll_create1(0x80000) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f00000000c0)=0x4006, 0x4) sendto$inet6(r4, &(0x7f0000000240)="0581c7000500000000000000ffa2ad88050000000000008c39160aaacb57a80000067d1a80e19e33e3c2e7725f4a5861153709000000f7402810247f0139d643ba0708e265756fe5eb8f5972eaecfffc2bd9e9aba5568a12843d4342277bd6adf74af03e90f5490f2a38ff07e4b0a084b53a683747f955a47ddc7100080000395da1a7ba8a7069cdb5f4eff4aae8b98ccd4245ad64ceaa7ad4974418b715a624f2cfdaf236512e17960229a1b3bc79b3603a800292fa7c36fb4f6c1342c60e17e6539f6bfeef0bae71fd57b9798d8b6370", 0xd1, 0x0, &(0x7f0000000000)={0xa, 0x100200000800, 0x8000000000006, @remote}, 0x1c) recvmmsg(r4, &(0x7f0000000100)=[{{&(0x7f0000000580)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000340)=""/246, 0xf6}], 0x1, &(0x7f0000000040)=""/52, 0x34}}], 0x286, 0x0, &(0x7f0000005880)={0x0, 0x1c9c380}) r5 = socket(0x10, 0xffffffffffffffff, 0x8) write(r5, &(0x7f00000001c0)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) ioctl$FS_IOC_SETVERSION(r5, 0x40087602, &(0x7f0000000000)=0x1) write(r5, &(0x7f0000000040)="1f0000000104ffffed3b54c007110000f30501000b000200000400000280cf", 0x1f) 18:16:21 executing program 1: r0 = socket(0x4200000000000011, 0x3, 0x8) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14) sendto(r0, &(0x7f0000000280)="95ab6d8af9a52c47310acf69ff5e", 0xe, 0x0, 0x0, 0x0) 18:16:21 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) epoll_pwait(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100), 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000300)={'mangle\x00'}, &(0x7f0000000140)=0x54) 18:16:21 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={&(0x7f0000000080), 0xc, &(0x7f00008a7000)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c00000000080501ff0080fffdffff2e0a0000000c000100010000007d0a00010c000200000022ff02f10000"], 0x2c}}, 0x0) 18:16:21 executing program 0: socketpair$unix(0x1, 0x41000000000002, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0xed, 0x0, &(0x7f0000000080), 0x16) [ 350.456241] IPVS: ftp: loaded support on port[0] = 21 [ 350.466417] netlink: 'syz-executor2': attribute type 2 has an invalid length. [ 350.555153] IPVS: ftp: loaded support on port[0] = 21 18:16:21 executing program 0: r0 = memfd_create(&(0x7f00000000c0)=',%\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000027ff3)='/dev/snd/seq\x00', 0x0, 0x20005) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, "9ede7a8c5ae95e48000000000000007f4f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa0500000074dbcfa6dc4d"}) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") write$sndseq(r0, &(0x7f000000a000)=[{0x0, 0x3, 0x0, 0x0, @tick=0xfffffffffffffffd, {}, {}, @ext={0x0, &(0x7f0000038ffe)}}], 0x30) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000000)={0x800000000056, @time={0x0, 0x989680}}) 18:16:21 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x800000000000004) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x10000000002, 0x300) socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000c580)={'ip6gre0\x00', 0x0}) bind$packet(r1, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000003080)=[{{&(0x7f00000000c0)=@ll={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14, &(0x7f0000000480), 0x0, &(0x7f0000000500)}}, {{0x0, 0x0, &(0x7f0000002940), 0x0, &(0x7f0000002980)}}], 0x2, 0x0) 18:16:22 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'ip_vti0\x00', 0x201e}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001fc0)={'ip_vti0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={@mcast1, 0x28, r3}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={@local, 0x7a, r3}) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000140)) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000080)={@dev, r3}, 0x14) epoll_create1(0x80000) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f00000000c0)=0x4006, 0x4) sendto$inet6(r4, &(0x7f0000000240)="0581c7000500000000000000ffa2ad88050000000000008c39160aaacb57a80000067d1a80e19e33e3c2e7725f4a5861153709000000f7402810247f0139d643ba0708e265756fe5eb8f5972eaecfffc2bd9e9aba5568a12843d4342277bd6adf74af03e90f5490f2a38ff07e4b0a084b53a683747f955a47ddc7100080000395da1a7ba8a7069cdb5f4eff4aae8b98ccd4245ad64ceaa7ad4974418b715a624f2cfdaf236512e17960229a1b3bc79b3603a800292fa7c36fb4f6c1342c60e17e6539f6bfeef0bae71fd57b9798d8b6370", 0xd1, 0x0, &(0x7f0000000000)={0xa, 0x100200000800, 0x8000000000006, @remote}, 0x1c) recvmmsg(r4, &(0x7f0000000100)=[{{&(0x7f0000000580)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000340)=""/246, 0xf6}], 0x1, &(0x7f0000000040)=""/52, 0x34}}], 0x286, 0x0, &(0x7f0000005880)={0x0, 0x1c9c380}) r5 = socket(0x10, 0xffffffffffffffff, 0x8) write(r5, &(0x7f00000001c0)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) ioctl$FS_IOC_SETVERSION(r5, 0x40087602, &(0x7f0000000000)=0x1) write(r5, &(0x7f0000000040)="1f0000000104ffffed3b54c007110000f30501000b000200000400000280cf", 0x1f) 18:16:22 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000001c0), 0xc, &(0x7f0000000000)={&(0x7f0000000440)=@ipv4_getnetconf={0x14, 0x52, 0x1}, 0x14}}, 0x0) sendmmsg$alg(r1, &(0x7f0000000140), 0x492492492492805, 0x0) 18:16:22 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) epoll_pwait(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100), 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000300)={'mangle\x00'}, &(0x7f0000000140)=0x54) 18:16:22 executing program 0: add_key(&(0x7f0000000180)='asymmetric\x00', &(0x7f00000001c0), &(0x7f0000000200)="3082008bc8718e41645f36cb63ed7801fcc569ce49db476cfdd0d88cd8b934ccc08a36e362ef5a29500246e10ff2f66fc6cdbf55fef375329420a959f6bae207b9671002ca32de199b0be222f0d8a073d768777c52a193b60e8182d00f06866a5d9402525061d91c02bb117b933eec4fc8d341c42d6f849f212a24a5a8fda22b134d853a0b86489faea61518d2a3ed", 0x8f, 0xfffffffffffffffd) [ 351.055759] IPVS: ftp: loaded support on port[0] = 21 18:16:22 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x800000000000004) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x10000000002, 0x300) socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000c580)={'ip6gre0\x00', 0x0}) bind$packet(r1, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000003080)=[{{&(0x7f00000000c0)=@ll={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14, &(0x7f0000000480), 0x0, &(0x7f0000000500)}}, {{0x0, 0x0, &(0x7f0000002940), 0x0, &(0x7f0000002980)}}], 0x2, 0x0) 18:16:22 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'ip_vti0\x00', 0x201e}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001fc0)={'ip_vti0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={@mcast1, 0x28, r3}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={@local, 0x7a, r3}) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000140)) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000080)={@dev, r3}, 0x14) epoll_create1(0x80000) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f00000000c0)=0x4006, 0x4) sendto$inet6(r4, &(0x7f0000000240)="0581c7000500000000000000ffa2ad88050000000000008c39160aaacb57a80000067d1a80e19e33e3c2e7725f4a5861153709000000f7402810247f0139d643ba0708e265756fe5eb8f5972eaecfffc2bd9e9aba5568a12843d4342277bd6adf74af03e90f5490f2a38ff07e4b0a084b53a683747f955a47ddc7100080000395da1a7ba8a7069cdb5f4eff4aae8b98ccd4245ad64ceaa7ad4974418b715a624f2cfdaf236512e17960229a1b3bc79b3603a800292fa7c36fb4f6c1342c60e17e6539f6bfeef0bae71fd57b9798d8b6370", 0xd1, 0x0, &(0x7f0000000000)={0xa, 0x100200000800, 0x8000000000006, @remote}, 0x1c) recvmmsg(r4, &(0x7f0000000100)=[{{&(0x7f0000000580)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000340)=""/246, 0xf6}], 0x1, &(0x7f0000000040)=""/52, 0x34}}], 0x286, 0x0, &(0x7f0000005880)={0x0, 0x1c9c380}) r5 = socket(0x10, 0xffffffffffffffff, 0x8) write(r5, &(0x7f00000001c0)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) ioctl$FS_IOC_SETVERSION(r5, 0x40087602, &(0x7f0000000000)=0x1) write(r5, &(0x7f0000000040)="1f0000000104ffffed3b54c007110000f30501000b000200000400000280cf", 0x1f) 18:16:22 executing program 0: add_key(&(0x7f0000000180)='asymmetric\x00', &(0x7f00000001c0), &(0x7f0000000200)="3082008bc8718e41645f36cb63ed7801fcc569ce49db476cfdd0d88cd8b934ccc08a36e362ef5a29500246e10ff2f66fc6cdbf55fef375329420a959f6bae207b9671002ca32de199b0be222f0d8a073d768777c52a193b60e8182d00f06866a5d9402525061d91c02bb117b933eec4fc8d341c42d6f849f212a24a5a8fda22b134d853a0b86489faea61518d2a3ed", 0x8f, 0xfffffffffffffffd) 18:16:22 executing program 0: add_key(&(0x7f0000000180)='asymmetric\x00', &(0x7f00000001c0), &(0x7f0000000200)="3082008bc8718e41645f36cb63ed7801fcc569ce49db476cfdd0d88cd8b934ccc08a36e362ef5a29500246e10ff2f66fc6cdbf55fef375329420a959f6bae207b9671002ca32de199b0be222f0d8a073d768777c52a193b60e8182d00f06866a5d9402525061d91c02bb117b933eec4fc8d341c42d6f849f212a24a5a8fda22b134d853a0b86489faea61518d2a3ed", 0x8f, 0xfffffffffffffffd) 18:16:22 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x800000000000004) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x10000000002, 0x300) socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000c580)={'ip6gre0\x00', 0x0}) bind$packet(r1, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000003080)=[{{&(0x7f00000000c0)=@ll={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14, &(0x7f0000000480), 0x0, &(0x7f0000000500)}}, {{0x0, 0x0, &(0x7f0000002940), 0x0, &(0x7f0000002980)}}], 0x2, 0x0) 18:16:22 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) epoll_pwait(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100), 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000300)={'mangle\x00'}, &(0x7f0000000140)=0x54) 18:16:22 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) 18:16:22 executing program 0: add_key(&(0x7f0000000180)='asymmetric\x00', &(0x7f00000001c0), &(0x7f0000000200)="3082008bc8718e41645f36cb63ed7801fcc569ce49db476cfdd0d88cd8b934ccc08a36e362ef5a29500246e10ff2f66fc6cdbf55fef375329420a959f6bae207b9671002ca32de199b0be222f0d8a073d768777c52a193b60e8182d00f06866a5d9402525061d91c02bb117b933eec4fc8d341c42d6f849f212a24a5a8fda22b134d853a0b86489faea61518d2a3ed", 0x8f, 0xfffffffffffffffd) [ 351.824646] IPVS: ftp: loaded support on port[0] = 21 18:16:23 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'ip_vti0\x00', 0x201e}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001fc0)={'ip_vti0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={@mcast1, 0x28, r3}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={@local, 0x7a, r3}) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000140)) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000080)={@dev, r3}, 0x14) epoll_create1(0x80000) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f00000000c0)=0x4006, 0x4) sendto$inet6(r4, &(0x7f0000000240)="0581c7000500000000000000ffa2ad88050000000000008c39160aaacb57a80000067d1a80e19e33e3c2e7725f4a5861153709000000f7402810247f0139d643ba0708e265756fe5eb8f5972eaecfffc2bd9e9aba5568a12843d4342277bd6adf74af03e90f5490f2a38ff07e4b0a084b53a683747f955a47ddc7100080000395da1a7ba8a7069cdb5f4eff4aae8b98ccd4245ad64ceaa7ad4974418b715a624f2cfdaf236512e17960229a1b3bc79b3603a800292fa7c36fb4f6c1342c60e17e6539f6bfeef0bae71fd57b9798d8b6370", 0xd1, 0x0, &(0x7f0000000000)={0xa, 0x100200000800, 0x8000000000006, @remote}, 0x1c) recvmmsg(r4, &(0x7f0000000100)=[{{&(0x7f0000000580)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000340)=""/246, 0xf6}], 0x1, &(0x7f0000000040)=""/52, 0x34}}], 0x286, 0x0, &(0x7f0000005880)={0x0, 0x1c9c380}) r5 = socket(0x10, 0xffffffffffffffff, 0x8) write(r5, &(0x7f00000001c0)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) ioctl$FS_IOC_SETVERSION(r5, 0x40087602, &(0x7f0000000000)=0x1) write(r5, &(0x7f0000000040)="1f0000000104ffffed3b54c007110000f30501000b000200000400000280cf", 0x1f) 18:16:23 executing program 0: r0 = socket$inet(0x2b, 0x801, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000300)={&(0x7f0000000000)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10, &(0x7f0000000280), 0x0, &(0x7f00000002c0)}, 0x20000081) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x0, 'tunl0\x00'}, 0x18) 18:16:23 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) epoll_pwait(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100), 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) unshare(0x6c060000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000300)={'mangle\x00'}, &(0x7f0000000140)=0x54) 18:16:23 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x800000000000004) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x10000000002, 0x300) socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000c580)={'ip6gre0\x00', 0x0}) bind$packet(r1, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r1, &(0x7f0000003080)=[{{&(0x7f00000000c0)=@ll={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14, &(0x7f0000000480), 0x0, &(0x7f0000000500)}}, {{0x0, 0x0, &(0x7f0000002940), 0x0, &(0x7f0000002980)}}], 0x2, 0x0) 18:16:23 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'ip_vti0\x00', 0x201e}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001fc0)={'ip_vti0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={@mcast1, 0x28, r3}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={@local, 0x7a, r3}) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000140)) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000080)={@dev, r3}, 0x14) epoll_create1(0x80000) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f00000000c0)=0x4006, 0x4) sendto$inet6(r4, &(0x7f0000000240)="0581c7000500000000000000ffa2ad88050000000000008c39160aaacb57a80000067d1a80e19e33e3c2e7725f4a5861153709000000f7402810247f0139d643ba0708e265756fe5eb8f5972eaecfffc2bd9e9aba5568a12843d4342277bd6adf74af03e90f5490f2a38ff07e4b0a084b53a683747f955a47ddc7100080000395da1a7ba8a7069cdb5f4eff4aae8b98ccd4245ad64ceaa7ad4974418b715a624f2cfdaf236512e17960229a1b3bc79b3603a800292fa7c36fb4f6c1342c60e17e6539f6bfeef0bae71fd57b9798d8b6370", 0xd1, 0x0, &(0x7f0000000000)={0xa, 0x100200000800, 0x8000000000006, @remote}, 0x1c) recvmmsg(r4, &(0x7f0000000100)=[{{&(0x7f0000000580)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000340)=""/246, 0xf6}], 0x1, &(0x7f0000000040)=""/52, 0x34}}], 0x286, 0x0, &(0x7f0000005880)={0x0, 0x1c9c380}) r5 = socket(0x10, 0xffffffffffffffff, 0x8) write(r5, &(0x7f00000001c0)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) ioctl$FS_IOC_SETVERSION(r5, 0x40087602, &(0x7f0000000000)=0x1) write(r5, &(0x7f0000000040)="1f0000000104ffffed3b54c007110000f30501000b000200000400000280cf", 0x1f) [ 352.382223] IPVS: ftp: loaded support on port[0] = 21 18:16:23 executing program 0: r0 = socket$inet(0x2b, 0x801, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000300)={&(0x7f0000000000)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10, &(0x7f0000000280), 0x0, &(0x7f00000002c0)}, 0x20000081) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x0, 'tunl0\x00'}, 0x18) [ 352.649764] binder_alloc: binder_alloc_mmap_handler: 11413 20001000-20004000 already mapped failed -16 [ 352.676227] binder_alloc: 11413: binder_alloc_buf, no vma [ 352.677544] binder: BINDER_SET_CONTEXT_MGR already set [ 352.682257] binder: 11413:11440 transaction failed 29189/-3, size 24-8 line 2973 [ 352.687460] binder: 11413:11419 ioctl 40046207 0 returned -16 [ 352.767872] binder: send failed reply for transaction 5 to 11413:11419 18:16:23 executing program 0: r0 = socket$inet(0x2b, 0x801, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000300)={&(0x7f0000000000)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10, &(0x7f0000000280), 0x0, &(0x7f00000002c0)}, 0x20000081) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x0, 'tunl0\x00'}, 0x18) [ 352.862576] binder: undelivered TRANSACTION_ERROR: 29189 18:16:24 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) 18:16:24 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) 18:16:24 executing program 4: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) 18:16:24 executing program 0: r0 = socket$inet(0x2b, 0x801, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000300)={&(0x7f0000000000)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10, &(0x7f0000000280), 0x0, &(0x7f00000002c0)}, 0x20000081) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x0, 'tunl0\x00'}, 0x18) 18:16:24 executing program 5: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000280)={0x0, 0x0}) recvmsg(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)=@l2, 0x80, &(0x7f0000000180)=[{&(0x7f0000000340)=""/233, 0xfffffde4}], 0x1004, &(0x7f0000002200)=""/4096, 0x1000}, 0x0) sendmsg(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100), 0x49, &(0x7f0000000200)}, 0x0) [ 353.347130] binder: BINDER_SET_CONTEXT_MGR already set [ 353.352902] binder: 11450:11462 ioctl 40046207 0 returned -16 [ 353.362216] binder: BINDER_SET_CONTEXT_MGR already set [ 353.367706] binder: 11449:11461 ioctl 40046207 0 returned -16 18:16:24 executing program 5: write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000080)={0x9}, 0x9) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047", 0x3b}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000009e00fb034d564b002c120001"]) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [0xd90]}) [ 353.414212] binder: 11450:11462 Release 1 refcount change on invalid ref 1 ret -22 [ 353.440828] binder: 11449:11465 BC_INCREFS_DONE u0000000000000000 no match [ 353.537214] binder: 11449:11461 Release 1 refcount change on invalid ref 1 ret -22 18:16:24 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x1, 0x0, 0xfffffffffffffffc}) 18:16:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x1000085) r2 = memfd_create(&(0x7f0000000100)='\x00', 0x2) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x1081806) fcntl$addseals(r2, 0x409, 0x8) ioctl$LOOP_SET_CAPACITY(r1, 0x4c07) sendfile(r1, r2, &(0x7f0000000200), 0xff) sync() pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000000040)='-', 0x1}], 0x1, 0x0) 18:16:24 executing program 0: unshare(0x2000400) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x0, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) 18:16:25 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$vsock_stream(0x28, 0x1, 0x0) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) [ 354.033278] binder: release 11448:11459 transaction 10 out, still active 18:16:25 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000000440)={0x0, 0x12, 0x0, @thr={&(0x7f0000000240), &(0x7f0000000340)}}, &(0x7f00000000c0)) r1 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x0, 0x0) read(r1, &(0x7f00000001c0)=""/105, 0x69) ioctl$KVM_SET_NR_MMU_PAGES(r1, 0x9204, 0xffff) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, r2+10000000}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x4000000000000014) [ 354.119339] binder: release 11449:11463 transaction 16 out, still active [ 354.151800] binder: release 11450:11464 transaction 13 out, still active 18:16:25 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) get_thread_area(&(0x7f0000001d80)) [ 354.287320] binder: send failed reply for transaction 10, target dead [ 354.294157] binder: send failed reply for transaction 13, target dead [ 354.300800] binder: send failed reply for transaction 16, target dead 18:16:25 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) 18:16:25 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) 18:16:25 executing program 4: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) 18:16:25 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600004d9b0000000000007e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 18:16:25 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x4, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000140)={0xf000000, 0x1, 0x0, [], &(0x7f0000000000)={0x98f908, 0xfffffffffffffffd, [], @string=&(0x7f00000000c0)}}) [ 354.606378] netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. [ 354.620271] binder: BINDER_SET_CONTEXT_MGR already set [ 354.625886] binder: 11497:11504 ioctl 40046207 0 returned -16 [ 354.675705] binder: 11497:11504 Release 1 refcount change on invalid ref 1 ret -22 [ 354.694148] binder: BINDER_SET_CONTEXT_MGR already set [ 354.699734] binder: 11503:11507 ioctl 40046207 0 returned -16 18:16:25 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000680)={&(0x7f0000000040), 0xc, &(0x7f0000000640)={&(0x7f0000000480)=@acquire={0x134, 0x17, 0x109, 0x0, 0x0, {{@in6=@loopback}, @in=@multicast1, {@in=@remote, @in=@multicast2}, {{@in=@loopback, @in6=@dev}}}, [@mark={0xc}]}, 0x134}}, 0x0) [ 354.750045] binder: 11503:11507 Release 1 refcount change on invalid ref 1 ret -22 18:16:25 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x93e, 0xffffff9e}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0) 18:16:26 executing program 3: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKPG(r0, 0x40140921, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000040)}) [ 355.014259] bridge_slave_0: FDB only supports static addresses [ 355.029968] bridge_slave_0: FDB only supports static addresses 18:16:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$inet6_sctp(0xa, 0x200000000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x7, &(0x7f0000ad2000), &(0x7f0000000080)=0xfdd2) 18:16:26 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002880)=ANY=[]}, 0x2}, 0x0) 18:16:26 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0x32, &(0x7f0000000080)=0x3, 0x4) [ 355.292258] binder: release 11495:11502 transaction 20 out, still active [ 355.335581] binder: release 11497:11504 transaction 23 out, still active [ 355.404885] binder: release 11503:11507 transaction 26 out, still active 18:16:26 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) [ 355.537161] binder: send failed reply for transaction 20, target dead [ 355.544231] binder: send failed reply for transaction 23, target dead [ 355.550873] binder: send failed reply for transaction 26, target dead 18:16:26 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) 18:16:26 executing program 4: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, &(0x7f0000000700)='+'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done], 0x0, 0x0, &(0x7f0000000780)}) ppoll(&(0x7f0000000480)=[{r0}], 0x1, &(0x7f0000000180), &(0x7f0000000380), 0x8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f0000000680)}) 18:16:26 executing program 5: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmsg$inet_sctp(r0, &(0x7f00000000c0)={&(0x7f0000139ff0)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000140)="f2", 0x1}], 0x1, &(0x7f0000000100)}, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @dev, 0x3}], 0x1c) sendmmsg$inet_sctp(r0, &(0x7f0000000080)=[{&(0x7f0000000180)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10, &(0x7f0000562000), 0x0, &(0x7f00000c3000)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x241}}], 0x20}], 0x4924924924924d0, 0x0) 18:16:26 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x31, 0xffffffffffffffff, 0x0) ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000000)) 18:16:26 executing program 0: syz_open_procfs(0x0, &(0x7f0000000280)='net/ptype\x00') socket$inet6(0xa, 0x1, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000440)='/dev/rfkill\x00', 0x0, 0x0) pipe(&(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000480)='/', 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 355.903419] binder: BINDER_SET_CONTEXT_MGR already set [ 355.908805] binder: 11535:11544 ioctl 40046207 0 returned -16 [ 355.920833] binder: BINDER_SET_CONTEXT_MGR already set [ 355.926286] binder: 11537:11546 ioctl 40046207 0 returned -16 [ 355.945216] binder: 11537:11546 Release 1 refcount change on invalid ref 1 ret -22 [ 355.954082] binder: 11535:11544 Release 1 refcount change on invalid ref 1 ret -22 18:16:27 executing program 3: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x8000000205, 0x0) write$P9_RMKDIR(r0, &(0x7f00000000c0)={0x14}, 0x14) ioctl$int_in(r0, 0x80000000005001, &(0x7f0000000300)) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f00000006c0)={0x9, 0xfffffff6, 0xfa00, {0xffffffffffffffff, 0x0, '\x00', "7ccbf7a2830c61096588472343ad539204870ed0f98d5bcfa47a6327192c638cd699c62c057cb131ba032830951c1a27137fe5d1f9783ba2e4561a7c66002ab4d72ec448bf7c2439a4ac6c7d45d15542228bc153ab9bfff8b4cb34dbf2b2f172d8eb7be3c8f3e10c1c1f263087640bf8bef20f7d389ee6f364ec457de5c06797d3767ddb7bdc4fe305e9f64204accefae16d36ab1c99d719f42cfdfc87c93f4e24a23d31fafc8a3b4d9765342aee416447b73e93aba17831975dbc26c58bdb0b15ae3f911f4c051dab3f5b3f5c35dd233730b02b68c475d59d085db06d9077db479a5c2d0384e2fec49e7b9578e1e56f4661de3cbd9a81e084f0513253ded1b5"}}, 0xfffffdd5) 18:16:27 executing program 0: unshare(0x20400) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) listen(r0, 0x0) 18:16:27 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x6, 0x4) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000180)=""/143, &(0x7f00000000c0)=0x3c3) sendto$inet6(r0, &(0x7f00000000c0), 0x10282, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x100000002, @mcast2}, 0x1c) [ 356.467087] binder: release 11530:11534 transaction 30 out, still active 18:16:27 executing program 2: r0 = socket$inet(0x2, 0x6000000000000003, 0x6) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='tunl0\x00', 0x106) sendto$inet(r0, &(0x7f0000000200)="f4b2d1d3758a94ee59c6ce4d6e196ba1ab2f91796c93c3cb", 0x18, 0x404c0c0, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") sendto$inet(r0, &(0x7f0000000080), 0xfe7a, 0x49f0, &(0x7f00000001c0)={0x2, 0x0, @rand_addr}, 0x10) [ 356.556148] binder: send failed reply for transaction 30, target dead [ 356.563020] binder: send failed reply for transaction 33 to 11537:11546 [ 356.569862] binder: send failed reply for transaction 36 to 11535:11544 [ 356.625218] not chained 110000 origins [ 356.629160] CPU: 0 PID: 11554 Comm: syz-executor3 Not tainted 4.20.0-rc3+ #89 [ 356.636439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 356.645799] Call Trace: [ 356.648421] dump_stack+0x32d/0x480 [ 356.652071] kmsan_internal_chain_origin+0x222/0x240 [ 356.657201] ? _raw_spin_lock_irqsave+0x320/0x490 [ 356.662075] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 356.667559] ? depot_save_stack+0x398/0x4b0 [ 356.671901] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 356.677022] ? kmsan_internal_chain_origin+0x90/0x240 [ 356.682272] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 356.687653] ? is_bpf_text_address+0x49e/0x4d0 [ 356.692258] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 356.697727] ? in_task_stack+0x12c/0x210 [ 356.701817] __msan_chain_origin+0x6d/0xb0 [ 356.706077] __save_stack_trace+0x833/0xc60 [ 356.710420] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 356.715831] ? save_stack_trace+0xc6/0x110 [ 356.720082] save_stack_trace+0xc6/0x110 [ 356.724163] kmsan_internal_chain_origin+0x136/0x240 [ 356.729290] ? kmsan_internal_chain_origin+0x136/0x240 [ 356.734583] ? kmsan_memcpy_origins+0x13d/0x190 [ 356.739264] ? __msan_memcpy+0x6f/0x80 [ 356.743160] ? mulaw_decode+0x629/0xa00 [ 356.747141] ? mulaw_transfer+0x4dd/0x510 [ 356.751300] ? snd_pcm_plug_write_transfer+0x598/0x750 [ 356.756588] ? snd_pcm_oss_write2+0x2af/0xa60 [ 356.761088] ? snd_pcm_oss_sync1+0x2b1/0x9c0 [ 356.765517] ? snd_pcm_oss_sync+0xdfa/0x1430 [ 356.769944] ? snd_pcm_oss_ioctl+0x1e8e/0x8860 [ 356.774542] ? do_vfs_ioctl+0xfbc/0x2f70 [ 356.778621] ? __se_sys_ioctl+0x1da/0x270 [ 356.782777] ? __x64_sys_ioctl+0x4a/0x70 [ 356.786851] ? do_syscall_64+0xcf/0x110 [ 356.790844] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 356.796225] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 356.801603] ? update_load_avg+0x12ae/0x1db0 [ 356.806122] ? apic_timer_interrupt+0xa/0x20 [ 356.810554] ? mulaw_encode+0xad0/0xad0 [ 356.814801] ? __entry_text_end+0x7/0x7 [ 356.818803] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 356.824183] ? vmalloc_to_page+0x585/0x6c0 [ 356.828444] ? kmsan_get_origin_address+0xdc/0x360 [ 356.833397] kmsan_memcpy_origins+0x13d/0x190 [ 356.837917] __msan_memcpy+0x6f/0x80 [ 356.841653] mulaw_decode+0x629/0xa00 [ 356.845492] mulaw_transfer+0x4dd/0x510 [ 356.849482] ? mulaw_encode+0xad0/0xad0 [ 356.853473] ? mulaw_decode+0xa00/0xa00 [ 356.857464] snd_pcm_plug_write_transfer+0x598/0x750 [ 356.862611] snd_pcm_oss_write2+0x2af/0xa60 [ 356.866971] snd_pcm_oss_sync1+0x2b1/0x9c0 [ 356.871237] ? arch_local_irq_disable+0x10/0x10 [ 356.875926] snd_pcm_oss_sync+0xdfa/0x1430 [ 356.880197] snd_pcm_oss_ioctl+0x1e8e/0x8860 [ 356.884637] ? kmsan_set_origin+0x7f/0x100 [ 356.888898] ? __msan_poison_alloca+0x1e0/0x270 [ 356.893591] ? do_vfs_ioctl+0x184/0x2f70 [ 356.897663] ? __se_sys_ioctl+0x1da/0x270 [ 356.901829] ? snd_pcm_oss_poll+0x10b0/0x10b0 [ 356.906332] do_vfs_ioctl+0xfbc/0x2f70 [ 356.910248] ? security_file_ioctl+0x92/0x200 [ 356.914760] __se_sys_ioctl+0x1da/0x270 [ 356.918755] __x64_sys_ioctl+0x4a/0x70 [ 356.922654] do_syscall_64+0xcf/0x110 [ 356.926471] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 356.931668] RIP: 0033:0x457569 [ 356.934872] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 356.953789] RSP: 002b:00007f36711adc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 356.961521] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 356.968810] RDX: 0000000020000300 RSI: 0080000000005001 RDI: 0000000000000004 [ 356.976090] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 356.983620] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f36711ae6d4 [ 356.990900] R13: 00000000004c2110 R14: 00000000004d3270 R15: 00000000ffffffff [ 356.998187] Uninit was stored to memory at: [ 357.002525] kmsan_internal_chain_origin+0x136/0x240 [ 357.007652] __msan_chain_origin+0x6d/0xb0 [ 357.011895] save_stack_trace+0xfa/0x110 [ 357.015966] kmsan_internal_chain_origin+0x136/0x240 [ 357.021080] kmsan_memcpy_origins+0x13d/0x190 [ 357.025593] __msan_memcpy+0x6f/0x80 [ 357.029318] mulaw_decode+0x629/0xa00 [ 357.033133] mulaw_transfer+0x4dd/0x510 [ 357.037119] snd_pcm_plug_write_transfer+0x598/0x750 [ 357.042238] snd_pcm_oss_write2+0x2af/0xa60 [ 357.046577] snd_pcm_oss_sync1+0x2b1/0x9c0 [ 357.050830] snd_pcm_oss_sync+0xdfa/0x1430 [ 357.055078] snd_pcm_oss_ioctl+0x1e8e/0x8860 [ 357.059493] do_vfs_ioctl+0xfbc/0x2f70 [ 357.063388] __se_sys_ioctl+0x1da/0x270 [ 357.067377] __x64_sys_ioctl+0x4a/0x70 [ 357.071281] do_syscall_64+0xcf/0x110 18:16:27 executing program 5: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) socket$netlink(0x10, 0x3, 0x9) r1 = open(&(0x7f0000000280)='./bus\x00', 0x242, 0x0) ftruncate(r1, 0x10001) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000000)="8c", 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendfile(r0, r1, &(0x7f0000d83ff8), 0x8000fffffffe) 18:16:28 executing program 5: r0 = socket$inet(0x2, 0x6000000000000003, 0x6) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000080)={0x0, @in6={{0xa, 0x0, 0x0, @mcast2}}}, &(0x7f0000000140)=0x98) sendto$inet(r0, &(0x7f0000000080), 0xfe7a, 0x0, &(0x7f00000001c0)={0x2, 0x0, @rand_addr}, 0x10) [ 357.075098] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 357.080288] [ 357.081917] Uninit was stored to memory at: [ 357.086254] kmsan_internal_chain_origin+0x136/0x240 [ 357.091374] __msan_chain_origin+0x6d/0xb0 [ 357.095623] __save_stack_trace+0x833/0xc60 [ 357.099961] save_stack_trace+0xc6/0x110 [ 357.104038] kmsan_internal_chain_origin+0x136/0x240 [ 357.109159] kmsan_memcpy_origins+0x13d/0x190 [ 357.113674] __msan_memcpy+0x6f/0x80 [ 357.117399] mulaw_decode+0x629/0xa00 [ 357.121215] mulaw_transfer+0x4dd/0x510 18:16:28 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1, 0x44}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 18:16:28 executing program 5: r0 = socket$nl_generic(0xa, 0x3, 0x10) setsockopt$netlink_NETLINK_RX_RING(r0, 0x29, 0x6, &(0x7f0000000ff0)={0x1c2, 0x0, 0x29}, 0x1c2) 18:16:28 executing program 1: r0 = socket$inet(0x10, 0x2, 0x6) sendmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000880)="24000000520007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 357.125203] snd_pcm_plug_write_transfer+0x598/0x750 [ 357.130312] snd_pcm_oss_write2+0x2af/0xa60 [ 357.134644] snd_pcm_oss_sync1+0x2b1/0x9c0 [ 357.138891] snd_pcm_oss_sync+0xdfa/0x1430 [ 357.143142] snd_pcm_oss_ioctl+0x1e8e/0x8860 [ 357.147575] do_vfs_ioctl+0xfbc/0x2f70 [ 357.151476] __se_sys_ioctl+0x1da/0x270 [ 357.155457] __x64_sys_ioctl+0x4a/0x70 [ 357.159353] do_syscall_64+0xcf/0x110 [ 357.163175] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 357.168362] [ 357.169996] Uninit was stored to memory at: [ 357.174333] kmsan_internal_chain_origin+0x136/0x240 [ 357.179450] __msan_chain_origin+0x6d/0xb0 [ 357.183702] save_stack_trace+0xfa/0x110 [ 357.187778] kmsan_internal_chain_origin+0x136/0x240 [ 357.192901] kmsan_memcpy_origins+0x13d/0x190 [ 357.197411] __msan_memcpy+0x6f/0x80 [ 357.201146] mulaw_decode+0x629/0xa00 [ 357.204962] mulaw_transfer+0x4dd/0x510 [ 357.208958] snd_pcm_plug_write_transfer+0x598/0x750 [ 357.214077] snd_pcm_oss_write2+0x2af/0xa60 [ 357.218408] snd_pcm_oss_sync1+0x2b1/0x9c0 [ 357.222659] snd_pcm_oss_sync+0xdfa/0x1430 [ 357.226908] snd_pcm_oss_ioctl+0x1e8e/0x8860 [ 357.231330] do_vfs_ioctl+0xfbc/0x2f70 [ 357.235231] __se_sys_ioctl+0x1da/0x270 [ 357.239215] __x64_sys_ioctl+0x4a/0x70 [ 357.243113] do_syscall_64+0xcf/0x110 [ 357.246933] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 357.252123] [ 357.253752] Uninit was stored to memory at: [ 357.258091] kmsan_internal_chain_origin+0x136/0x240 [ 357.263208] __msan_chain_origin+0x6d/0xb0 [ 357.267460] __save_stack_trace+0x833/0xc60 [ 357.271799] save_stack_trace+0xc6/0x110 [ 357.275886] kmsan_internal_chain_origin+0x136/0x240 [ 357.281007] kmsan_memcpy_origins+0x13d/0x190 [ 357.285513] __msan_memcpy+0x6f/0x80 [ 357.289244] mulaw_decode+0x629/0xa00 [ 357.293061] mulaw_transfer+0x4dd/0x510 [ 357.297046] snd_pcm_plug_write_transfer+0x598/0x750 [ 357.302160] snd_pcm_oss_write2+0x2af/0xa60 [ 357.306505] snd_pcm_oss_sync1+0x2b1/0x9c0 [ 357.310759] snd_pcm_oss_sync+0xdfa/0x1430 [ 357.315015] snd_pcm_oss_ioctl+0x1e8e/0x8860 [ 357.319433] do_vfs_ioctl+0xfbc/0x2f70 [ 357.323333] __se_sys_ioctl+0x1da/0x270 [ 357.327318] __x64_sys_ioctl+0x4a/0x70 [ 357.331222] do_syscall_64+0xcf/0x110 [ 357.335049] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 357.340246] [ 357.341874] Uninit was stored to memory at: [ 357.346205] kmsan_internal_chain_origin+0x136/0x240 [ 357.351319] __msan_chain_origin+0x6d/0xb0 [ 357.355573] save_stack_trace+0xfa/0x110 [ 357.359648] kmsan_internal_chain_origin+0x136/0x240 [ 357.364766] kmsan_memcpy_origins+0x13d/0x190 [ 357.369275] __msan_memcpy+0x6f/0x80 [ 357.372998] mulaw_decode+0x629/0xa00 [ 357.376817] mulaw_transfer+0x4dd/0x510 [ 357.380814] snd_pcm_plug_write_transfer+0x598/0x750 [ 357.385929] snd_pcm_oss_write2+0x2af/0xa60 [ 357.390262] snd_pcm_oss_sync1+0x2b1/0x9c0 [ 357.394508] snd_pcm_oss_sync+0xdfa/0x1430 [ 357.398760] snd_pcm_oss_ioctl+0x1e8e/0x8860 [ 357.403168] do_vfs_ioctl+0xfbc/0x2f70 [ 357.407061] __se_sys_ioctl+0x1da/0x270 [ 357.411216] __x64_sys_ioctl+0x4a/0x70 [ 357.415109] do_syscall_64+0xcf/0x110 [ 357.418923] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 357.424111] [ 357.425756] Uninit was stored to memory at: [ 357.430190] kmsan_internal_chain_origin+0x136/0x240 [ 357.435303] __msan_chain_origin+0x6d/0xb0 [ 357.439554] __save_stack_trace+0x833/0xc60 [ 357.443872] save_stack_trace+0xc6/0x110 [ 357.447933] kmsan_internal_chain_origin+0x136/0x240 [ 357.453031] kmsan_memcpy_origins+0x13d/0x190 [ 357.457523] __msan_memcpy+0x6f/0x80 [ 357.461240] mulaw_decode+0x629/0xa00 [ 357.465036] mulaw_transfer+0x4dd/0x510 [ 357.469008] snd_pcm_plug_write_transfer+0x598/0x750 [ 357.474110] snd_pcm_oss_write2+0x2af/0xa60 [ 357.478427] snd_pcm_oss_sync1+0x2b1/0x9c0 [ 357.482658] snd_pcm_oss_sync+0xdfa/0x1430 [ 357.486883] snd_pcm_oss_ioctl+0x1e8e/0x8860 [ 357.491286] do_vfs_ioctl+0xfbc/0x2f70 [ 357.495164] __se_sys_ioctl+0x1da/0x270 [ 357.499127] __x64_sys_ioctl+0x4a/0x70 [ 357.503017] do_syscall_64+0xcf/0x110 [ 357.506824] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 357.512000] [ 357.513617] Uninit was stored to memory at: [ 357.517932] kmsan_internal_chain_origin+0x136/0x240 [ 357.523030] __msan_chain_origin+0x6d/0xb0 [ 357.527259] save_stack_trace+0xfa/0x110 [ 357.531315] kmsan_internal_chain_origin+0x136/0x240 [ 357.536412] kmsan_memcpy_origins+0x13d/0x190 [ 357.540898] __msan_memcpy+0x6f/0x80 [ 357.544604] mulaw_decode+0x629/0xa00 [ 357.548401] mulaw_transfer+0x4dd/0x510 [ 357.552371] snd_pcm_plug_write_transfer+0x598/0x750 [ 357.557469] snd_pcm_oss_write2+0x2af/0xa60 [ 357.561782] snd_pcm_oss_sync1+0x2b1/0x9c0 [ 357.566011] snd_pcm_oss_sync+0xdfa/0x1430 [ 357.570236] snd_pcm_oss_ioctl+0x1e8e/0x8860 [ 357.574644] do_vfs_ioctl+0xfbc/0x2f70 [ 357.578524] __se_sys_ioctl+0x1da/0x270 [ 357.582501] __x64_sys_ioctl+0x4a/0x70 [ 357.586379] do_syscall_64+0xcf/0x110 [ 357.590175] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 357.595352] [ 357.596969] Local variable description: ----old.addr.i.i.i@should_fail [ 357.603620] Variable was created at: [ 357.607333] should_fail+0x123/0x13c0 [ 357.611126] __should_failslab+0x278/0x2a0 18:16:28 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000001c0)={0x0, 0x0}) fcntl$lock(r0, 0x7, &(0x7f0000000200)={0x0, 0x6, 0xe0bb, 0x4, r1}) clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000005ed0050bfa30000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000002c460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48) r3 = dup3(r2, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800480000280000000000009078ac2314bbac1414aa830700ac2314bb8903000000000090ffffffffff"], &(0x7f00000002c0)) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f00000000c0)={0x19, 0x6, 0x10000}) exit(0x4000000) openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x4, 0x0) [ 357.653859] binder: undelivered TRANSACTION_ERROR: 29189 [ 357.689147] binder: undelivered TRANSACTION_ERROR: 29189 18:16:28 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) mbind(&(0x7f0000ff1000/0xc000)=nil, 0xc000, 0x4003, &(0x7f0000000040)=0x9, 0x7, 0x0) mlock2(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0) munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000) 18:16:28 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={0x0, {0x2, 0x0, @loopback}, {0x2, 0x0, @loopback}, {0x2, 0x0, @remote}, 0x27}) ioctl$sock_inet_SIOCDELRT(r1, 0x890c, &(0x7f0000000100)={0x0, {0x2, 0x0, @loopback}, {0x2, 0x0, @loopback}, {0x2, 0x0, @multicast2}, 0xa4}) 18:16:29 executing program 3: unshare(0x8000400) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) fanotify_mark(r1, 0x2, 0x12, 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') 18:16:29 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) unshare(0x24020400) setsockopt$packet_int(r0, 0x107, 0x17, &(0x7f0000000000), 0x336) 18:16:29 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x7f) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000440), 0xffffffffffffffba, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'lo\x00'}) symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00') keyctl$chown(0x4, 0x0, 0x0, 0x0) r3 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffefa, 0x0) sendto$inet6(r3, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x0) 18:16:29 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x2, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6, 0x0, 0x33}, 0x0, @in6=@local}}, 0xe8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) 18:16:29 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1, 0x44}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 18:16:30 executing program 5: r0 = socket$rds(0x15, 0x5, 0x0) fremovexattr(r0, &(0x7f0000000200)=@known='system.sockprotoname\x00') fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f00000002c0)) 18:16:30 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1, 0x44}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 18:16:30 executing program 0: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x0, @loopback}, @in={0x2, 0x4e20, @multicast2}], 0x2c) 18:16:30 executing program 5: unshare(0x400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000080)={0x0, r2}) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000000)) 18:16:32 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000001c0)={0x0, 0x0}) fcntl$lock(r0, 0x7, &(0x7f0000000200)={0x0, 0x6, 0xe0bb, 0x4, r1}) clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000005ed0050bfa30000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000002c460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48) r3 = dup3(r2, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800480000280000000000009078ac2314bbac1414aa830700ac2314bb8903000000000090ffffffffff"], &(0x7f00000002c0)) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f00000000c0)={0x19, 0x6, 0x10000}) exit(0x4000000) openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x4, 0x0) 18:16:32 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2182001ff0, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = eventfd(0x0) read$eventfd(r1, &(0x7f0000000100), 0x8) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/wireless\x00') sendfile(r1, r2, &(0x7f0000000180), 0x1000000008) 18:16:32 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000001c0)={0x0, 0x0}) fcntl$lock(r0, 0x7, &(0x7f0000000200)={0x0, 0x6, 0xe0bb, 0x4, r1}) clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000005ed0050bfa30000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000002c460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48) r3 = dup3(r2, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800480000280000000000009078ac2314bbac1414aa830700ac2314bb8903000000000090ffffffffff"], &(0x7f00000002c0)) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f00000000c0)={0x19, 0x6, 0x10000}) exit(0x4000000) openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x4, 0x0) 18:16:33 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000d00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x8802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000040)={'veth0\x00'}) 18:16:33 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x7f) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000440), 0xffffffffffffffba, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'lo\x00'}) symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00') keyctl$chown(0x4, 0x0, 0x0, 0x0) r3 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffefa, 0x0) sendto$inet6(r3, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x0) 18:16:33 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1, 0x44}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 18:16:33 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2182001ff0, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = eventfd(0x0) read$eventfd(r1, &(0x7f0000000100), 0x8) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/wireless\x00') sendfile(r1, r2, &(0x7f0000000180), 0x1000000008) 18:16:33 executing program 5: r0 = socket$inet6(0xa, 0x80003, 0x810000000000006) ioctl(r0, 0x8912, &(0x7f0000000040)="153f6234488dd25d766070") io_cancel(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)="b012", 0x2}, &(0x7f0000000180)) mmap(&(0x7f0000013000/0x1000)=nil, 0x1000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x53, &(0x7f0000000240), &(0x7f0000000040)=0x30) close(r2) close(r1) 18:16:33 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2182001ff0, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = eventfd(0x0) read$eventfd(r1, &(0x7f0000000100), 0x8) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/wireless\x00') sendfile(r1, r2, &(0x7f0000000180), 0x1000000008) 18:16:33 executing program 3: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x6287, 0x0) ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000280)={0x1}) 18:16:33 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000001c0)={0x0, 0x0}) fcntl$lock(r0, 0x7, &(0x7f0000000200)={0x0, 0x6, 0xe0bb, 0x4, r1}) clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000005ed0050bfa30000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000002c460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48) r3 = dup3(r2, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800480000280000000000009078ac2314bbac1414aa830700ac2314bb8903000000000090ffffffffff"], &(0x7f00000002c0)) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f00000000c0)={0x19, 0x6, 0x10000}) exit(0x4000000) openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x4, 0x0) 18:16:33 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2182001ff0, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = eventfd(0x0) read$eventfd(r1, &(0x7f0000000100), 0x8) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/wireless\x00') sendfile(r1, r2, &(0x7f0000000180), 0x1000000008) 18:16:33 executing program 4: r0 = socket$inet_dccp(0x2, 0x6, 0x0) readv(r0, &(0x7f0000001780)=[{&(0x7f0000000380)=""/210, 0xd2}, {&(0x7f0000000480)=""/251, 0xfb}, {&(0x7f0000000580)=""/249, 0xf9}, {&(0x7f0000000680)=""/122, 0x7a}, {&(0x7f0000000700)=""/4096, 0x1000}, {&(0x7f0000001700)=""/96, 0x60}], 0x6) fcntl$getflags(0xffffffffffffffff, 0x40a) accept4$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, &(0x7f0000001840)=0x10, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000001880)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}}}, &(0x7f0000001940)=0x90) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000001980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x20) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$VIDIOC_TRY_ENCODER_CMD(0xffffffffffffffff, 0xc028564e, &(0x7f0000001800)={0x0, 0x0, [0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x40]}) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x1f, 0x0, "8c0eb7912a86ff3e23764a3c01af55410c3d3f813a4513a691be997c7ee1235982875b8ae5c27fc73eb383beca956b51a34191ad3a9f70ebee5f1d003dcd4427c273be993dd363cc8f36cc7f609a2371"}, 0xd8) r2 = dup(r1) setsockopt$inet6_tcp_int(r2, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x81, 0x4) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$revoke(0x3, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000240)='vegas\x00', 0x54) sendto$inet6(r1, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x20) ftruncate(r3, 0x7fff) sendfile(r2, r3, &(0x7f0000000040), 0x8000fffffffe) getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0x2000000000000de, &(0x7f0000000040), &(0x7f0000000200)=0x4) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000), 0x4) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000001a00)=""/212) 18:16:33 executing program 0: timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000040000)) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = gettid() r2 = socket$inet(0x2, 0x1, 0x0) mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0xfffffffffffffffc, 0x8972, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f0000134000)={0x2, 0x4e23, @broadcast}, 0x10) connect$inet(r2, &(0x7f00000e5000)={0x2, 0x4e23, @loopback}, 0x10) connect$inet(r2, &(0x7f00009322c4)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r2, &(0x7f00000000c0), 0xff84, 0x0, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10) dup2(r0, r2) tkill(r1, 0x1000000000016) 18:16:33 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00002c5fe8)) r1 = epoll_create1(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001180)={{&(0x7f0000013000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$sndtimer(&(0x7f0000f85ff1)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0x40045402, &(0x7f0000013000)) r3 = dup(r2) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000001c0)) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r3, 0x4010ae74, &(0x7f0000000180)) dup3(r1, r0, 0x0) [ 362.918726] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 18:16:34 executing program 2: r0 = socket(0x10, 0x4000000000000002, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={"6c6f000000000000cdd7c268f17bd576", &(0x7f0000000300)=@ethtool_gstrings={0x1b, 0x4}}) 18:16:34 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x7f) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000440), 0xffffffffffffffba, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'lo\x00'}) symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00') keyctl$chown(0x4, 0x0, 0x0, 0x0) r3 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffefa, 0x0) sendto$inet6(r3, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x0) 18:16:34 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000002c0)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00', 0x19, 0x1, 0x1d0, [0x20000080, 0x0, 0x0, 0x200000b0, 0x20000220], 0x0, &(0x7f0000000000), &(0x7f0000000080)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'rose0\x00', 'ip_vti0\x00', 'ipddp0\x00', 'teql0\x00', @dev, [], @remote, [], 0x108, 0x108, 0x140, [@limit={'limit\x00', 0x20, {{0x0, 0xde}}}, @nfacct={'nfacct\x00', 0x28, {{'syz1\x00'}}}]}}, @common=@mark={'mark\x00', 0x10}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}]}, 0x248) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 363.346726] not chained 120000 origins [ 363.350678] CPU: 0 PID: 11700 Comm: syz-executor0 Not tainted 4.20.0-rc3+ #89 [ 363.357957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.367323] Call Trace: [ 363.369946] dump_stack+0x32d/0x480 [ 363.373631] kmsan_internal_chain_origin+0x222/0x240 [ 363.378778] ? save_stack_trace+0xc6/0x110 [ 363.383036] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 363.388163] ? kmsan_internal_chain_origin+0x90/0x240 [ 363.393384] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 363.398765] ? is_bpf_text_address+0x49e/0x4d0 [ 363.402995] xt_nfacct: accounting object `syz1' does not exists [ 363.403366] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 363.403386] ? in_task_stack+0x12c/0x210 [ 363.403417] __msan_chain_origin+0x6d/0xb0 [ 363.403439] ? tcp_send_synack+0x7a3/0x18f0 [ 363.403458] __save_stack_trace+0x8be/0xc60 [ 363.403494] ? tcp_send_synack+0x7a3/0x18f0 [ 363.436245] save_stack_trace+0xc6/0x110 [ 363.440332] kmsan_internal_chain_origin+0x136/0x240 [ 363.445467] ? kmsan_internal_chain_origin+0x136/0x240 [ 363.450759] ? kmsan_memcpy_origins+0x13d/0x190 [ 363.455449] ? __msan_memcpy+0x6f/0x80 [ 363.459356] ? skb_copy_bits+0x1d2/0xc90 [ 363.463435] ? skb_copy+0x56c/0xba0 [ 363.467078] ? tcp_send_synack+0x7a3/0x18f0 [ 363.471413] ? tcp_rcv_state_process+0x275d/0x6c60 [ 363.476355] ? tcp_v4_do_rcv+0xb25/0xd80 [ 363.477817] xt_nfacct: accounting object `syz1' does not exists [ 363.480427] ? __release_sock+0x32d/0x750 [ 363.480446] ? release_sock+0x99/0x2a0 [ 363.480468] ? __inet_stream_connect+0xdff/0x15d0 [ 363.480486] ? inet_stream_connect+0xff/0x170 [ 363.480507] ? __sys_connect+0x745/0x860 [ 363.480527] ? __se_sys_connect+0x8d/0xb0 [ 363.480544] ? __x64_sys_connect+0x4a/0x70 [ 363.480582] ? do_syscall_64+0xcf/0x110 [ 363.520463] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 363.525851] ? memcg_kmem_put_cache+0x73/0x460 [ 363.530443] ? __kmalloc_node_track_caller+0x1010/0x14e0 [ 363.535925] ? __msan_get_context_state+0x9/0x20 [ 363.540691] ? INIT_INT+0xc/0x30 [ 363.544076] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 363.549453] ? __msan_get_context_state+0x9/0x20 [ 363.554221] ? kmem_cache_alloc_node+0x27b/0xec0 [ 363.558999] kmsan_memcpy_origins+0x13d/0x190 [ 363.563511] __msan_memcpy+0x6f/0x80 [ 363.567244] skb_copy_bits+0x1d2/0xc90 [ 363.571157] skb_copy+0x56c/0xba0 [ 363.574638] tcp_send_synack+0x7a3/0x18f0 [ 363.578799] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 363.584287] tcp_rcv_state_process+0x275d/0x6c60 [ 363.589083] tcp_v4_do_rcv+0xb25/0xd80 [ 363.592985] ? __local_bh_enable_ip+0x11f/0x260 [ 363.597672] ? inet_sk_rx_dst_set+0x200/0x200 [ 363.602185] __release_sock+0x32d/0x750 [ 363.606182] release_sock+0x99/0x2a0 [ 363.609915] __inet_stream_connect+0xdff/0x15d0 [ 363.614611] ? wait_woken+0x5b0/0x5b0 [ 363.618432] inet_stream_connect+0xff/0x170 [ 363.622772] ? __inet_stream_connect+0x15d0/0x15d0 [ 363.627719] __sys_connect+0x745/0x860 [ 363.631628] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 363.637089] ? prepare_exit_to_usermode+0x182/0x4c0 [ 363.642128] __se_sys_connect+0x8d/0xb0 18:16:34 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x200000005, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet6_opts(r1, 0x29, 0x37, &(0x7f0000000440)=""/202, &(0x7f0000000400)=0xffffffffffffff7c) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x73, &(0x7f0000000040), &(0x7f0000000080)=0x10) close(r0) [ 363.646122] __x64_sys_connect+0x4a/0x70 [ 363.650198] do_syscall_64+0xcf/0x110 [ 363.654022] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 363.659224] RIP: 0033:0x457569 [ 363.662429] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 363.681342] RSP: 002b:00007fbbf9bbec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 363.689067] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 363.696350] RDX: 0000000000000010 RSI: 00000000200e5000 RDI: 0000000000000006 [ 363.703633] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 363.710912] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbbf9bbf6d4 [ 363.718199] R13: 00000000004bda43 R14: 00000000004cc868 R15: 00000000ffffffff [ 363.725489] Uninit was stored to memory at: [ 363.729830] kmsan_internal_chain_origin+0x136/0x240 [ 363.734949] __msan_chain_origin+0x6d/0xb0 [ 363.739198] __save_stack_trace+0x8be/0xc60 [ 363.743534] save_stack_trace+0xc6/0x110 [ 363.747618] kmsan_internal_chain_origin+0x136/0x240 [ 363.752738] kmsan_memcpy_origins+0x13d/0x190 [ 363.757245] __msan_memcpy+0x6f/0x80 [ 363.760973] skb_copy_bits+0x1d2/0xc90 [ 363.764878] skb_copy+0x56c/0xba0 [ 363.768338] tcp_send_synack+0x7a3/0x18f0 [ 363.772500] tcp_rcv_state_process+0x275d/0x6c60 [ 363.777265] tcp_v4_do_rcv+0xb25/0xd80 [ 363.781160] __release_sock+0x32d/0x750 [ 363.785140] release_sock+0x99/0x2a0 [ 363.788865] __inet_stream_connect+0xdff/0x15d0 [ 363.793559] inet_stream_connect+0xff/0x170 [ 363.797891] __sys_connect+0x745/0x860 [ 363.801787] __se_sys_connect+0x8d/0xb0 [ 363.805779] __x64_sys_connect+0x4a/0x70 [ 363.809856] do_syscall_64+0xcf/0x110 [ 363.813667] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 363.819114] [ 363.820746] Uninit was stored to memory at: [ 363.825078] kmsan_internal_chain_origin+0x136/0x240 [ 363.830192] __msan_chain_origin+0x6d/0xb0 [ 363.834437] __save_stack_trace+0x8be/0xc60 [ 363.838773] save_stack_trace+0xc6/0x110 [ 363.842853] kmsan_internal_chain_origin+0x136/0x240 18:16:34 executing program 2: r0 = syz_open_dev$swradio(&(0x7f00000001c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_QUERY_EXT_CTRL(r0, 0xc0e85667, &(0x7f0000000280)={0x40000000, 0x0, "44543ea9417dbf50423acc2117e2c690d13bd7029bf3bc843943912e85c030a0"}) [ 363.847971] kmsan_memcpy_origins+0x13d/0x190 [ 363.852477] __msan_memcpy+0x6f/0x80 [ 363.856204] skb_copy_bits+0x1d2/0xc90 [ 363.860105] skb_copy+0x56c/0xba0 [ 363.863579] tcp_send_synack+0x7a3/0x18f0 [ 363.867748] tcp_rcv_state_process+0x275d/0x6c60 [ 363.872544] tcp_v4_do_rcv+0xb25/0xd80 [ 363.876467] __release_sock+0x32d/0x750 [ 363.880454] release_sock+0x99/0x2a0 [ 363.884190] __inet_stream_connect+0xdff/0x15d0 [ 363.888876] inet_stream_connect+0xff/0x170 [ 363.893212] __sys_connect+0x745/0x860 [ 363.897118] __se_sys_connect+0x8d/0xb0 [ 363.901108] __x64_sys_connect+0x4a/0x70 [ 363.905182] do_syscall_64+0xcf/0x110 [ 363.909000] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 363.914192] [ 363.915828] Uninit was stored to memory at: [ 363.920161] kmsan_internal_chain_origin+0x136/0x240 [ 363.925284] __msan_chain_origin+0x6d/0xb0 [ 363.929537] __save_stack_trace+0x8be/0xc60 [ 363.933879] save_stack_trace+0xc6/0x110 [ 363.938052] kmsan_internal_chain_origin+0x136/0x240 [ 363.943255] kmsan_memcpy_origins+0x13d/0x190 [ 363.947763] __msan_memcpy+0x6f/0x80 [ 363.951494] skb_copy_bits+0x1d2/0xc90 [ 363.955392] skb_copy+0x56c/0xba0 [ 363.958860] tcp_send_synack+0x7a3/0x18f0 [ 363.963028] tcp_rcv_state_process+0x275d/0x6c60 [ 363.967816] tcp_v4_do_rcv+0xb25/0xd80 [ 363.971718] __release_sock+0x32d/0x750 [ 363.975707] release_sock+0x99/0x2a0 [ 363.979432] __inet_stream_connect+0xdff/0x15d0 [ 363.984114] inet_stream_connect+0xff/0x170 [ 363.988453] __sys_connect+0x745/0x860 [ 363.992354] __se_sys_connect+0x8d/0xb0 [ 363.996337] __x64_sys_connect+0x4a/0x70 [ 364.000415] do_syscall_64+0xcf/0x110 [ 364.004236] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.009429] [ 364.011059] Uninit was stored to memory at: [ 364.015408] kmsan_internal_chain_origin+0x136/0x240 [ 364.020521] __msan_chain_origin+0x6d/0xb0 [ 364.024776] __save_stack_trace+0x8be/0xc60 [ 364.029111] save_stack_trace+0xc6/0x110 [ 364.033183] kmsan_internal_chain_origin+0x136/0x240 [ 364.038294] kmsan_memcpy_origins+0x13d/0x190 [ 364.042799] __msan_memcpy+0x6f/0x80 18:16:35 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="9e"], 0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000001c0)={0x0, 0x0, 0x1}, 0x20) sendmmsg$alg(r1, &(0x7f0000005d40)=[{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000002c0)="ca", 0x1}], 0x1}], 0x1, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffe94, 0x0) shutdown(r2, 0x1) 18:16:35 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x5, 0x7b, 0x200000000001, 0x100000001}, 0x2c) syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r0, &(0x7f00000001c0), &(0x7f0000000080)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000180), &(0x7f0000000280)}, 0x20) [ 364.046532] skb_copy_bits+0x1d2/0xc90 [ 364.050537] skb_copy+0x56c/0xba0 [ 364.054012] tcp_send_synack+0x7a3/0x18f0 [ 364.058176] tcp_rcv_state_process+0x275d/0x6c60 [ 364.062944] tcp_v4_do_rcv+0xb25/0xd80 [ 364.066850] __release_sock+0x32d/0x750 [ 364.070844] release_sock+0x99/0x2a0 [ 364.074585] __inet_stream_connect+0xdff/0x15d0 [ 364.079265] inet_stream_connect+0xff/0x170 [ 364.083602] __sys_connect+0x745/0x860 [ 364.087509] __se_sys_connect+0x8d/0xb0 [ 364.091510] __x64_sys_connect+0x4a/0x70 [ 364.095595] do_syscall_64+0xcf/0x110 [ 364.099406] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.104597] [ 364.106233] Uninit was stored to memory at: [ 364.110580] kmsan_internal_chain_origin+0x136/0x240 [ 364.115705] __msan_chain_origin+0x6d/0xb0 [ 364.119957] __save_stack_trace+0x8be/0xc60 [ 364.124296] save_stack_trace+0xc6/0x110 [ 364.128373] kmsan_internal_chain_origin+0x136/0x240 [ 364.133505] kmsan_memcpy_origins+0x13d/0x190 [ 364.138034] __msan_memcpy+0x6f/0x80 [ 364.141769] skb_copy_bits+0x1d2/0xc90 [ 364.145678] skb_copy+0x56c/0xba0 [ 364.149145] tcp_send_synack+0x7a3/0x18f0 [ 364.153308] tcp_rcv_state_process+0x275d/0x6c60 [ 364.158075] tcp_v4_do_rcv+0xb25/0xd80 [ 364.161975] __release_sock+0x32d/0x750 [ 364.165964] release_sock+0x99/0x2a0 [ 364.169694] __inet_stream_connect+0xdff/0x15d0 [ 364.174374] inet_stream_connect+0xff/0x170 [ 364.178714] __sys_connect+0x745/0x860 [ 364.182621] __se_sys_connect+0x8d/0xb0 [ 364.186610] __x64_sys_connect+0x4a/0x70 [ 364.190686] do_syscall_64+0xcf/0x110 [ 364.194505] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.199699] [ 364.201426] Uninit was stored to memory at: [ 364.205771] kmsan_internal_chain_origin+0x136/0x240 [ 364.210893] __msan_chain_origin+0x6d/0xb0 [ 364.215142] __save_stack_trace+0x8be/0xc60 [ 364.219476] save_stack_trace+0xc6/0x110 [ 364.223567] kmsan_internal_chain_origin+0x136/0x240 [ 364.228685] kmsan_memcpy_origins+0x13d/0x190 [ 364.233195] __msan_memcpy+0x6f/0x80 [ 364.236927] skb_copy_bits+0x1d2/0xc90 [ 364.240836] skb_copy+0x56c/0xba0 [ 364.244301] tcp_send_synack+0x7a3/0x18f0 [ 364.248639] tcp_rcv_state_process+0x275d/0x6c60 [ 364.253410] tcp_v4_do_rcv+0xb25/0xd80 [ 364.257307] __release_sock+0x32d/0x750 [ 364.261293] release_sock+0x99/0x2a0 [ 364.265040] __inet_stream_connect+0xdff/0x15d0 [ 364.269739] inet_stream_connect+0xff/0x170 [ 364.274076] __sys_connect+0x745/0x860 [ 364.277985] __se_sys_connect+0x8d/0xb0 [ 364.281979] __x64_sys_connect+0x4a/0x70 [ 364.286060] do_syscall_64+0xcf/0x110 [ 364.289879] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.295071] [ 364.296713] Uninit was stored to memory at: [ 364.301050] kmsan_internal_chain_origin+0x136/0x240 [ 364.306166] __msan_chain_origin+0x6d/0xb0 [ 364.310433] __save_stack_trace+0x8be/0xc60 [ 364.314783] save_stack_trace+0xc6/0x110 [ 364.318871] kmsan_internal_chain_origin+0x136/0x240 [ 364.323994] kmsan_memcpy_origins+0x13d/0x190 [ 364.328535] __msan_memcpy+0x6f/0x80 [ 364.332277] skb_copy_bits+0x1d2/0xc90 [ 364.336176] skb_copy+0x56c/0xba0 [ 364.339647] tcp_send_synack+0x7a3/0x18f0 [ 364.343818] tcp_rcv_state_process+0x275d/0x6c60 [ 364.348592] tcp_v4_do_rcv+0xb25/0xd80 [ 364.352494] __release_sock+0x32d/0x750 [ 364.356483] release_sock+0x99/0x2a0 [ 364.360215] __inet_stream_connect+0xdff/0x15d0 [ 364.364904] inet_stream_connect+0xff/0x170 [ 364.369438] __sys_connect+0x745/0x860 [ 364.373342] __se_sys_connect+0x8d/0xb0 [ 364.377334] __x64_sys_connect+0x4a/0x70 [ 364.381408] do_syscall_64+0xcf/0x110 [ 364.385221] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.390407] [ 364.392043] Local variable description: ----_tcph.i@ip_vs_in [ 364.397837] Variable was created at: [ 364.401568] ip_vs_in+0xe9/0x3250 [ 364.405031] ip_vs_local_request4+0xec/0x130 18:16:35 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='projid_map\x00') write$binfmt_aout(r0, &(0x7f0000000440), 0x20) 18:16:35 executing program 4: r0 = socket$inet_dccp(0x2, 0x6, 0x0) readv(r0, &(0x7f0000001780)=[{&(0x7f0000000380)=""/210, 0xd2}, {&(0x7f0000000480)=""/251, 0xfb}, {&(0x7f0000000580)=""/249, 0xf9}, {&(0x7f0000000680)=""/122, 0x7a}, {&(0x7f0000000700)=""/4096, 0x1000}, {&(0x7f0000001700)=""/96, 0x60}], 0x6) fcntl$getflags(0xffffffffffffffff, 0x40a) accept4$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, &(0x7f0000001840)=0x10, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000001880)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}}}, &(0x7f0000001940)=0x90) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000001980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x20) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) ioctl$VIDIOC_TRY_ENCODER_CMD(0xffffffffffffffff, 0xc028564e, &(0x7f0000001800)={0x0, 0x0, [0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x40]}) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x1f, 0x0, "8c0eb7912a86ff3e23764a3c01af55410c3d3f813a4513a691be997c7ee1235982875b8ae5c27fc73eb383beca956b51a34191ad3a9f70ebee5f1d003dcd4427c273be993dd363cc8f36cc7f609a2371"}, 0xd8) r2 = dup(r1) setsockopt$inet6_tcp_int(r2, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x81, 0x4) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz'}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$revoke(0x3, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000240)='vegas\x00', 0x54) sendto$inet6(r1, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x20) ftruncate(r3, 0x7fff) sendfile(r2, r3, &(0x7f0000000040), 0x8000fffffffe) getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0x2000000000000de, &(0x7f0000000040), &(0x7f0000000200)=0x4) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000), 0x4) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000001a00)=""/212) 18:16:35 executing program 3: r0 = socket$kcm(0x11, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000280)="c1ff0f000047880000e5f700ac141410eb", 0x11}], 0x1}, 0x0) 18:16:35 executing program 0: timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000040000)) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = gettid() r2 = socket$inet(0x2, 0x1, 0x0) mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0xfffffffffffffffc, 0x8972, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f0000134000)={0x2, 0x4e23, @broadcast}, 0x10) connect$inet(r2, &(0x7f00000e5000)={0x2, 0x4e23, @loopback}, 0x10) connect$inet(r2, &(0x7f00009322c4)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r2, &(0x7f00000000c0), 0xff84, 0x0, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10) dup2(r0, r2) tkill(r1, 0x1000000000016) 18:16:35 executing program 2: timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000040000)) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = gettid() r2 = socket$inet(0x2, 0x1, 0x0) mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0xfffffffffffffffc, 0x8972, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f0000134000)={0x2, 0x4e23, @broadcast}, 0x10) connect$inet(r2, &(0x7f00000e5000)={0x2, 0x4e23, @loopback}, 0x10) connect$inet(r2, &(0x7f00009322c4)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r2, &(0x7f00000000c0), 0xff84, 0x0, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10) dup2(r0, r2) tkill(r1, 0x1000000000016) [ 364.907270] ================================================================== [ 364.914713] BUG: KMSAN: uninit-value in ip_idents_reserve+0x1b7/0x7f0 [ 364.921317] CPU: 1 PID: 11750 Comm: syz-executor3 Not tainted 4.20.0-rc3+ #89 [ 364.928599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.937962] Call Trace: [ 364.940592] dump_stack+0x32d/0x480 [ 364.944247] ? ip_idents_reserve+0x1b7/0x7f0 [ 364.948696] kmsan_report+0x19f/0x300 [ 364.952535] __msan_warning+0x76/0xc0 [ 364.956377] ip_idents_reserve+0x1b7/0x7f0 [ 364.960646] ? iptunnel_xmit+0x7b9/0xd30 [ 364.964735] __ip_select_ident+0x33b/0x4c0 [ 364.969015] iptunnel_xmit+0x7b9/0xd30 [ 364.972955] ip_tunnel_xmit+0x3943/0x3d90 [ 364.977158] ipgre_xmit+0xef7/0x1000 [ 364.980931] ? ipgre_close+0x230/0x230 [ 364.985343] dev_hard_start_xmit+0x6dc/0xde0 [ 364.989794] __dev_queue_xmit+0x2d9e/0x3e00 [ 364.994159] dev_queue_xmit+0x4b/0x60 [ 364.997976] ? __netdev_pick_tx+0x14d0/0x14d0 [ 365.002492] packet_sendmsg+0x797f/0x9180 [ 365.006672] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 365.012143] ? rw_copy_check_uvector+0x308/0x770 [ 365.017026] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 365.022413] ? aa_sk_perm+0x7ab/0x9e0 [ 365.026270] ___sys_sendmsg+0xe3b/0x1240 [ 365.030363] ? compat_packet_setsockopt+0x360/0x360 [ 365.035441] __se_sys_sendmsg+0x305/0x460 [ 365.039648] __x64_sys_sendmsg+0x4a/0x70 [ 365.043732] do_syscall_64+0xcf/0x110 [ 365.047567] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 365.052769] RIP: 0033:0x457569 [ 365.055976] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 365.074892] RSP: 002b:00007f36711adc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 365.082623] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 365.089907] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 365.097188] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 365.104472] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f36711ae6d4 [ 365.111761] R13: 00000000004c3b1f R14: 00000000004d5d00 R15: 00000000ffffffff [ 365.119055] [ 365.120693] Uninit was stored to memory at: [ 365.125036] kmsan_internal_chain_origin+0x136/0x240 [ 365.130155] __msan_chain_origin+0x6d/0xb0 [ 365.134417] iptunnel_xmit+0xb8e/0xd30 [ 365.138332] ip_tunnel_xmit+0x3943/0x3d90 [ 365.142494] ipgre_xmit+0xef7/0x1000 [ 365.146226] dev_hard_start_xmit+0x6dc/0xde0 [ 365.150652] __dev_queue_xmit+0x2d9e/0x3e00 [ 365.154981] dev_queue_xmit+0x4b/0x60 [ 365.158792] packet_sendmsg+0x797f/0x9180 [ 365.162952] ___sys_sendmsg+0xe3b/0x1240 [ 365.167026] __se_sys_sendmsg+0x305/0x460 [ 365.171183] __x64_sys_sendmsg+0x4a/0x70 [ 365.175267] do_syscall_64+0xcf/0x110 [ 365.179098] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 365.184287] [ 365.185924] Uninit was stored to memory at: [ 365.190264] kmsan_internal_chain_origin+0x136/0x240 [ 365.195382] __msan_chain_origin+0x6d/0xb0 [ 365.199630] ip_tunnel_xmit+0xd25/0x3d90 [ 365.203785] ipgre_xmit+0xef7/0x1000 [ 365.207513] dev_hard_start_xmit+0x6dc/0xde0 [ 365.211935] __dev_queue_xmit+0x2d9e/0x3e00 [ 365.216270] dev_queue_xmit+0x4b/0x60 [ 365.220083] packet_sendmsg+0x797f/0x9180 [ 365.224237] ___sys_sendmsg+0xe3b/0x1240 [ 365.228294] __se_sys_sendmsg+0x305/0x460 [ 365.232438] __x64_sys_sendmsg+0x4a/0x70 [ 365.236495] do_syscall_64+0xcf/0x110 [ 365.240296] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 365.245481] [ 365.247100] Uninit was stored to memory at: [ 365.251421] kmsan_internal_chain_origin+0x136/0x240 [ 365.256517] kmsan_memcpy_origins+0x13d/0x190 [ 365.261017] __msan_memcpy+0x6f/0x80 [ 365.264726] pskb_expand_head+0x436/0x1d20 [ 365.268953] ipgre_xmit+0x528/0x1000 [ 365.272666] dev_hard_start_xmit+0x6dc/0xde0 [ 365.277066] __dev_queue_xmit+0x2d9e/0x3e00 [ 365.281390] dev_queue_xmit+0x4b/0x60 [ 365.285188] packet_sendmsg+0x797f/0x9180 [ 365.289331] ___sys_sendmsg+0xe3b/0x1240 [ 365.293384] __se_sys_sendmsg+0x305/0x460 [ 365.297543] __x64_sys_sendmsg+0x4a/0x70 [ 365.301611] do_syscall_64+0xcf/0x110 [ 365.305406] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 365.310591] [ 365.312206] Uninit was created at: [ 365.315740] kmsan_internal_poison_shadow+0xc8/0x1c0 [ 365.320848] kmsan_kmalloc+0x98/0xf0 [ 365.324566] kmsan_slab_alloc+0xe/0x10 [ 365.328457] __kmalloc_node_track_caller+0xf62/0x14e0 [ 365.333641] __alloc_skb+0x42b/0xeb0 [ 365.337349] alloc_skb_with_frags+0x1c9/0xa80 [ 365.341840] sock_alloc_send_pskb+0xeb3/0x14c0 [ 365.346415] packet_sendmsg+0x6719/0x9180 [ 365.350561] ___sys_sendmsg+0xe3b/0x1240 [ 365.354617] __se_sys_sendmsg+0x305/0x460 [ 365.358757] __x64_sys_sendmsg+0x4a/0x70 [ 365.362815] do_syscall_64+0xcf/0x110 [ 365.366613] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 365.371791] ================================================================== [ 365.379141] Disabling lock debugging due to kernel taint [ 365.384585] Kernel panic - not syncing: panic_on_warn set ... [ 365.390486] CPU: 1 PID: 11750 Comm: syz-executor3 Tainted: G B 4.20.0-rc3+ #89 [ 365.399146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.408495] Call Trace: [ 365.411086] dump_stack+0x32d/0x480 [ 365.414719] panic+0x624/0xc08 [ 365.417936] kmsan_report+0x300/0x300 [ 365.421742] __msan_warning+0x76/0xc0 [ 365.425552] ip_idents_reserve+0x1b7/0x7f0 [ 365.429797] ? iptunnel_xmit+0x7b9/0xd30 [ 365.433864] __ip_select_ident+0x33b/0x4c0 [ 365.438117] iptunnel_xmit+0x7b9/0xd30 [ 365.442019] ip_tunnel_xmit+0x3943/0x3d90 [ 365.446188] ipgre_xmit+0xef7/0x1000 [ 365.449994] ? ipgre_close+0x230/0x230 [ 365.453890] dev_hard_start_xmit+0x6dc/0xde0 [ 365.458314] __dev_queue_xmit+0x2d9e/0x3e00 [ 365.462656] dev_queue_xmit+0x4b/0x60 [ 365.466625] ? __netdev_pick_tx+0x14d0/0x14d0 [ 365.471128] packet_sendmsg+0x797f/0x9180 [ 365.475280] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 365.480731] ? rw_copy_check_uvector+0x308/0x770 [ 365.485498] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 365.490862] ? aa_sk_perm+0x7ab/0x9e0 [ 365.494692] ___sys_sendmsg+0xe3b/0x1240 [ 365.498752] ? compat_packet_setsockopt+0x360/0x360 [ 365.503796] __se_sys_sendmsg+0x305/0x460 [ 365.507956] __x64_sys_sendmsg+0x4a/0x70 [ 365.512018] do_syscall_64+0xcf/0x110 [ 365.515824] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 365.521010] RIP: 0033:0x457569 [ 365.524204] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 365.543102] RSP: 002b:00007f36711adc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 365.550808] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 365.558072] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 365.565334] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 365.572602] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f36711ae6d4 [ 365.579868] R13: 00000000004c3b1f R14: 00000000004d5d00 R15: 00000000ffffffff [ 365.588301] Kernel Offset: disabled [ 365.591936] Rebooting in 86400 seconds..