[ 38.934980][ T26] audit: type=1800 audit(1554675833.926:25): pid=7778 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 38.967607][ T26] audit: type=1800 audit(1554675833.926:26): pid=7778 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 38.996712][ T26] audit: type=1800 audit(1554675833.926:27): pid=7778 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] startpar: service(s) returned failure: rsyslog ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.37' (ECDSA) to the list of known hosts. 2019/04/07 22:24:12 fuzzer started 2019/04/07 22:24:16 dialing manager at 10.128.0.26:34543 2019/04/07 22:24:16 syscalls: 2408 2019/04/07 22:24:16 code coverage: enabled 2019/04/07 22:24:16 comparison tracing: enabled 2019/04/07 22:24:16 extra coverage: extra coverage is not supported by the kernel 2019/04/07 22:24:16 setuid sandbox: enabled 2019/04/07 22:24:16 namespace sandbox: enabled 2019/04/07 22:24:16 Android sandbox: /sys/fs/selinux/policy does not exist 2019/04/07 22:24:16 fault injection: enabled 2019/04/07 22:24:16 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/04/07 22:24:16 net packet injection: enabled 2019/04/07 22:24:16 net device setup: enabled 22:26:38 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000300)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[0x0, 0x4c00], 0x0, 0x400, 0x2}) syzkaller login: [ 203.409618][ T7965] IPVS: ftp: loaded support on port[0] = 21 22:26:38 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x8}]}, 0x10) write(r0, &(0x7f0000000080)='!', 0x1) [ 203.520664][ T7965] chnl_net:caif_netlink_parms(): no params data found [ 203.605857][ T7965] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.620036][ T7965] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.640476][ T7965] device bridge_slave_0 entered promiscuous mode [ 203.660873][ T7965] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.668113][ T7965] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.689989][ T7965] device bridge_slave_1 entered promiscuous mode [ 203.718694][ T7968] IPVS: ftp: loaded support on port[0] = 21 [ 203.735196][ T7965] bond0: Enslaving bond_slave_0 as an active interface with an up link 22:26:38 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @dev, @remote}, @icmp=@timestamp_reply}}}}, 0x0) [ 203.764624][ T7965] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 203.812723][ T7965] team0: Port device team_slave_0 added [ 203.831408][ T7965] team0: Port device team_slave_1 added [ 203.931906][ T7965] device hsr_slave_0 entered promiscuous mode 22:26:39 executing program 3: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r0) quotactl(0x3ff, 0x0, 0x0, &(0x7f00000002c0)) r1 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r2 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r1, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc2", 0x1db) sendfile(r1, r2, 0x0, 0xc700000e) [ 204.030293][ T7965] device hsr_slave_1 entered promiscuous mode [ 204.088747][ T7965] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.096134][ T7965] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.104112][ T7965] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.111268][ T7965] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.143850][ T7973] IPVS: ftp: loaded support on port[0] = 21 [ 204.153592][ T7971] IPVS: ftp: loaded support on port[0] = 21 [ 204.168680][ T7968] chnl_net:caif_netlink_parms(): no params data found [ 204.313309][ T7968] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.327274][ T7968] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.339629][ T7968] device bridge_slave_0 entered promiscuous mode 22:26:39 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) setpriority(0x0, r0, 0x10000) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000005c0)) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000840)={'broute\x00', 0x0, 0x4, 0xd8, [], 0x5, &(0x7f00000007c0)=[{}, {}, {}, {}, {}], &(0x7f00000009c0)=""/216}, &(0x7f0000000240)=0x78) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3={0x3000000, [{0x0, 0x4}, {0x692, 0x2}]}, 0x18, 0x0) clone(0x2102001dfd, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480)=[0x0], 0x0) [ 204.358305][ T7968] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.367654][ T7968] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.377333][ T7968] device bridge_slave_1 entered promiscuous mode [ 204.390832][ T7965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.443094][ T7968] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 204.516948][ T7968] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 204.570542][ T3486] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.589490][ T3486] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.600164][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 22:26:39 executing program 5: mlockall(0x8000000000000001) munlockall() futex(0x0, 0x1000000088, 0x0, 0x0, 0xfffffffffffffffd, 0x0) ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) [ 204.634675][ T7965] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.657238][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.669995][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.717389][ T7968] team0: Port device team_slave_0 added [ 204.734813][ T7978] IPVS: ftp: loaded support on port[0] = 21 [ 204.745973][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 204.769596][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 204.778158][ T3486] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.785341][ T3486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.816305][ T7973] chnl_net:caif_netlink_parms(): no params data found [ 204.832112][ T7968] team0: Port device team_slave_1 added [ 204.847612][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.863008][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.873244][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.880394][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.926619][ T7982] IPVS: ftp: loaded support on port[0] = 21 [ 204.947582][ T7971] chnl_net:caif_netlink_parms(): no params data found [ 204.962647][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 204.977443][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 204.993503][ T7973] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.001179][ T7973] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.010338][ T7973] device bridge_slave_0 entered promiscuous mode [ 205.047102][ T7973] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.064746][ T7973] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.073730][ T7973] device bridge_slave_1 entered promiscuous mode [ 205.120746][ T7968] device hsr_slave_0 entered promiscuous mode [ 205.169625][ T7968] device hsr_slave_1 entered promiscuous mode [ 205.225871][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.236776][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.247449][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.277633][ T7973] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 205.304009][ T7973] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 205.332055][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.342103][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.364037][ T7971] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.372567][ T7971] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.381610][ T7971] device bridge_slave_0 entered promiscuous mode [ 205.391720][ T7971] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.399908][ T7971] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.407631][ T7971] device bridge_slave_1 entered promiscuous mode [ 205.428676][ T7973] team0: Port device team_slave_0 added [ 205.438646][ T7973] team0: Port device team_slave_1 added [ 205.453419][ T7971] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 205.465637][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 205.474482][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 205.484426][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 205.493078][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 205.521171][ T7965] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 205.536534][ T7971] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 205.556605][ T7971] team0: Port device team_slave_0 added [ 205.597529][ T7965] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.610676][ T7971] team0: Port device team_slave_1 added [ 205.634660][ T7978] chnl_net:caif_netlink_parms(): no params data found [ 205.701677][ T7973] device hsr_slave_0 entered promiscuous mode [ 205.769249][ T7973] device hsr_slave_1 entered promiscuous mode [ 205.912192][ T7971] device hsr_slave_0 entered promiscuous mode 22:26:41 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000008, 0x0) r0 = gettid() tgkill(r0, r0, 0xf) [ 205.969716][ T7971] device hsr_slave_1 entered promiscuous mode 22:26:41 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) 22:26:41 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 206.132844][ T7982] chnl_net:caif_netlink_parms(): no params data found [ 206.192968][ T7978] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.245014][ T7978] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.252706][ C0] hrtimer: interrupt took 34766 ns [ 206.258610][ T7978] device bridge_slave_0 entered promiscuous mode [ 206.281039][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 206.281060][ T26] audit: type=1800 audit(1554676001.266:31): pid=8000 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="loop0" ino=3 res=0 [ 206.341665][ T26] audit: type=1804 audit(1554676001.306:32): pid=8003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/3/file0/file0" dev="loop0" ino=3 res=1 [ 206.343313][ T7968] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.383326][ T7978] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.393255][ T7978] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.402845][ T7978] device bridge_slave_1 entered promiscuous mode [ 206.449425][ T7973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.466989][ T7978] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 206.484767][ T7978] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 206.503565][ T7973] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.527809][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 206.549307][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 206.576201][ T7982] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.585036][ T7982] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.600349][ T7982] device bridge_slave_0 entered promiscuous mode [ 206.616979][ T7982] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.624513][ T7982] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.638462][ T7982] device bridge_slave_1 entered promiscuous mode [ 206.655598][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 206.666595][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 206.699754][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.706869][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.715710][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 206.725117][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 206.734928][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.742149][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.755529][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 206.775091][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 206.803489][ T7978] team0: Port device team_slave_0 added [ 206.847201][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 206.871385][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 206.885808][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 206.897842][ T7978] team0: Port device team_slave_1 added [ 206.910234][ T26] audit: type=1804 audit(1554676001.906:33): pid=8003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/3/file0/file0" dev="loop0" ino=3 res=1 22:26:42 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 206.959971][ T7968] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.971048][ T26] audit: type=1804 audit(1554676001.906:34): pid=8003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/3/file0/file0" dev="loop0" ino=3 res=1 [ 207.067870][ T7978] device hsr_slave_0 entered promiscuous mode [ 207.129707][ T7978] device hsr_slave_1 entered promiscuous mode [ 207.150676][ T26] audit: type=1800 audit(1554676002.136:35): pid=8008 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="loop0" ino=4 res=0 [ 207.172906][ T7982] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 207.195499][ T26] audit: type=1804 audit(1554676002.186:36): pid=8008 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/4/file0/file0" dev="loop0" ino=4 res=1 [ 207.227092][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.239662][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 207.252265][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 207.267638][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 207.276581][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.291283][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.304085][ T2996] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.311257][ T2996] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.325635][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.334547][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.349233][ T2996] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.356341][ T2996] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.388273][ T7982] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 207.411437][ T7971] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.419989][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 207.439224][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 207.447641][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 207.457569][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 207.467714][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 207.476947][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 207.487288][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 207.523975][ T7973] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 207.535776][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.558480][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.568568][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 207.579139][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 207.588061][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 207.597775][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 207.657896][ T7971] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.675503][ T7982] team0: Port device team_slave_0 added [ 207.689547][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.697787][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 207.707287][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 207.719156][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 207.757053][ T7968] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 207.775271][ T7968] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 207.786229][ T7982] team0: Port device team_slave_1 added [ 207.803323][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.832879][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.842007][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.849260][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.857349][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.867663][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.876843][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.883997][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.892666][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready 22:26:42 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 207.909682][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 207.918125][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 207.940985][ T7973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 207.974160][ T3486] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 208.024861][ T7982] device hsr_slave_0 entered promiscuous mode [ 208.063740][ T26] audit: type=1800 audit(1554676003.056:37): pid=8014 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="loop0" ino=5 res=0 [ 208.084311][ T7982] device hsr_slave_1 entered promiscuous mode [ 208.139481][ T26] audit: type=1804 audit(1554676003.086:38): pid=8014 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/5/file0/file0" dev="loop0" ino=5 res=1 [ 208.177465][ T7968] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.191842][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.235303][ T7978] 8021q: adding VLAN 0 to HW filter on device bond0 [ 208.284571][ T7974] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.302494][ T7974] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.321113][ T7974] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.330376][ T7974] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.340146][ T7974] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.362506][ T7974] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready 22:26:43 executing program 3: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 208.375282][ T26] audit: type=1800 audit(1554676003.366:39): pid=8020 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16532 res=0 [ 208.424115][ T7974] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.435583][ T26] audit: type=1804 audit(1554676003.366:40): pid=8020 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir280641462/syzkaller.RnvydE/0/file0/file0" dev="sda1" ino=16532 res=1 [ 208.482795][ T7971] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 208.515858][ T7971] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 208.556672][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.586922][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.612461][ T7978] 8021q: adding VLAN 0 to HW filter on device team0 [ 208.672824][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 208.690972][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 208.791925][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.812639][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.844024][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.851228][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state 22:26:43 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x8}]}, 0x10) write(r0, &(0x7f0000000080)='!', 0x1) [ 208.888590][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.921342][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready 22:26:43 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 208.950635][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.957806][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.977760][ T7971] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 209.010328][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 209.018449][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 209.096531][ T7982] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.183562][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 209.209320][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready 22:26:44 executing program 2: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000008, 0x0) openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000001d80)='/proc/thread-self/attr/current\x00', 0x2, 0x0) r0 = gettid() tgkill(r0, r0, 0xf) 22:26:44 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='net/if_inet6\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000000580)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) preadv(r0, &(0x7f00000017c0), 0x1a1, 0x4800) [ 209.256784][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 209.313932][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 209.323614][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 209.333740][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 209.406727][ T7978] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 209.475316][ T7978] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 209.500907][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 209.513430][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 209.534471][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 209.552561][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 209.579295][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 209.587509][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 209.600062][ T2996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 209.641183][ T7982] 8021q: adding VLAN 0 to HW filter on device team0 [ 209.678532][ T7978] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 209.731882][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 209.774236][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 209.800086][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.816103][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.841666][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 209.850273][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 209.867328][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 209.882365][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.905119][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.918024][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 209.958643][ T7982] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 209.997254][ T7982] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 210.016898][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 210.048160][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready 22:26:45 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) setpriority(0x0, r0, 0x10000) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000005c0)) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000840)={'broute\x00', 0x0, 0x4, 0xd8, [], 0x5, &(0x7f00000007c0)=[{}, {}, {}, {}, {}], &(0x7f00000009c0)=""/216}, &(0x7f0000000240)=0x78) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3={0x3000000, [{0x0, 0x4}, {0x692, 0x2}]}, 0x18, 0x0) clone(0x2102001dfd, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480)=[0x0], 0x0) [ 210.062808][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 210.083935][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 210.108109][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 210.117640][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 210.126983][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 210.160743][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 210.174232][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 210.192411][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 210.201086][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 210.241135][ T7982] 8021q: adding VLAN 0 to HW filter on device batadv0 22:26:45 executing program 5: sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) setpriority(0x0, r0, 0x10000) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000005c0)) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000840)={'broute\x00', 0x0, 0x4, 0xd8, [], 0x5, &(0x7f00000007c0)=[{}, {}, {}, {}, {}], &(0x7f00000009c0)=""/216}, &(0x7f0000000240)=0x78) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3={0x3000000, [{0x0, 0x4}, {0x692, 0x2}]}, 0x18, 0x0) clone(0x2102001dfd, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480)=[0x0], 0x0) 22:26:45 executing program 1: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af24, &(0x7f0000000000)) 22:26:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl(r1, 0xfffffbfffff3ffa7, &(0x7f0000000140)) 22:26:45 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0}) 22:26:45 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:45 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) setpriority(0x0, r0, 0x10000) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000005c0)) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000840)={'broute\x00', 0x0, 0x4, 0xd8, [], 0x5, &(0x7f00000007c0)=[{}, {}, {}, {}, {}], &(0x7f00000009c0)=""/216}, &(0x7f0000000240)=0x78) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3={0x3000000, [{0x0, 0x4}, {0x692, 0x2}]}, 0x18, 0x0) clone(0x2102001dfd, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480)=[0x0], 0x0) [ 210.601726][ T8094] binder: 8093:8094 transaction failed 29189/-22, size 0-0 line 2995 [ 210.643724][ T8094] binder: 8093:8094 ioctl c0306201 20000440 returned -14 22:26:45 executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) setpriority(0x0, r0, 0x10000) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000005c0)) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000840)={'broute\x00', 0x0, 0x4, 0xd8, [], 0x5, &(0x7f00000007c0)=[{}, {}, {}, {}, {}], &(0x7f00000009c0)=""/216}, &(0x7f0000000240)=0x78) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3={0x3000000, [{0x0, 0x4}, {0x692, 0x2}]}, 0x18, 0x0) clone(0x2102001dfd, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480)=[0x0], 0x0) [ 210.704010][ T3486] binder: undelivered TRANSACTION_ERROR: 29189 22:26:45 executing program 5: bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ifb0\x00', 0x2}) perf_event_open(&(0x7f0000000900)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000100)={0x2, &(0x7f0000000000)=[{}, {0x16}]}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0xa01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00', 0x7132}) r2 = socket$kcm(0x29, 0x200000000000005, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000500)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="ff038aa174036ed7e08f93dd86dd60df006100000600009e000000cfab170e16ae83b35a4f088ac40b3ecfe7bbfb3aaedcdcdf2b0d00000000fdf08d445bc28ace468568f0b62af97702be4425c1acb100000000"], 0x54) 22:26:45 executing program 1: r0 = socket$kcm(0x11, 0x3, 0x0) r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f00000003c0)={r0, r1}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'ifb0\x00', 0x2}) perf_event_open(&(0x7f0000000900)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000100)={0x2, &(0x7f0000000000)=[{}, {0x16}]}) ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f00000000c0)={'tunl0\x00', @dev={[], 0x14}}) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0xa01, 0x0) r5 = socket$kcm(0x29, 0x200000000000005, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000500)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="ff038aa174036ed7e08f93dd86dd60df006100000600009e000000cfab170e16ae83b35a4f088ac40b3ecfe7bbfb3aaedcdcdf2b0d00000000fdf08d445bc28ace468568f0b62af97702be4425c1acb100"/95], 0x5f) 22:26:45 executing program 3: r0 = syz_open_dev$dri(0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r1, 0x0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000040)=[{&(0x7f0000000400)=""/4096, 0x8d5af}], 0x10000000000000db, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000300)=0x0) timer_create(0x2, &(0x7f0000000280)={0x0, 0x12, 0x2, @tid=r3}, &(0x7f00000002c0)=0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(0x0, 0x1000000000016) timer_getoverrun(r4) writev(r0, &(0x7f0000000380)=[{&(0x7f0000002580)="141b34c69dfb19f7aced012552e49597dfa41be2b669d35604227b880a661e4b9985a1bddbb8a0418103b93695c5ebf2f776e22f7bc20aceffa638f1458e5a6a962f481f5a95c76616f6777bad7a574bf089551477b78e5d49040f2a14aba538d03caa432488fc32caa0af48b83bcffaae4ff28d4e82c4d2e90a590ca643", 0x7e}], 0x1) r5 = dup2(r0, 0xffffffffffffffff) ioctl$ION_IOC_ALLOC(r5, 0xc0184900, &(0x7f0000000340)) socket$inet6(0xa, 0xc7486e2f258c42cb, 0x400) r6 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x2, 0x1a10c0) ioctl$GIO_FONTX(r6, 0x4b6b, &(0x7f0000000100)=""/118) setsockopt$bt_BT_RCVMTU(r6, 0x112, 0xd, &(0x7f0000000040)=0x6, 0x2) syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x8000, 0x0) 22:26:45 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:46 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:46 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) setpriority(0x0, r0, 0x10000) ioctl$KVM_SMI(0xffffffffffffffff, 0xaeb7) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000005c0)) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000840)={'broute\x00', 0x0, 0x4, 0xd8, [], 0x5, &(0x7f00000007c0)=[{}, {}, {}, {}, {}], &(0x7f00000009c0)=""/216}, &(0x7f0000000240)=0x78) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3={0x3000000, [{0x0, 0x4}, {0x692, 0x2}]}, 0x18, 0x0) clone(0x2102001dfd, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480)=[0x0], 0x0) [ 211.386210][ T26] kauditd_printk_skb: 23 callbacks suppressed [ 211.386226][ T26] audit: type=1800 audit(1554676006.376:51): pid=8164 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16563 res=0 [ 211.535094][ T26] audit: type=1804 audit(1554676006.416:52): pid=8160 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/9/file0/file0" dev="sda1" ino=16563 res=1 22:26:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffc000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x4b564d03, 0x1]}) ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000000100)) [ 211.637146][ T8138] device nr0 entered promiscuous mode 22:26:46 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_tables_names\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000237, 0x0) 22:26:46 executing program 2: 22:26:46 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, 0xffffffffffffffff, 0x0, 0xc700000e) [ 211.830927][ T8183] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 22:26:46 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') sendfile(r0, r1, 0x0, 0x800000080008002) [ 211.954139][ T8128] device nr0 entered promiscuous mode 22:26:47 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x9) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x803, 0x9) r1 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfa\x81\x00\x00\x00\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7.\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) r2 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) socketpair(0x1a, 0x4, 0x200, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f0000000080)={0x8, &(0x7f0000000740)=[{}, {}, {}, {}, {}, {}, {}, {}]}) getuid() socket$inet6_tcp(0xa, 0x1, 0x0) msgctl$IPC_STAT(0x0, 0x2, 0x0) r4 = dup2(r2, r1) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) fstatfs(r0, &(0x7f0000004200)=""/4096) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='bdev\x00', 0x4, 0x0) [ 212.021353][ T26] audit: type=1800 audit(1554676007.016:53): pid=8189 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="loop0" ino=9 res=0 22:26:47 executing program 5: 22:26:47 executing program 1: 22:26:47 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, 0xffffffffffffffff, 0x0, 0xc700000e) 22:26:47 executing program 2: seccomp(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xffffff7f7fffdffe}]}) 22:26:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4008ae48, 0x0) 22:26:47 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x74, 0x4) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 22:26:47 executing program 5: 22:26:47 executing program 2: 22:26:47 executing program 5: 22:26:47 executing program 1: [ 212.891792][ T26] audit: type=1800 audit(1554676007.876:54): pid=8221 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16551 res=0 22:26:48 executing program 4: 22:26:48 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, 0xffffffffffffffff, 0x0, 0xc700000e) 22:26:48 executing program 5: 22:26:48 executing program 2: 22:26:48 executing program 1: 22:26:48 executing program 4: 22:26:48 executing program 5: [ 213.311431][ T26] audit: type=1800 audit(1554676008.306:55): pid=8244 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="loop0" ino=10 res=0 22:26:48 executing program 3: 22:26:48 executing program 4: 22:26:48 executing program 1: 22:26:48 executing program 2: 22:26:48 executing program 5: 22:26:48 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(0xffffffffffffffff, r3, 0x0, 0xc700000e) 22:26:48 executing program 4: 22:26:48 executing program 2: 22:26:48 executing program 5: 22:26:48 executing program 1: 22:26:48 executing program 3: 22:26:48 executing program 2: 22:26:48 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(0xffffffffffffffff, r3, 0x0, 0xc700000e) 22:26:48 executing program 4: 22:26:48 executing program 5: 22:26:48 executing program 1: 22:26:48 executing program 3: 22:26:48 executing program 1: 22:26:49 executing program 2: 22:26:49 executing program 5: 22:26:49 executing program 4: r0 = syz_open_dev$sndseq(&(0x7f0000042000)='/dev/snd/seq\x00', 0x0, 0x42021) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f00000000c0)={0x0, 0x0, 0x7fffffff}) write$sndseq(r0, &(0x7f0000000e50), 0xfffffe41) ftruncate(r0, 0x2) 22:26:49 executing program 3: 22:26:49 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(0xffffffffffffffff, r3, 0x0, 0xc700000e) 22:26:49 executing program 1: 22:26:49 executing program 5: 22:26:49 executing program 2: 22:26:49 executing program 4: 22:26:49 executing program 3: 22:26:49 executing program 5: 22:26:49 executing program 1: 22:26:49 executing program 2: 22:26:49 executing program 3: 22:26:49 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:49 executing program 4: 22:26:49 executing program 1: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) creat(&(0x7f0000000100)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000640)='./bus\x00', &(0x7f0000000740)='cgroup\x00', 0x0, &(0x7f0000000840)='none\x00') 22:26:49 executing program 3: request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f0000000100)='asymmetric\x00', 0x0) 22:26:49 executing program 2: 22:26:49 executing program 5: 22:26:49 executing program 4: [ 214.655838][ T8341] e cgroup1: Need name or subsystem set [ 214.671985][ T26] audit: type=1800 audit(1554676009.666:56): pid=8343 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16578 res=0 22:26:49 executing program 3: [ 214.737597][ T8348] e cgroup1: Need name or subsystem set 22:26:49 executing program 5: request_key(&(0x7f00000001c0)='encrypted\x00', &(0x7f0000000200)={'syz'}, 0x0, 0xffffffffffffffff) 22:26:49 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:49 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) syz_execute_func(&(0x7f0000000040)="410f01f964ff0941c3c4e2c99758423e46d8731266420fe2e33e0f1110c442019dcc6f") clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x2, 0x411) sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)}, 0x0) 22:26:49 executing program 2: socketpair$unix(0x1, 0x10, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x80000, 0x0) pipe(0x0) tee(r1, r0, 0x10000, 0x2) mkdir(&(0x7f00000002c0)='./bus\x00', 0x20) inotify_init1(0x80000) r2 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x290040, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000040)={0xffffffffffffff5e, 0x400000000bfa, 0x367125d2, 0x6, 0x400004}, 0xffffffffffffff4e) setsockopt$inet_udp_encap(r2, 0x11, 0x64, &(0x7f0000000280), 0x4) r3 = inotify_init() ioctl$VIDIOC_DBG_G_REGISTER(r2, 0xc0385650, &(0x7f0000000180)={{0x0, @name="e6c2f80525031fd0a72bb36f8dd91979329f994ef958fe447a4d1981f9d914ac"}, 0x8, 0xc4}) inotify_add_watch(r3, &(0x7f0000000100)='./file0\x00', 0x4000000080000005) perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x4, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xed}, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$inet6(0xa, 0x3, 0x6) r5 = syz_open_procfs(0x0, &(0x7f0000000980)='net/ip6_flowlabel\x00n\xc01\x14\x894X\xed\xc1\xc9\xd8\xdcK\x00\x00\xae\x98&@\xd0\xe6\xbbQ\xff\a\x00\x00\x00\x00\x00\x00\xaa1\x91\x98\xe9\x1f\nMCi|+\xcd\xf9N\xdc\xc5\xa2*\x13\x8f\xf3;\xd6d2\xeb\xe5\x14\x0e\x8b\xda\xb7\xfc9h(mf\'\xa19q\x93\"}G3\xc1E\xe6e6\xc6\xc2u\x11%`\xe7+0\x97\x84;\\\xda\xc4\x80\xc3\xa8\x14Ts\xcb\xde\x84\x1d\xc7\xcc;\xb18') sendfile(r4, r5, &(0x7f00000000c0)=0x209, 0x5a) 22:26:49 executing program 4: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$inet_tcp(0x2, 0x3, 0x6) write$binfmt_script(r0, 0x0, 0x0) open(0x0, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCSMASK(r1, 0x40104593, 0x0) write(r2, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r3+30000000}, &(0x7f0000000300)={0x0}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 214.841359][ T26] audit: type=1804 audit(1554676009.726:57): pid=8343 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/16/file0/file0" dev="sda1" ino=16578 res=1 22:26:49 executing program 3: r0 = socket$inet(0x10, 0x2000000003, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000140)="240000002e0007031dfffd946fa2830020200a0009000000001d85680c1ba3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000240)=""/170, 0xaa}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/74, 0x4a}], 0x3}, 0x0) 22:26:50 executing program 1: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$inet_tcp(0x2, 0x3, 0x6) write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0', [], 0xa, "bcd254f02e0eadcd428200e7c1783289f501d43eb9e0ef676ffa6c184e4e6e"}, 0x2a) open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff}) ioctl$EVIOCSMASK(r1, 0x40104593, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={0x0}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 22:26:50 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x4) r1 = open(&(0x7f0000000000)='./file0\x00', 0x2000, 0xa) ioctl$KDSKBLED(0xffffffffffffffff, 0x4b65, 0x3857906c) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000380)) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000000080)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f00000014c0)={0x7}) chdir(&(0x7f0000000180)='./file0\x00') epoll_wait(r1, &(0x7f0000000340)=[{}, {}], 0x2, 0x8) socket$packet(0x11, 0x3, 0x300) r3 = open(&(0x7f0000000280)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r3, &(0x7f0000001440)={0x8, "c0c814a55b6300d28afc61ac7dd1ffb869b761e8e53ee36e4be89e9fea175523e4468dec44bf8b5473c7a5062b4ede67dcb24cb9484ccfff2b3a70befc56e8ab2eee3483f5bf78c16beac035b700eb84e2216f268d02b717d2046c273814475b412437f7dc08a13a55d3c02132999dfd9fe80b750eff4d7c1da975b3835602728ae09e72527fcee19377e29c6c19e1ccce0f75e0e54001e3e83e473fa3d37eca8be1b3de565571e0e84f310c11fa8616068113b038aaa5c69967699fc2aa41c6f26fc22cf68e3577242c9b4ca20fab9de5885e0648fbd7af089b05f38f152d2f8144461608733c567b6dc5d2a07022c3764565c85abcfd99dd7a85e58939278235d50e8b321be7dbaa5141e097c28364fad2f713d666ca94f4e429687fcabb72aceeaf8abe5b506d98dc393b6e97492d785ead0ca2953f92c4d2b2c9f616e3d98b36be55a923fc5892413f7a3b615cec89b52e0ecdcee0aa5af72bcbb91b4bade7435dd8b529feaf13f8b48fcaca5952235d2e909f8831d8ca05a0daa3f6c581f388e0c1879b41fe63ef3d122bd0c5acd4fb07b96797918791075ae7383bb1bbdea574b31301ff37ecc45671ee2e7fc55bf6244025d1fd82dca56a42a23aa826a0b1e102bd87893ddc05649304eb1866c796e46e0d57f552bd572891ef892918bb2e7f2c6bcf68f388ea0c50f48c06de1b46b1434cdf25ca1288ebabe2a33d1c6effb77f91ef75471e93952caeda8ac2b2677e46d62b8366922d093832bccb949e177b4417864812d22972d81d89158288b5318d017329d4e8f66273abf74c434f318ebf32c7629342a85336387231b1e579d57cff0b125bef9dddf0fc33f71cb59d5a8972cda06ba6bba4a89cb8d3b465492c431698984998b2979ea61fed3d99b049724f2bdda5a0700ccb28825da1343f41290e569a6d38d4ae3968147cf39b097efd78e058fc71523c12e724bf93dc4ecc02b5cb18d13b59ec8f85368ac1ea93ed0149c60c53569dc69cdb3f37470eab26ef010b03a7e651b9e8e9065da347660836eddb3988c9a0f394aad055f727310f646d6cb35131d02aaf24735792bfce250798bebf0d1a4495fca568b9449e81afef2937b50faf873257d7efa07d31759474d50ca2a7922e79ab47dd59b11dfd1ec43fef3551aed81d01ee4ab997c6cecc39013dcaa442aec803e4cebbc288b4f9e87b30613f0ec88ddc6f60f56787f4040897e6e6bdac317d74b27f97f2efadb031f03c61954fd0232373582b7fa315d3eb9f67053126d2ed0636f04d669c47bdeb078fbda177533902e20b5ce9d8f395ea4c0aaf2cae774fe99bc40105a9ca184bcb598ab2f49c1df62d32d1a6d73a26812cb47a2ccaf0e9b759df89ad1e18238d897b9fd658f6786a92a0c12bd0ee6dad8a430a67962363e5b9afb3329e4f1f6fcd7e63cb8f24872bcf5b8c349d9ce423666ca39f16884219dea338b388e40f4ad996419cb3858637364d8e5af67f846d77b2749115131a3642ef56681315e4a2cbca5e60febabf693570f515e09c2a8994a8e2be3cba28118ef429d4de781118182607dd2c2d5aaba621ea29c140338bd8f1787fd2a3f43bb7fa22a8ce053adb331a4c78eab569af317e14360a6bf1c8b7394f34bfc1a941ac88dab334d5a2d45fc83bee28884698fd82339c972a06efb369220049ca89727513bd4262ad6f94f55f659ec98b684b1d92e1b6a303548a196cc5316e9845baaf01e737ef047d3d1ac4fe13de618e8fd6471c225e688b73b866213f4765c1a1ecf041f66a11177b0425b0423c455dccfa35a34f3b1c4c9850267bd41dcc366f4f8fef6982699e9aee7f3edff90217c84f6865234676e65911e5e99739792161766e959d061d6e86797b595ae3cffc043da0929dce1b4bd27e04532800f14f69398a681d46f00197f547fa138e676a4c84e586e9a2037faad7d7342221c229ff13606688ab70305dc28d01270604fbcb2b5777541e637a10e7d6c2dfa76461b18c8b303234282f31b7ed8afd0cdcc3978c6520a182000ea312296c7d9df08c2a67b944bc519113822014a831c8d6a7f8d26a7a443666b6077bdc1c11cf47001bcbb484d163543445c77a02140191bbb813da818b4dc3ef1ca420f624e5cb67c48024aeb8691b549202750899938067a3ad49da19e9fffc6486b3525fba8b2ff991fb3b4c1a536818f2dad96f713ac264a22136c6a3a9eacb4f69ab08cfe2b971a7d916833c6a0370d4b0bc428db2e4b4013899668b73caf9c983e2f07e46b4b5b4f0d231edee8b1951e1d0e34c881d1fc5c6be05b92b13680398e7109bd18048f0bd980fceb24e59411873e7a8a7f95f4da2ba5c082fdda710361e163a213a3dbb82c08a69020545da4636c09a67cd962182a011cf5eb1c3d999abc7b834ee518bb53afe19941927ca190699abf79c334c52e206fc851deb7398947ad5bd125ef3f51349497142e921c85506c739f6319ae0eb8e3c551ceb7e16afc2d6aad36841ed8eb560ef984ee5e00f1ead2c646546b3c145e3700b07fc257551641cf3dcb76a8b3cc75994f2c3eb521cea22d64c8b72b2de506fde8185b70b4707b7f571668a5925ca21e605904d7c896a5d7290b9c4fc75ecc7ddbbd7f6f003a74f53d1a5432e0377a3efce1e7ac61e36dc13aeea57400d4d3986db3fccb6edaf83f86daeb42f416f58c502e74178e013b399d0b155e0df86b40b5f3f2ab0ad61c90870cee340c07977b55622699101e5372677dd4e208fa6b5d4834a2d6f37b2ead107218aa0e702d1f6a60bd4ad3a2e22807237129fdc02993ef1fffe3c285bd4f7b093b2da8d772ce2df7874bf9b7fd0893eb66a4931acc38129bfe4a8fc6b28ea83bcca1220b66c86d4d90914bb9e9a425fce618f11b66f93aa78515eac0f3956cb1e8b6f12d7f6f22c1ca5563e280b15c64732aec2a37d6010cee0fd2263ea3ea2011043153284b4a5fc87cc0dd8c36f084ce715a6e9ba3e8b2586726255d122f2b5677d6590405ae031df8f83840ef3011a7f5d18037407758270d980aa65d5a4aa26a35a61b65178b6183b282771e89a8fe47bd3ea5a23146b924a47c3cc2540a9c8d91d4a8924e010fb6d3e60457e0aa86749cc3444707fda055a0f489aecda68af7f0d7d31cf25641a10bcc0d00996cddf9059121639fa3ff2e5490bae6b702fcf226d8e50f27f0973e5e4cf543445524d0fe3bd55d3f215978bfabcba0d44c076f5b333b2095c70f6a5426338bf0c065ddce27f6730606d84d1ccef8cebcd15085fa8a5d0975dc47eeb09a4ab6da21d01916c97f4e266c4b01f2bfb3b6a08bb5a7cf834e56782d824e7c55b591cd883ed9e806a4f7033bbab49a2b8ab2cb0f6da9d76968208236b35a51f8eba3769a676ad60d69c475706a630f3a078ebaa6ba5bc25719867cb61d48cc3a381b261165c04f3c93f37d72fc15f43df1de34e24e80a46f5d15fb362e71cb4a5365dde04a53dc5e42745fbd601ff148db416244dd76ac16f24138ef9a02491eb5b48d731a8bdcd46040d0ff11a07c040b83db84bfd21ffb1d818203cb7d3f8fca47f1dc510afa8219ab031aaba2147aed7c50228930e895a72abf55ca6997131e231ea92e0059b680735548adf2d572c3540e096a644deb3750e3b341bbeffee70ff22e0b4e56142e4c1965c01a646dd9b5b0055f88f08987ad45adb844b9ffc84792073048c28bcb60f2666802052ee45dcd9a2950d55ecf0234a3dcf67e83cfa0bfb1285eb54e6292d8075c9e1b459e48556f416898557c9c864fc5de459feb53e33dd1a6860a2d1a836ab5ff6efaee123b3715a7137787ee4345efbce38074e262f363a8ff400345c8539d44a7286c7291246810bce063f0877db6585842380b530a4aaef6e36779a95fed220cef6c1fff2fdd5031f83987dc3282d432f322852cc9dc6d00c59d5ed83b386ff97c521e528e59f2df932467ac02d17f8818c2de26d69725f42cecaf186fab7b6e10b1ebd9a9a12ed83cd382d9a6f9a9bed2736cb0ec0260057f5ec704d2e1a64caad59e02ff2022174b23564cb0942e6769b12e0ae4d65dc4c5e6b6ceaf2667e085909c93a9768b7bfdac612801c0bc3848bad51e2367f788cbd1c5091ce0e9c567528c72003712e91247d87f1ff60d3865fc687a35886822079392f8d151b89e09469bef98e59139c460a53805a93245148cbb9a6a010dadc87e9b1a0e0a89e87e433ff1c0ad4b125760858c8badff4d82cbd31cf88f3e2e16a4e960e1e0b5825fc0f2b21d660cf60069d43fb6a8a96c44fa922164f02c9cd5ebb6fad848871224d157777b5a70dc6deb988506bd03aa4ce2200e9ce23641221784250c22d2c8635a3512f45d433cf66e158eb261f48a23d54f5ef4358df3487da471eb5775bdba565ee170be126b2300d0dad050212606f2d77a63fa2ab430e62670e852b89944e611509415bee36bf0961c8918bd8b0eb8af45b1a9d0420c7101a9c5f4a63efb9cc8de7897b5e2b02cb5885ad8d0d8ac7754ba8d4e9d37175e614e3f3a6a7b122bbc6dd9ce78f1b9a4e940a1160bb85650d8932fe1a82d0525630ba017be5129625a45c3cae66c7cdaa33ee704791db81ef2e11a2f528974fa388cd929c934dbdb21425e6117839ab33b2926b036457db3a43083c3ec17231aed4ee5b607a45a5735c9470c03a424b43efcea953c078717344aeb1449c0dfa3a3ec224b542c16cf735466bdaf26b522aef1db547b14f07ebd4f5da34426a46007757be47ed3f643c47f2c4467762cd049d6f4cf8a78d04f8318bdedcee80871e91c0330499d88254555c456d9bde8a892394267eac15c230cf7e7ba19ebc01b1905c80476de3cea8258f6d0820d159f4aa8a37fb378b2685da4e0e89d253187219869f1157bbe4a8a43eabf65e86a6d9b21e25d91c43c3036914427833ed87073886719069148e2e47219bb5da5d9664d64dc5c4ff71c0e808dadbb53a23e41e3c02fd0c9e0704490f3283d1864d15d795882e6522f31445556cab6832f273dac0c7aef4e3f8c09a34d1624fdb087d852f2e827fb2c3105f1afda54b9dc12cfde3cf7747daa5ac70904e82636a13155303f9a1198d6e7f9dc7be394ebc5db9e8380e290e6cae5f320caa56aa94490789fce2e2540b3de8865396f58e14d61d3cb122f7bd1af5a27c6fe733eba3cc39106efc906ea967fb833e2480aa80bd56ccd9e5c25304e2b8135f1453af70059e599cb67bc8eaaa38c39768e74d3da8aba0135f0192d7ddf0149ce62f353b0360251f1f88b272c6e85b4ee4e0563a6de80de83749af6e6aa4d80cab7031aff3f7e8d0c9114940549f828a62be9fd6a16db001369728b4b93d4ecf91563ae03def3ca4e9900a97657c4ff1e41c5742fb3329ba882ed61645aedb22f2543b83cd4007e5d228697a48064acc32ece41f2d5ead3f31a9689249e8b4bb57ac0b136b6c60ec531708235b94db823344aafbb9b79e21959635664b2193c3add0b28767906b7ba4118e6548e9a23b49e9181dc6f7dc7857425c9ab1b1451bc4572fd060190d0b5a76b8368b68e72a212bd0f89d0778d293b1d32f155f30c9aafe7215d2e746ea8f2c73a30bcd8c093a489519b60616b15afe69074ee77fb65caf5faf0aad49106057a91fdcd622a07ac21eb5c221f2e65323228af41b3eb894517c34c4f60ba20fb6f6c4309a7357884c0eeeb0a4874550107f2d0ffdc412f86bdf712f96183b3932cfb4da3f179cde1a288df9af09c243fae8c67b0d208d9cdb7adde8d5e548e0624b19da4818ef656b88280a", 0x1000}, 0xfffffc41) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0) seccomp(0x1, 0x1, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x0, 0x5fb, 0x0, 0x8}, {0x2, 0x4, 0x5, 0x7f}, {0x81, 0x100000001, 0x9, 0x100}]}) fadvise64(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, 0x0) fadvise64(r3, 0x0, 0x0, 0x4) syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00') fdatasync(0xffffffffffffffff) 22:26:50 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000042000)='/dev/snd/seq\x00', 0x0, 0x42021) write$sndseq(r0, 0x0, 0x0) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040)={0x77359400}, &(0x7f0000000080)={0x6}, 0x8) 22:26:50 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) getegid() fcntl$getown(r0, 0x9) fstat(r1, 0x0) getpgid(0x0) getresuid(0x0, &(0x7f00000030c0), 0x0) stat(0x0, 0x0) 22:26:50 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 215.192747][ T26] audit: type=1800 audit(1554676010.146:58): pid=8374 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16590 res=0 [ 215.524008][ T26] audit: type=1800 audit(1554676010.516:59): pid=8403 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16591 res=0 22:26:50 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:50 executing program 3: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0)=0x4, 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) open(0x0, 0x400, 0x61) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, 0x0) fchdir(r1) quotactl(0x3ff, 0x0, 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r2, r3, 0x0, 0xc700000e) [ 215.598073][ T26] audit: type=1804 audit(1554676010.526:60): pid=8399 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/18/file0/file0" dev="sda1" ino=16591 res=1 22:26:51 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) stat(0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) getgid() geteuid() getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 216.179123][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 216.185665][ C0] protocol 88fb is buggy, dev hsr_slave_1 22:26:51 executing program 1: bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'ifb0\x00', 0x2}) perf_event_open(&(0x7f0000000900)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x16}]}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0xa01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) r2 = socket$kcm(0x29, 0x200000000000005, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000500)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(r1, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x0) [ 216.259621][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 216.265924][ C0] protocol 88fb is buggy, dev hsr_slave_1 22:26:51 executing program 3: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0)=0x4, 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) open(0x0, 0x400, 0x61) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, 0x0) fchdir(r1) quotactl(0x3ff, 0x0, 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r2, r3, 0x0, 0xc700000e) [ 216.339042][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 216.356585][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 216.653211][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 216.653227][ T26] audit: type=1800 audit(1554676011.636:67): pid=8443 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16588 res=0 [ 216.722887][ T26] audit: type=1804 audit(1554676011.646:68): pid=8443 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir280641462/syzkaller.RnvydE/17/file0/file0" dev="sda1" ino=16588 res=1 22:26:51 executing program 4: 22:26:51 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:51 executing program 2: [ 217.030191][ T26] audit: type=1800 audit(1554676012.016:69): pid=8460 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16592 res=0 22:26:52 executing program 1: 22:26:52 executing program 4: 22:26:52 executing program 2: 22:26:52 executing program 5: 22:26:52 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 217.139046][ T26] audit: type=1804 audit(1554676012.056:70): pid=8453 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/20/file0/file0" dev="sda1" ino=16592 res=1 22:26:52 executing program 1: 22:26:52 executing program 4: 22:26:52 executing program 2: [ 217.315916][ T26] audit: type=1800 audit(1554676012.306:71): pid=8475 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16571 res=0 22:26:52 executing program 3: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0)=0x4, 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) open(0x0, 0x400, 0x61) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, 0x0) fchdir(r1) quotactl(0x3ff, 0x0, 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r2, r3, 0x0, 0xc700000e) 22:26:52 executing program 1: 22:26:52 executing program 4: 22:26:52 executing program 5: 22:26:52 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000100)="0a0743cc05e381e5b3b60ced5c54dbb7", 0x10) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x0, &(0x7f0000000080)=[@op={0x18}], 0x18}], 0x4924944, 0x0) 22:26:52 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 217.487489][ T26] audit: type=1804 audit(1554676012.356:72): pid=8475 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/21/file0/file0" dev="sda1" ino=16571 res=1 22:26:52 executing program 4: openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x46000, 0x0) 22:26:52 executing program 5: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x0, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x4008ae61, &(0x7f0000000040)={0x0, 0x0, @ioapic}) [ 217.680734][ T26] audit: type=1800 audit(1554676012.676:73): pid=8494 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16573 res=0 22:26:52 executing program 2: 22:26:52 executing program 4: 22:26:52 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 218.063975][ T26] audit: type=1804 audit(1554676012.716:74): pid=8500 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/22/file0/file0" dev="sda1" ino=16573 res=1 [ 218.147005][ T26] audit: type=1800 audit(1554676012.806:75): pid=8509 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16547 res=0 [ 218.175774][ T26] audit: type=1800 audit(1554676012.816:76): pid=8501 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="loop5" ino=12 res=0 22:26:53 executing program 3: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0)=0x4, 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) open(0x0, 0x400, 0x61) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, 0x0) fchdir(r1) quotactl(0x3ff, 0x0, 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r2, r3, 0x0, 0xc700000e) 22:26:53 executing program 2: 22:26:53 executing program 4: 22:26:53 executing program 1: 22:26:53 executing program 5: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x0, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:53 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:53 executing program 4: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x0, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:53 executing program 1: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x0, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:53 executing program 2: 22:26:53 executing program 2: 22:26:55 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:55 executing program 4: ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000200)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8923, &(0x7f0000000200)='vet\x00\x00\x00\x00\x00\x00\x00\x00\x02\xbdh\x00') r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) 22:26:55 executing program 3: 22:26:55 executing program 2: 22:26:55 executing program 5: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x0, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:55 executing program 2: 22:26:55 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:55 executing program 3: 22:26:55 executing program 1: 22:26:56 executing program 2: [ 220.957585][ T8586] : renamed from vet 22:26:56 executing program 2: 22:26:56 executing program 1: 22:26:56 executing program 3: [ 221.124730][ T8590] : renamed from vet 22:26:56 executing program 4: 22:26:56 executing program 3: 22:26:56 executing program 2: 22:26:56 executing program 5: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x0, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe6365038") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:56 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:56 executing program 1: 22:26:56 executing program 3: 22:26:56 executing program 4: 22:26:56 executing program 2: 22:26:56 executing program 4: 22:26:56 executing program 2: 22:26:56 executing program 3: 22:26:56 executing program 1: 22:26:56 executing program 2: 22:26:56 executing program 4: [ 221.853992][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 221.854007][ T26] audit: type=1800 audit(1554676016.846:99): pid=8639 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16609 res=0 [ 222.011453][ T26] audit: type=1804 audit(1554676016.886:100): pid=8649 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/27/file0/file0" dev="sda1" ino=16609 res=1 [ 222.086769][ T26] audit: type=1800 audit(1554676016.916:101): pid=8647 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16528 res=0 [ 222.200539][ T26] audit: type=1804 audit(1554676016.926:102): pid=8647 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir752831521/syzkaller.4DSGZs/22/file0/file0" dev="sda1" ino=16528 res=1 22:26:57 executing program 5: 22:26:57 executing program 1: 22:26:57 executing program 3: 22:26:57 executing program 4: 22:26:57 executing program 2: 22:26:57 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:57 executing program 4: 22:26:57 executing program 2: 22:26:57 executing program 3: 22:26:57 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='wchan\x00') r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ppp\x00', 0x101002, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f00000002c0)=""/246) sendfile(r1, r0, 0x0, 0x10001) 22:26:57 executing program 5: open(&(0x7f0000000000)='./file0\x00', 0x40, 0x0) mount$fuse(0x20000000, &(0x7f0000000180)='./file0\x00', 0x0, 0x2008007801, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x20026, &(0x7f0000000340)=ANY=[@ANYBLOB=',f']) 22:26:57 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:57 executing program 3: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "5b1ab6d8fdfda3c07693aef8905f20b8c4021c1e1ae5d065327e56837132419d3a48e67736aa0b84eb2879c749dab71c9064e12715d1ee16fbdfbec623f46efb", "90218e15060694a70e6040a1f8e35f23871c60e450ac11b01dd1ecf7b4e4ed4ddb0d07ce14318e0c5c7ea760458a0f788a40d63995a4f962a4f6f8b9821a3b54", "1064ad53434f1b1356743100a5b39911435340b360bcf3d45fffd7b6d38f1eea"}) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0), &(0x7f0000000100), 0x390, 0xfffffffffffffffb) 22:26:57 executing program 2: r0 = socket(0x10, 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp6\x00') sendfile(r0, r1, 0x0, 0x80000002) 22:26:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f063c123f3188b070") r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) 22:26:58 executing program 5: r0 = inotify_init1(0x0) socketpair$unix(0x1, 0x2000000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = inotify_init1(0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f000045fff8)={0x0, 0x0}) ptrace$setopts(0x4206, r3, 0x0, 0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f00000001c0)={0x0, 0x0}) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) ptrace(0x4207, r4) waitid(0x0, 0x0, &(0x7f0000001ff0), 0xc, 0x0) [ 223.037204][ T8687] dns_resolver: Unsupported server list version (0) 22:26:58 executing program 1: 22:26:58 executing program 2: [ 223.125772][ T8705] dns_resolver: Unsupported server list version (0) 22:26:58 executing program 4: 22:26:58 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:26:58 executing program 2: 22:26:58 executing program 1: 22:26:58 executing program 5: 22:26:58 executing program 3: 22:26:58 executing program 4: 22:26:58 executing program 2: 22:26:58 executing program 4: 22:26:58 executing program 5: 22:26:58 executing program 1: 22:26:58 executing program 3: 22:26:58 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) open(0x0, 0x400, 0x61) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r2, r3, 0x0, 0xc700000e) 22:26:58 executing program 5: 22:26:58 executing program 2: 22:26:58 executing program 4: 22:26:58 executing program 1: 22:26:58 executing program 3: 22:26:58 executing program 5: 22:26:58 executing program 1: 22:26:58 executing program 2: 22:26:58 executing program 4: 22:26:58 executing program 3: [ 223.892710][ T26] audit: type=1800 audit(1554676018.886:103): pid=8752 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16583 res=0 22:26:59 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) open(0x0, 0x400, 0x61) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r2, r3, 0x0, 0xc700000e) 22:26:59 executing program 2: 22:26:59 executing program 3: 22:26:59 executing program 1: 22:26:59 executing program 5: 22:26:59 executing program 4: [ 223.986780][ T26] audit: type=1804 audit(1554676018.886:104): pid=8752 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/31/file0/file0" dev="sda1" ino=16583 res=1 22:26:59 executing program 1: 22:26:59 executing program 5: 22:26:59 executing program 2: [ 224.185290][ T26] audit: type=1800 audit(1554676019.176:105): pid=8781 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16533 res=0 22:26:59 executing program 4: 22:26:59 executing program 3: 22:26:59 executing program 5: [ 224.309211][ T26] audit: type=1804 audit(1554676019.216:106): pid=8781 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/32/file0/file0" dev="sda1" ino=16533 res=1 22:26:59 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) open(0x0, 0x400, 0x61) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r2, r3, 0x0, 0xc700000e) 22:26:59 executing program 4: 22:26:59 executing program 1: 22:26:59 executing program 2: 22:26:59 executing program 3: 22:26:59 executing program 5: 22:26:59 executing program 1: 22:26:59 executing program 2: 22:26:59 executing program 4: 22:26:59 executing program 3: [ 224.655781][ T26] audit: type=1804 audit(1554676019.646:107): pid=8802 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/33/file0/file0" dev="loop0" ino=14 res=1 22:26:59 executing program 5: 22:26:59 executing program 1: 22:26:59 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(0xffffffffffffffff) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r2, r3, 0x0, 0xc700000e) 22:26:59 executing program 3: 22:26:59 executing program 2: 22:26:59 executing program 4: 22:26:59 executing program 5: connect$inet6(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0}}], 0x4000000000003be, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f00000003c0)=0x2, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) socket$alg(0x26, 0x5, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(0x0, 0x0) 22:26:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x8188aea6, 0x0) 22:26:59 executing program 3: 22:27:00 executing program 1: 22:27:00 executing program 4: 22:27:00 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(0xffffffffffffffff) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r2, r3, 0x0, 0xc700000e) [ 225.120220][ T8843] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8843 [ 225.130336][ T8843] caller is ip6_finish_output+0x335/0xdc0 [ 225.142063][ T8843] CPU: 0 PID: 8843 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 225.154420][ T8843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.171648][ T8843] Call Trace: [ 225.175065][ T8843] dump_stack+0x172/0x1f0 [ 225.179972][ T8843] __this_cpu_preempt_check+0x246/0x270 [ 225.186215][ T8843] ip6_finish_output+0x335/0xdc0 [ 225.191288][ T8843] ip6_output+0x235/0x7f0 [ 225.195661][ T8843] ? ip6_finish_output+0xdc0/0xdc0 [ 225.200801][ T8843] ? ip6_fragment+0x3980/0x3980 [ 225.205672][ T8843] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 225.215613][ T8843] ip6_local_out+0xc4/0x1b0 [ 225.220237][ T8843] ip6_send_skb+0xbb/0x350 [ 225.224779][ T8843] ip6_push_pending_frames+0xc8/0xf0 [ 225.231492][ T8843] rawv6_sendmsg+0x299c/0x35e0 [ 225.236376][ T8843] ? rawv6_getsockopt+0x150/0x150 [ 225.241434][ T8843] ? aa_profile_af_perm+0x320/0x320 [ 225.246650][ T8843] ? find_held_lock+0x35/0x130 [ 225.251430][ T8843] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 225.257822][ T8843] ? rw_copy_check_uvector+0x2a6/0x330 [ 225.263498][ T8843] ? ___might_sleep+0x163/0x280 [ 225.269605][ T8843] ? __might_sleep+0x95/0x190 [ 225.274416][ T8843] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 225.280450][ T8843] inet_sendmsg+0x147/0x5e0 [ 225.284970][ T8843] ? rawv6_getsockopt+0x150/0x150 [ 225.289997][ T8843] ? inet_sendmsg+0x147/0x5e0 [ 225.294685][ T8843] ? ipip_gro_receive+0x100/0x100 [ 225.299910][ T8843] sock_sendmsg+0xdd/0x130 [ 225.304346][ T8843] ___sys_sendmsg+0x3e2/0x930 [ 225.309326][ T8843] ? copy_msghdr_from_user+0x430/0x430 [ 225.322507][ T8843] ? lock_downgrade+0x880/0x880 [ 225.327748][ T8843] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 225.334569][ T8843] ? kasan_check_read+0x11/0x20 [ 225.340179][ T8843] ? __fget+0x381/0x550 [ 225.344379][ T8843] ? ksys_dup3+0x3e0/0x3e0 [ 225.348898][ T8843] ? find_held_lock+0x35/0x130 [ 225.353787][ T8843] ? __fget_light+0x1a9/0x230 [ 225.362099][ T8843] ? __fdget+0x1b/0x20 [ 225.372290][ T8843] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 225.379127][ T8843] ? sockfd_lookup_light+0xcb/0x180 [ 225.414588][ T8843] __sys_sendmmsg+0x1bf/0x4d0 [ 225.419409][ T8843] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 225.424577][ T8843] ? _copy_to_user+0xc9/0x120 [ 225.429366][ T8843] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 225.436340][ T8843] ? put_timespec64+0xda/0x140 [ 225.441313][ T8843] ? nsecs_to_jiffies+0x30/0x30 [ 225.446308][ T8843] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 225.454028][ T8843] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 225.466302][ T8843] ? do_syscall_64+0x26/0x610 [ 225.473004][ T8843] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 225.479714][ T8843] ? do_syscall_64+0x26/0x610 [ 225.484442][ T8843] __x64_sys_sendmmsg+0x9d/0x100 [ 225.493856][ T8843] do_syscall_64+0x103/0x610 [ 225.499889][ T8843] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 225.505844][ T8843] RIP: 0033:0x4582b9 [ 225.509777][ T8843] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 225.529390][ T8843] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 225.537884][ T8843] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 225.555889][ T8843] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 22:27:00 executing program 3: [ 225.564847][ T8843] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 225.572856][ T8843] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 225.581195][ T8843] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff 22:27:00 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r2, 0x4020aea5, &(0x7f0000000000)={0xfffffdfd}) 22:27:00 executing program 1: syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$BINDER_WRITE_READ(r0, 0x4018620d, 0x0) 22:27:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4020aea5, &(0x7f0000000000)={0xfffffdfd}) 22:27:00 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x0, 0x0) close(r0) [ 225.846215][ T8864] binder: 8859:8864 ioctl 4018620d 0 returned -22 22:27:00 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x1}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/route\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000269, 0x10400003) fdatasync(0xffffffffffffffff) creat(0x0, 0x0) 22:27:01 executing program 5: connect$inet6(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0}}], 0x4000000000003be, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f00000003c0)=0x2, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) socket$alg(0x26, 0x5, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(0x0, 0x0) 22:27:01 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(0xffffffffffffffff) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r2, r3, 0x0, 0xc700000e) 22:27:01 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) r1 = dup2(r0, r0) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB], 0x1}}, 0x0) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000000), 0xfffffdef, 0xc0, 0x0, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(0xffffffffffffffff, 0x641f) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) pipe2(0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) epoll_create1(0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0) 22:27:01 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 22:27:01 executing program 4: r0 = socket(0x40000000015, 0x5, 0x0) bind$inet(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, 0x0, 0x0) 22:27:01 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) read(r0, &(0x7f0000002d00)=""/4096, 0x1000) write$uinput_user_dev(r0, &(0x7f0000000880)={'wyz1\x00\x00\x00\x00\x00\x00\x02o\x00\x00\x00\x00\xf7\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1e}\x88\xfew\xdb;\x10\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c) syz_open_dev$media(0x0, 0x6, 0x604281) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, &(0x7f0000000200)) 22:27:01 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r1) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r2, r3, 0x0, 0xc700000e) [ 226.528721][ T8906] input: syz1 as /devices/virtual/input/input5 22:27:01 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r1) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000140)) 22:27:01 executing program 1: io_setup(0x2, &(0x7f0000000180)) r0 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000400)={'syz'}, &(0x7f0000000000)="00de", 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0x53, 0x0) 22:27:01 executing program 2: syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$BINDER_WRITE_READ(r0, 0x40046205, 0x0) 22:27:01 executing program 2: r0 = socket$inet(0x10, 0x2, 0x0) munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) close(r0) socket$unix(0x1, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0) setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={0x0, @rand_addr, @local}, 0xc) [ 226.738634][ T8926] binder: 8924:8926 ioctl 40046205 0 returned -22 22:27:01 executing program 3: r0 = socket$inet(0x10, 0x2, 0x0) munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) close(r0) socket$unix(0x1, 0x0, 0x0) accept$inet6(0xffffffffffffff9c, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, 0x0) [ 226.863505][ T8900] check_preemption_disabled: 1227 callbacks suppressed [ 226.863535][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 226.901638][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 226.911241][ T8900] CPU: 0 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 226.930438][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.940558][ T8900] Call Trace: [ 226.940648][ T8900] dump_stack+0x172/0x1f0 [ 226.940676][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 226.940706][ T8900] ip6_finish_output+0x335/0xdc0 [ 226.940724][ T8900] ip6_output+0x235/0x7f0 [ 226.940739][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 226.940756][ T8900] ? ip6_fragment+0x3980/0x3980 [ 226.940774][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 226.940801][ T8900] ip6_local_out+0xc4/0x1b0 [ 226.940836][ T8900] ip6_send_skb+0xbb/0x350 [ 226.940854][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 226.940874][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 226.940894][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 226.940912][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 226.940932][ T8900] ? find_held_lock+0x35/0x130 [ 226.940955][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 226.940975][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 226.941008][ T8900] ? ___might_sleep+0x163/0x280 [ 226.941021][ T8900] ? __might_sleep+0x95/0x190 [ 226.941047][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 226.941061][ T8900] inet_sendmsg+0x147/0x5e0 [ 226.941073][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 226.941084][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 226.941094][ T8900] ? ipip_gro_receive+0x100/0x100 [ 226.941116][ T8900] sock_sendmsg+0xdd/0x130 [ 226.969359][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 226.969381][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 226.969399][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 226.969413][ T8900] ? retint_kernel+0x2d/0x2d [ 226.969427][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 226.969449][ T8900] ? __might_fault+0x12b/0x1e0 [ 226.969463][ T8900] ? find_held_lock+0x35/0x130 [ 226.969477][ T8900] ? __might_fault+0x12b/0x1e0 [ 226.969499][ T8900] ? lock_downgrade+0x880/0x880 [ 226.969521][ T8900] ? ___might_sleep+0x163/0x280 [ 226.969555][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 227.007093][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 227.007121][ T8900] ? _copy_to_user+0xc9/0x120 [ 227.007150][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 227.007172][ T8900] ? put_timespec64+0xda/0x140 [ 227.044364][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 227.044394][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 227.044425][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 227.183859][ T8900] ? do_syscall_64+0x26/0x610 [ 227.188602][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.195521][ T8900] ? do_syscall_64+0x26/0x610 [ 227.200252][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 227.205224][ T8900] do_syscall_64+0x103/0x610 [ 227.209843][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.215855][ T8900] RIP: 0033:0x4582b9 [ 227.219788][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 227.241839][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 227.250281][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 227.258373][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 227.266370][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 227.274362][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 227.282532][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 227.310636][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 227.326816][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 227.332840][ T8900] CPU: 1 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 227.341885][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.352056][ T8900] Call Trace: [ 227.356125][ T8900] dump_stack+0x172/0x1f0 [ 227.361217][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 227.366817][ T8900] ip6_finish_output+0x335/0xdc0 [ 227.371813][ T8900] ip6_output+0x235/0x7f0 [ 227.379060][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 227.384216][ T8900] ? ip6_fragment+0x3980/0x3980 [ 227.389098][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 227.394680][ T8900] ip6_local_out+0xc4/0x1b0 [ 227.399219][ T8900] ip6_send_skb+0xbb/0x350 [ 227.417855][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 227.424842][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 227.429655][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 227.434705][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 227.439935][ T8900] ? find_held_lock+0x35/0x130 [ 227.444733][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 227.451103][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 227.456600][ T8900] ? ___might_sleep+0x163/0x280 [ 227.461477][ T8900] ? __might_sleep+0x95/0x190 [ 227.466185][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 227.471750][ T8900] inet_sendmsg+0x147/0x5e0 [ 227.476394][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 227.481440][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 227.486134][ T8900] ? ipip_gro_receive+0x100/0x100 [ 227.491193][ T8900] sock_sendmsg+0xdd/0x130 [ 227.495634][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 227.500350][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 227.505836][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 227.515799][ T8900] ? retint_kernel+0x2d/0x2d [ 227.520427][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 227.526097][ T8900] ? __might_fault+0x12b/0x1e0 [ 227.530991][ T8900] ? find_held_lock+0x35/0x130 [ 227.535794][ T8900] ? __might_fault+0x12b/0x1e0 [ 227.541147][ T8900] ? lock_downgrade+0x880/0x880 [ 227.546030][ T8900] ? ___might_sleep+0x163/0x280 [ 227.550905][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 227.555792][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 227.560853][ T8900] ? _copy_to_user+0xc9/0x120 [ 227.565584][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 227.571853][ T8900] ? put_timespec64+0xda/0x140 [ 227.576645][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 227.581570][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 227.593534][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 227.599466][ T8900] ? do_syscall_64+0x26/0x610 [ 227.621826][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.628796][ T8900] ? do_syscall_64+0x26/0x610 [ 227.633616][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 227.640929][ T8900] do_syscall_64+0x103/0x610 [ 227.646782][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.656518][ T8900] RIP: 0033:0x4582b9 [ 227.660561][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 227.690273][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 227.698920][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 227.712646][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 227.723953][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 227.735417][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 227.745934][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 227.760291][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 227.769842][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 227.775847][ T8900] CPU: 0 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 227.794129][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.804205][ T8900] Call Trace: [ 227.807512][ T8900] dump_stack+0x172/0x1f0 [ 227.811863][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 227.817467][ T8900] ip6_finish_output+0x335/0xdc0 [ 227.822457][ T8900] ip6_output+0x235/0x7f0 [ 227.826824][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 227.832135][ T8900] ? ip6_fragment+0x3980/0x3980 [ 227.837066][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 227.842642][ T8900] ip6_local_out+0xc4/0x1b0 [ 227.847187][ T8900] ip6_send_skb+0xbb/0x350 [ 227.851729][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 227.857056][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 227.862138][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 227.867182][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 227.872504][ T8900] ? find_held_lock+0x35/0x130 [ 227.880701][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 227.887030][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 227.895053][ T8900] ? ___might_sleep+0x163/0x280 [ 227.899935][ T8900] ? __might_sleep+0x95/0x190 [ 227.909174][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 227.917301][ T8900] inet_sendmsg+0x147/0x5e0 [ 227.922438][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 227.928610][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 227.938472][ T8900] ? ipip_gro_receive+0x100/0x100 [ 227.943695][ T8900] sock_sendmsg+0xdd/0x130 [ 227.948217][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 227.954095][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 227.959585][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 227.964579][ T8900] ? retint_kernel+0x2d/0x2d [ 227.969217][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 227.974995][ T8900] ? __might_fault+0x12b/0x1e0 [ 227.979782][ T8900] ? find_held_lock+0x35/0x130 [ 227.984579][ T8900] ? __might_fault+0x12b/0x1e0 [ 227.989365][ T8900] ? lock_downgrade+0x880/0x880 [ 227.994241][ T8900] ? ___might_sleep+0x163/0x280 [ 227.999217][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 228.004316][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 228.010699][ T8900] ? _copy_to_user+0xc9/0x120 [ 228.015511][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 228.023116][ T8900] ? put_timespec64+0xda/0x140 [ 228.027907][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 228.032786][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 228.038252][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 228.043904][ T8900] ? do_syscall_64+0x26/0x610 [ 228.048601][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.054708][ T8900] ? do_syscall_64+0x26/0x610 [ 228.059402][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 228.064353][ T8900] do_syscall_64+0x103/0x610 [ 228.069051][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.074977][ T8900] RIP: 0033:0x4582b9 [ 228.078876][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 228.103173][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 228.111609][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 228.119591][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 228.127830][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 228.135824][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 228.146438][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 228.183423][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 228.193175][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 228.198980][ T8900] CPU: 0 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 228.208044][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.222453][ T8900] Call Trace: [ 228.225783][ T8900] dump_stack+0x172/0x1f0 [ 228.235148][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 228.241612][ T8900] ip6_finish_output+0x335/0xdc0 [ 228.246868][ T8900] ip6_output+0x235/0x7f0 [ 228.251220][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 228.256352][ T8900] ? ip6_fragment+0x3980/0x3980 [ 228.261216][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 228.266800][ T8900] ip6_local_out+0xc4/0x1b0 [ 228.271339][ T8900] ip6_send_skb+0xbb/0x350 [ 228.275773][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 228.281962][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 228.286770][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 228.291879][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 228.297099][ T8900] ? find_held_lock+0x35/0x130 [ 228.301871][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 228.308661][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 228.314125][ T8900] ? ___might_sleep+0x163/0x280 [ 228.322445][ T8900] ? __might_sleep+0x95/0x190 [ 228.327145][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 228.333557][ T8900] inet_sendmsg+0x147/0x5e0 [ 228.338080][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 228.343127][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 228.347805][ T8900] ? ipip_gro_receive+0x100/0x100 [ 228.352922][ T8900] sock_sendmsg+0xdd/0x130 [ 228.357352][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 228.362267][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 228.367764][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 228.372720][ T8900] ? retint_kernel+0x2d/0x2d [ 228.377309][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 228.384524][ T8900] ? __might_fault+0x12b/0x1e0 [ 228.389312][ T8900] ? find_held_lock+0x35/0x130 [ 228.394099][ T8900] ? __might_fault+0x12b/0x1e0 [ 228.398910][ T8900] ? lock_downgrade+0x880/0x880 [ 228.408115][ T8900] ? ___might_sleep+0x163/0x280 [ 228.415746][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 228.421051][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 228.426378][ T8900] ? _copy_to_user+0xc9/0x120 [ 228.431062][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 228.437331][ T8900] ? put_timespec64+0xda/0x140 [ 228.442283][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 228.447178][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 228.452635][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 228.458095][ T8900] ? do_syscall_64+0x26/0x610 [ 228.462952][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.469020][ T8900] ? do_syscall_64+0x26/0x610 [ 228.473700][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 228.478635][ T8900] do_syscall_64+0x103/0x610 [ 228.483236][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.489143][ T8900] RIP: 0033:0x4582b9 [ 228.493039][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 228.523360][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 228.531782][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 228.540042][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 228.548049][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 228.556025][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 228.564033][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 228.574985][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 228.584669][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 228.591757][ T8900] CPU: 0 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 228.601059][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.611124][ T8900] Call Trace: [ 228.618192][ T8900] dump_stack+0x172/0x1f0 [ 228.625133][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 228.630708][ T8900] ip6_finish_output+0x335/0xdc0 [ 228.635678][ T8900] ip6_output+0x235/0x7f0 [ 228.640231][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 228.645381][ T8900] ? ip6_fragment+0x3980/0x3980 [ 228.650326][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 228.659847][ T8900] ip6_local_out+0xc4/0x1b0 [ 228.664391][ T8900] ip6_send_skb+0xbb/0x350 [ 228.668987][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 228.674674][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 228.679619][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 228.684697][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 228.689918][ T8900] ? find_held_lock+0x35/0x130 [ 228.694688][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 228.700942][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 228.706442][ T8900] ? ___might_sleep+0x163/0x280 [ 228.712762][ T8900] ? __might_sleep+0x95/0x190 [ 228.717595][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 228.731064][ T8900] inet_sendmsg+0x147/0x5e0 [ 228.741236][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 228.746378][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 228.753361][ T8900] ? ipip_gro_receive+0x100/0x100 [ 228.758945][ T8900] sock_sendmsg+0xdd/0x130 [ 228.764860][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 228.770174][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 228.775655][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 228.781040][ T8900] ? retint_kernel+0x2d/0x2d [ 228.785688][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 228.791356][ T8900] ? __might_fault+0x12b/0x1e0 [ 228.796660][ T8900] ? find_held_lock+0x35/0x130 [ 228.801557][ T8900] ? __might_fault+0x12b/0x1e0 [ 228.814624][ T8900] ? lock_downgrade+0x880/0x880 [ 228.819594][ T8900] ? ___might_sleep+0x163/0x280 [ 228.824662][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 228.829371][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 228.839252][ T8900] ? _copy_to_user+0xc9/0x120 [ 228.844057][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 228.851198][ T8900] ? put_timespec64+0xda/0x140 [ 228.856594][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 228.861572][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 228.869944][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 228.876806][ T8900] ? do_syscall_64+0x26/0x610 [ 228.882537][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.888626][ T8900] ? do_syscall_64+0x26/0x610 [ 228.893332][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 228.898272][ T8900] do_syscall_64+0x103/0x610 [ 228.902899][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.908825][ T8900] RIP: 0033:0x4582b9 [ 228.912750][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 228.936861][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 228.946179][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 228.954165][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 228.962150][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 228.970229][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 228.978203][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 228.989087][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 228.998417][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 229.004275][ T8900] CPU: 0 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 229.013306][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.023378][ T8900] Call Trace: [ 229.026801][ T8900] dump_stack+0x172/0x1f0 [ 229.031247][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 229.036828][ T8900] ip6_finish_output+0x335/0xdc0 [ 229.041788][ T8900] ip6_output+0x235/0x7f0 [ 229.046147][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 229.051265][ T8900] ? ip6_fragment+0x3980/0x3980 [ 229.056122][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 229.061713][ T8900] ip6_local_out+0xc4/0x1b0 [ 229.066498][ T8900] ip6_send_skb+0xbb/0x350 [ 229.072086][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 229.078031][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 229.082833][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 229.087887][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 229.095910][ T8900] ? find_held_lock+0x35/0x130 [ 229.100688][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 229.106965][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 229.112806][ T8900] ? ___might_sleep+0x163/0x280 [ 229.117699][ T8900] ? __might_sleep+0x95/0x190 [ 229.122518][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 229.134559][ T8900] inet_sendmsg+0x147/0x5e0 [ 229.144292][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 229.152908][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 229.158081][ T8900] ? ipip_gro_receive+0x100/0x100 [ 229.169326][ T8900] sock_sendmsg+0xdd/0x130 [ 229.174669][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 229.181387][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 229.192725][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 229.198342][ T8900] ? retint_kernel+0x2d/0x2d [ 229.206642][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 229.216220][ T8900] ? __might_fault+0x12b/0x1e0 [ 229.222783][ T8900] ? find_held_lock+0x35/0x130 [ 229.227668][ T8900] ? __might_fault+0x12b/0x1e0 [ 229.232477][ T8900] ? lock_downgrade+0x880/0x880 [ 229.237333][ T8900] ? ___might_sleep+0x163/0x280 [ 229.242293][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 229.248547][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 229.253616][ T8900] ? _copy_to_user+0xc9/0x120 [ 229.258320][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 229.268187][ T8900] ? put_timespec64+0xda/0x140 [ 229.272955][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 229.277836][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 229.283550][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 229.291741][ T8900] ? do_syscall_64+0x26/0x610 [ 229.296487][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.302832][ T8900] ? do_syscall_64+0x26/0x610 [ 229.307923][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 229.312885][ T8900] do_syscall_64+0x103/0x610 [ 229.317484][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.323408][ T8900] RIP: 0033:0x4582b9 [ 229.327333][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 229.348940][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 229.357461][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 229.365580][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 229.374580][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 229.382596][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 229.390707][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 229.401290][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 229.420733][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 229.438742][ T8900] CPU: 0 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 229.448379][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.458430][ T8900] Call Trace: [ 229.461757][ T8900] dump_stack+0x172/0x1f0 [ 229.466112][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 229.471673][ T8900] ip6_finish_output+0x335/0xdc0 [ 229.476615][ T8900] ip6_output+0x235/0x7f0 [ 229.480961][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 229.486118][ T8900] ? ip6_fragment+0x3980/0x3980 [ 229.491280][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 229.496837][ T8900] ip6_local_out+0xc4/0x1b0 [ 229.501362][ T8900] ip6_send_skb+0xbb/0x350 [ 229.505818][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 229.511125][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 229.515912][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 229.520955][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 229.526202][ T8900] ? find_held_lock+0x35/0x130 [ 229.530986][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 229.541195][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 229.546675][ T8900] ? ___might_sleep+0x163/0x280 [ 229.551790][ T8900] ? __might_sleep+0x95/0x190 [ 229.556472][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 229.566103][ T8900] inet_sendmsg+0x147/0x5e0 [ 229.570613][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 229.575680][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 229.580849][ T8900] ? ipip_gro_receive+0x100/0x100 [ 229.585919][ T8900] sock_sendmsg+0xdd/0x130 [ 229.590376][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 229.595080][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 229.602196][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 229.607555][ T8900] ? retint_kernel+0x2d/0x2d [ 229.613811][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 229.619472][ T8900] ? __might_fault+0x12b/0x1e0 [ 229.627048][ T8900] ? find_held_lock+0x35/0x130 [ 229.632203][ T8900] ? __might_fault+0x12b/0x1e0 [ 229.637108][ T8900] ? lock_downgrade+0x880/0x880 [ 229.641996][ T8900] ? ___might_sleep+0x163/0x280 [ 229.646883][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 229.651589][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 229.656628][ T8900] ? _copy_to_user+0xc9/0x120 [ 229.661323][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 229.667671][ T8900] ? put_timespec64+0xda/0x140 [ 229.672470][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 229.677367][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 229.682841][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 229.688331][ T8900] ? do_syscall_64+0x26/0x610 [ 229.693542][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.699688][ T8900] ? do_syscall_64+0x26/0x610 [ 229.705377][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 229.710867][ T8900] do_syscall_64+0x103/0x610 [ 229.715471][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.721884][ T8900] RIP: 0033:0x4582b9 [ 229.725793][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 229.752171][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 229.760595][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 229.768589][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 229.776865][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 229.784875][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 229.795268][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 229.804591][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 229.814208][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 229.820077][ T8900] CPU: 0 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 229.829164][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.839241][ T8900] Call Trace: [ 229.842573][ T8900] dump_stack+0x172/0x1f0 [ 229.846924][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 229.852596][ T8900] ip6_finish_output+0x335/0xdc0 [ 229.857559][ T8900] ip6_output+0x235/0x7f0 [ 229.862716][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 229.867851][ T8900] ? ip6_fragment+0x3980/0x3980 [ 229.872705][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 229.878266][ T8900] ip6_local_out+0xc4/0x1b0 [ 229.882783][ T8900] ip6_send_skb+0xbb/0x350 [ 229.887235][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 229.892533][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 229.897300][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 229.902335][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 229.907996][ T8900] ? find_held_lock+0x35/0x130 [ 229.912875][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 229.919134][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 229.924652][ T8900] ? ___might_sleep+0x163/0x280 [ 229.929538][ T8900] ? __might_sleep+0x95/0x190 [ 229.934259][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 229.939816][ T8900] inet_sendmsg+0x147/0x5e0 [ 229.944361][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 229.949391][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 229.956553][ T8900] ? ipip_gro_receive+0x100/0x100 [ 229.961783][ T8900] sock_sendmsg+0xdd/0x130 [ 229.967102][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 229.971800][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 229.979700][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 229.984920][ T8900] ? retint_kernel+0x2d/0x2d [ 229.989525][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 229.995191][ T8900] ? __might_fault+0x12b/0x1e0 [ 229.999989][ T8900] ? find_held_lock+0x35/0x130 [ 230.004763][ T8900] ? __might_fault+0x12b/0x1e0 [ 230.009564][ T8900] ? lock_downgrade+0x880/0x880 [ 230.014482][ T8900] ? ___might_sleep+0x163/0x280 [ 230.019344][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 230.024060][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 230.029207][ T8900] ? _copy_to_user+0xc9/0x120 [ 230.034058][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 230.042611][ T8900] ? put_timespec64+0xda/0x140 [ 230.048065][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 230.052946][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 230.058425][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 230.063921][ T8900] ? do_syscall_64+0x26/0x610 [ 230.068595][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.074667][ T8900] ? do_syscall_64+0x26/0x610 [ 230.079726][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 230.084691][ T8900] do_syscall_64+0x103/0x610 [ 230.089295][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.099249][ T8900] RIP: 0033:0x4582b9 [ 230.103172][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 230.122888][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 230.131418][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 230.139413][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 230.147391][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 230.155670][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 230.163671][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 230.173154][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 230.184229][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 230.190151][ T8900] CPU: 0 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 230.199195][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.209262][ T8900] Call Trace: [ 230.212561][ T8900] dump_stack+0x172/0x1f0 [ 230.216912][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 230.222467][ T8900] ip6_finish_output+0x335/0xdc0 [ 230.227499][ T8900] ip6_output+0x235/0x7f0 [ 230.232036][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 230.237160][ T8900] ? ip6_fragment+0x3980/0x3980 [ 230.242061][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 230.248861][ T8900] ip6_local_out+0xc4/0x1b0 [ 230.253942][ T8900] ip6_send_skb+0xbb/0x350 [ 230.258364][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 230.263663][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 230.268441][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 230.273457][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 230.278652][ T8900] ? find_held_lock+0x35/0x130 [ 230.283461][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 230.289715][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 230.295196][ T8900] ? ___might_sleep+0x163/0x280 [ 230.300049][ T8900] ? __might_sleep+0x95/0x190 [ 230.304737][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 230.310300][ T8900] inet_sendmsg+0x147/0x5e0 [ 230.314795][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 230.319835][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 230.324771][ T8900] ? ipip_gro_receive+0x100/0x100 [ 230.329884][ T8900] sock_sendmsg+0xdd/0x130 [ 230.334313][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 230.339007][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 230.344475][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 230.349414][ T8900] ? retint_kernel+0x2d/0x2d [ 230.354016][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 230.359675][ T8900] ? __might_fault+0x12b/0x1e0 [ 230.364456][ T8900] ? find_held_lock+0x35/0x130 [ 230.369221][ T8900] ? __might_fault+0x12b/0x1e0 [ 230.374082][ T8900] ? lock_downgrade+0x880/0x880 [ 230.378962][ T8900] ? ___might_sleep+0x163/0x280 [ 230.383908][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 230.390362][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 230.395391][ T8900] ? _copy_to_user+0xc9/0x120 [ 230.400089][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 230.406370][ T8900] ? put_timespec64+0xda/0x140 [ 230.411150][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 230.416010][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 230.421481][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 230.426985][ T8900] ? do_syscall_64+0x26/0x610 [ 230.439652][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.447466][ T8900] ? do_syscall_64+0x26/0x610 [ 230.453560][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 230.458517][ T8900] do_syscall_64+0x103/0x610 [ 230.463115][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.469018][ T8900] RIP: 0033:0x4582b9 [ 230.472907][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 230.497736][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 230.506144][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 230.514221][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 230.522310][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 230.535503][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 230.544277][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 230.554665][ T8900] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/8900 [ 230.564072][ T8900] caller is ip6_finish_output+0x335/0xdc0 [ 230.569939][ T8900] CPU: 0 PID: 8900 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 230.579644][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.589880][ T8900] Call Trace: [ 230.596229][ T8900] dump_stack+0x172/0x1f0 [ 230.600928][ T8900] __this_cpu_preempt_check+0x246/0x270 [ 230.608741][ T8900] ip6_finish_output+0x335/0xdc0 [ 230.613715][ T8900] ip6_output+0x235/0x7f0 [ 230.618078][ T8900] ? ip6_finish_output+0xdc0/0xdc0 [ 230.623229][ T8900] ? ip6_fragment+0x3980/0x3980 [ 230.629185][ T8900] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 230.636366][ T8900] ip6_local_out+0xc4/0x1b0 [ 230.641633][ T8900] ip6_send_skb+0xbb/0x350 [ 230.646077][ T8900] ip6_push_pending_frames+0xc8/0xf0 [ 230.651540][ T8900] rawv6_sendmsg+0x299c/0x35e0 [ 230.656318][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 230.661355][ T8900] ? aa_profile_af_perm+0x320/0x320 [ 230.666555][ T8900] ? find_held_lock+0x35/0x130 [ 230.671335][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 230.677604][ T8900] ? rw_copy_check_uvector+0x2a6/0x330 [ 230.683084][ T8900] ? ___might_sleep+0x163/0x280 [ 230.687969][ T8900] ? __might_sleep+0x95/0x190 [ 230.692654][ T8900] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 230.698218][ T8900] inet_sendmsg+0x147/0x5e0 [ 230.702731][ T8900] ? rawv6_getsockopt+0x150/0x150 [ 230.707785][ T8900] ? inet_sendmsg+0x147/0x5e0 [ 230.712479][ T8900] ? ipip_gro_receive+0x100/0x100 [ 230.717523][ T8900] sock_sendmsg+0xdd/0x130 [ 230.721964][ T8900] ___sys_sendmsg+0x3e2/0x930 [ 230.726662][ T8900] ? copy_msghdr_from_user+0x430/0x430 [ 230.732133][ T8900] ? __lock_acquire+0x548/0x3fb0 [ 230.737146][ T8900] ? retint_kernel+0x2d/0x2d [ 230.743149][ T8900] ? trace_hardirqs_on_caller+0x6a/0x220 [ 230.748827][ T8900] ? __might_fault+0x12b/0x1e0 [ 230.753633][ T8900] ? find_held_lock+0x35/0x130 [ 230.758397][ T8900] ? __might_fault+0x12b/0x1e0 [ 230.763175][ T8900] ? lock_downgrade+0x880/0x880 [ 230.768971][ T8900] ? ___might_sleep+0x163/0x280 [ 230.773858][ T8900] __sys_sendmmsg+0x1bf/0x4d0 [ 230.778625][ T8900] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 230.783654][ T8900] ? _copy_to_user+0xc9/0x120 [ 230.788343][ T8900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 230.794760][ T8900] ? put_timespec64+0xda/0x140 [ 230.799560][ T8900] ? nsecs_to_jiffies+0x30/0x30 [ 230.804461][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 230.810009][ T8900] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 230.815474][ T8900] ? do_syscall_64+0x26/0x610 [ 230.820167][ T8900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.826241][ T8900] ? do_syscall_64+0x26/0x610 [ 230.830948][ T8900] __x64_sys_sendmmsg+0x9d/0x100 [ 230.835889][ T8900] do_syscall_64+0x103/0x610 [ 230.840489][ T8900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.846404][ T8900] RIP: 0033:0x4582b9 [ 230.850666][ T8900] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 230.874788][ T8900] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 230.886371][ T8900] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 230.902519][ T8900] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 230.910540][ T8900] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 230.918541][ T8900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 230.927029][ T8900] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff 22:27:06 executing program 5: connect$inet6(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0}}], 0x4000000000003be, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f00000003c0)=0x2, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) socket$alg(0x26, 0x5, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(0x0, 0x0) 22:27:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f00000001c0)={0x146}) 22:27:06 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r1) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r2, r3, 0x0, 0xc700000e) 22:27:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f00000001c0)={0x145}) 22:27:06 executing program 1: io_setup(0x2, &(0x7f0000000180)) r0 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000400)={'syz'}, &(0x7f0000000000)="00de", 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0x53, 0x0) 22:27:06 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020d0000100000000000002000000400030006000d00000002002000e000000100000000000000000800120002000200000000007d228000030000000303010000000300000000000000001f03000000160000000301000000000000000000000000000000000000030005000000000002000000e00000010000000000000000"], 0x80}}, 0x0) 22:27:06 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000000380)=[{0x0}], 0x1, 0x2) syz_open_dev$usbmon(0x0, 0x81, 0x40000) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, &(0x7f00000006c0)) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8) r0 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x0, 0x20001) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000200)) ioctl$EVIOCGBITKEY(r0, 0x80404521, 0x0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r3, 0x0) write$binfmt_misc(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="000000008e9464a206bd25e188bc0994ddc3d9575e6dec2aa5588b8bff2e1c2222551fbc604e3e3b37d33db65ff8d115168aaccef4eeb7e1eb24c5700ebdff10ece5ca1f61e06965b298c8ce3dd02c68a147a8ec7063e732be04fec951f934879ed74cfde53d9a4f0dd315fd4b8b8ca68aa7d1b08841e555727e8c767ee245828827867edc7a1153576dd34779fce9ab868692959ceba04e576d3c530d6671d7f1e3a0389707d71c3366af65da074ad23cade2cecfaf942b0b4dd95b532479a7c2c73146d1e82cb0b679aa2aafadc8ff4162836a56718e77701ac5fdce60d3eb930e566722278144ed27b640c54637"], 0xef) io_setup(0x101, &(0x7f0000000040)=0x0) ioctl$BLKRESETZONE(r0, 0x40101283, &(0x7f0000000180)={0x0, 0x6}) r5 = shmget$private(0x0, 0x3000, 0x16a424badf40a786, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_STAT(r5, 0x2, &(0x7f0000000500)=""/248) io_submit(r4, 0x2000000000000246, &(0x7f0000001540)=[&(0x7f0000000140)={0x3a000000, 0x2759, 0xd, 0x0, 0x0, r2, &(0x7f0000000000), 0xfffffce4}]) syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x0, 0x400) mmap(&(0x7f00008e5000/0x2000)=nil, 0x2000, 0x3, 0x10, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x0, 0x0) 22:27:06 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00'}) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="000000000c0000000000000008000100736671004800020000000000000000000c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f0000002fec3bd2a6d00000000000000061d87db4bbf191e6e25b02a70ad5b00754aaa6c275687c7bdcdae21d8cd4fa27667fecacf2a77c80ff006402d2c043a2fcd9213ed14b2dae048cb59bd52a5c2840a302cf01bd94e3ab2dfdb20b8116c46f2c5285ecfc19406c3318ea1c1961848926041810a230e06629bc4bcb22ccc2a74072114337296caec0f817abe7ae5d9d73d31830784938f1d56f4d34f3dbe5a631e401a489d987d0783670f2cf8f84701c01731147677f24c71086135f26bf7e269f0248f48f66"], 0x1}}, 0x0) 22:27:06 executing program 4: socketpair$unix(0x1, 0x1000000000080003, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKRRPART(r1, 0x125e, 0x70a000) 22:27:06 executing program 2: socketpair$unix(0x1, 0x1000000000080003, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKRRPART(r1, 0x1267, 0x70a000) 22:27:06 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r1) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r3 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r2, r3, 0x0, 0xc700000e) 22:27:06 executing program 4: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c) listen(r0, 0x5eb856) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23}, 0x10) ppoll(&(0x7f00000000c0)=[{r1, 0x101e}], 0x1, 0x0, 0x0, 0x0) 22:27:06 executing program 5: connect$inet6(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0}}], 0x4000000000003be, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f00000003c0)=0x2, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) socket$alg(0x26, 0x5, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(0x0, 0x0) 22:27:06 executing program 3: socketpair$unix(0x1, 0x1000000000080003, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKRRPART(r1, 0x80041284, 0x70a000) 22:27:06 executing program 2: socketpair$unix(0x1, 0x1000000000080003, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKRRPART(r1, 0x40081271, 0x70a000) 22:27:06 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000013c0)={{{@in, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@local, 0x0, 0x32}, 0x0, @in6, 0x0, 0x0, 0x0, 0x5}}, 0xe8) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @ipv4={[], [], @dev}}, 0x1c) sendmmsg(r0, &(0x7f0000000240), 0x5c3, 0x0) 22:27:06 executing program 4: gettid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) utimes(0x0, 0x0) timer_create(0x0, 0x0, 0x0) prctl$PR_SET_TIMERSLACK(0xf, 0x0) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0xffffffffffffff02) sendmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 22:27:06 executing program 2: r0 = socket$inet(0x10, 0x2, 0x0) munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) close(r0) clock_nanosleep(0x0, 0x0, 0x0, 0x0) socket$unix(0x1, 0x0, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0) lsetxattr$security_evm(0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="dd71fe0f8906e34bf886a5c05e13bc5f", 0x10) [ 231.916774][ T9002] check_preemption_disabled: 1840 callbacks suppressed [ 231.916789][ T9002] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9002 [ 231.933541][ T9002] caller is ip6_finish_output+0x335/0xdc0 [ 231.940380][ T9002] CPU: 1 PID: 9002 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 231.949521][ T9002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.961053][ T9002] Call Trace: [ 231.961092][ T9002] dump_stack+0x172/0x1f0 [ 231.961120][ T9002] __this_cpu_preempt_check+0x246/0x270 [ 231.961148][ T9002] ip6_finish_output+0x335/0xdc0 [ 231.969226][ T9002] ip6_output+0x235/0x7f0 [ 231.969246][ T9002] ? ip6_finish_output+0xdc0/0xdc0 [ 231.969265][ T9002] ? ip6_fragment+0x3980/0x3980 [ 231.969281][ T9002] ? ip_reply_glue_bits+0xc0/0xc0 [ 231.969299][ T9002] ip6_local_out+0xc4/0x1b0 [ 231.969327][ T9002] ip6_send_skb+0xbb/0x350 [ 232.008196][ T9002] udp_v6_send_skb.isra.0+0x839/0x14f0 22:27:07 executing program 3: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x4, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) 22:27:07 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x4, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) [ 232.013906][ T9002] udpv6_sendmsg+0x21e3/0x28d0 [ 232.018703][ T9002] ? ip_reply_glue_bits+0xc0/0xc0 [ 232.023769][ T9002] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 232.029789][ T9002] ? aa_profile_af_perm+0x320/0x320 [ 232.035131][ T9002] ? __might_fault+0x12b/0x1e0 [ 232.039952][ T9002] ? find_held_lock+0x35/0x130 [ 232.039972][ T9002] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.039988][ T9002] ? rw_copy_check_uvector+0x2a6/0x330 [ 232.040031][ T9002] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 232.051058][ T9002] inet_sendmsg+0x147/0x5e0 [ 232.051084][ T9002] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 232.051094][ T9002] ? inet_sendmsg+0x147/0x5e0 [ 232.051115][ T9002] ? ipip_gro_receive+0x100/0x100 [ 232.092059][ T9002] sock_sendmsg+0xdd/0x130 [ 232.092087][ T9002] ___sys_sendmsg+0x3e2/0x930 [ 232.092108][ T9002] ? copy_msghdr_from_user+0x430/0x430 [ 232.092132][ T9002] ? lock_downgrade+0x880/0x880 [ 232.092146][ T9002] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 232.092163][ T9002] ? kasan_check_read+0x11/0x20 [ 232.092179][ T9002] ? __fget+0x381/0x550 [ 232.092197][ T9002] ? ksys_dup3+0x3e0/0x3e0 [ 232.107157][ T9002] ? __fget_light+0x1a9/0x230 [ 232.122236][ T9002] ? __fdget+0x1b/0x20 [ 232.122253][ T9002] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.122269][ T9002] ? sockfd_lookup_light+0xcb/0x180 [ 232.122285][ T9002] __sys_sendmmsg+0x1bf/0x4d0 22:27:07 executing program 4: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x4, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, 0x0) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r2) [ 232.122304][ T9002] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 232.122330][ T9002] ? _copy_to_user+0xc9/0x120 [ 232.122352][ T9002] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.133486][ T9002] ? put_timespec64+0xda/0x140 [ 232.133500][ T9002] ? nsecs_to_jiffies+0x30/0x30 [ 232.133523][ T9002] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 232.133537][ T9002] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 232.133553][ T9002] ? do_syscall_64+0x26/0x610 [ 232.133567][ T9002] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.133581][ T9002] ? do_syscall_64+0x26/0x610 [ 232.133599][ T9002] __x64_sys_sendmmsg+0x9d/0x100 [ 232.133621][ T9002] do_syscall_64+0x103/0x610 [ 232.235434][ T9002] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.241763][ T9002] RIP: 0033:0x4582b9 [ 232.245690][ T9002] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:27:07 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 232.265864][ T9002] RSP: 002b:00007fe4816f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 232.274295][ T9002] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 232.282285][ T9002] RDX: 00000000000005c3 RSI: 0000000020000240 RDI: 0000000000000003 [ 232.284616][ T9020] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/9020 [ 232.290271][ T9002] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 232.290281][ T9002] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe4816f86d4 [ 232.290289][ T9002] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 232.302170][ T9021] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/9021 [ 232.312747][ T9020] caller is ip6_finish_output+0x335/0xdc0 [ 232.312768][ T9020] CPU: 0 PID: 9020 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 232.312780][ T9020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.312786][ T9020] Call Trace: [ 232.312811][ T9020] dump_stack+0x172/0x1f0 [ 232.312835][ T9020] __this_cpu_preempt_check+0x246/0x270 [ 232.312854][ T9020] ip6_finish_output+0x335/0xdc0 [ 232.312876][ T9020] ip6_output+0x235/0x7f0 [ 232.312892][ T9020] ? ip6_finish_output+0xdc0/0xdc0 [ 232.312910][ T9020] ? ip6_fragment+0x3980/0x3980 [ 232.312927][ T9020] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 232.312950][ T9020] ip6_local_out+0xc4/0x1b0 [ 232.312970][ T9020] ip6_send_skb+0xbb/0x350 [ 232.312992][ T9020] ip6_push_pending_frames+0xc8/0xf0 [ 232.313009][ T9020] rawv6_sendmsg+0x299c/0x35e0 [ 232.313035][ T9020] ? rawv6_getsockopt+0x150/0x150 [ 232.321109][ T9021] caller is ip6_finish_output+0x335/0xdc0 [ 232.329028][ T9020] ? aa_profile_af_perm+0x320/0x320 [ 232.329046][ T9020] ? find_held_lock+0x35/0x130 [ 232.329061][ T9020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.329076][ T9020] ? rw_copy_check_uvector+0x2a6/0x330 [ 232.329100][ T9020] ? ___might_sleep+0x163/0x280 [ 232.329122][ T9020] ? __might_sleep+0x95/0x190 [ 232.505070][ T9020] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 232.510634][ T9020] inet_sendmsg+0x147/0x5e0 [ 232.515441][ T9020] ? rawv6_getsockopt+0x150/0x150 [ 232.520477][ T9020] ? inet_sendmsg+0x147/0x5e0 [ 232.525239][ T9020] ? ipip_gro_receive+0x100/0x100 [ 232.534827][ T9020] sock_sendmsg+0xdd/0x130 [ 232.541459][ T9020] ___sys_sendmsg+0x3e2/0x930 [ 232.546168][ T9020] ? copy_msghdr_from_user+0x430/0x430 [ 232.551661][ T9020] ? lock_downgrade+0x880/0x880 [ 232.556552][ T9020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 232.562910][ T9020] ? kasan_check_read+0x11/0x20 [ 232.567782][ T9020] ? __fget+0x381/0x550 [ 232.571960][ T9020] ? ksys_dup3+0x3e0/0x3e0 [ 232.576405][ T9020] ? find_held_lock+0x35/0x130 [ 232.581212][ T9020] ? __fget_light+0x1a9/0x230 [ 232.586254][ T9020] ? __fdget+0x1b/0x20 [ 232.590338][ T9020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.596951][ T9020] ? sockfd_lookup_light+0xcb/0x180 [ 232.602264][ T9020] __sys_sendmmsg+0x1bf/0x4d0 [ 232.607221][ T9020] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 232.616145][ T9020] ? _copy_to_user+0xc9/0x120 [ 232.620855][ T9020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.627139][ T9020] ? put_timespec64+0xda/0x140 [ 232.631940][ T9020] ? nsecs_to_jiffies+0x30/0x30 [ 232.637033][ T9020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 232.642800][ T9020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 232.648288][ T9020] ? do_syscall_64+0x26/0x610 [ 232.652996][ T9020] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.659968][ T9020] ? do_syscall_64+0x26/0x610 [ 232.664868][ T9020] __x64_sys_sendmmsg+0x9d/0x100 [ 232.671087][ T9020] do_syscall_64+0x103/0x610 [ 232.675782][ T9020] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.683544][ T9020] RIP: 0033:0x4582b9 [ 232.687564][ T9020] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 232.707285][ T9020] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 232.715735][ T9020] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 232.723726][ T9020] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 232.731719][ T9020] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 232.739713][ T9020] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 232.747803][ T9020] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 232.756259][ T9021] CPU: 1 PID: 9021 Comm: syz-executor.1 Not tainted 5.1.0-rc3-next-20190405 #19 [ 232.766664][ T9021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.777962][ T9021] Call Trace: [ 232.781709][ T9020] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/9020 [ 232.786719][ T9021] dump_stack+0x172/0x1f0 [ 232.786741][ T9021] __this_cpu_preempt_check+0x246/0x270 [ 232.786761][ T9021] ip6_finish_output+0x335/0xdc0 [ 232.786782][ T9021] ip6_output+0x235/0x7f0 [ 232.786799][ T9021] ? ip6_finish_output+0xdc0/0xdc0 [ 232.786824][ T9021] ? ip6_fragment+0x3980/0x3980 [ 232.802322][ T9020] caller is ip6_finish_output+0x335/0xdc0 [ 232.812202][ T9021] ? ip_reply_glue_bits+0xc0/0xc0 [ 232.812227][ T9021] ip6_local_out+0xc4/0x1b0 [ 232.812252][ T9021] ip6_send_skb+0xbb/0x350 [ 232.812271][ T9021] udp_v6_send_skb.isra.0+0x839/0x14f0 [ 232.812290][ T9021] udpv6_sendmsg+0x21e3/0x28d0 [ 232.812304][ T9021] ? find_held_lock+0x35/0x130 [ 232.812316][ T9021] ? ip_reply_glue_bits+0xc0/0xc0 [ 232.812336][ T9021] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 232.812367][ T9021] ? aa_profile_af_perm+0x320/0x320 [ 232.909092][ T9021] ? __might_fault+0x12b/0x1e0 [ 232.914748][ T9021] ? find_held_lock+0x35/0x130 [ 232.919536][ T9021] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 232.925812][ T9021] ? rw_copy_check_uvector+0x2a6/0x330 [ 232.931413][ T9021] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 232.941450][ T9021] inet_sendmsg+0x147/0x5e0 [ 232.948394][ T9021] ? udp6_unicast_rcv_skb.isra.0+0x2f0/0x2f0 [ 232.954855][ T9021] ? inet_sendmsg+0x147/0x5e0 [ 232.959563][ T9021] ? ipip_gro_receive+0x100/0x100 [ 232.964957][ T9021] sock_sendmsg+0xdd/0x130 [ 232.969402][ T9021] ___sys_sendmsg+0x3e2/0x930 [ 232.974114][ T9021] ? copy_msghdr_from_user+0x430/0x430 [ 232.979595][ T9021] ? lock_downgrade+0x880/0x880 [ 232.984754][ T9021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 232.991048][ T9021] ? kasan_check_read+0x11/0x20 [ 232.996040][ T9021] ? __fget+0x381/0x550 [ 233.000225][ T9021] ? ksys_dup3+0x3e0/0x3e0 [ 233.004672][ T9021] ? __fget_light+0x1a9/0x230 [ 233.009377][ T9021] ? __fdget+0x1b/0x20 [ 233.013485][ T9021] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 233.019774][ T9021] ? sockfd_lookup_light+0xcb/0x180 [ 233.025106][ T9021] __sys_sendmmsg+0x1bf/0x4d0 [ 233.030099][ T9021] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 233.038456][ T9021] ? _copy_to_user+0xc9/0x120 [ 233.043792][ T9021] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 233.050058][ T9021] ? put_timespec64+0xda/0x140 [ 233.054854][ T9021] ? nsecs_to_jiffies+0x30/0x30 [ 233.059940][ T9021] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 233.065423][ T9021] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 233.071004][ T9021] ? do_syscall_64+0x26/0x610 [ 233.075702][ T9021] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.095240][ T9021] ? do_syscall_64+0x26/0x610 [ 233.101878][ T9021] __x64_sys_sendmmsg+0x9d/0x100 [ 233.106941][ T9021] do_syscall_64+0x103/0x610 [ 233.111748][ T9021] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.117671][ T9021] RIP: 0033:0x4582b9 [ 233.125859][ T9021] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 233.158605][ T9021] RSP: 002b:00007fe4816d6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 233.168500][ T9021] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 233.177572][ T9021] RDX: 00000000000005c3 RSI: 0000000020000240 RDI: 0000000000000006 [ 233.185564][ T9021] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 233.193558][ T9021] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe4816d76d4 [ 233.201553][ T9021] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 233.209578][ T9020] CPU: 0 PID: 9020 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 22:27:08 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000640)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)) r1 = syz_open_pts(r0, 0x20201) fcntl$setstatus(r1, 0x4, 0x2800) write(r1, &(0x7f0000000000)="05", 0x1) dup3(r1, r0, 0x0) [ 233.219203][ T9020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.229654][ T9020] Call Trace: [ 233.232971][ T9020] dump_stack+0x172/0x1f0 [ 233.237321][ T9020] __this_cpu_preempt_check+0x246/0x270 [ 233.242888][ T9020] ip6_finish_output+0x335/0xdc0 [ 233.247845][ T9020] ip6_output+0x235/0x7f0 [ 233.252218][ T9020] ? ip6_finish_output+0xdc0/0xdc0 [ 233.262006][ T9020] ? ip6_fragment+0x3980/0x3980 [ 233.267540][ T9020] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 233.274104][ T9020] ip6_local_out+0xc4/0x1b0 [ 233.279947][ T9020] ip6_send_skb+0xbb/0x350 [ 233.284492][ T9020] ip6_push_pending_frames+0xc8/0xf0 [ 233.290651][ T9020] rawv6_sendmsg+0x299c/0x35e0 [ 233.296551][ T9020] ? rawv6_getsockopt+0x150/0x150 [ 233.301786][ T9020] ? aa_profile_af_perm+0x320/0x320 [ 233.307012][ T9020] ? find_held_lock+0x35/0x130 [ 233.311887][ T9020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 233.318141][ T9020] ? rw_copy_check_uvector+0x2a6/0x330 [ 233.323704][ T9020] ? ___might_sleep+0x163/0x280 [ 233.328584][ T9020] ? __might_sleep+0x95/0x190 [ 233.333282][ T9020] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 233.338832][ T9020] inet_sendmsg+0x147/0x5e0 [ 233.343389][ T9020] ? rawv6_getsockopt+0x150/0x150 [ 233.348418][ T9020] ? inet_sendmsg+0x147/0x5e0 [ 233.353109][ T9020] ? ipip_gro_receive+0x100/0x100 [ 233.359186][ T9020] sock_sendmsg+0xdd/0x130 [ 233.363861][ T9020] ___sys_sendmsg+0x3e2/0x930 [ 233.375104][ T9020] ? copy_msghdr_from_user+0x430/0x430 [ 233.380853][ T9020] ? __lock_acquire+0x548/0x3fb0 [ 233.385831][ T9020] ? lock_downgrade+0x880/0x880 [ 233.390806][ T9020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 233.397080][ T9020] ? kasan_check_read+0x11/0x20 [ 233.401970][ T9020] ? __might_fault+0x12b/0x1e0 [ 233.406765][ T9020] ? find_held_lock+0x35/0x130 [ 233.411645][ T9020] ? __might_fault+0x12b/0x1e0 [ 233.416425][ T9020] ? lock_downgrade+0x880/0x880 [ 233.421294][ T9020] ? ___might_sleep+0x163/0x280 [ 233.426169][ T9020] __sys_sendmmsg+0x1bf/0x4d0 [ 233.430867][ T9020] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 233.436115][ T9020] ? _copy_to_user+0xc9/0x120 [ 233.440914][ T9020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 233.447455][ T9020] ? put_timespec64+0xda/0x140 [ 233.452953][ T9020] ? nsecs_to_jiffies+0x30/0x30 [ 233.458734][ T9020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 233.467082][ T9020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 233.472576][ T9020] ? do_syscall_64+0x26/0x610 [ 233.477270][ T9020] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.483556][ T9020] ? do_syscall_64+0x26/0x610 [ 233.489342][ T9020] __x64_sys_sendmmsg+0x9d/0x100 [ 233.494330][ T9020] do_syscall_64+0x103/0x610 [ 233.499029][ T9020] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.505015][ T9020] RIP: 0033:0x4582b9 [ 233.508933][ T9020] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 233.528656][ T9020] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 233.537097][ T9020] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 233.545182][ T9020] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 233.553181][ T9020] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 233.561252][ T9020] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 233.569240][ T9020] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 233.582538][ T9020] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/9020 [ 233.613668][ T9020] caller is ip6_finish_output+0x335/0xdc0 [ 233.619786][ T9020] CPU: 0 PID: 9020 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 233.644849][ T9020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.655194][ T9020] Call Trace: [ 233.659311][ T9020] dump_stack+0x172/0x1f0 [ 233.663767][ T9020] __this_cpu_preempt_check+0x246/0x270 [ 233.674039][ T9020] ip6_finish_output+0x335/0xdc0 [ 233.679889][ T9020] ip6_output+0x235/0x7f0 [ 233.684441][ T9020] ? ip6_finish_output+0xdc0/0xdc0 [ 233.689953][ T9020] ? ip6_fragment+0x3980/0x3980 [ 233.695448][ T9020] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 233.708439][ T9020] ip6_local_out+0xc4/0x1b0 [ 233.713402][ T9020] ip6_send_skb+0xbb/0x350 [ 233.717843][ T9020] ip6_push_pending_frames+0xc8/0xf0 [ 233.723165][ T9020] rawv6_sendmsg+0x299c/0x35e0 [ 233.732903][ T9020] ? rawv6_getsockopt+0x150/0x150 [ 233.738720][ T9020] ? aa_profile_af_perm+0x320/0x320 [ 233.743930][ T9020] ? find_held_lock+0x35/0x130 [ 233.750185][ T9020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 233.756425][ T9020] ? rw_copy_check_uvector+0x2a6/0x330 [ 233.761993][ T9020] ? ___might_sleep+0x163/0x280 [ 233.766854][ T9020] ? __might_sleep+0x95/0x190 [ 233.774289][ T9020] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 233.780562][ T9020] inet_sendmsg+0x147/0x5e0 [ 233.786782][ T9020] ? rawv6_getsockopt+0x150/0x150 [ 233.804960][ T9020] ? inet_sendmsg+0x147/0x5e0 [ 233.819926][ T9020] ? ipip_gro_receive+0x100/0x100 [ 233.825221][ T9020] sock_sendmsg+0xdd/0x130 [ 233.832006][ T9020] ___sys_sendmsg+0x3e2/0x930 [ 233.839521][ T9020] ? copy_msghdr_from_user+0x430/0x430 [ 233.845171][ T9020] ? __lock_acquire+0x548/0x3fb0 [ 233.850117][ T9020] ? lock_downgrade+0x880/0x880 [ 233.855269][ T9020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 233.861518][ T9020] ? kasan_check_read+0x11/0x20 [ 233.866409][ T9020] ? __might_fault+0x12b/0x1e0 [ 233.871708][ T9020] ? find_held_lock+0x35/0x130 [ 233.878870][ T9020] ? __might_fault+0x12b/0x1e0 [ 233.883679][ T9020] ? lock_downgrade+0x880/0x880 [ 233.890716][ T9020] ? ___might_sleep+0x163/0x280 [ 233.897458][ T9020] __sys_sendmmsg+0x1bf/0x4d0 [ 233.902535][ T9020] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 233.912665][ T9020] ? _copy_to_user+0xc9/0x120 [ 233.917369][ T9020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 233.923656][ T9020] ? put_timespec64+0xda/0x140 [ 233.930387][ T9020] ? nsecs_to_jiffies+0x30/0x30 [ 233.939963][ T9020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 233.951312][ T9020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 233.958058][ T9020] ? do_syscall_64+0x26/0x610 [ 233.963626][ T9020] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.970132][ T9020] ? do_syscall_64+0x26/0x610 [ 233.974828][ T9020] __x64_sys_sendmmsg+0x9d/0x100 [ 233.979969][ T9020] do_syscall_64+0x103/0x610 [ 233.984936][ T9020] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.999126][ T9020] RIP: 0033:0x4582b9 [ 234.003050][ T9020] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 234.023450][ T9020] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 234.032332][ T9020] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 234.040585][ T9020] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 234.053843][ T9020] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 234.063718][ T9020] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 234.071886][ T9020] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff [ 234.081016][ T9020] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.5/9020 [ 234.090472][ T9020] caller is ip6_finish_output+0x335/0xdc0 [ 234.096639][ T9020] CPU: 1 PID: 9020 Comm: syz-executor.5 Not tainted 5.1.0-rc3-next-20190405 #19 [ 234.105667][ T9020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.115744][ T9020] Call Trace: [ 234.119084][ T9020] dump_stack+0x172/0x1f0 [ 234.119108][ T9020] __this_cpu_preempt_check+0x246/0x270 [ 234.119127][ T9020] ip6_finish_output+0x335/0xdc0 [ 234.119150][ T9020] ip6_output+0x235/0x7f0 [ 234.138341][ T9020] ? ip6_finish_output+0xdc0/0xdc0 [ 234.138365][ T9020] ? ip6_fragment+0x3980/0x3980 [ 234.138384][ T9020] ? ip6_autoflowlabel.part.0+0x70/0x70 [ 234.138406][ T9020] ip6_local_out+0xc4/0x1b0 [ 234.158426][ T9020] ip6_send_skb+0xbb/0x350 [ 234.162964][ T9020] ip6_push_pending_frames+0xc8/0xf0 [ 234.168564][ T9020] rawv6_sendmsg+0x299c/0x35e0 [ 234.173365][ T9020] ? rawv6_getsockopt+0x150/0x150 [ 234.178414][ T9020] ? aa_profile_af_perm+0x320/0x320 [ 234.183671][ T9020] ? find_held_lock+0x35/0x130 [ 234.188462][ T9020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 234.194842][ T9020] ? rw_copy_check_uvector+0x2a6/0x330 [ 234.200376][ T9020] ? ___might_sleep+0x163/0x280 [ 234.205300][ T9020] ? __might_sleep+0x95/0x190 [ 234.212320][ T9020] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 234.217983][ T9020] inet_sendmsg+0x147/0x5e0 [ 234.222509][ T9020] ? rawv6_getsockopt+0x150/0x150 [ 234.227584][ T9020] ? inet_sendmsg+0x147/0x5e0 [ 234.232285][ T9020] ? ipip_gro_receive+0x100/0x100 [ 234.237333][ T9020] sock_sendmsg+0xdd/0x130 [ 234.241784][ T9020] ___sys_sendmsg+0x3e2/0x930 [ 234.241805][ T9020] ? copy_msghdr_from_user+0x430/0x430 [ 234.241825][ T9020] ? __lock_acquire+0x548/0x3fb0 [ 234.241839][ T9020] ? lock_downgrade+0x880/0x880 [ 234.241854][ T9020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 234.241879][ T9020] ? kasan_check_read+0x11/0x20 [ 234.252034][ T9020] ? __might_fault+0x12b/0x1e0 [ 234.252049][ T9020] ? find_held_lock+0x35/0x130 [ 234.252063][ T9020] ? __might_fault+0x12b/0x1e0 [ 234.252093][ T9020] ? lock_downgrade+0x880/0x880 [ 234.252116][ T9020] ? ___might_sleep+0x163/0x280 [ 234.252131][ T9020] __sys_sendmmsg+0x1bf/0x4d0 [ 234.252159][ T9020] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 234.273097][ T9020] ? _copy_to_user+0xc9/0x120 [ 234.273120][ T9020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 234.273135][ T9020] ? put_timespec64+0xda/0x140 [ 234.273150][ T9020] ? nsecs_to_jiffies+0x30/0x30 [ 234.273175][ T9020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 234.282845][ T9020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 234.282862][ T9020] ? do_syscall_64+0x26/0x610 [ 234.282878][ T9020] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 234.282892][ T9020] ? do_syscall_64+0x26/0x610 [ 234.282915][ T9020] __x64_sys_sendmmsg+0x9d/0x100 [ 234.389361][ T9020] do_syscall_64+0x103/0x610 [ 234.389380][ T9020] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 234.389392][ T9020] RIP: 0033:0x4582b9 [ 234.389410][ T9020] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 234.389417][ T9020] RSP: 002b:00007fde81eacc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 234.389431][ T9020] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004582b9 [ 234.389440][ T9020] RDX: 00000000000004ff RSI: 00000000200092c0 RDI: 0000000000000004 [ 234.389448][ T9020] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 234.389456][ T9020] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde81ead6d4 [ 234.389465][ T9020] R13: 00000000004c5230 R14: 00000000004d9380 R15: 00000000ffffffff 22:27:09 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) [ 234.395977][ T26] audit: type=1800 audit(1554676029.096:114): pid=9030 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16658 res=0 [ 234.516111][ T26] audit: type=1804 audit(1554676029.096:115): pid=9030 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/40/file0" dev="sda1" ino=16658 res=1 [ 234.548977][ T26] audit: type=1800 audit(1554676029.456:116): pid=9039 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16661 res=0 [ 234.578145][ T26] audit: type=1804 audit(1554676029.476:117): pid=9039 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir627548139/syzkaller.XSl0wU/41/file0" dev="sda1" ino=16661 res=1 22:27:09 executing program 5: connect$inet6(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0}}], 0x4000000000003be, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f00000003c0)=0x2, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) socket$alg(0x26, 0x5, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:27:09 executing program 1: clone(0x200, 0x0, 0x0, 0x0, 0x0) symlink(&(0x7f0000000400)='./file1\x00', &(0x7f0000000440)='./file1\x00') mknod(&(0x7f0000f80000)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000140)=""/11, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)) r1 = creat(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x10a) dup2(r0, r1) execve(&(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0) open$dir(&(0x7f00000002c0)='./file0\x00', 0x83e, 0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) ioctl$EVIOCSKEYCODE(r1, 0x40084504, 0x0) 22:27:09 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x4, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) 22:27:09 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000000c0), 0x4) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:27:09 executing program 3: syz_execute_func(&(0x7f0000000200)="410f01f964ff0941c3c401e9ea103e42d87366420fe2e33e0f1110c442019dcc6f") clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000180)={0x0, 0x7530}, 0x10) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, 0x0, 0x0) r1 = dup(r0) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000400)={&(0x7f0000000140), 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000804}, 0x20000081) 22:27:09 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x4, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) 22:27:09 executing program 4: clone(0x8000100000203, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000f80000)='./file0\x00', 0x0, 0x0) execve(0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x200010a) close(r0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200800000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) open$dir(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) clone(0x3103101ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000001c0), &(0x7f0000000300)) setsockopt$inet_mreq(r0, 0x0, 0x0, 0x0, 0x0) 22:27:09 executing program 0: syz_open_dev$sndctrl(0x0, 0x0, 0x0) read$rfkill(0xffffffffffffffff, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(0x0, 0x400, 0x61) r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000140)={r0, 0x9}) fchdir(r2) quotactl(0x3ff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)="50d04cef0093c3521bdb2c1900f29207f98cc527ddbbaafd14f58e51253c6d3f528c108170b007960776d20082a9845e1c74f3676143b582394d142ff3c41eb98d83a63ddbdbe63650") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000001c0), 0x4) sched_setattr(0x0, 0x0, 0x0) r3 = open(&(0x7f0000000240)='./file0\x00', 0x40c2, 0x100000000004) r4 = open$dir(&(0x7f0000000600)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de82", 0x1f2) sendfile(r3, r4, 0x0, 0xc700000e) 22:27:10 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x4, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) 22:27:10 executing program 3: syz_execute_func(&(0x7f0000000200)="410f01f964ff0941c3c401e9ea103e42d87366420fe2e33e0f1110c442019dcc6f") clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000180)={0x0, 0x7530}, 0x10) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r1 = dup(r0) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000400)={&(0x7f0000000140), 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000804}, 0x20000081)