[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.49' (ECDSA) to the list of known hosts. 2021/05/28 01:41:40 fuzzer started 2021/05/28 01:41:40 dialing manager at 10.128.0.163:33615 2021/05/28 01:41:40 syscalls: 1998 2021/05/28 01:41:40 code coverage: enabled 2021/05/28 01:41:40 comparison tracing: enabled 2021/05/28 01:41:40 extra coverage: enabled 2021/05/28 01:41:40 setuid sandbox: enabled 2021/05/28 01:41:40 namespace sandbox: enabled 2021/05/28 01:41:40 Android sandbox: enabled 2021/05/28 01:41:40 fault injection: enabled 2021/05/28 01:41:40 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/05/28 01:41:40 net packet injection: /dev/net/tun does not exist 2021/05/28 01:41:40 net device setup: enabled 2021/05/28 01:41:40 concurrency sanitizer: enabled 2021/05/28 01:41:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/05/28 01:41:40 USB emulation: /dev/raw-gadget does not exist 2021/05/28 01:41:40 hci packet injection: /dev/vhci does not exist 2021/05/28 01:41:40 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 2021/05/28 01:41:40 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 2021/05/28 01:41:40 suppressing KCSAN reports in functions: '__xa_clear_mark' 'n_tty_receive_buf_common' '_find_next_bit' 'blk_mq_rq_ctx_init' 'generic_write_end' 'ext4_mpage_readpages' 'xas_clear_mark' '__ext4_new_inode' 'ext4_free_inodes_count' 'do_sys_poll' 'ext4_ext_handle_unwritten_extents' 'blk_mq_sched_dispatch_requests' 2021/05/28 01:41:40 fetching corpus: 0, signal 0/2000 (executing program) 2021/05/28 01:41:40 fetching corpus: 48, signal 11978/15682 (executing program) 2021/05/28 01:41:41 fetching corpus: 98, signal 21263/26509 (executing program) 2021/05/28 01:41:41 fetching corpus: 148, signal 27843/34530 (executing program) 2021/05/28 01:41:41 fetching corpus: 198, signal 34551/42515 (executing program) 2021/05/28 01:41:41 fetching corpus: 248, signal 39911/49110 (executing program) 2021/05/28 01:41:41 fetching corpus: 298, signal 44452/54778 (executing program) 2021/05/28 01:41:41 fetching corpus: 348, signal 49948/61219 (executing program) 2021/05/28 01:41:41 fetching corpus: 398, signal 51574/64123 (executing program) 2021/05/28 01:41:41 fetching corpus: 448, signal 55793/69230 (executing program) 2021/05/28 01:41:41 fetching corpus: 498, signal 60362/74549 (executing program) 2021/05/28 01:41:41 fetching corpus: 548, signal 62461/77632 (executing program) 2021/05/28 01:41:41 fetching corpus: 598, signal 64585/80692 (executing program) 2021/05/28 01:41:41 fetching corpus: 647, signal 66241/83279 (executing program) 2021/05/28 01:41:41 fetching corpus: 697, signal 68158/86039 (executing program) 2021/05/28 01:41:41 fetching corpus: 747, signal 71356/89817 (executing program) 2021/05/28 01:41:41 fetching corpus: 797, signal 73844/92965 (executing program) 2021/05/28 01:41:41 fetching corpus: 847, signal 75077/95042 (executing program) 2021/05/28 01:41:41 fetching corpus: 897, signal 76541/97270 (executing program) 2021/05/28 01:41:41 fetching corpus: 947, signal 78168/99589 (executing program) 2021/05/28 01:41:41 fetching corpus: 997, signal 79970/101998 (executing program) 2021/05/28 01:41:41 fetching corpus: 1047, signal 81403/104093 (executing program) 2021/05/28 01:41:41 fetching corpus: 1097, signal 82892/106236 (executing program) 2021/05/28 01:41:41 fetching corpus: 1147, signal 83749/107864 (executing program) 2021/05/28 01:41:41 fetching corpus: 1197, signal 85624/110198 (executing program) 2021/05/28 01:41:41 fetching corpus: 1247, signal 86593/111865 (executing program) 2021/05/28 01:41:41 fetching corpus: 1297, signal 89124/114545 (executing program) 2021/05/28 01:41:41 fetching corpus: 1347, signal 89903/116008 (executing program) 2021/05/28 01:41:42 fetching corpus: 1397, signal 90832/117542 (executing program) 2021/05/28 01:41:42 fetching corpus: 1447, signal 91924/119196 (executing program) 2021/05/28 01:41:42 fetching corpus: 1497, signal 93208/120897 (executing program) 2021/05/28 01:41:42 fetching corpus: 1546, signal 94447/122562 (executing program) 2021/05/28 01:41:42 fetching corpus: 1595, signal 96217/124513 (executing program) 2021/05/28 01:41:42 fetching corpus: 1645, signal 97167/125893 (executing program) 2021/05/28 01:41:42 fetching corpus: 1695, signal 98144/127335 (executing program) 2021/05/28 01:41:42 fetching corpus: 1745, signal 99120/128702 (executing program) 2021/05/28 01:41:42 fetching corpus: 1795, signal 99850/129964 (executing program) 2021/05/28 01:41:42 fetching corpus: 1845, signal 100560/131202 (executing program) 2021/05/28 01:41:42 fetching corpus: 1895, signal 102063/132884 (executing program) 2021/05/28 01:41:42 fetching corpus: 1945, signal 103410/134424 (executing program) 2021/05/28 01:41:42 fetching corpus: 1995, signal 104121/135592 (executing program) 2021/05/28 01:41:42 fetching corpus: 2045, signal 108385/138559 (executing program) 2021/05/28 01:41:42 fetching corpus: 2095, signal 109352/139742 (executing program) 2021/05/28 01:41:42 fetching corpus: 2145, signal 110311/140905 (executing program) 2021/05/28 01:41:42 fetching corpus: 2195, signal 111102/142033 (executing program) 2021/05/28 01:41:42 fetching corpus: 2245, signal 112158/143221 (executing program) 2021/05/28 01:41:42 fetching corpus: 2295, signal 112566/144059 (executing program) 2021/05/28 01:41:42 fetching corpus: 2345, signal 113357/145113 (executing program) 2021/05/28 01:41:42 fetching corpus: 2395, signal 114838/146392 (executing program) 2021/05/28 01:41:42 fetching corpus: 2445, signal 115445/147295 (executing program) 2021/05/28 01:41:42 fetching corpus: 2495, signal 116309/148331 (executing program) 2021/05/28 01:41:42 fetching corpus: 2545, signal 117863/149545 (executing program) 2021/05/28 01:41:42 fetching corpus: 2595, signal 118669/150434 (executing program) 2021/05/28 01:41:42 fetching corpus: 2645, signal 119940/151456 (executing program) 2021/05/28 01:41:42 fetching corpus: 2695, signal 120993/152383 (executing program) 2021/05/28 01:41:43 fetching corpus: 2745, signal 121954/153276 (executing program) 2021/05/28 01:41:43 fetching corpus: 2795, signal 125084/154832 (executing program) 2021/05/28 01:41:43 fetching corpus: 2845, signal 125769/155564 (executing program) 2021/05/28 01:41:43 fetching corpus: 2895, signal 126619/156339 (executing program) 2021/05/28 01:41:43 fetching corpus: 2945, signal 127920/157245 (executing program) 2021/05/28 01:41:43 fetching corpus: 2995, signal 129106/158078 (executing program) 2021/05/28 01:41:43 fetching corpus: 3045, signal 129796/158734 (executing program) 2021/05/28 01:41:43 fetching corpus: 3095, signal 130660/159438 (executing program) 2021/05/28 01:41:43 fetching corpus: 3145, signal 131404/160063 (executing program) 2021/05/28 01:41:43 fetching corpus: 3195, signal 132292/160718 (executing program) 2021/05/28 01:41:43 fetching corpus: 3245, signal 133013/161318 (executing program) 2021/05/28 01:41:43 fetching corpus: 3295, signal 134253/161983 (executing program) 2021/05/28 01:41:43 fetching corpus: 3345, signal 134868/162504 (executing program) 2021/05/28 01:41:43 fetching corpus: 3395, signal 135598/163056 (executing program) 2021/05/28 01:41:43 fetching corpus: 3445, signal 136243/163530 (executing program) 2021/05/28 01:41:43 fetching corpus: 3495, signal 136705/163990 (executing program) 2021/05/28 01:41:43 fetching corpus: 3545, signal 137488/164545 (executing program) 2021/05/28 01:41:43 fetching corpus: 3595, signal 137984/164983 (executing program) 2021/05/28 01:41:43 fetching corpus: 3645, signal 138586/165402 (executing program) 2021/05/28 01:41:43 fetching corpus: 3695, signal 139125/165807 (executing program) 2021/05/28 01:41:43 fetching corpus: 3745, signal 139661/166218 (executing program) 2021/05/28 01:41:43 fetching corpus: 3795, signal 140776/166674 (executing program) 2021/05/28 01:41:43 fetching corpus: 3845, signal 141357/167074 (executing program) 2021/05/28 01:41:43 fetching corpus: 3895, signal 142160/167443 (executing program) 2021/05/28 01:41:43 fetching corpus: 3945, signal 142734/167785 (executing program) 2021/05/28 01:41:43 fetching corpus: 3995, signal 143284/168135 (executing program) 2021/05/28 01:41:43 fetching corpus: 4045, signal 144018/168452 (executing program) 2021/05/28 01:41:43 fetching corpus: 4095, signal 144754/168767 (executing program) 2021/05/28 01:41:43 fetching corpus: 4145, signal 145258/169067 (executing program) 2021/05/28 01:41:44 fetching corpus: 4195, signal 145694/169211 (executing program) 2021/05/28 01:41:44 fetching corpus: 4245, signal 146245/169214 (executing program) 2021/05/28 01:41:44 fetching corpus: 4295, signal 146745/169214 (executing program) 2021/05/28 01:41:44 fetching corpus: 4345, signal 147820/169214 (executing program) 2021/05/28 01:41:44 fetching corpus: 4395, signal 148338/169214 (executing program) 2021/05/28 01:41:44 fetching corpus: 4445, signal 148787/169214 (executing program) 2021/05/28 01:41:44 fetching corpus: 4495, signal 149651/169214 (executing program) 2021/05/28 01:41:44 fetching corpus: 4545, signal 150123/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 4595, signal 150476/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 4645, signal 150946/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 4695, signal 151549/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 4745, signal 152157/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 4795, signal 152623/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 4845, signal 152956/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 4895, signal 153385/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 4945, signal 154114/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 4995, signal 154759/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5045, signal 155635/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5095, signal 156397/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5145, signal 156805/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5195, signal 157491/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5245, signal 158020/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5295, signal 158367/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5345, signal 158924/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5395, signal 159307/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5445, signal 160044/169217 (executing program) 2021/05/28 01:41:44 fetching corpus: 5495, signal 160495/169219 (executing program) 2021/05/28 01:41:44 fetching corpus: 5545, signal 160962/169222 (executing program) 2021/05/28 01:41:44 fetching corpus: 5595, signal 161550/169222 (executing program) 2021/05/28 01:41:44 fetching corpus: 5645, signal 161967/169535 (executing program) 2021/05/28 01:41:44 fetching corpus: 5695, signal 162401/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 5745, signal 163057/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 5795, signal 163504/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 5845, signal 163930/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 5895, signal 164457/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 5945, signal 164920/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 5995, signal 165331/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 6045, signal 165640/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 6095, signal 166223/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 6145, signal 166530/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 6195, signal 167014/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 6245, signal 167309/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 6295, signal 167715/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 6345, signal 168161/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 6364, signal 168276/169535 (executing program) 2021/05/28 01:41:45 fetching corpus: 6364, signal 168276/169535 (executing program) 2021/05/28 01:41:46 starting 6 fuzzer processes 01:41:46 executing program 0: r0 = memfd_create(&(0x7f0000000200)=']', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = memfd_create(&(0x7f0000000340)='\x00\xc2\xea\x99\xbb\x1c\xf8jw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19\xe5\xbcJ6\xfc\xa8\xcdj\xc1F\x02\x93\xca`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00\x00\x00\x00\x00\x00\x00', 0x0) write(r2, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file0\x00', 0xc40001e1) close(r0) 01:41:46 executing program 1: pipe(&(0x7f0000000200)) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000040)) epoll_create1(0x0) r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f00000001c0), 0x0) 01:41:46 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x134, r1, 0x601, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x106, 0x1, '\x10\x80\x03l\x14\x10\xbc\x90;\xa8F\xcd3\xb86e_qS\r\xbc\x88;\x14afZa7-\xbf\xf4\xd2\n\x8a\xcdB\xd2\xa61\x1a\n{\xa5#|1@2FMr\xf6=\xa7\x88\x1a<\xf5\x93\xb6\xaf\xd0 L\xba\x95H\xf9\xe4\xb7[)\x19#\xb4\x83\xb7D\x1c\x00CR\xf6)bs\xc3\xa4\xb0\xe0l\x95\x7f\xa3\x18\xf7\x04\xd2)\xe6@\xaa\xe0\xcet\x99\x1d\x17\xe5&\xe7h#\xbc9\xd2u.h%\xbf\".aD\xf8)5\xf47\x87p\x18\xf4\x95\x0e\xa1SY\n\xfbn\xbe\xb1\xbef\xfe\xae\x14\xb2\x13\x88\x06\xbd\a\xb4\x90\xf2\xc5\x04+\x86l\x1e\x83\x1aA\x95\xd0\x0e\x03/\xde\x1a\xccNT\xf4\xad\x99\x83\xaf\x81Nz\xb2@\x1e\x82>:\xc9n\xe8\x16,\xccu\a(h>\x015\xadd\xce\x99k{\x91\xd9[B\xd3\x1f>{\xf6.\xa3d\xce\x7f\xb0\xaa\xe6~\xf45\xd4v7z\xffJ\xdeN\xd5\xb1\xa2t\xacj\xb8h\xe5\x98\xb6\xf3\xa0\xe0\xbc\x1d\x00\x0f\xf7'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback=0x7f000003}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1=0xe000000c}]}, 0x134}}, 0x0) 01:41:46 executing program 2: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:46 executing program 3: memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00\xddu\x8b\x95\x9c#\xa4\x13\x1e\x04G}\xa8\xeb\xf7\xcf\xbfT\xbf7\x108\x8d\x16\xe7\x91=\x90\xe6J\x8c\xad\x81\xf3\xb8i\x1b\x96=0\xf0,\xea\x03-\x15j\bQA\x92#\xdcF\x03i\x90x\xd3\xffY\x15]\x00\xd4\xc0\xcf\xc0\xebu\xdb\xc3o\xc1\xadu\xa6\xd69Wi\x17\xa6\x0e\xd65\xa0\xe6\"\xc9\xa3V\xbe`\xceV\xc0\xef\xc4\xe8\xbd\x81\xe6\xca\x0etQ\x8b .t\x01\'1o\xe4\x03SY\xc8U\xfbW\x9cG\x8dM\xbcn\xc2\'Y\r\xbc/\xfe\xfeh\x84}\xaef\x87x\xf3Ob\x1b\x85\x8a*{\x1d', 0x5) r0 = syz_io_uring_setup(0x2de1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x302, 0x0, 0x0, 0x0, 0x0) 01:41:46 executing program 4: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) syzkaller login: [ 24.653811][ T25] audit: type=1400 audit(1622166106.832:8): avc: denied { execmem } for pid=1758 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 24.759193][ T1764] cgroup: Unknown subsys name 'perf_event' [ 24.763874][ T1763] cgroup: Unknown subsys name 'perf_event' [ 24.771495][ T1763] cgroup: Unknown subsys name 'net_cls' [ 24.784566][ T1764] cgroup: Unknown subsys name 'net_cls' [ 24.790212][ T1765] cgroup: Unknown subsys name 'perf_event' [ 24.797028][ T1765] cgroup: Unknown subsys name 'net_cls' [ 24.803931][ T1766] cgroup: Unknown subsys name 'perf_event' [ 24.814993][ T1769] cgroup: Unknown subsys name 'perf_event' [ 24.818769][ T1766] cgroup: Unknown subsys name 'net_cls' [ 24.820920][ T1769] cgroup: Unknown subsys name 'net_cls' [ 24.830438][ T1774] cgroup: Unknown subsys name 'perf_event' [ 24.844350][ T1774] cgroup: Unknown subsys name 'net_cls' 01:41:50 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x134, r1, 0x601, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x106, 0x1, '\x10\x80\x03l\x14\x10\xbc\x90;\xa8F\xcd3\xb86e_qS\r\xbc\x88;\x14afZa7-\xbf\xf4\xd2\n\x8a\xcdB\xd2\xa61\x1a\n{\xa5#|1@2FMr\xf6=\xa7\x88\x1a<\xf5\x93\xb6\xaf\xd0 L\xba\x95H\xf9\xe4\xb7[)\x19#\xb4\x83\xb7D\x1c\x00CR\xf6)bs\xc3\xa4\xb0\xe0l\x95\x7f\xa3\x18\xf7\x04\xd2)\xe6@\xaa\xe0\xcet\x99\x1d\x17\xe5&\xe7h#\xbc9\xd2u.h%\xbf\".aD\xf8)5\xf47\x87p\x18\xf4\x95\x0e\xa1SY\n\xfbn\xbe\xb1\xbef\xfe\xae\x14\xb2\x13\x88\x06\xbd\a\xb4\x90\xf2\xc5\x04+\x86l\x1e\x83\x1aA\x95\xd0\x0e\x03/\xde\x1a\xccNT\xf4\xad\x99\x83\xaf\x81Nz\xb2@\x1e\x82>:\xc9n\xe8\x16,\xccu\a(h>\x015\xadd\xce\x99k{\x91\xd9[B\xd3\x1f>{\xf6.\xa3d\xce\x7f\xb0\xaa\xe6~\xf45\xd4v7z\xffJ\xdeN\xd5\xb1\xa2t\xacj\xb8h\xe5\x98\xb6\xf3\xa0\xe0\xbc\x1d\x00\x0f\xf7'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback=0x7f000003}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1=0xe000000c}]}, 0x134}}, 0x0) 01:41:50 executing program 2: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:50 executing program 2: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:50 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x134, r1, 0x601, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x106, 0x1, '\x10\x80\x03l\x14\x10\xbc\x90;\xa8F\xcd3\xb86e_qS\r\xbc\x88;\x14afZa7-\xbf\xf4\xd2\n\x8a\xcdB\xd2\xa61\x1a\n{\xa5#|1@2FMr\xf6=\xa7\x88\x1a<\xf5\x93\xb6\xaf\xd0 L\xba\x95H\xf9\xe4\xb7[)\x19#\xb4\x83\xb7D\x1c\x00CR\xf6)bs\xc3\xa4\xb0\xe0l\x95\x7f\xa3\x18\xf7\x04\xd2)\xe6@\xaa\xe0\xcet\x99\x1d\x17\xe5&\xe7h#\xbc9\xd2u.h%\xbf\".aD\xf8)5\xf47\x87p\x18\xf4\x95\x0e\xa1SY\n\xfbn\xbe\xb1\xbef\xfe\xae\x14\xb2\x13\x88\x06\xbd\a\xb4\x90\xf2\xc5\x04+\x86l\x1e\x83\x1aA\x95\xd0\x0e\x03/\xde\x1a\xccNT\xf4\xad\x99\x83\xaf\x81Nz\xb2@\x1e\x82>:\xc9n\xe8\x16,\xccu\a(h>\x015\xadd\xce\x99k{\x91\xd9[B\xd3\x1f>{\xf6.\xa3d\xce\x7f\xb0\xaa\xe6~\xf45\xd4v7z\xffJ\xdeN\xd5\xb1\xa2t\xacj\xb8h\xe5\x98\xb6\xf3\xa0\xe0\xbc\x1d\x00\x0f\xf7'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback=0x7f000003}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1=0xe000000c}]}, 0x134}}, 0x0) 01:41:50 executing program 2: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:50 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x134, r1, 0x601, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x106, 0x1, '\x10\x80\x03l\x14\x10\xbc\x90;\xa8F\xcd3\xb86e_qS\r\xbc\x88;\x14afZa7-\xbf\xf4\xd2\n\x8a\xcdB\xd2\xa61\x1a\n{\xa5#|1@2FMr\xf6=\xa7\x88\x1a<\xf5\x93\xb6\xaf\xd0 L\xba\x95H\xf9\xe4\xb7[)\x19#\xb4\x83\xb7D\x1c\x00CR\xf6)bs\xc3\xa4\xb0\xe0l\x95\x7f\xa3\x18\xf7\x04\xd2)\xe6@\xaa\xe0\xcet\x99\x1d\x17\xe5&\xe7h#\xbc9\xd2u.h%\xbf\".aD\xf8)5\xf47\x87p\x18\xf4\x95\x0e\xa1SY\n\xfbn\xbe\xb1\xbef\xfe\xae\x14\xb2\x13\x88\x06\xbd\a\xb4\x90\xf2\xc5\x04+\x86l\x1e\x83\x1aA\x95\xd0\x0e\x03/\xde\x1a\xccNT\xf4\xad\x99\x83\xaf\x81Nz\xb2@\x1e\x82>:\xc9n\xe8\x16,\xccu\a(h>\x015\xadd\xce\x99k{\x91\xd9[B\xd3\x1f>{\xf6.\xa3d\xce\x7f\xb0\xaa\xe6~\xf45\xd4v7z\xffJ\xdeN\xd5\xb1\xa2t\xacj\xb8h\xe5\x98\xb6\xf3\xa0\xe0\xbc\x1d\x00\x0f\xf7'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback=0x7f000003}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1=0xe000000c}]}, 0x134}}, 0x0) 01:41:50 executing program 0: r0 = memfd_create(&(0x7f0000000200)=']', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = memfd_create(&(0x7f0000000340)='\x00\xc2\xea\x99\xbb\x1c\xf8jw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19\xe5\xbcJ6\xfc\xa8\xcdj\xc1F\x02\x93\xca`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00\x00\x00\x00\x00\x00\x00', 0x0) write(r2, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file0\x00', 0xc40001e1) close(r0) 01:41:51 executing program 1: pipe(&(0x7f0000000200)) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000040)) epoll_create1(0x0) r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f00000001c0), 0x0) 01:41:51 executing program 5: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:51 executing program 2: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:51 executing program 0: r0 = memfd_create(&(0x7f0000000200)=']', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = memfd_create(&(0x7f0000000340)='\x00\xc2\xea\x99\xbb\x1c\xf8jw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19\xe5\xbcJ6\xfc\xa8\xcdj\xc1F\x02\x93\xca`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00\x00\x00\x00\x00\x00\x00', 0x0) write(r2, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file0\x00', 0xc40001e1) close(r0) 01:41:51 executing program 4: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) 01:41:51 executing program 3: memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00\xddu\x8b\x95\x9c#\xa4\x13\x1e\x04G}\xa8\xeb\xf7\xcf\xbfT\xbf7\x108\x8d\x16\xe7\x91=\x90\xe6J\x8c\xad\x81\xf3\xb8i\x1b\x96=0\xf0,\xea\x03-\x15j\bQA\x92#\xdcF\x03i\x90x\xd3\xffY\x15]\x00\xd4\xc0\xcf\xc0\xebu\xdb\xc3o\xc1\xadu\xa6\xd69Wi\x17\xa6\x0e\xd65\xa0\xe6\"\xc9\xa3V\xbe`\xceV\xc0\xef\xc4\xe8\xbd\x81\xe6\xca\x0etQ\x8b .t\x01\'1o\xe4\x03SY\xc8U\xfbW\x9cG\x8dM\xbcn\xc2\'Y\r\xbc/\xfe\xfeh\x84}\xaef\x87x\xf3Ob\x1b\x85\x8a*{\x1d', 0x5) r0 = syz_io_uring_setup(0x2de1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x302, 0x0, 0x0, 0x0, 0x0) 01:41:51 executing program 2: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:51 executing program 1: pipe(&(0x7f0000000200)) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000040)) epoll_create1(0x0) r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f00000001c0), 0x0) 01:41:51 executing program 0: r0 = memfd_create(&(0x7f0000000200)=']', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = memfd_create(&(0x7f0000000340)='\x00\xc2\xea\x99\xbb\x1c\xf8jw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19\xe5\xbcJ6\xfc\xa8\xcdj\xc1F\x02\x93\xca`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00\x00\x00\x00\x00\x00\x00', 0x0) write(r2, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file0\x00', 0xc40001e1) close(r0) 01:41:51 executing program 5: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:51 executing program 4: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) 01:41:51 executing program 5: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:51 executing program 3: memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00\xddu\x8b\x95\x9c#\xa4\x13\x1e\x04G}\xa8\xeb\xf7\xcf\xbfT\xbf7\x108\x8d\x16\xe7\x91=\x90\xe6J\x8c\xad\x81\xf3\xb8i\x1b\x96=0\xf0,\xea\x03-\x15j\bQA\x92#\xdcF\x03i\x90x\xd3\xffY\x15]\x00\xd4\xc0\xcf\xc0\xebu\xdb\xc3o\xc1\xadu\xa6\xd69Wi\x17\xa6\x0e\xd65\xa0\xe6\"\xc9\xa3V\xbe`\xceV\xc0\xef\xc4\xe8\xbd\x81\xe6\xca\x0etQ\x8b .t\x01\'1o\xe4\x03SY\xc8U\xfbW\x9cG\x8dM\xbcn\xc2\'Y\r\xbc/\xfe\xfeh\x84}\xaef\x87x\xf3Ob\x1b\x85\x8a*{\x1d', 0x5) r0 = syz_io_uring_setup(0x2de1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x302, 0x0, 0x0, 0x0, 0x0) 01:41:51 executing program 2: mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil) 01:41:51 executing program 1: pipe(&(0x7f0000000200)) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000040)) epoll_create1(0x0) r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f00000001c0), 0x0) 01:41:51 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) 01:41:51 executing program 4: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) 01:41:51 executing program 5: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) 01:41:51 executing program 3: memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00\xddu\x8b\x95\x9c#\xa4\x13\x1e\x04G}\xa8\xeb\xf7\xcf\xbfT\xbf7\x108\x8d\x16\xe7\x91=\x90\xe6J\x8c\xad\x81\xf3\xb8i\x1b\x96=0\xf0,\xea\x03-\x15j\bQA\x92#\xdcF\x03i\x90x\xd3\xffY\x15]\x00\xd4\xc0\xcf\xc0\xebu\xdb\xc3o\xc1\xadu\xa6\xd69Wi\x17\xa6\x0e\xd65\xa0\xe6\"\xc9\xa3V\xbe`\xceV\xc0\xef\xc4\xe8\xbd\x81\xe6\xca\x0etQ\x8b .t\x01\'1o\xe4\x03SY\xc8U\xfbW\x9cG\x8dM\xbcn\xc2\'Y\r\xbc/\xfe\xfeh\x84}\xaef\x87x\xf3Ob\x1b\x85\x8a*{\x1d', 0x5) r0 = syz_io_uring_setup(0x2de1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x302, 0x0, 0x0, 0x0, 0x0) 01:41:51 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000240)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9c", 0x29}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x2f) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r1, 0x0, 0x0) 01:41:51 executing program 1: r0 = fsopen(&(0x7f0000000000)='9p\x00', 0x0) setuid(0xee01) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 01:41:51 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) 01:41:51 executing program 5: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) 01:41:51 executing program 3: r0 = creat(&(0x7f0000000240)='./bus\x00', 0x0) r1 = socket(0x10, 0x3, 0x0) tee(r0, r1, 0x48c4, 0x0) 01:41:51 executing program 4: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000100)="240000001e005f0014f9f407faac470202000000010000000000080008000100000000ff", 0x24) 01:41:51 executing program 1: r0 = fsopen(&(0x7f0000000000)='9p\x00', 0x0) setuid(0xee01) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 01:41:51 executing program 5: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) 01:41:51 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) request_key(&(0x7f0000000880)='keyring\x00', &(0x7f00000008c0)={'syz', 0x1}, 0x0, 0x0) 01:41:51 executing program 3: mmap(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f0000000340), 0x20011340) 01:41:51 executing program 1: r0 = fsopen(&(0x7f0000000000)='9p\x00', 0x0) setuid(0xee01) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 01:41:51 executing program 4: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000100)="240000001e005f0014f9f407faac470202000000010000000000080008000100000000ff", 0x24) 01:41:54 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000240)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9c", 0x29}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x2f) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r1, 0x0, 0x0) 01:41:54 executing program 5: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="00089e185129a7d151911b"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102385, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 01:41:54 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$RNDCLEARPOOL(r0, 0x5206, 0x0) 01:41:54 executing program 3: mmap(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f0000000340), 0x20011340) 01:41:54 executing program 4: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000100)="240000001e005f0014f9f407faac470202000000010000000000080008000100000000ff", 0x24) 01:41:54 executing program 1: r0 = fsopen(&(0x7f0000000000)='9p\x00', 0x0) setuid(0xee01) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 01:41:54 executing program 3: mmap(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f0000000340), 0x20011340) 01:41:54 executing program 4: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000100)="240000001e005f0014f9f407faac470202000000010000000000080008000100000000ff", 0x24) 01:41:54 executing program 1: mmap(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f0000000340), 0x20011340) 01:41:54 executing program 3: mmap(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f0000000340), 0x20011340) 01:41:54 executing program 0: unshare(0x22060400) r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x309001, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) 01:41:54 executing program 5: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="00089e185129a7d151911b"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102385, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 01:41:57 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000240)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9c", 0x29}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x2f) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r1, 0x0, 0x0) 01:41:57 executing program 1: mmap(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f0000000340), 0x20011340) 01:41:57 executing program 4: ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000240)={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x1, @dev}, 0x22, {0x2, 0x0, @multicast1}, 'vlan1\x00'}) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000440), 0x8) close(r0) inotify_add_watch(r0, &(0x7f0000000140)='./control\x00', 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e8", 0x174) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xef85) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x189, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x26f}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) flock(r1, 0x4) mmap$perf(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000004, 0x80010, 0xffffffffffffffff, 0x8) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@remote, @in=@multicast2, 0x4e23, 0x9, 0x4e21, 0x2, 0xa, 0x180, 0x80, 0x73, 0x0, 0xee01}, {0x3, 0x3, 0x4, 0x9, 0x7ff, 0x81, 0x8}, {0x5, 0x3c, 0xdd, 0x2}, 0x100, 0x6e6bb7, 0x0, 0x1, 0x3, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d5, 0x3c}, 0x2, @in=@private=0xa010101, 0x34ff, 0x3, 0x0, 0x9, 0x2, 0x7f, 0x6}}, 0xe4) close(0xffffffffffffffff) syz_read_part_table(0x1b50f, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="03f605020f06af54031400000000000000000f0000000000000000000500000000004200000000000000000000000000000000000000000000000000200055aa", 0x40, 0x1c0}]) 01:41:57 executing program 3: sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000000000000000b6525f0e0f789c5f0011003000faff2b00010014001b0001"], 0x1}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a80000001a0031901016000a6b300a4102"], 0x1}}, 0x0) r0 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000000)='E', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 01:41:57 executing program 5: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="00089e185129a7d151911b"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102385, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 01:41:57 executing program 0: unshare(0x22060400) r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x309001, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) 01:41:57 executing program 3: sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000000000000000b6525f0e0f789c5f0011003000faff2b00010014001b0001"], 0x1}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a80000001a0031901016000a6b300a4102"], 0x1}}, 0x0) r0 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000000)='E', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 01:41:57 executing program 5: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="00089e185129a7d151911b"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102385, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0)) 01:41:57 executing program 0: unshare(0x22060400) r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x309001, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) 01:41:57 executing program 1: mmap(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f0000000340), 0x20011340) [ 35.148174][ T4695] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 35.156395][ T4695] netlink: 21 bytes leftover after parsing attributes in process `syz-executor.3'. [ 35.182449][ T4697] loop4: detected capacity change from 0 to 218 01:41:57 executing program 5: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) lseek(r3, 0x1000000000000003, 0x0) sendfile(r2, r2, 0x0, 0x0) 01:41:57 executing program 3: sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000000000000000b6525f0e0f789c5f0011003000faff2b00010014001b0001"], 0x1}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a80000001a0031901016000a6b300a4102"], 0x1}}, 0x0) r0 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000000)='E', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) [ 35.208740][ T4714] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 35.217046][ T4714] netlink: 21 bytes leftover after parsing attributes in process `syz-executor.3'. [ 35.227998][ T4697] loop4: p2 < > p4 [ 35.239152][ T4697] loop4: p4 size 2097152 extends beyond EOD, truncated [ 35.284830][ T4732] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 35.293309][ T4732] netlink: 21 bytes leftover after parsing attributes in process `syz-executor.3'. 01:42:00 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x3, &(0x7f0000000040)=[{0xc}, {0x14}, {0x6}]}) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) 01:42:00 executing program 0: unshare(0x22060400) r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x309001, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) 01:42:00 executing program 3: sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000000000000000b6525f0e0f789c5f0011003000faff2b00010014001b0001"], 0x1}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a80000001a0031901016000a6b300a4102"], 0x1}}, 0x0) r0 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000000)='E', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 01:42:00 executing program 5: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) lseek(r3, 0x1000000000000003, 0x0) sendfile(r2, r2, 0x0, 0x0) 01:42:00 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000240)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9c", 0x29}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x2f) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r1, 0x0, 0x0) 01:42:00 executing program 4: ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000240)={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x1, @dev}, 0x22, {0x2, 0x0, @multicast1}, 'vlan1\x00'}) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000440), 0x8) close(r0) inotify_add_watch(r0, &(0x7f0000000140)='./control\x00', 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e8", 0x174) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xef85) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x189, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x26f}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) flock(r1, 0x4) mmap$perf(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000004, 0x80010, 0xffffffffffffffff, 0x8) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@remote, @in=@multicast2, 0x4e23, 0x9, 0x4e21, 0x2, 0xa, 0x180, 0x80, 0x73, 0x0, 0xee01}, {0x3, 0x3, 0x4, 0x9, 0x7ff, 0x81, 0x8}, {0x5, 0x3c, 0xdd, 0x2}, 0x100, 0x6e6bb7, 0x0, 0x1, 0x3, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d5, 0x3c}, 0x2, @in=@private=0xa010101, 0x34ff, 0x3, 0x0, 0x9, 0x2, 0x7f, 0x6}}, 0xe4) close(0xffffffffffffffff) syz_read_part_table(0x1b50f, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="03f605020f06af54031400000000000000000f0000000000000000000500000000004200000000000000000000000000000000000000000000000000200055aa", 0x40, 0x1c0}]) 01:42:00 executing program 0: ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000240)={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x1, @dev}, 0x22, {0x2, 0x0, @multicast1}, 'vlan1\x00'}) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000440), 0x8) close(r0) inotify_add_watch(r0, &(0x7f0000000140)='./control\x00', 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e8", 0x174) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xef85) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x189, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x26f}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) flock(r1, 0x4) mmap$perf(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000004, 0x80010, 0xffffffffffffffff, 0x8) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@remote, @in=@multicast2, 0x4e23, 0x9, 0x4e21, 0x2, 0xa, 0x180, 0x80, 0x73, 0x0, 0xee01}, {0x3, 0x3, 0x4, 0x9, 0x7ff, 0x81, 0x8}, {0x5, 0x3c, 0xdd, 0x2}, 0x100, 0x6e6bb7, 0x0, 0x1, 0x3, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d5, 0x3c}, 0x2, @in=@private=0xa010101, 0x34ff, 0x3, 0x0, 0x9, 0x2, 0x7f, 0x6}}, 0xe4) close(0xffffffffffffffff) syz_read_part_table(0x1b50f, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="03f605020f06af54031400000000000000000f0000000000000000000500000000004200000000000000000000000000000000000000000000000000200055aa", 0x40, 0x1c0}]) 01:42:00 executing program 3: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) lseek(r3, 0x1000000000000003, 0x0) sendfile(r2, r2, 0x0, 0x0) 01:42:00 executing program 5: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) lseek(r3, 0x1000000000000003, 0x0) sendfile(r2, r2, 0x0, 0x0) [ 38.182992][ T4755] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 38.191197][ T4755] netlink: 21 bytes leftover after parsing attributes in process `syz-executor.3'. [ 38.208509][ T4758] loop4: detected capacity change from 0 to 218 01:42:00 executing program 5: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) lseek(r3, 0x1000000000000003, 0x0) sendfile(r2, r2, 0x0, 0x0) 01:42:00 executing program 3: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) lseek(r3, 0x1000000000000003, 0x0) sendfile(r2, r2, 0x0, 0x0) [ 38.237358][ T25] audit: type=1326 audit(1622166120.416:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4748 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 38.242733][ T4766] loop0: detected capacity change from 0 to 218 01:42:00 executing program 3: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) lseek(r3, 0x1000000000000003, 0x0) sendfile(r2, r2, 0x0, 0x0) [ 38.286795][ T4758] loop4: p2 < > p4 [ 38.291909][ T4758] loop4: p4 size 2097152 extends beyond EOD, truncated [ 38.311731][ T4766] loop0: p2 < > p4 [ 38.323163][ T4766] loop0: p4 size 2097152 extends beyond EOD, truncated [ 38.330448][ C1] hrtimer: interrupt took 20772 ns [ 39.016112][ T25] audit: type=1326 audit(1622166121.196:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4748 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:03 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x3, &(0x7f0000000040)=[{0xc}, {0x14}, {0x6}]}) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) 01:42:03 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x25, 0x0, 0x1}, {}, {0x6, 0x0, 0x0, 0x7ffffff4}]}) epoll_create1(0x0) 01:42:03 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000010}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "60f3a5a6893d746e05bc4b9b6f200c2b681f5d"}) 01:42:03 executing program 4: ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000240)={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x1, @dev}, 0x22, {0x2, 0x0, @multicast1}, 'vlan1\x00'}) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000440), 0x8) close(r0) inotify_add_watch(r0, &(0x7f0000000140)='./control\x00', 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e8", 0x174) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xef85) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x189, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x26f}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) flock(r1, 0x4) mmap$perf(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000004, 0x80010, 0xffffffffffffffff, 0x8) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@remote, @in=@multicast2, 0x4e23, 0x9, 0x4e21, 0x2, 0xa, 0x180, 0x80, 0x73, 0x0, 0xee01}, {0x3, 0x3, 0x4, 0x9, 0x7ff, 0x81, 0x8}, {0x5, 0x3c, 0xdd, 0x2}, 0x100, 0x6e6bb7, 0x0, 0x1, 0x3, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d5, 0x3c}, 0x2, @in=@private=0xa010101, 0x34ff, 0x3, 0x0, 0x9, 0x2, 0x7f, 0x6}}, 0xe4) close(0xffffffffffffffff) syz_read_part_table(0x1b50f, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="03f605020f06af54031400000000000000000f0000000000000000000500000000004200000000000000000000000000000000000000000000000000200055aa", 0x40, 0x1c0}]) 01:42:03 executing program 0: ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000240)={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x1, @dev}, 0x22, {0x2, 0x0, @multicast1}, 'vlan1\x00'}) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000440), 0x8) close(r0) inotify_add_watch(r0, &(0x7f0000000140)='./control\x00', 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e8", 0x174) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xef85) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x189, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x26f}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) flock(r1, 0x4) mmap$perf(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000004, 0x80010, 0xffffffffffffffff, 0x8) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@remote, @in=@multicast2, 0x4e23, 0x9, 0x4e21, 0x2, 0xa, 0x180, 0x80, 0x73, 0x0, 0xee01}, {0x3, 0x3, 0x4, 0x9, 0x7ff, 0x81, 0x8}, {0x5, 0x3c, 0xdd, 0x2}, 0x100, 0x6e6bb7, 0x0, 0x1, 0x3, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d5, 0x3c}, 0x2, @in=@private=0xa010101, 0x34ff, 0x3, 0x0, 0x9, 0x2, 0x7f, 0x6}}, 0xe4) close(0xffffffffffffffff) syz_read_part_table(0x1b50f, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="03f605020f06af54031400000000000000000f0000000000000000000500000000004200000000000000000000000000000000000000000000000000200055aa", 0x40, 0x1c0}]) 01:42:03 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x3, &(0x7f0000000040)=[{0xc}, {0x14}, {0x6}]}) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) 01:42:03 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000010}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "60f3a5a6893d746e05bc4b9b6f200c2b681f5d"}) [ 41.203329][ T4812] loop4: detected capacity change from 0 to 218 [ 41.207089][ T4811] loop0: detected capacity change from 0 to 218 [ 41.218605][ T25] audit: type=1326 audit(1622166123.396:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4806 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:03 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000010}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "60f3a5a6893d746e05bc4b9b6f200c2b681f5d"}) 01:42:03 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x25, 0x0, 0x1}, {}, {0x6, 0x0, 0x0, 0x7ffffff4}]}) epoll_create1(0x0) [ 41.251798][ T25] audit: type=1326 audit(1622166123.426:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4819 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 41.281446][ T4812] loop4: p2 < > p4 [ 41.286586][ T4812] loop4: p4 size 2097152 extends beyond EOD, truncated [ 41.294794][ T4811] loop0: p2 < > p4 01:42:03 executing program 4: ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000240)={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x1, @dev}, 0x22, {0x2, 0x0, @multicast1}, 'vlan1\x00'}) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000440), 0x8) close(r0) inotify_add_watch(r0, &(0x7f0000000140)='./control\x00', 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e8", 0x174) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xef85) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x189, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x26f}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) flock(r1, 0x4) mmap$perf(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000004, 0x80010, 0xffffffffffffffff, 0x8) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@remote, @in=@multicast2, 0x4e23, 0x9, 0x4e21, 0x2, 0xa, 0x180, 0x80, 0x73, 0x0, 0xee01}, {0x3, 0x3, 0x4, 0x9, 0x7ff, 0x81, 0x8}, {0x5, 0x3c, 0xdd, 0x2}, 0x100, 0x6e6bb7, 0x0, 0x1, 0x3, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d5, 0x3c}, 0x2, @in=@private=0xa010101, 0x34ff, 0x3, 0x0, 0x9, 0x2, 0x7f, 0x6}}, 0xe4) close(0xffffffffffffffff) syz_read_part_table(0x1b50f, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="03f605020f06af54031400000000000000000f0000000000000000000500000000004200000000000000000000000000000000000000000000000000200055aa", 0x40, 0x1c0}]) 01:42:03 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000010}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "60f3a5a6893d746e05bc4b9b6f200c2b681f5d"}) 01:42:03 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x25, 0x0, 0x1}, {}, {0x6, 0x0, 0x0, 0x7ffffff4}]}) epoll_create1(0x0) [ 41.307339][ T4811] loop0: p4 size 2097152 extends beyond EOD, truncated [ 41.399356][ T4856] loop4: detected capacity change from 0 to 218 [ 41.450963][ T4856] loop4: p2 < > p4 [ 41.456057][ T4856] loop4: p4 size 2097152 extends beyond EOD, truncated 01:42:04 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x3, &(0x7f0000000040)=[{0xc}, {0x14}, {0x6}]}) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) 01:42:04 executing program 0: ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000240)={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x1, @dev}, 0x22, {0x2, 0x0, @multicast1}, 'vlan1\x00'}) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000440), 0x8) close(r0) inotify_add_watch(r0, &(0x7f0000000140)='./control\x00', 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e8", 0x174) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xef85) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x189, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x26f}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) flock(r1, 0x4) mmap$perf(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000004, 0x80010, 0xffffffffffffffff, 0x8) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@remote, @in=@multicast2, 0x4e23, 0x9, 0x4e21, 0x2, 0xa, 0x180, 0x80, 0x73, 0x0, 0xee01}, {0x3, 0x3, 0x4, 0x9, 0x7ff, 0x81, 0x8}, {0x5, 0x3c, 0xdd, 0x2}, 0x100, 0x6e6bb7, 0x0, 0x1, 0x3, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d5, 0x3c}, 0x2, @in=@private=0xa010101, 0x34ff, 0x3, 0x0, 0x9, 0x2, 0x7f, 0x6}}, 0xe4) close(0xffffffffffffffff) syz_read_part_table(0x1b50f, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="03f605020f06af54031400000000000000000f0000000000000000000500000000004200000000000000000000000000000000000000000000000000200055aa", 0x40, 0x1c0}]) 01:42:04 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x25, 0x0, 0x1}, {}, {0x6, 0x0, 0x0, 0x7ffffff4}]}) epoll_create1(0x0) 01:42:04 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x25, 0x0, 0x1}, {}, {0x6, 0x0, 0x0, 0x7ffffff4}]}) epoll_create1(0x0) 01:42:04 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000010}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "60f3a5a6893d746e05bc4b9b6f200c2b681f5d"}) [ 42.047122][ T4872] loop0: detected capacity change from 0 to 218 [ 42.069558][ T25] audit: type=1326 audit(1622166124.246:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4881 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:04 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x3, &(0x7f0000000040)=[{0xc}, {0x14}, {0x6}]}) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) 01:42:04 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x25, 0x0, 0x1}, {}, {0x6, 0x0, 0x0, 0x7ffffff4}]}) epoll_create1(0x0) [ 42.102378][ T4872] loop0: p2 < > p4 [ 42.107875][ T4872] loop0: p4 size 2097152 extends beyond EOD, truncated 01:42:04 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x20}, {0x4}, {0x6, 0x0, 0x0, 0x7fff7ffe}]}) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) 01:42:04 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000010}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "60f3a5a6893d746e05bc4b9b6f200c2b681f5d"}) [ 42.139903][ T25] audit: type=1326 audit(1622166124.306:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4889 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:04 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x20}, {0x4}, {0x6, 0x0, 0x0, 0x7fff7ffe}]}) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) 01:42:04 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000010}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "60f3a5a6893d746e05bc4b9b6f200c2b681f5d"}) 01:42:04 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x25, 0x0, 0x1}, {}, {0x6, 0x0, 0x0, 0x7ffffff4}]}) epoll_create1(0x0) 01:42:05 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x3, &(0x7f0000000040)=[{0xc}, {0x14}, {0x6}]}) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) 01:42:05 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffffdbf}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xdc, &(0x7f0000001340)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255346f930000ffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2c43a2316418ba9eb1f8fac57719b6650c7016af47d3160960f4dc0f5e233b32d191e7e4038ed607016ac06e8214ed7d77cea361915907969ff9f43a5aba17ec18f82611bd8e"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x34) 01:42:05 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newsa={0x140, 0x10, 0x713, 0x0, 0x0, {{@in=@multicast2, @in6=@rand_addr=' \x01\x00'}, {@in6=@mcast2, 0x0, 0x32}, @in6=@rand_addr=' \x01\x00', {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @XFRMA_IF_ID={0x8}]}, 0x140}}, 0x0) 01:42:05 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f00000003c0)=ANY=[], 0x8) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x1012, r1, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) dup2(r2, r3) 01:42:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x20}, {0x4}, {0x6, 0x0, 0x0, 0x7fff7ffe}]}) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) 01:42:05 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x3, &(0x7f0000000040)=[{0xc}, {0x14}, {0x6}]}) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) 01:42:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x20}, {0x4}, {0x6, 0x0, 0x0, 0x7fff7ffe}]}) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) 01:42:05 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newsa={0x140, 0x10, 0x713, 0x0, 0x0, {{@in=@multicast2, @in6=@rand_addr=' \x01\x00'}, {@in6=@mcast2, 0x0, 0x32}, @in6=@rand_addr=' \x01\x00', {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @XFRMA_IF_ID={0x8}]}, 0x140}}, 0x0) [ 42.933055][ T25] audit: type=1326 audit(1622166125.116:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4927 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:05 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'sit0\x00', 0x0}) r4 = dup3(r0, r2, 0x0) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="57a6ad8a57f4"}, 0x14) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000080), 0x4) 01:42:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6d, &(0x7f0000000180)="c4c691017bd5960104e77ef888feaf096d016a14c579937a4391f2b98670dcf40f5a09752b0175b212e01c15bc26a21c10dd0afa02c06c25bc63285a6e36c18cfd160d816229848abd5b94f4287132e225244ad80c4e7e3a96cfa29d56f309413447b9161af59dc5bca682a564"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x34) 01:42:05 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f00000003c0)=ANY=[], 0x8) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x1012, r1, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) dup2(r2, r3) 01:42:05 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newsa={0x140, 0x10, 0x713, 0x0, 0x0, {{@in=@multicast2, @in6=@rand_addr=' \x01\x00'}, {@in6=@mcast2, 0x0, 0x32}, @in6=@rand_addr=' \x01\x00', {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @XFRMA_IF_ID={0x8}]}, 0x140}}, 0x0) [ 43.001097][ T25] audit: type=1326 audit(1622166125.186:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4940 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:05 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newsa={0x140, 0x10, 0x713, 0x0, 0x0, {{@in=@multicast2, @in6=@rand_addr=' \x01\x00'}, {@in6=@mcast2, 0x0, 0x32}, @in6=@rand_addr=' \x01\x00', {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @XFRMA_IF_ID={0x8}]}, 0x140}}, 0x0) 01:42:05 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'sit0\x00', 0x0}) r4 = dup3(r0, r2, 0x0) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="57a6ad8a57f4"}, 0x14) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000080), 0x4) 01:42:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6d, &(0x7f0000000180)="c4c691017bd5960104e77ef888feaf096d016a14c579937a4391f2b98670dcf40f5a09752b0175b212e01c15bc26a21c10dd0afa02c06c25bc63285a6e36c18cfd160d816229848abd5b94f4287132e225244ad80c4e7e3a96cfa29d56f309413447b9161af59dc5bca682a564"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x34) 01:42:05 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f00000003c0)=ANY=[], 0x8) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x1012, r1, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) dup2(r2, r3) 01:42:05 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'sit0\x00', 0x0}) r4 = dup3(r0, r2, 0x0) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="57a6ad8a57f4"}, 0x14) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000080), 0x4) 01:42:06 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'sit0\x00', 0x0}) r4 = dup3(r0, r2, 0x0) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="57a6ad8a57f4"}, 0x14) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000080), 0x4) 01:42:06 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f00000003c0)=ANY=[], 0x8) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x1012, r1, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) dup2(r2, r3) 01:42:06 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x84}, {0x3c}, {0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) 01:42:06 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6d, &(0x7f0000000180)="c4c691017bd5960104e77ef888feaf096d016a14c579937a4391f2b98670dcf40f5a09752b0175b212e01c15bc26a21c10dd0afa02c06c25bc63285a6e36c18cfd160d816229848abd5b94f4287132e225244ad80c4e7e3a96cfa29d56f309413447b9161af59dc5bca682a564"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x34) 01:42:06 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'sit0\x00', 0x0}) r4 = dup3(r0, r2, 0x0) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="57a6ad8a57f4"}, 0x14) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000080), 0x4) 01:42:06 executing program 4: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f00000003c0)=ANY=[], 0x8) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x1012, r1, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) dup2(r2, r3) 01:42:06 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'sit0\x00', 0x0}) r4 = dup3(r0, r2, 0x0) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="57a6ad8a57f4"}, 0x14) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000080), 0x4) 01:42:06 executing program 4: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f00000003c0)=ANY=[], 0x8) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x1012, r1, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) dup2(r2, r3) 01:42:06 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'sit0\x00', 0x0}) r4 = dup3(r0, r2, 0x0) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="57a6ad8a57f4"}, 0x14) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000080), 0x4) 01:42:06 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW2(r0, 0x5412, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b68f340fcf6da93110d5e970ff7eecdac8b26c"}) [ 43.873317][ T25] audit: type=1326 audit(1622166126.056:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4996 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:06 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6d, &(0x7f0000000180)="c4c691017bd5960104e77ef888feaf096d016a14c579937a4391f2b98670dcf40f5a09752b0175b212e01c15bc26a21c10dd0afa02c06c25bc63285a6e36c18cfd160d816229848abd5b94f4287132e225244ad80c4e7e3a96cfa29d56f309413447b9161af59dc5bca682a564"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x34) 01:42:06 executing program 4: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f00000003c0)=ANY=[], 0x8) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x1012, r1, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) dup2(r2, r3) 01:42:06 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) 01:42:06 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW2(r0, 0x5412, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b68f340fcf6da93110d5e970ff7eecdac8b26c"}) 01:42:06 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x84}, {0x3c}, {0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) 01:42:06 executing program 1: r0 = socket(0xa, 0x3, 0x7) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x5411, &(0x7f0000000000)) 01:42:06 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW2(r0, 0x5412, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b68f340fcf6da93110d5e970ff7eecdac8b26c"}) 01:42:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x16}, &(0x7f0000000100)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r2, 0x7, &(0x7f0000002000)) fcntl$lock(r2, 0x26, &(0x7f0000000180)={0x40001}) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 01:42:06 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt(r0, 0x0, 0x4, &(0x7f00000001c0)="ad04", 0x2) 01:42:06 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) [ 44.699177][ T25] audit: type=1326 audit(1622166126.877:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4996 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:06 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt(r0, 0x0, 0x4, &(0x7f00000001c0)="ad04", 0x2) 01:42:07 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt(r0, 0x0, 0x4, &(0x7f00000001c0)="ad04", 0x2) 01:42:07 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW2(r0, 0x5412, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "b68f340fcf6da93110d5e970ff7eecdac8b26c"}) 01:42:07 executing program 1: r0 = socket(0xa, 0x3, 0x7) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x5411, &(0x7f0000000000)) [ 44.777815][ T25] audit: type=1326 audit(1622166126.957:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=5050 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:07 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt(r0, 0x0, 0x4, &(0x7f00000001c0)="ad04", 0x2) 01:42:07 executing program 1: r0 = socket(0xa, 0x3, 0x7) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x5411, &(0x7f0000000000)) 01:42:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x84}, {0x3c}, {0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) 01:42:07 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x84}, {0x3c}, {0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) 01:42:07 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) [ 45.626045][ T25] audit: type=1326 audit(1622166127.807:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=5085 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 [ 45.650350][ T25] audit: type=1326 audit(1622166127.837:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=5091 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x16}, &(0x7f0000000100)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r2, 0x7, &(0x7f0000002000)) fcntl$lock(r2, 0x26, &(0x7f0000000180)={0x40001}) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 01:42:08 executing program 1: r0 = socket(0xa, 0x3, 0x7) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x5411, &(0x7f0000000000)) 01:42:08 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) 01:42:08 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) 01:42:08 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) 01:42:08 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) 01:42:08 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) 01:42:08 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) 01:42:08 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x9}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0xf3a, 0x0) close(r3) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000001800)=ANY=[], 0x78) 01:42:08 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x84}, {0x3c}, {0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) 01:42:08 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x84, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x20, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0x14, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6}, @CTA_PROTONAT_PORT_MIN={0x6}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}]}]}, 0x84}}, 0x0) 01:42:08 executing program 0: set_mempolicy(0x1, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x1004}, 0x4) 01:42:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x16}, &(0x7f0000000100)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r2, 0x7, &(0x7f0000002000)) fcntl$lock(r2, 0x26, &(0x7f0000000180)={0x40001}) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 01:42:08 executing program 1: r0 = syz_io_uring_setup(0x1a5, &(0x7f00000002c0), &(0x7f000042b000/0x3000)=nil, &(0x7f000042c000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0) ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0x2) r5 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_enter(r0, 0x2a71, 0x0, 0x0, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) dup2(r6, r3) 01:42:08 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x84}, {0x3c}, {0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) 01:42:08 executing program 0: set_mempolicy(0x1, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x1004}, 0x4) 01:42:08 executing program 0: set_mempolicy(0x1, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x1004}, 0x4) [ 46.492714][ T25] audit: type=1326 audit(1622166128.677:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=5160 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:08 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x84, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x20, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0x14, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6}, @CTA_PROTONAT_PORT_MIN={0x6}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}]}]}, 0x84}}, 0x0) 01:42:08 executing program 0: set_mempolicy(0x1, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x1004}, 0x4) 01:42:08 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x84, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x20, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0x14, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6}, @CTA_PROTONAT_PORT_MIN={0x6}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}]}]}, 0x84}}, 0x0) [ 46.551723][ T25] audit: type=1326 audit(1622166128.737:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=5172 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:08 executing program 1: r0 = syz_io_uring_setup(0x1a5, &(0x7f00000002c0), &(0x7f000042b000/0x3000)=nil, &(0x7f000042c000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0) ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0x2) r5 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_enter(r0, 0x2a71, 0x0, 0x0, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) dup2(r6, r3) 01:42:09 executing program 1: r0 = syz_io_uring_setup(0x1a5, &(0x7f00000002c0), &(0x7f000042b000/0x3000)=nil, &(0x7f000042c000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0) ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0x2) r5 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_enter(r0, 0x2a71, 0x0, 0x0, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) dup2(r6, r3) 01:42:09 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ff2000/0x1000)=nil, 0x1fffff, 0x0, 0x4010071, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000ff2000/0xc000)=nil, 0xc000, 0x0, 0x0, 0x7fffffffffff3) 01:42:09 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x84, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x20, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0x14, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6}, @CTA_PROTONAT_PORT_MIN={0x6}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}]}]}, 0x84}}, 0x0) [ 47.349303][ T5209] mmap: syz-executor.0 (5209) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. 01:42:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x16}, &(0x7f0000000100)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r2, 0x7, &(0x7f0000002000)) fcntl$lock(r2, 0x26, &(0x7f0000000180)={0x40001}) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 01:42:11 executing program 2: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 01:42:11 executing program 5: futex(0x0, 0x6, 0x0, &(0x7f00000006c0)={0x0, 0x989680}, 0x0, 0x0) 01:42:11 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ff2000/0x1000)=nil, 0x1fffff, 0x0, 0x4010071, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000ff2000/0xc000)=nil, 0xc000, 0x0, 0x0, 0x7fffffffffff3) 01:42:11 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x84}, {0x3c}, {0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) 01:42:11 executing program 1: r0 = syz_io_uring_setup(0x1a5, &(0x7f00000002c0), &(0x7f000042b000/0x3000)=nil, &(0x7f000042c000/0x2000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0}}, 0x0) ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0x2) r5 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_enter(r0, 0x2a71, 0x0, 0x0, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) dup2(r6, r3) 01:42:11 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff7a}]}) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x2c40}, 0x18) 01:42:11 executing program 5: futex(0x0, 0x6, 0x0, &(0x7f00000006c0)={0x0, 0x989680}, 0x0, 0x0) [ 49.579460][ T25] audit: type=1326 audit(1622166131.767:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=5221 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0 01:42:11 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ff2000/0x1000)=nil, 0x1fffff, 0x0, 0x4010071, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000ff2000/0xc000)=nil, 0xc000, 0x0, 0x0, 0x7fffffffffff3) 01:42:11 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff7a}]}) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x2c40}, 0x18) 01:42:11 executing program 5: futex(0x0, 0x6, 0x0, &(0x7f00000006c0)={0x0, 0x989680}, 0x0, 0x0) 01:42:11 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff7a}]}) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x2c40}, 0x18) [ 50.773490][ T5228] ================================================================== [ 50.781582][ T5228] BUG: KCSAN: data-race in do_signal_stop / do_signal_stop [ 50.788786][ T5228] [ 50.791090][ T5228] write to 0xffff888102dde02c of 4 bytes by task 5261 on cpu 0: [ 50.798692][ T5228] do_signal_stop+0x591/0x710 [ 50.803344][ T5228] get_signal+0xa16/0x1610 [ 50.807735][ T5228] arch_do_signal_or_restart+0x2a/0x220 [ 50.813287][ T5228] exit_to_user_mode_prepare+0x109/0x190 [ 50.818959][ T5228] irqentry_exit_to_user_mode+0x5/0x20 [ 50.824398][ T5228] irqentry_exit+0xe/0x30 [ 50.828748][ T5228] asm_sysvec_reschedule_ipi+0x12/0x20 [ 50.834187][ T5228] [ 50.836490][ T5228] read to 0xffff888102dde02c of 4 bytes by task 5228 on cpu 1: [ 50.844043][ T5228] do_signal_stop+0x33e/0x710 [ 50.848703][ T5228] get_signal+0xa16/0x1610 [ 50.853103][ T5228] arch_do_signal_or_restart+0x2a/0x220 [ 50.858624][ T5228] exit_to_user_mode_prepare+0x109/0x190 [ 50.864232][ T5228] syscall_exit_to_user_mode+0x20/0x40 [ 50.869666][ T5228] do_syscall_64+0x56/0x90 [ 50.874054][ T5228] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 50.879931][ T5228] [ 50.882232][ T5228] Reported by Kernel Concurrency Sanitizer on: [ 50.888350][ T5228] CPU: 1 PID: 5228 Comm: syz-executor.4 Not tainted 5.13.0-rc3-syzkaller #0 [ 50.897005][ T5228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.907035][ T5228] ================================================================== 01:42:14 executing program 2: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 01:42:14 executing program 5: futex(0x0, 0x6, 0x0, &(0x7f00000006c0)={0x0, 0x989680}, 0x0, 0x0) 01:42:14 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ff2000/0x1000)=nil, 0x1fffff, 0x0, 0x4010071, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000ff2000/0xc000)=nil, 0xc000, 0x0, 0x0, 0x7fffffffffff3) 01:42:14 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff7a}]}) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x2c40}, 0x18) 01:42:14 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000200008000f800002000400000000000000000003f0000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8", 0x9, 0x4000}], 0x0, &(0x7f0000011100)) 01:42:14 executing program 4: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 01:42:14 executing program 1: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) [ 52.038734][ T5271] loop3: detected capacity change from 0 to 64 [ 52.052429][ T5271] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 01:42:14 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x123402) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000000)="53000000fcffffff2100000002000200004412350a2e19ccd73abcb361c420299b009600000000000000a40000000000348a67b68c4cc357f70d748bc0ec6c000085812c76d61bd85f96051133e085e09d08b7dc5c1e2396", 0x58}], 0x1) 01:42:14 executing program 0: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 01:42:14 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x123402) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000000)="53000000fcffffff2100000002000200004412350a2e19ccd73abcb361c420299b009600000000000000a40000000000348a67b68c4cc357f70d748bc0ec6c000085812c76d61bd85f96051133e085e09d08b7dc5c1e2396", 0x58}], 0x1) 01:42:14 executing program 0: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 01:42:14 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x123402) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000000)="53000000fcffffff2100000002000200004412350a2e19ccd73abcb361c420299b009600000000000000a40000000000348a67b68c4cc357f70d748bc0ec6c000085812c76d61bd85f96051133e085e09d08b7dc5c1e2396", 0x58}], 0x1) [ 52.089341][ T5271] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 52.097981][ T5271] FAT-fs (loop3): Filesystem has been set read-only [ 52.152057][ T5271] loop3: detected capacity change from 0 to 64 [ 52.161501][ T5271] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 52.173212][ T5271] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 52.181754][ T5271] FAT-fs (loop3): Filesystem has been set read-only 01:42:15 executing program 2: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 01:42:15 executing program 0: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 01:42:15 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x123402) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000000)="53000000fcffffff2100000002000200004412350a2e19ccd73abcb361c420299b009600000000000000a40000000000348a67b68c4cc357f70d748bc0ec6c000085812c76d61bd85f96051133e085e09d08b7dc5c1e2396", 0x58}], 0x1) 01:42:15 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000200008000f800002000400000000000000000003f0000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8", 0x9, 0x4000}], 0x0, &(0x7f0000011100)) 01:42:15 executing program 0: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 01:42:15 executing program 4: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 01:42:15 executing program 1: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 01:42:15 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000200008000f800002000400000000000000000003f0000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8", 0x9, 0x4000}], 0x0, &(0x7f0000011100)) 01:42:15 executing program 5: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 01:42:15 executing program 5: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) [ 52.906616][ T5330] loop3: detected capacity change from 0 to 64 [ 52.914488][ T5330] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 52.934424][ T5330] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 52.942976][ T5330] FAT-fs (loop3): Filesystem has been set read-only 01:42:15 executing program 0: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 01:42:15 executing program 0: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) [ 53.017119][ T5367] loop3: detected capacity change from 0 to 64 [ 53.024724][ T5367] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 53.034836][ T5367] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 53.043396][ T5367] FAT-fs (loop3): Filesystem has been set read-only 01:42:15 executing program 2: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 01:42:15 executing program 0: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 01:42:15 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000200008000f800002000400000000000000000003f0000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8", 0x9, 0x4000}], 0x0, &(0x7f0000011100)) 01:42:15 executing program 4: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 01:42:16 executing program 1: timer_create(0x0, &(0x7f0000000140)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0x6, 0x0) write$binfmt_elf64(r2, &(0x7f00000007c0)=ANY=[], 0x10e) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) [ 53.754250][ T5385] loop3: detected capacity change from 0 to 64 [ 53.761673][ T5385] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 53.771238][ T5385] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 53.779802][ T5385] FAT-fs (loop3): Filesystem has been set read-only 01:42:16 executing program 3: syslog(0x3, 0xffffffffffffffff, 0x1000000) 01:42:16 executing program 3: syslog(0x3, 0xffffffffffffffff, 0x1000000) 01:42:16 executing program 5: set_mempolicy(0x1, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 01:42:16 executing program 3: syslog(0x3, 0xffffffffffffffff, 0x1000000) 01:42:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c) 01:42:16 executing program 3: syslog(0x3, 0xffffffffffffffff, 0x1000000) 01:42:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c) 01:42:16 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c) 01:42:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c) 01:42:16 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66531700ae897094e71b0fb1f147a8378f364602812c66538d754724230798637e582c7be8f6d3c020f30f6ee1af68e5b5725142ff6c2fef2308003ea1315baf2f5e153eb78020fa00eb298802d8f6c1f3b18d6d352507f7018b31a53bad1ec3533c608af363fe88975b88822cb488e8cf371ebee61adc5ff09ffed8f0340816f77e3c83607a02ffa2c72787e1affc8e88f6693746dc88d9e94a6fc63b431fadfb006449955525e02b77fe2e77292a9ffcebfe93529999fad6b752c5e10999b23c012f7ae99b11775d158b89efbd136a85cc911619c512f7faf70231f624de6f4f64355e0552f38793", 0xe9}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x34) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) 01:42:16 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c) 01:42:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "8000"}) write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0x8d) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xb7fa, 0x0, "078cf0251c0e00"}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r3, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000001000000000000010000000001000"}) 01:42:16 executing program 1: mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) 01:42:16 executing program 2: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') sendfile(r0, r1, 0x0, 0x80000b) 01:42:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c) 01:42:16 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x271) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c) 01:42:16 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff7a}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xaf, &(0x7f0000000240)="f3180479cebca2feef0c4e6e653386e00bfa2685c683676483f22766c044814ad53d69f9c013916a17f30572d2beea1fc586d4a4f45d81a30c273c1d6f7be1a33c5ddcbd118cdd913f95ffeeede27664237e4312dd5bf250f31e86cc803dcced79e00c5a72ff3449326f428fe6d34c5ebe2f42849c85b0e6301b6236dcf663f2a12f9b4a444fd10074d2e193e7d9a6e7709f71fda07f4201d0cdf81e4a430ec2b0d5ad59a58a820879978d920bca7d"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x40) 01:42:16 executing program 2: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') sendfile(r0, r1, 0x0, 0x80000b) 01:42:16 executing program 1: mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) 01:42:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "8000"}) write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0x8d) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xb7fa, 0x0, "078cf0251c0e00"}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r3, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000001000000000000010000000001000"}) 01:42:16 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "8000"}) write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0x8d) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xb7fa, 0x0, "078cf0251c0e00"}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r3, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000001000000000000010000000001000"}) 01:42:19 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66531700ae897094e71b0fb1f147a8378f364602812c66538d754724230798637e582c7be8f6d3c020f30f6ee1af68e5b5725142ff6c2fef2308003ea1315baf2f5e153eb78020fa00eb298802d8f6c1f3b18d6d352507f7018b31a53bad1ec3533c608af363fe88975b88822cb488e8cf371ebee61adc5ff09ffed8f0340816f77e3c83607a02ffa2c72787e1affc8e88f6693746dc88d9e94a6fc63b431fadfb006449955525e02b77fe2e77292a9ffcebfe93529999fad6b752c5e10999b23c012f7ae99b11775d158b89efbd136a85cc911619c512f7faf70231f624de6f4f64355e0552f38793", 0xe9}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x34) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) 01:42:19 executing program 1: mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) 01:42:19 executing program 2: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') sendfile(r0, r1, 0x0, 0x80000b) 01:42:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "8000"}) write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0x8d) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xb7fa, 0x0, "078cf0251c0e00"}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r3, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000001000000000000010000000001000"}) 01:42:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff7a}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xaf, &(0x7f0000000240)="f3180479cebca2feef0c4e6e653386e00bfa2685c683676483f22766c044814ad53d69f9c013916a17f30572d2beea1fc586d4a4f45d81a30c273c1d6f7be1a33c5ddcbd118cdd913f95ffeeede27664237e4312dd5bf250f31e86cc803dcced79e00c5a72ff3449326f428fe6d34c5ebe2f42849c85b0e6301b6236dcf663f2a12f9b4a444fd10074d2e193e7d9a6e7709f71fda07f4201d0cdf81e4a430ec2b0d5ad59a58a820879978d920bca7d"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x40) 01:42:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "8000"}) write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0x8d) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xb7fa, 0x0, "078cf0251c0e00"}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r3, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000001000000000000010000000001000"}) 01:42:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "8000"}) write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0x8d) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xb7fa, 0x0, "078cf0251c0e00"}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r3, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000001000000000000010000000001000"}) 01:42:19 executing program 1: mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) 01:42:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "8000"}) write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0x8d) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xb7fa, 0x0, "078cf0251c0e00"}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r3, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000001000000000000010000000001000"}) 01:42:19 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff7a}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xaf, &(0x7f0000000240)="f3180479cebca2feef0c4e6e653386e00bfa2685c683676483f22766c044814ad53d69f9c013916a17f30572d2beea1fc586d4a4f45d81a30c273c1d6f7be1a33c5ddcbd118cdd913f95ffeeede27664237e4312dd5bf250f31e86cc803dcced79e00c5a72ff3449326f428fe6d34c5ebe2f42849c85b0e6301b6236dcf663f2a12f9b4a444fd10074d2e193e7d9a6e7709f71fda07f4201d0cdf81e4a430ec2b0d5ad59a58a820879978d920bca7d"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x40) 01:42:19 executing program 2: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') sendfile(r0, r1, 0x0, 0x80000b) 01:42:19 executing program 3: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/sockstat\x00') clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='mounts\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 01:42:22 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66531700ae897094e71b0fb1f147a8378f364602812c66538d754724230798637e582c7be8f6d3c020f30f6ee1af68e5b5725142ff6c2fef2308003ea1315baf2f5e153eb78020fa00eb298802d8f6c1f3b18d6d352507f7018b31a53bad1ec3533c608af363fe88975b88822cb488e8cf371ebee61adc5ff09ffed8f0340816f77e3c83607a02ffa2c72787e1affc8e88f6693746dc88d9e94a6fc63b431fadfb006449955525e02b77fe2e77292a9ffcebfe93529999fad6b752c5e10999b23c012f7ae99b11775d158b89efbd136a85cc911619c512f7faf70231f624de6f4f64355e0552f38793", 0xe9}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x34) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) 01:42:22 executing program 4: r0 = socket$inet6(0xa, 0x80002, 0x0) recvmmsg(r0, &(0x7f0000003880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) shutdown(r0, 0x0) 01:42:22 executing program 1: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00000068001142fea267689c528c530a000000", @ANYRES32=0x0, @ANYBLOB="04000b"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x10008, 0x0) 01:42:22 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000022c0), 0x0, &(0x7f0000002380)={[{@fat=@gid={'gid', 0x3d, 0xffffffffffffffff}}]}) 01:42:22 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff7a}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xaf, &(0x7f0000000240)="f3180479cebca2feef0c4e6e653386e00bfa2685c683676483f22766c044814ad53d69f9c013916a17f30572d2beea1fc586d4a4f45d81a30c273c1d6f7be1a33c5ddcbd118cdd913f95ffeeede27664237e4312dd5bf250f31e86cc803dcced79e00c5a72ff3449326f428fe6d34c5ebe2f42849c85b0e6301b6236dcf663f2a12f9b4a444fd10074d2e193e7d9a6e7709f71fda07f4201d0cdf81e4a430ec2b0d5ad59a58a820879978d920bca7d"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x40) 01:42:22 executing program 3: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/sockstat\x00') clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='mounts\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 01:42:22 executing program 3: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/sockstat\x00') clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='mounts\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 01:42:22 executing program 5: r0 = syz_io_uring_setup(0x350, &(0x7f0000000080), &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r1 = socket$inet_tcp(0x2, 0x1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000040)=[r1], 0x1) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[r0]}, 0x1) 01:42:22 executing program 3: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/sockstat\x00') clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='mounts\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 01:42:22 executing program 4: r0 = socket$inet6(0xa, 0x80002, 0x0) recvmmsg(r0, &(0x7f0000003880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) shutdown(r0, 0x0) 01:42:22 executing program 5: r0 = syz_io_uring_setup(0x350, &(0x7f0000000080), &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r1 = socket$inet_tcp(0x2, 0x1, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000040)=[r1], 0x1) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[r0]}, 0x1)