Warning: Permanently added '10.128.0.204' (ECDSA) to the list of known hosts. 2019/09/30 09:23:53 fuzzer started [ 51.973901] audit: type=1400 audit(1569835433.617:36): avc: denied { map } for pid=7618 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/09/30 09:23:55 dialing manager at 10.128.0.105:33829 2019/09/30 09:23:55 syscalls: 2489 2019/09/30 09:23:55 code coverage: enabled 2019/09/30 09:23:55 comparison tracing: enabled 2019/09/30 09:23:55 extra coverage: extra coverage is not supported by the kernel 2019/09/30 09:23:55 setuid sandbox: enabled 2019/09/30 09:23:55 namespace sandbox: enabled 2019/09/30 09:23:55 Android sandbox: /sys/fs/selinux/policy does not exist 2019/09/30 09:23:55 fault injection: enabled 2019/09/30 09:23:55 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/09/30 09:23:55 net packet injection: enabled 2019/09/30 09:23:55 net device setup: enabled 09:26:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000080)="b9f0080000b8f9000000ba000000000f30b9800000c00f3235008000000f3067360f01c32e3e0f79350000000066b88a008ee86d0f72f71c6626f36e360f788fb3000000f4", 0x45}], 0xaaaaaaaaaaaaa01, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 225.615675] audit: type=1400 audit(1569835607.257:37): avc: denied { map } for pid=7636 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=22 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 225.735450] IPVS: ftp: loaded support on port[0] = 21 09:26:47 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x808100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) inotify_init1(0x0) ptrace$getsig(0x4202, 0x0, 0x80, &(0x7f0000000280)) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'\x00\x00\x10', 0xffffffffffffffff, 0x4c00000000006800}, &(0x7f0000001fee)='R\x10rist\xe3cusgrVid:De', 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000000c0)={{{@in=@broadcast, @in=@loopback}}, {{@in6=@mcast1}, 0x0, @in=@multicast1}}, &(0x7f0000000000)=0xe8) [ 225.856633] chnl_net:caif_netlink_parms(): no params data found [ 225.908262] IPVS: ftp: loaded support on port[0] = 21 [ 225.953626] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.961385] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.969051] device bridge_slave_0 entered promiscuous mode [ 225.992687] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.999070] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.006990] device bridge_slave_1 entered promiscuous mode 09:26:47 executing program 2: r0 = socket$inet(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="240000001900070207fffd946f61050002000021001f0000000000feff07001e000400ff", 0x24}], 0x1}, 0x0) [ 226.054340] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 226.098900] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 226.158346] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 226.168576] team0: Port device team_slave_0 added [ 226.174354] chnl_net:caif_netlink_parms(): no params data found [ 226.188638] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 226.189052] IPVS: ftp: loaded support on port[0] = 21 [ 226.197276] team0: Port device team_slave_1 added [ 226.222232] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 226.244850] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready 09:26:48 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 226.268279] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.276269] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.283960] device bridge_slave_0 entered promiscuous mode [ 226.292923] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.300013] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.307372] device bridge_slave_1 entered promiscuous mode [ 226.372079] device hsr_slave_0 entered promiscuous mode [ 226.409557] device hsr_slave_1 entered promiscuous mode [ 226.450126] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 226.457206] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 226.497079] IPVS: ftp: loaded support on port[0] = 21 09:26:48 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$TIPC_NL_NODE_GET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x16}}, 0x1c) r1 = dup2(r0, r0) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000880)={{0x77359400}, {0x0, 0x989680}}, 0x0) rt_sigtimedwait(&(0x7f0000000500), 0x0, 0x0, 0x8) tkill(r2, 0x1000000000015) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, 0x0, 0x0) [ 226.521646] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 226.535357] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.541939] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.548971] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.555428] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.572156] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 226.658681] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 226.680061] team0: Port device team_slave_0 added [ 226.686455] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 226.709804] team0: Port device team_slave_1 added [ 226.755145] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 226.765981] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 226.791434] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 226.797544] 8021q: adding VLAN 0 to HW filter on device bond0 09:26:48 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSMASK(r0, 0x80084510, 0x0) [ 226.858495] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 226.878384] IPVS: ftp: loaded support on port[0] = 21 [ 226.922708] device hsr_slave_0 entered promiscuous mode [ 226.959548] device hsr_slave_1 entered promiscuous mode [ 227.021644] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 227.045009] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 227.053823] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.071865] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.079848] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 227.091462] chnl_net:caif_netlink_parms(): no params data found [ 227.100567] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 227.132934] chnl_net:caif_netlink_parms(): no params data found [ 227.148004] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 227.154278] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.164650] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 227.165822] IPVS: ftp: loaded support on port[0] = 21 [ 227.174112] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 227.201912] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 227.212833] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.222993] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.230925] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.237249] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.244640] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 227.255604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.263269] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.269884] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.276793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 227.292849] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 227.321500] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 227.333125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 227.344196] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.350748] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.357796] device bridge_slave_0 entered promiscuous mode [ 227.390523] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.397092] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.404528] device bridge_slave_1 entered promiscuous mode [ 227.422990] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 227.433762] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 227.445340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 227.453361] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 227.461308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 227.469132] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 227.483635] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.490394] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.497519] device bridge_slave_0 entered promiscuous mode [ 227.506919] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.513396] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.521098] device bridge_slave_1 entered promiscuous mode [ 227.544293] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 227.553069] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 227.564833] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 227.576682] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 227.584710] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 227.594722] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 227.613783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 227.621438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 227.631756] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 227.673202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 227.681284] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 227.692823] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 227.699521] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 227.713727] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 227.721495] team0: Port device team_slave_0 added [ 227.763176] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 227.771865] team0: Port device team_slave_0 added [ 227.777138] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 227.785266] team0: Port device team_slave_1 added [ 227.802647] chnl_net:caif_netlink_parms(): no params data found [ 227.819080] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 227.826734] team0: Port device team_slave_1 added [ 227.834337] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 227.844665] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 227.901134] device hsr_slave_0 entered promiscuous mode [ 227.949531] device hsr_slave_1 entered promiscuous mode [ 228.012977] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 228.022798] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 228.030112] chnl_net:caif_netlink_parms(): no params data found [ 228.038196] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 228.052752] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 228.064182] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 228.109711] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.126152] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.182251] device hsr_slave_0 entered promiscuous mode [ 228.219695] device hsr_slave_1 entered promiscuous mode [ 228.282190] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 228.288826] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 228.296610] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 228.303170] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.309792] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.316747] device bridge_slave_0 entered promiscuous mode [ 228.327565] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.334113] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.341210] device bridge_slave_1 entered promiscuous mode [ 228.350722] audit: type=1400 audit(1569835609.997:38): avc: denied { associate } for pid=7637 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 228.398030] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 228.411282] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 228.417527] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.429905] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.442481] device bridge_slave_0 entered promiscuous mode [ 228.451316] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.457689] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.465844] device bridge_slave_1 entered promiscuous mode [ 228.468736] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 228.515316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 228.525287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 228.535034] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 228.544970] 8021q: adding VLAN 0 to HW filter on device team0 [ 228.553270] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 228.563837] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 228.576419] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 228.586530] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 228.598198] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 09:26:50 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f00000001c0)={0x0, 0x1, &(0x7f0000000140)="f2"}) [ 228.629074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 228.643445] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 228.656541] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.663035] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.667470] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 228.712495] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 228.726315] team0: Port device team_slave_0 added [ 228.733792] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 228.745292] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 228.754879] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 228.762614] team0: Port device team_slave_0 added [ 228.768704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 228.777774] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 228.785713] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.792090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.799691] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 228.806991] team0: Port device team_slave_1 added [ 228.812406] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 228.824768] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 228.832769] team0: Port device team_slave_1 added [ 228.838254] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 228.846925] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 228.856326] 8021q: adding VLAN 0 to HW filter on device bond0 09:26:50 executing program 0: [ 228.865288] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 228.873572] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 228.883313] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 228.891452] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready 09:26:50 executing program 0: [ 228.922472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 228.931747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 228.952362] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 228.960744] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready 09:26:50 executing program 0: [ 228.992696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.000342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 229.007344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 229.030613] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 09:26:50 executing program 0: [ 229.038777] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 229.051601] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 229.057683] 8021q: adding VLAN 0 to HW filter on device team0 09:26:50 executing program 0: 09:26:50 executing program 0: [ 229.137949] device hsr_slave_0 entered promiscuous mode [ 229.160115] device hsr_slave_1 entered promiscuous mode [ 229.232626] device hsr_slave_0 entered promiscuous mode [ 229.269656] device hsr_slave_1 entered promiscuous mode [ 229.332942] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 229.340913] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 229.348781] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 229.358480] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 229.366253] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 229.373894] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 229.381934] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 229.392055] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 229.401094] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 229.409010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 229.417088] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.423489] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.430373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 229.438024] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 229.446597] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 229.455158] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.467670] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 229.475455] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 229.483711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 229.491568] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 229.503070] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 229.517495] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 229.526461] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 229.533039] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 229.542814] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 229.556225] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 229.565615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 229.574439] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 229.583145] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.589548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.596441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.603472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 229.613015] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 229.621531] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 229.632633] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 229.638715] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.648342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 229.660042] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 229.677586] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 229.685545] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 229.694548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 229.704908] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 229.713279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 229.721063] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.727433] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.735034] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 229.751992] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 229.762004] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 229.770072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 229.778064] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 229.787947] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.794478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.802062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 229.810208] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 229.818237] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 229.828143] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.842917] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 229.854624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 229.863079] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 229.885581] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.893916] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 229.903740] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 229.922672] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 229.933110] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 229.944862] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 229.960917] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 229.968604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 229.976866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 229.985043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 229.994681] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 230.001157] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 230.023641] ptrace attach of "/root/syz-executor.1"[7640] was attempted by "/root/syz-executor.1"[7682] 09:26:51 executing program 1: socket$inet(0x2, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, &(0x7f0000000040)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) fstat(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgid(r0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000440)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0//ile0\x00', 0x0) r1 = socket$inet6(0xa, 0x401000000001, 0x0) close(r1) r2 = open(&(0x7f0000000400)='./bus\x00', 0x1141042, 0x0) r3 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) openat$cgroup_procs(r3, &(0x7f0000000340)='cgroup.procs\x00', 0x2, 0x0) ftruncate(r2, 0x2007fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) setsockopt$inet_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000140)=@gcm_128={{}, "b26d585a0e72681c", "ea15067def60d496f8b5cdbd01fcee7d", "1a577a35", "b00dbc796b361e36"}, 0xfffffffffffffed2) r4 = syz_open_procfs(0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x1f, 0x6, 0x670, 0x278, 0x388, 0x140, 0x490, 0x0, 0x5f8, 0x5f8, 0x5f8, 0x5f8, 0x5f8, 0x6, &(0x7f0000000240), {[{{@ipv6={@mcast2, @local, [0x0, 0xff, 0x203146b8e4259381, 0x7f], [0xff00007f, 0x1fe, 0x0, 0xffffff00], 'tunl0\x00', 'bcsf0\x00', {}, {0xff}, 0x5c, 0x1, 0x0, 0xc4}, 0x0, 0xf0, 0x118, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x1}}]}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0xd}}}, {{@ipv6={@ipv4={[], [], @loopback}, @empty, [0xff000000, 0xffffff00, 0x0, 0xafb958f2c91f676e], [0x0, 0xffffff00], 'ifb0\x00', 'rose0\x00', {}, {}, 0xe055b25aed13a117, 0x2, 0x1, 0x10}, 0x0, 0x110, 0x138, 0x0, {}, [@common=@hbh={0x48, 'hbh\x00', 0x0, {0x8, 0x3, 0x1, [0x0, 0x0, 0x2, 0x200, 0x1, 0x4, 0x3ff, 0x0, 0x9, 0xff7f, 0x1, 0x6, 0x800, 0x0, 0x200, 0x7fff], 0xb}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@uncond, 0x0, 0xc8, 0x110}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@multicast1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2c, 0x36}}}, {{@uncond, 0x0, 0xc8, 0x108}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x9, 0x0, @ipv6=@mcast1}}}, {{@uncond, 0x0, 0xf0, 0x138, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00'}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@mcast1, @ipv4=@empty, 0x0, 0x23}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0) open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000080), 0x12) [ 230.029293] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 230.048128] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 230.065032] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 230.073541] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 230.087067] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.094619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.096125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 230.114222] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 230.130081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.137138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 230.147792] hrtimer: interrupt took 25879 ns [ 230.148421] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.167636] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 230.184432] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 230.191831] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 230.207481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 230.215521] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 230.225655] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 230.232012] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.241130] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 230.251371] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 230.277666] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 230.292533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.300548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 230.308423] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.315046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.322742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.330981] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 230.338867] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.345356] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.352856] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 230.362926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 230.373074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.382121] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 230.390766] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 230.398982] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.407338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 230.415350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 230.427511] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 230.434073] 8021q: adding VLAN 0 to HW filter on device team0 09:26:52 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) socket$inet(0x2, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, &(0x7f0000000040)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) fstat(r0, 0x0) setgid(0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000440)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0//ile0\x00', 0x0) r1 = socket$inet6(0xa, 0x401000000001, 0x0) close(r1) r2 = open(&(0x7f0000000400)='./bus\x00', 0x1141042, 0x0) r3 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) openat$cgroup_procs(r3, &(0x7f0000000340)='cgroup.procs\x00', 0x2, 0x0) ftruncate(r2, 0x2007fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) setsockopt$inet_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000140)=@gcm_128={{}, "b26d585a0e72681c", "ea15067def60d496f8b5cdbd01fcee7d", "1a577a35", "b00dbc796b361e36"}, 0xfffffffffffffed2) r4 = syz_open_procfs(0x0, 0x0) rmdir(&(0x7f0000000340)='./file0//ile0\x00') setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x1f, 0x6, 0x698, 0x278, 0x388, 0x140, 0x490, 0x0, 0x5f8, 0x5f8, 0x5f8, 0x5f8, 0x5f8, 0x6, &(0x7f0000000240), {[{{@ipv6={@mcast2, @local, [0x0, 0xff, 0x203146b8e4259381, 0x7f], [0xff00007f, 0x1fe, 0x0, 0xffffff00], 'tunl0\x00', 'bcsf0\x00', {}, {0xff}, 0x5c, 0x1, 0x0, 0xc4}, 0x0, 0x118, 0x140, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x1}}, @inet=@rpfilter={0x28, 'rpfilter\x00'}]}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0xd}}}, {{@ipv6={@ipv4={[], [], @loopback}, @empty, [0xff000000, 0xffffff00, 0x0, 0xafb958f2c91f676e], [0x0, 0xffffff00], 'ifb0\x00', 'rose0\x00', {}, {}, 0xe055b25aed13a117, 0x2, 0x1, 0x10}, 0x0, 0x110, 0x138, 0x0, {}, [@common=@hbh={0x48, 'hbh\x00', 0x0, {0x8, 0x3, 0x1, [0x0, 0x0, 0x2, 0x200, 0x1, 0x4, 0x3ff, 0x0, 0x9, 0xff7f, 0x1, 0x6, 0x800, 0x0, 0x200, 0x7fff], 0xb}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@uncond, 0x0, 0xc8, 0x110}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@multicast1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2c, 0x36}}}, {{@uncond, 0x0, 0xc8, 0x108}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x9, 0x0, @ipv6=@mcast1}}}, {{@uncond, 0x0, 0xf0, 0x138, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00'}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@mcast1, @ipv4=@empty, 0x0, 0x23}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6f8) open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000080), 0x12) [ 230.451177] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 230.458846] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 230.487480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 230.497721] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 230.507407] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.519130] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 230.534540] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 230.546733] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 230.553571] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 230.562849] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.574539] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 230.586603] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.593053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.601394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 230.610058] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 230.620863] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 230.630873] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 230.668746] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 230.676558] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.687070] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 230.704700] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.714103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 230.724338] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.730817] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.740868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 230.754157] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 230.765917] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 230.780916] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 230.798717] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.807466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 230.823283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 230.832336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 230.843151] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 230.853243] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 230.874556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 230.885027] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 230.893236] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.905590] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 230.912698] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 230.930948] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 230.938833] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 230.965548] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 231.011628] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 231.031274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 231.038518] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 231.064557] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 231.086249] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 231.094059] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 09:26:52 executing program 3: [ 231.150345] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 231.171665] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 231.179294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 231.186907] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 231.230940] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 231.265647] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 231.280169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 231.300860] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 231.315342] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 231.324862] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 231.381755] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 231.388592] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 231.417265] 8021q: adding VLAN 0 to HW filter on device batadv0 09:26:53 executing program 4: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x1}, 0x10) sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2}}, 0x10, 0x0}, 0x0) 09:26:53 executing program 5: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) read(r0, &(0x7f0000000680)=""/78, 0x4e) 09:26:53 executing program 0: 09:26:53 executing program 1: r0 = syz_open_dev$swradio(&(0x7f0000000100)='/dev/swradio#\x00', 0x0, 0x2) read$FUSE(r0, &(0x7f0000000140), 0x1000) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0xf0f046}) 09:26:53 executing program 3: 09:26:53 executing program 2: 09:26:53 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000080)=@fragment, 0x8) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, 0x0, 0xa808) 09:26:53 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x301409, 0x0) bind(0xffffffffffffffff, &(0x7f0000000300)=@pppol2tp, 0x80) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0) 09:26:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:26:53 executing program 2: 09:26:53 executing program 4: 09:26:53 executing program 2: 09:26:53 executing program 5: 09:26:53 executing program 1: 09:26:53 executing program 4: 09:26:53 executing program 2: 09:26:53 executing program 5: 09:26:53 executing program 1: 09:26:53 executing program 0: 09:26:53 executing program 3: 09:26:53 executing program 5: 09:26:53 executing program 2: 09:26:53 executing program 4: 09:26:53 executing program 1: 09:26:53 executing program 0: 09:26:53 executing program 3: 09:26:53 executing program 2: 09:26:53 executing program 4: openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) getresuid(0x0, 0x0, 0x0) r0 = gettid() fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) sendmsg(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) r1 = epoll_create1(0x100000) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0x810, r1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) truncate(&(0x7f0000000000)='./file0\x00', 0x0) stat(0x0, 0x0) setresgid(0x0, 0x0, 0x0) tkill(r0, 0x1000000000016) 09:26:53 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x1}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48, 0x2, {{0x0, 0x0, 0x0, 0x4}}}}]}, 0x74}}, 0x0) 09:26:54 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = socket$unix(0x1, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x0, 0x0, 0x0) 09:26:54 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x4c, 0x0, &(0x7f00000001c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000000280)="fc"}) 09:26:54 executing program 0: socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x15, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f00000000c0)='nbd\x00') openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x20000, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$dmmidi(0x0, 0x0, 0x0) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000740)) r2 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) r3 = syz_open_dev$binder(0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0563044000000000"], 0x0, 0x0, 0x0}) dup3(r3, r2, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r2, 0xc018620c, &(0x7f0000000180)={0x0, 0x100000000000000}) socket$inet_udp(0x2, 0x2, 0x0) 09:26:54 executing program 2: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000006c0)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x14, r1, 0x3}, 0x14}}, 0x0) 09:26:54 executing program 4: 09:26:54 executing program 1: [ 232.555191] audit: type=1400 audit(1569835614.197:39): avc: denied { create } for pid=7817 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 09:26:54 executing program 5: [ 232.637962] audit: type=1400 audit(1569835614.257:40): avc: denied { write } for pid=7817 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 09:26:54 executing program 4: 09:26:54 executing program 1: 09:26:54 executing program 3: [ 232.683976] binder: BINDER_SET_CONTEXT_MGR already set [ 232.706738] binder: 7817:7818 ioctl 40046207 0 returned -16 09:26:54 executing program 5: [ 232.746090] binder: 7817:7825 ioctl c018620c 20000180 returned -22 09:26:54 executing program 2: 09:26:54 executing program 1: 09:26:54 executing program 4: [ 232.846582] binder: 7817:7836 ioctl c018620c 20000180 returned -22 [ 232.861241] audit: type=1400 audit(1569835614.257:41): avc: denied { read } for pid=7817 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 09:26:54 executing program 3: 09:26:54 executing program 5: 09:26:54 executing program 0: 09:26:54 executing program 1: 09:26:54 executing program 2: 09:26:54 executing program 4: 09:26:54 executing program 3: [ 233.028429] audit: type=1400 audit(1569835614.327:42): avc: denied { set_context_mgr } for pid=7817 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 09:26:54 executing program 5: 09:26:54 executing program 2: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x20310, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f00000001c0)={0x0, 0x0, 0xc00, &(0x7f0000000400)="fa13031b36b06be279451425c8d5ea6b4946a73613bddaf45e4c530717f0bfe064e06f62017f4d592066ecf61ff460cda032b5ae2283c2b79c33c77ecd3dd4780412bf31c49bf647123a7f5dfe2a6e17d91e2ea44a2257f407b57d06c89ddd9e649cfa3c3929bd59dbb7c723a5889bdac4efbc0de090345c213eea8c7b23b8df7223b237c319c2444810c2be03e64d58d909223e674dd7856ba0642775eaf0d2df91a09b9abc98deaeb5c33c3fddda13c44c67cc70f356538103ccaccc06f36a25b7a08c150e8036a0353ba69437a9e609ef3128262fef7a6121ce3a09e9403d7bda3651019fab24646cd69ac1a47783d8b95db03fd5a4e3c3afff2c54f19296a84d1c377b4f9d2044b3f63fb902d7fb1c7f24003b3371950d7f5732017cef2faa6066bd891b77aa6f15e06618ebfe628092192927b5fa7c2b5c7df7d2983ea25b008781f1a64fad3285b803bc9c71ffed139a1bb72807152c8352f57a091fdb0da92c2be69fd4ab7ceae024539acdf07a4769e32e9fcce4d5d4f854cc50447f72e3a17453e0d419c5060705a8cbdd2999eed94d92afaa2b504198b2100ec7536e6c8cb9697a114ffa75fb444f53ceaf5d9dff34da14655fb681d006f2b1838c4fce61cf93650f2ebf674d6cf9ad6e26ae6bd1135b21b7c74f6be9be3420c087705bc9df04401c8ed7f4e457a64df442b9810c85aa52877b010051b67def9930c426fc575128976d30b519f3b8fec1990fb4eb29d7ddd688c2e67740f9796736137ce173efa1ed7cc13b92f1ebd7241f1821266cadc585af55b07e9edfa694552ff8c4d9063a995fff0d828b5ff1a8e787d4a68e519a13b6d809cc6a588a8f6b12f12fd1cc230b815b40a81aca65756821b5df40e8c09432f7cff2f815137b32d1e9a96b637bf8ec4ac2ca18482c1de4b22791c3f81597714c8d85d4437c43e13c581f9de889f6bd66d09e97dd7f26a0729c11d6dbc16e1905787cc3e22df1324c57da395e986d40167ea5758f8d8b487b0bdc4260c8c1316da9f4c990b18ce14961a2942d1d6600d81129eda581799a91929a312ddbc6872f3b1b5941961fd4d4591ca64242303531c53c909358035e7d2bf36d4ba87c1871fc62e5f9ac68e751b0410137581477bdfe8c0b78a25f712544a408a2df1c4f9d8f769bda2b15a0fa4e73270c58eaea1c2c4b4042562a6d0f8ca904aeaa1e5d0fff3ad67df1885135a30b22ddeeba586acf48856d3085aceb37f16b053db81801b273aa97ba9520c88872695b606b0348d8360be31375fbc4eb13d1205df82448c7b99db086cf79e539a9836a47c3c9f605904170b47c31f5d773d7c5f09f2341b8c519a1fc5b344a9ec7f776af6ceb04e69ccf5eaf1d6c7ab63b08d82a7c43140fd271c5d30dfd2b1d802f2235e1873774af9c946ddb26d022ae3444d749b64171c43afc6cd5e7061d4b03ab3f2bc0fd2a7f6bad0f467d71d48df7baa7a1e7b701cb2f4216e5532cdffb87d25ad73b80bf695b9368d2175223c49d23ef2064e2a7bdc02c382ad0ccef24a948bf6ef34381e61de9cf6ece2106d41d7a93d4ebea6de2c930dc87ee940be4fa2c45184e1328f2f2d43f8b980621cce3ffb4777d3ee10f41fed4679929ccabe10cf2b9795393a35f82bcd9ad42eef5202fe110c1b4c67615b17869a5f489c4190bb9bdf832ca53188f596e564d8bc8fb1e7efe9cd2c36fe9cb00208f2225a840fad171fa63ead3907e17647cea2adeb0b80ae264baf6deb1e2d9e2ef5524219e84d116c605df271b9de2b8bf25bce17845b9a62e14bc49f219d84f187ef0c096bd3a94af86e009a1b9230c478318f427c51a59313979ee61989f4293d54c0dec8f28e8b8665d765abccd5e615f08215b4f948b44e47488f90d20491b78f4b8f1ba8af0f8760b956242a5d2bb62672052840e479d2f5fdb28b409a442273dad165fabc905b127fe7521333a041987792fa2a85e894a750eeb9f3d26dd484823043b142b357ccaed87e35e458ddecdd44ec129415609ca2e7e8b975cd4fcb515017819cb2ced0007b86cdbe578319d8d73c42a17ccf76ca0d10a18aba4fa59ada6ead9d6686b1a48dc1951ad0bc61490ad7db3e973acd7946b4a14372c055c933a11240e2a3cf102c2c558d5a6da69f542fc7df55f8ebf7dd7a26d5c9df9cf404bc009839d33a4febaa7950944eff2c786865c5ed5674cf9aa9d145756e64b0f6ad731055d17d6494c11b60bbc491154e5160b6bfcc739ce3c2dc9cb897edf384391311bc3b994111d67e946193e2729fcc90340326a3b4691cf178cd9d9ae6bcc91afcf44c8aeca8837fa861517b53468bd019381077c56408c078666e3150f4b8979e3de49b3d1a154715478000ce547f45b780edd3a8b19c00e2e127c02771d0d2f1c84d8f0e7174df9667ddad0d290954d05b699d0c93794f4ca79841597b9b8dc782af5e95f751095b0b2c5c73cad5b615715497b5b47b181ead6d872f59da0372d3d065036162724c1791bfa7dc21c21e5c3f1b306b33a2efdc9309f8301fbba75272ae2d80d3111c4a928c2cb5ec9bea65561a38ecabac7242b6a9732c257f857c1bf3add78c202914280c5fcc875b996c054f6882c26f3a561e06aafd9b72dd271dcee546c1fe689f14660587efc385f2f8002862af5b601c509febde6375eb3c71273dcffb4db5f10f1cdd530e7eae009beb61063277a8d5c6124a1c390a5b9f9de7ed7130eea68e56f04715ee015bec853d2addfc29d8dcd6db8fe9fd1e454ee1a729dcdbf92c990799d55fb2c55cc4be3b3189b20f23c8ebb87e6313b5f53b6de9846eb6acff9e301fd443a621666c39f03d5feb23772f8fae8cb77c18697d3e036023fa5f60ec8a4adc0b6c6e18e370734cec1ae84f8be2e31fcf5dce74dd3c3f96b738f1fa72f66bd12472b13876c94cbb4e225dcb5be02d668b537a0271170a980a81b68d3eb3ffa45b076406b039854a6278cf92f969f14ff0dec83e4d3b156b84d85fb9a80cad6acac56ac8c61305ac6f7d97b8383c187ab19877fd593d47ebd2dbffffbf0b8d185444395341a130b1e7a140c32455c0137ac62ec48f8df0803221a3336d76db609b8cffba28032acba05ddda74e7c5a748028ffbd9785c64ef14c809b6cbf496b4c7a31116be2960036ce54c6ba23fe56ae6abfc9a95faae3c5095a7085344eff0a332cee15a3335d9d2f2f135dcf91049ceb446f5b07771a5296f07b07305df2fc0d33a95740d6c50c24dd3088acb1bcbcee6e3666727ee4c1cbb1401d38e00c19143e29ee7a38c30006759992b44fe77ca24a43d7c56f341c478d58e7b853e84c3168eb6708cccf13129063fab5d3598e5e8a47e7254cf6bcd4c4e734a911cd61b2ed146d686b80af27c83c5ca1f4dd7a866ccd4b7440867f7089d24ac458ce575d72dd53736634977f5e42a6588ea93dc3d9a57f455f183e07da64eb20a59c9ad66f9ad9cee67352916c09417411d90c1e5a26c7f6f8719d9eb66cbbb471d25443aef2b597ae38fe5cac9cec0cab27ceb2557d928320660b847445d5d70141551d18c05584b0b1263ca23046978e5b38049ebc7c0d90a48e7bd5ad6a5e16a6f29e4720f4982245067c7fdd41d2b037f01a42829afe6ab3a0f55176481282017f723b22f4a1a3f896d0ef8a2bc5b7532fcf196997c80e9779acf603d9a288938dae18b67dc7f2cf2f3fcebce886451b6464aae6296a78f0c962738cfe3591dec5fc776db85a722901952440ca17b8d12b3037ca40acff22c9a1223b22b88329402bbee396883f8eb8cd3be5b2783ae411d16ff3f46e0b70b65e0c8cf6a60cd9b0a1da99eef48fb1810d9ac3dedc60a66b5304acd5ff3a7b4ba24b0405eeeeecae66d72049dd9357ef2556eea8d42f336adc4108200d838114ee4c6ba869150f6c0805971ed34508174c57a8ab95ea7c1783e1984e4614e2d2c9701fa7220819e827cec6cfa6d930f25c131419c4d296cff25bdea6cae713918707ec9c8b3e0cb2313bae6530fea171f5bc1baa4679207c2f4bd472af9568f1f14164ce7ac4b1964cbd3f1ccb259bb698c053d36ab7257ec20d73bdf4e245561fbac5ed36793118a80df227002f8525a6a30c39bff24ecd2432ddd0273f33f4c2d53189ba23d1f5596a2644896fff294f4ab4ef72afffdb9a7f86a8f5cc4bd63616139e166077158accd70cc12d1e9356b1f742c9ff9b383ae9b1bf2beb3c9645e4df6ce0a9d25958677215317fe9a313ee97b60acc59731b3422a48a6402c8790791b2f1928690edb9a47b86321af06330e2b4271252d345bd74dc7deb830fe1a142d951327552772ebb6734c967844ec2b193c"}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000008000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000009000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) process_vm_readv(r1, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0) 09:26:54 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="390000001000090468fe07002bad054693226a911b000000450001070300001404001a00120004000e04000020000300"/57, 0x39}], 0x1) 09:26:54 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000240)) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x30, &(0x7f00000000c0)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000000000100000001000000004000000440000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 09:26:54 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x200000002, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='bridge_slave_0\x00', 0x10) 09:26:54 executing program 0: 09:26:54 executing program 2: 09:26:54 executing program 5: [ 233.285353] ptrace attach of "/root/syz-executor.2"[7643] was attempted by ""[7867] [ 233.285361] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 233.308551] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 09:26:55 executing program 0: [ 233.349107] EXT4-fs (loop4): Unrecognized mount option "" or missing value 09:26:55 executing program 1: [ 233.402989] EXT4-fs (loop4): failed to parse options in superblock:  09:26:55 executing program 3: 09:26:55 executing program 5: [ 233.447585] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 233.456032] syz-executor.1 (7866) used greatest stack depth: 22336 bytes left 09:26:55 executing program 2: 09:26:55 executing program 0: 09:26:55 executing program 5: 09:26:55 executing program 4: 09:26:55 executing program 1: 09:26:55 executing program 3: 09:26:55 executing program 2: 09:26:55 executing program 1: 09:26:55 executing program 3: 09:26:55 executing program 5: 09:26:55 executing program 0: 09:26:55 executing program 4: 09:26:55 executing program 2: 09:26:55 executing program 3: 09:26:55 executing program 5: 09:26:55 executing program 2: 09:26:55 executing program 1: 09:26:55 executing program 0: 09:26:55 executing program 4: 09:26:55 executing program 3: 09:26:55 executing program 5: socketpair$unix(0x1, 0x4000000000002, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000280)) openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000280), 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 09:26:55 executing program 0: 09:26:55 executing program 1: 09:26:55 executing program 2: 09:26:55 executing program 3: 09:26:55 executing program 4: 09:26:55 executing program 0: 09:26:55 executing program 2: 09:26:55 executing program 1: 09:26:55 executing program 3: 09:26:56 executing program 0: 09:26:56 executing program 3: syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video35\x00', 0x2, 0x0) write(r1, &(0x7f0000000340), 0x41395527) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, 0x0, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 09:26:56 executing program 5: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000180)) writev(r1, &(0x7f0000002680)=[{&(0x7f0000002600)="cf052c0943da055de185d10d5e6e26373eb9cfc5e35ac37ce1c6e6b48ad394b59c494b993820b2904f0ef9370e1bde29ccc4ca531cc2ede92687d17e6bb348c6e82419c3638a7e5159d8f58be53cadb5923adab7e275813e1e", 0x59}], 0x1) r2 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) 09:26:56 executing program 4: unshare(0x400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) 09:26:56 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) recvmmsg(r0, &(0x7f0000000540)=[{{0x0, 0x0, 0x0}, 0x800}], 0x1, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000780)={@in={{0x2, 0x0, @local}}, 0x0, 0x9, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r0, &(0x7f0000000240)={0x0, 0xfffffffffffffd83, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x5801}], 0x1}, 0x100) syz_open_dev$media(0x0, 0x0, 0x0) pipe(0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) fanotify_mark(0xffffffffffffffff, 0x4c, 0x0, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 09:26:56 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61d7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f00000001c0)={0x0, 0x0, 0xc00, &(0x7f0000000400)="fa13031b36b06be279451425c8d5ea6b4946a73613bddaf45e4c530717f0bfe064e06f62017f4d592066ecf61ff460cda032b5ae2283c2b79c33c77ecd3dd4780412bf31c49bf647123a7f5dfe2a6e17d91e2ea44a2257f407b57d06c89ddd9e649cfa3c3929bd59dbb7c723a5889bdac4efbc0de090345c213eea8c7b23b8df7223b237c319c2444810c2be03e64d58d909223e674dd7856ba0642775eaf0d2df91a09b9abc98deaeb5c33c3fddda13c44c67cc70f356538103ccaccc06f36a25b7a08c150e8036a0353ba69437a9e609ef3128262fef7a6121ce3a09e9403d7bda3651019fab24646cd69ac1a47783d8b95db03fd5a4e3c3afff2c54f19296a84d1c377b4f9d2044b3f63fb902d7fb1c7f24003b3371950d7f5732017cef2faa6066bd891b77aa6f15e06618ebfe628092192927b5fa7c2b5c7df7d2983ea25b008781f1a64fad3285b803bc9c71ffed139a1bb72807152c8352f57a091fdb0da92c2be69fd4ab7ceae024539acdf07a4769e32e9fcce4d5d4f854cc50447f72e3a17453e0d419c5060705a8cbdd2999eed94d92afaa2b504198b2100ec7536e6c8cb9697a114ffa75fb444f53ceaf5d9dff34da14655fb681d006f2b1838c4fce61cf93650f2ebf674d6cf9ad6e26ae6bd1135b21b7c74f6be9be3420c087705bc9df04401c8ed7f4e457a64df442b9810c85aa52877b010051b67def9930c426fc575128976d30b519f3b8fec1990fb4eb29d7ddd688c2e67740f9796736137ce173efa1ed7cc13b92f1ebd7241f1821266cadc585af55b07e9edfa694552ff8c4d9063a995fff0d828b5ff1a8e787d4a68e519a13b6d809cc6a588a8f6b12f12fd1cc230b815b40a81aca65756821b5df40e8c09432f7cff2f815137b32d1e9a96b637bf8ec4ac2ca18482c1de4b22791c3f81597714c8d85d4437c43e13c581f9de889f6bd66d09e97dd7f26a0729c11d6dbc16e1905787cc3e22df1324c57da395e986d40167ea5758f8d8b487b0bdc4260c8c1316da9f4c990b18ce14961a2942d1d6600d81129eda581799a91929a312ddbc6872f3b1b5941961fd4d4591ca64242303531c53c909358035e7d2bf36d4ba87c1871fc62e5f9ac68e751b0410137581477bdfe8c0b78a25f712544a408a2df1c4f9d8f769bda2b15a0fa4e73270c58eaea1c2c4b4042562a6d0f8ca904aeaa1e5d0fff3ad67df1885135a30b22ddeeba586acf48856d3085aceb37f16b053db81801b273aa97ba9520c88872695b606b0348d8360be31375fbc4eb13d1205df82448c7b99db086cf79e539a9836a47c3c9f605904170b47c31f5d773d7c5f09f2341b8c519a1fc5b344a9ec7f776af6ceb04e69ccf5eaf1d6c7ab63b08d82a7c43140fd271c5d30dfd2b1d802f2235e1873774af9c946ddb26d022ae3444d749b64171c43afc6cd5e7061d4b03ab3f2bc0fd2a7f6bad0f467d71d48df7baa7a1e7b701cb2f4216e5532cdffb87d25ad73b80bf695b9368d2175223c49d23ef2064e2a7bdc02c382ad0ccef24a948bf6ef34381e61de9cf6ece2106d41d7a93d4ebea6de2c930dc87ee940be4fa2c45184e1328f2f2d43f8b980621cce3ffb4777d3ee10f41fed4679929ccabe10cf2b9795393a35f82bcd9ad42eef5202fe110c1b4c67615b17869a5f489c4190bb9bdf832ca53188f596e564d8bc8fb1e7efe9cd2c36fe9cb00208f2225a840fad171fa63ead3907e17647cea2adeb0b80ae264baf6deb1e2d9e2ef5524219e84d116c605df271b9de2b8bf25bce17845b9a62e14bc49f219d84f187ef0c096bd3a94af86e009a1b9230c478318f427c51a59313979ee61989f4293d54c0dec8f28e8b8665d765abccd5e615f08215b4f948b44e47488f90d20491b78f4b8f1ba8af0f8760b956242a5d2bb62672052840e479d2f5fdb28b409a442273dad165fabc905b127fe7521333a041987792fa2a85e894a750eeb9f3d26dd484823043b142b357ccaed87e35e458ddecdd44ec129415609ca2e7e8b975cd4fcb515017819cb2ced0007b86cdbe578319d8d73c42a17ccf76ca0d10a18aba4fa59ada6ead9d6686b1a48dc1951ad0bc61490ad7db3e973acd7946b4a14372c055c933a11240e2a3cf102c2c558d5a6da69f542fc7df55f8ebf7dd7a26d5c9df9cf404bc009839d33a4febaa7950944eff2c786865c5ed5674cf9aa9d145756e64b0f6ad731055d17d6494c11b60bbc491154e5160b6bfcc739ce3c2dc9cb897edf384391311bc3b994111d67e946193e2729fcc90340326a3b4691cf178cd9d9ae6bcc91afcf44c8aeca8837fa861517b53468bd019381077c56408c078666e3150f4b8979e3de49b3d1a154715478000ce547f45b780edd3a8b19c00e2e127c02771d0d2f1c84d8f0e7174df9667ddad0d290954d05b699d0c93794f4ca79841597b9b8dc782af5e95f751095b0b2c5c73cad5b615715497b5b47b181ead6d872f59da0372d3d065036162724c1791bfa7dc21c21e5c3f1b306b33a2efdc9309f8301fbba75272ae2d80d3111c4a928c2cb5ec9bea65561a38ecabac7242b6a9732c257f857c1bf3add78c202914280c5fcc875b996c054f6882c26f3a561e06aafd9b72dd271dcee546c1fe689f14660587efc385f2f8002862af5b601c509febde6375eb3c71273dcffb4db5f10f1cdd530e7eae009beb61063277a8d5c6124a1c390a5b9f9de7ed7130eea68e56f04715ee015bec853d2addfc29d8dcd6db8fe9fd1e454ee1a729dcdbf92c990799d55fb2c55cc4be3b3189b20f23c8ebb87e6313b5f53b6de9846eb6acff9e301fd443a621666c39f03d5feb23772f8fae8cb77c18697d3e036023fa5f60ec8a4adc0b6c6e18e370734cec1ae84f8be2e31fcf5dce74dd3c3f96b738f1fa72f66bd12472b13876c94cbb4e225dcb5be02d668b537a0271170a980a81b68d3eb3ffa45b076406b039854a6278cf92f969f14ff0dec83e4d3b156b84d85fb9a80cad6acac56ac8c61305ac6f7d97b8383c187ab19877fd593d47ebd2dbffffbf0b8d185444395341a130b1e7a140c32455c0137ac62ec48f8df0803221a3336d76db609b8cffba28032acba05ddda74e7c5a748028ffbd9785c64ef14c809b6cbf496b4c7a31116be2960036ce54c6ba23fe56ae6abfc9a95faae3c5095a7085344eff0a332cee15a3335d9d2f2f135dcf91049ceb446f5b07771a5296f07b07305df2fc0d33a95740d6c50c24dd3088acb1bcbcee6e3666727ee4c1cbb1401d38e00c19143e29ee7a38c30006759992b44fe77ca24a43d7c56f341c478d58e7b853e84c3168eb6708cccf13129063fab5d3598e5e8a47e7254cf6bcd4c4e734a911cd61b2ed146d686b80af27c83c5ca1f4dd7a866ccd4b7440867f7089d24ac458ce575d72dd53736634977f5e42a6588ea93dc3d9a57f455f183e07da64eb20a59c9ad66f9ad9cee67352916c09417411d90c1e5a26c7f6f8719d9eb66cbbb471d25443aef2b597ae38fe5cac9cec0cab27ceb2557d928320660b847445d5d70141551d18c05584b0b1263ca23046978e5b38049ebc7c0d90a48e7bd5ad6a5e16a6f29e4720f4982245067c7fdd41d2b037f01a42829afe6ab3a0f55176481282017f723b22f4a1a3f896d0ef8a2bc5b7532fcf196997c80e9779acf603d9a288938dae18b67dc7f2cf2f3fcebce886451b6464aae6296a78f0c962738cfe3591dec5fc776db85a722901952440ca17b8d12b3037ca40acff22c9a1223b22b88329402bbee396883f8eb8cd3be5b2783ae411d16ff3f46e0b70b65e0c8cf6a60cd9b0a1da99eef48fb1810d9ac3dedc60a66b5304acd5ff3a7b4ba24b0405eeeeecae66d72049dd9357ef2556eea8d42f336adc4108200d838114ee4c6ba869150f6c0805971ed34508174c57a8ab95ea7c1783e1984e4614e2d2c9701fa7220819e827cec6cfa6d930f25c131419c4d296cff25bdea6cae713918707ec9c8b3e0cb2313bae6530fea171f5bc1baa4679207c2f4bd472af9568f1f14164ce7ac4b1964cbd3f1ccb259bb698c053d36ab7257ec20d73bdf4e245561fbac5ed36793118a80df227002f8525a6a30c39bff24ecd2432ddd0273f33f4c2d53189ba23d1f5596a2644896fff294f4ab4ef72afffdb9a7f86a8f5cc4bd63616139e166077158accd70cc12d1e9356b1f742c9ff9b383ae9b1bf2beb3c9645e4df6ce0a9d25958677215317fe9a313ee97b60acc59731b3422a48a6402c8790791b2f1928690edb9a47b86321af06330e2b4271252d345bd74dc7deb830fe1a142d951327552772ebb6734c967844ec2b193c"}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000008000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000009000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68) r3 = inotify_init1(0x0) fcntl$setown(r3, 0x8, 0xffffffffffffffff) fcntl$getownex(r3, 0x10, &(0x7f0000000100)={0x0, 0x0}) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) process_vm_readv(r4, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0) 09:26:56 executing program 0: ioctl$BLKROGET(0xffffffffffffffff, 0x125e, 0x0) clock_gettime(0x0, 0x0) timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000100)) getsockname(0xffffffffffffffff, 0x0, 0x0) pselect6(0x40, &(0x7f0000000840)={0x3, 0x0, 0x0, 0x8, 0x0, 0x56, 0x1, 0x9}, 0xfffffffffffffffd, &(0x7f0000000a00)={0x8, 0x5, 0x0, 0x3, 0x3f, 0x7, 0x7, 0x8001}, &(0x7f0000000a40)={0x77359400}, 0x0) r0 = openat$null(0xffffffffffffff9c, 0x0, 0x80, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100)='SEG6\x00') r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2002, 0x0) fcntl$dupfd(r3, 0x0, r0) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="2e008000", @ANYRES16=r2, @ANYBLOB="0100000000000000000002000000080005000000000014000100ff010000000000000000000000000001"], 0x30}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r0, 0x0, 0x40) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/netlink\x00') ioctl$TIOCSPTLCK(r4, 0x40045431, &(0x7f0000000800)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000940)=@routing={0x0, 0x10, 0x0, 0x3, 0x0, [@mcast2, @remote, @mcast1, @ipv4={[], [], @loopback}, @initdev={0xfe, 0x88, [], 0x1, 0x0}, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, @local]}, 0x88) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB]}}, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmmsg(r5, &(0x7f0000000180), 0x205d6a92b46c1c5, 0x0) socket$netlink(0x10, 0x3, 0x0) getpgrp(0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000008c0)={0x1c, 0x17, 0x101, 0x0, 0x25dfdbfe, {0x4}, [@typed={0x8, 0x7e, @ipv4=@local}]}, 0x1c}}, 0x0) 09:26:56 executing program 4: r0 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000005380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x100001000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") sendmmsg(r0, &(0x7f000060d000)=[{{0x0, 0x0, &(0x7f0000c38ff0)=[{&(0x7f0000000080)='\x00', 0x1}], 0x1}}], 0x1, 0x0) [ 235.148477] ptrace attach of "/root/syz-executor.1"[7640] was attempted by " 0 p   \x0c  @ = 09:26:57 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newqdisc={0x444, 0x24, 0x507, 0x0, 0x0, {0x0, r3, {0x0, 0xe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbq={{0x8, 0x1, 'cbq\x00'}, {0x418, 0x2, [@TCA_CBQ_RTAB={0x404}, @TCA_CBQ_RATE={0x10, 0x5, {0x6, 0x0, 0x0, 0x0, 0x0, 0x5}}]}}]}, 0x444}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newqdisc={0x24, 0x24, 0x507, 0x0, 0x0, {0x0, r3, {}, {0x9, 0xe}}}, 0x24}}, 0x0) 09:26:57 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setxattr$security_ima(0x0, 0x0, 0x0, 0x0, 0x3) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xa, 0x82, 0x200, 0x3, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffff9c}, 0x3c) r1 = creat(0x0, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000600)=ANY=[], 0x0) ioctl$TUNGETIFF(r1, 0x800454d2, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, 0x0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, 0x0) io_setup(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) io_submit(0x0, 0x0, 0x0) io_cancel(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={r0, &(0x7f0000000200)}, 0x20) 09:26:57 executing program 5: r0 = gettid() r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='#!'], 0x2) prctl$PR_SET_PTRACER(0x59616d61, r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) [ 235.357145] ptrace attach of "/root/syz-executor.1"[7640] was attempted by " 0 p   \x0c  @ = [ 235.475162] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7995 comm=syz-executor.3 09:26:57 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x8000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000080)=""/59, 0x3b) 09:26:57 executing program 4: r0 = gettid() r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) r2 = inotify_init1(0x0) fcntl$getownex(r2, 0x10, 0x0) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, 0x0) write$binfmt_script(r1, &(0x7f0000000100)=ANY=[@ANYBLOB='7./fi'], 0x5) openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x40, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) [ 235.584126] audit: type=1400 audit(1569835617.217:43): avc: denied { map_create } for pid=8003 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 09:26:57 executing program 5: sendmsg$sock(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000540)='<', 0x1}], 0x1}, 0x0) r0 = socket(0x11, 0x800000003, 0x8) setsockopt$packet_buf(r0, 0x107, 0x10000000000000f, &(0x7f0000000100)="a2e6fa9a", 0x278) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) write$binfmt_aout(r0, &(0x7f0000000400)={{0x0, 0x0, 0x0, 0x92, 0x0, 0x0, 0x0, 0x0, 0x8}, "0529", [[]]}, 0xfeff) [ 235.666042] audit: type=1400 audit(1569835617.227:44): avc: denied { map_read map_write } for pid=8003 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 09:26:57 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) fsetxattr$security_smack_entry(0xffffffffffffffff, 0x0, &(0x7f0000000080)='^/\x00', 0x3, 0x0) socket$kcm(0x2, 0x1, 0x0) socket$kcm(0x2b, 0x8000000000001, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r1, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmmsg$alg(r6, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6", 0x1}], 0x1}], 0x1, 0x0) dup2(r6, 0xffffffffffffffff) dup(r0) r7 = socket$kcm(0x2b, 0x8000000000001, 0x0) r8 = dup2(r7, r7) setsockopt$bt_l2cap_L2CAP_CONNINFO(r8, 0x6, 0x3, &(0x7f0000000000), 0x6) r9 = socket$kcm(0x2b, 0x8000000000001, 0x0) r10 = dup2(r9, r9) setsockopt$bt_l2cap_L2CAP_CONNINFO(r10, 0x6, 0x3, &(0x7f0000000000), 0x6) r11 = socket$kcm(0x2b, 0x8000000000001, 0x0) r12 = dup2(r11, r11) setsockopt$bt_l2cap_L2CAP_CONNINFO(r12, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$vivid(0x0, 0x1, 0x2) syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0xcb5e, 0x800) r13 = socket$kcm(0x2b, 0x8000000000001, 0x0) r14 = dup2(r13, r13) setsockopt$bt_l2cap_L2CAP_CONNINFO(r14, 0x6, 0x3, &(0x7f0000000000), 0x6) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x953a9fffb92df692, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x0, 0x0) r15 = socket$kcm(0x2b, 0x8000000000001, 0x0) r16 = dup2(r15, r15) setsockopt$bt_l2cap_L2CAP_CONNINFO(r16, 0x6, 0x3, &(0x7f0000000000), 0x6) r17 = socket$kcm(0x2b, 0x8000000000001, 0x0) r18 = dup2(r17, r17) setsockopt$bt_l2cap_L2CAP_CONNINFO(r18, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x4, 0x20000) r19 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_EDID(r19, 0xc0285629, 0x0) 09:26:57 executing program 0: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000002680)=[{&(0x7f0000002600)="cf052c0943da055de185d10d5e6e26373eb9cfc5e35ac37ce1c6e6b48ad394b59c494b993820b2904f0ef9370e1bde29ccc4ca531cc2ede92687d17e6bb348c6e82419c3638a7e5159d8f58be53cadb5923a", 0x52}], 0x1) r2 = socket$inet_udp(0x2, 0x2, 0x0) socket$inet6(0xa, 0x801, 0x0) listen(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) 09:26:57 executing program 2: syz_open_dev$char_usb(0xc, 0xb4, 0x5) r0 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/exec\x00', 0x2, 0x0) r1 = fcntl$getown(r0, 0x9) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8000000, 0x0, 0x1000000000, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bind$inet6(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x3, 0x100000001) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$RTC_PLL_GET(r2, 0x80207011, &(0x7f0000000080)) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) semget$private(0x0, 0x0, 0x0) setsockopt$sock_int(r3, 0x1, 0x9, &(0x7f00000000c0)=0x3, 0x4) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, 0x0, 0xfffffffffffffd98) timer_create(0x0, 0x0, 0x0) times(0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07) ioctl$BLKROGET(0xffffffffffffffff, 0x125e, 0x0) openat$apparmor_thread_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0) timer_create(0x0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, 0x0, 0x0) accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000400)='net/tcp\x00\xcdWq\xe9*\a4g\a^\x90\xb6\xe4kH2\x80/\x88\xb6\xbb\xeb`\xb8@#\x83tH\xae\xa4y\x1d\\]\x93\x93\xb5e\xd9\xd4\xb8A# \xc8*s\xd0g>\x16\xabM\x7foK\xec\x17f\xb9x\x11\xbf\xab\x16\xc5\xcb\x94\xff\x1c\xa0\x01\xb3I\x1c\xb9\xcc\xbb\xbe\x9c\xd0!\x13\xe1\xbc.\xfaG3\x85\xe0,') sendfile(r3, r4, 0x0, 0x80000003) 09:26:57 executing program 4: r0 = gettid() r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) r2 = inotify_init1(0x0) fcntl$getownex(r2, 0x10, 0x0) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, 0x0) write$binfmt_script(r1, &(0x7f0000000100)=ANY=[@ANYBLOB='7./fi'], 0x5) openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x40, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) 09:26:57 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket(0x100000000011, 0x2, 0x0) bind(r1, &(0x7f0000000140)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0}, &(0x7f00000001c0)=0x14) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000080)={@mcast2, 0x0, r2}) 09:26:57 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) dup2(r0, r1) 09:26:57 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) fsetxattr$security_smack_entry(0xffffffffffffffff, 0x0, &(0x7f0000000080)='^/\x00', 0x3, 0x0) socket$kcm(0x2, 0x1, 0x0) socket$kcm(0x2b, 0x8000000000001, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r1, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmmsg$alg(r6, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6", 0x1}], 0x1}], 0x1, 0x0) dup2(r6, 0xffffffffffffffff) dup(r0) r7 = socket$kcm(0x2b, 0x8000000000001, 0x0) r8 = dup2(r7, r7) setsockopt$bt_l2cap_L2CAP_CONNINFO(r8, 0x6, 0x3, &(0x7f0000000000), 0x6) r9 = socket$kcm(0x2b, 0x8000000000001, 0x0) r10 = dup2(r9, r9) setsockopt$bt_l2cap_L2CAP_CONNINFO(r10, 0x6, 0x3, &(0x7f0000000000), 0x6) r11 = socket$kcm(0x2b, 0x8000000000001, 0x0) r12 = dup2(r11, r11) setsockopt$bt_l2cap_L2CAP_CONNINFO(r12, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$vivid(0x0, 0x1, 0x2) syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0xcb5e, 0x800) r13 = socket$kcm(0x2b, 0x8000000000001, 0x0) r14 = dup2(r13, r13) setsockopt$bt_l2cap_L2CAP_CONNINFO(r14, 0x6, 0x3, &(0x7f0000000000), 0x6) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x953a9fffb92df692, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x0, 0x0) r15 = socket$kcm(0x2b, 0x8000000000001, 0x0) r16 = dup2(r15, r15) setsockopt$bt_l2cap_L2CAP_CONNINFO(r16, 0x6, 0x3, &(0x7f0000000000), 0x6) r17 = socket$kcm(0x2b, 0x8000000000001, 0x0) r18 = dup2(r17, r17) setsockopt$bt_l2cap_L2CAP_CONNINFO(r18, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x4, 0x20000) r19 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_EDID(r19, 0xc0285629, 0x0) 09:26:57 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) fsetxattr$security_smack_entry(0xffffffffffffffff, 0x0, &(0x7f0000000080)='^/\x00', 0x3, 0x0) socket$kcm(0x2, 0x1, 0x0) socket$kcm(0x2b, 0x8000000000001, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r1, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmmsg$alg(r6, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6", 0x1}], 0x1}], 0x1, 0x0) dup2(r6, 0xffffffffffffffff) dup(r0) r7 = socket$kcm(0x2b, 0x8000000000001, 0x0) r8 = dup2(r7, r7) setsockopt$bt_l2cap_L2CAP_CONNINFO(r8, 0x6, 0x3, &(0x7f0000000000), 0x6) r9 = socket$kcm(0x2b, 0x8000000000001, 0x0) r10 = dup2(r9, r9) setsockopt$bt_l2cap_L2CAP_CONNINFO(r10, 0x6, 0x3, &(0x7f0000000000), 0x6) r11 = socket$kcm(0x2b, 0x8000000000001, 0x0) r12 = dup2(r11, r11) setsockopt$bt_l2cap_L2CAP_CONNINFO(r12, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$vivid(0x0, 0x1, 0x2) syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0xcb5e, 0x800) r13 = socket$kcm(0x2b, 0x8000000000001, 0x0) r14 = dup2(r13, r13) setsockopt$bt_l2cap_L2CAP_CONNINFO(r14, 0x6, 0x3, &(0x7f0000000000), 0x6) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x953a9fffb92df692, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x0, 0x0) r15 = socket$kcm(0x2b, 0x8000000000001, 0x0) r16 = dup2(r15, r15) setsockopt$bt_l2cap_L2CAP_CONNINFO(r16, 0x6, 0x3, &(0x7f0000000000), 0x6) r17 = socket$kcm(0x2b, 0x8000000000001, 0x0) r18 = dup2(r17, r17) setsockopt$bt_l2cap_L2CAP_CONNINFO(r18, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x4, 0x20000) r19 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_EDID(r19, 0xc0285629, 0x0) 09:26:57 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f0000000340)='/dev/snd/timer\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000040)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000500)='./bus\x00', 0x8a000, 0x1e5) r3 = openat$cgroup_ro(r2, &(0x7f0000000480)='Cpuacct.@tE\xae\x00', 0x275a, 0x0) r4 = creat(&(0x7f00000001c0)='./bus\x00', 0x160) fallocate(r4, 0x0, 0x0, 0x2000002) read$eventfd(r4, &(0x7f00000003c0), 0x8) poll(&(0x7f0000000300)=[{r3, 0x20}, {r3, 0x400}, {r3, 0x4000}, {r3, 0x4000}, {r1, 0x100}, {r1, 0x5000}, {r3, 0x200}, {r0, 0x100}], 0x8, 0x9) fallocate(r1, 0x800000000000002, 0x6, 0xffffffff) r5 = creat(&(0x7f0000001c00)='./bus\x00', 0xa1) r6 = socket$inet6(0xa, 0x400000000001, 0x0) accept4(r5, &(0x7f0000000240)=@pptp={0x18, 0x2, {0x0, @loopback}}, &(0x7f00000002c0)=0x80, 0x80000) r7 = dup(r6) bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r6, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x288, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setxattr$security_selinux(&(0x7f0000000100)='./bus\x00', &(0x7f0000000140)='security.selinux\x00', &(0x7f0000000200)='system_u:object_r:lvm_control_t:s0\x00', 0x23, 0x0) r8 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0) ftruncate(r5, 0x800fe) getpid() getsockname$inet(r5, &(0x7f0000000080)={0x2, 0x0, @empty}, &(0x7f0000000380)=0x10) sendfile(r7, r8, 0x0, 0x8000fffffffe) sendmsg$nl_netfilter(r8, &(0x7f0000000600)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000005c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="fc100000100800062abd7000000000000300000208000000ac1e01012e02a63dba133160d96b894a4eae84fa17fa8c7afd1febeb4404db1729062da5f83d54c9a9ca02407b867aa8c72261c89eb8a92fbd559fb8ae1aa2e142e26148665ec2d33236becc3928590d40a0ce8536aa1508890d268c10190018006a00805f959abe8b298110177c91e4fa3a2dcfda000083aa392c68dcbc7f71015a6c0c14c921ad39e4a7d43c26334fa5482fb527569c856b02084b41418e86a13d6180709114e03e74fcfaaa6e323bb9b18310f322d00a0623dae4f96310b2004caaa269922a9731da3078eac3afdc5e1b237ac814fe6bdd6f0658f7d479b7c8a9f557021e010c5f6a58db8c7a41f83f183b4d0ecdbf8da9cc14202f5e859f24c6c264d26f747d3d49354edba89c42aea49efa064c00616e017d5528b0b5b317a3acea89f92c3008d115484e05e7ad2cd4ca1700ddee9870fe97d3106a41faca935622e44b85c51df80b52f63b40c312d2b96d3fc53be91bd21c7953e6a0846cbb0025e8ad9476aac96573b79b71b228415b12777a53f78ae02391a6b2dffe672f0f1a7693a36133d8965f17d03234fca160b624533a908d33913e80a3b211fa459f0aea5989e1b9e7fa185836420712b4a3d92c88da715f9eb3d564b26c4e8aa71d22bd1ef3a01a30d814a732213e01b30a6fe3a2a127341926ebb3693a2106de3fdc9ce09ef86c89f5dc4aa5b922245e78e49ec85c6fc61ca6517c1ec837228e1909cc8b302ea58a60c4df2dd5876351fbe7c51f007dc29d54a8d60f200cde68a00442f7c3d8722ec9afcc415e238b7ae9c94615e703a6dafc40600e325a5604474565b561175075d2caf1276fcfe3343aa73c1cd55145f585f3fe1d08077455089af824f8039ea8fbaad40bda904f5c7cfc1ba789968d168e807aee6469df14404549847a4367951f816a6e7e66825443d4c491e5308e0679945816e023b7749eca152aaf2496a9b78b5be9a42c2e2556c3009c6c0a414e82b9a482b7521f8e4688d466b5aa4bc65e26580fec98b767639d93be7860ad2ff9f9c2e117c8133dda3ebe88ebd0dd5b70c3701f6b426c4720ce623e1eff78dc1a09bd891ab51ccfccab1f5779df7fb93f775c8342a31b1cf22abccdd7dbd10f1c8b5c100806ff4d14abc4243a24f88ab2d214b37e2664d63d1abb0aa0b8226acfff714b1ba93d9fd2ebe84821476efeb688bba20671729252551224430be36596022977c79396a6990d17b19a139b7a44619c9b60b6ac134f0ee6f88567041bfd235b8abff233fb4690ea8ea49267a25fdd86629c913daa2b4122371dea42fe692fecac694879d97728204a5602299a586fcf98daf3f571e2de8f5113cbf6b3230a72fb6d10e82e4a3e70951317d3a6c239551535df947aa1bd02275e408a6f580200000054c8c781d931371fac38448e11c9f415136973f3fe91f91978036e9af067233066880c520a28ec20d7e773f47340ff902d6ac0a9f934fac9d87e338fa429c8d1cc4b393eb049b06df20ca924c4be7d4f09b90abdf84d654b6f3d1f76663c4ed48505a4b2dafb59020c4217471aa52b6e3f07b68370b344b7e764155033a784d928008c9b1ee04353e9964429752ffeff2ae5918d5f2d172e5cb06f231a70bca73f1f4d179106aad1f796cecbca65baad4a6c1cc58d1ade4b7e6d64e3bfebb8bcf39584ef91f7844e6e6014c95b575b7b4d7db481b444f59b9cf8ae8d578dd8a04f48fd0bda028855b173f25ef7164d8bbd6d642b65e6f92ba02e62273c27ba7f15f3d4c0ea427c6bc5d5aaf1c374571e91a90b9b466a1667aeb2b1d9e628aa17cc87083d0928411db022bbfaf5da0c4f5f8bdecf52a794f66126692d98f5f852afbcb1487d60e9a5159fdd59e8b316618933aed7d26fc2101b2106a3e7a5d546624693487c81393529caaee3e785a79141cd2573151919597be85c2105a3bfe18b0fd461a3c82d2437a1a48cacb6ea27f545f3b758ebb81f24f9b3d086863804ff77fa3d5283673b27e7634237cdefe30b155d67d29ca663f46266cd3d168063eaea3e08add63c26ba7d23ec9e62f12b2f85e8d902b63a9032d3f617f2d21fef12f316c29865df0837173c102af2ed8f4c63970cf2d388ef59cc7115b982d63fbeb8b46a22adbf8c92438d3fad9ec44bbdbf1f16e3216067aec43ed9dd6fdda0986a2034bb90c11991490b21a97f039d0d3e69e6cc5b3c0c146445c56cf0481d388ed51d3fe7baacc907e97483ae2bd7e62a5d6f4ba5be2a2f84f7e23320c26a2950b58808098f6e4960b0176cdbbae9b0d63a92d9759bb13997649f4a0ab60e194d1f309b0139f140efddd0610434ed4b4cb8cd959e9206a26a3048b67488b6722f83a4000859aa2bce1e778e04d541be0934f38ab8cfd679465dc97e86a275e8afc838632c9eb2a50ba980736885c06ba06eafbcf18e238acfcd5694223b1a2bbb2106ba450a242676fd6c47f1d249d5a48175efb0943cb9a73a5781e69a2caf9a7a29139da47f86270b35ba983c7a743021abdb7d418401f83ef9f7264d2a665bb7e142aeb00d6870cec7c28d993139eb2a1e4cecd579b02c5e1240d763ae822053e50b4a44e954b0ed8006c23ddcb97b058a9dba3b0339125bda2b2e26ca3d2e40cbbaea47b1c8118400da76bb568b3e531335ebfcf31f713e21fb39974017f38771b81443ba1b934bd4f4915a795659159af81d71d730f89a18aa1d76c65956e4a9fd94352d7f43a7a57fc418fcccd511ea21065613c31975cc3171051c634a38875251b175c4eef8a12729444e2617e3420d22dd517d861a9b022cae24324910cf3f021177e915c5c52e5c7a0d7e4a315f1f7379f272642e1eda4683f27ff6d1c1d0e1d3f956ecbb231ce9712571c9a5420d024dc5b90099e2ecf5d553fbd71b0be9e32a18c027b5bb1de3c4af1c918a3cc91cb06748f8a2a2beda806c5029fd1e340e843a58b964754f5001559b116db67d173d17714409baf21c7cbfb3f83abe3e07dce8c2c6a59f686bdcc48e89ebff1c90bea1122fbf483fb3542a342bd6be3469a78cb53902872c1ce21743b400c6da9fe19ff727a8af19bafd4ac27392a470155d5992dcc1a2024ca025f1313d0e066ce0daecaa732c9d62f839be37fe61a0aa0f5fa23162d67d49dee1d74dfa0ec1e42b261075288f06c6744e05343131613ebedf8b6fc70a78d28eb3581f955c870d98b009f0b730f67712ee9535bc60e3c374824c1d90fd3c51d587c8c0b5dbf6c36c8cc82d650280e568f7c7e6b2550a45657a646ca6a48c6c683dd8bb42bb7998a01ca6e4b283897478e7eb36bc465dd0d6f6716c1f199f2a21723f9affa29faafd35cf94720bafa6d1e8f0c8c10731a62adabcf1cb31532e97f0efd4a4153c808bdee100bf9cc5b595421f466a2dae9cde36d9e0f781d6d9e58d155f4a23aa09e257b9134c425f8fca6437979a0b101e88364fe5a7af725797b7c6c7fe2f5eab18966beeb7edd02817de5331fdf7f94e1ea9eb70aa4da258b88377124a344d9c9d2ed1e0535d0f1489f5d45fbeb223059f46ba5b4a1c216040cba81acf294ed316eed7258798e70a3cc992f1bd3a18f3b19537f50f73dfc4a620de6739d6379bc2e9c26e416e38d20048072ca739307ac1cf8d2cc5348e0fab28bf78e897e2007e07a8d13b909b87e98b82be8b108a316ca9e0df0381f6311c96dbb9d7c3495ba08af960231da069105bcf8373a454218bb78ef421cc42b2950bce097f6be4da55d3b726288192c80adf8df967994c0594bcdc808a65b1d3aa8234495f03262e7c83b65b574535b7127d7e322f443a111d889f9361e56576a44d17234d36f97a59a09acbef174ab001863d363b93db5c118d1f58aceca5673e31e8c8c7b730d9aab9ea01f683edaf4dd07f9df4295268d368807af22bcdaad525995204a4966e620b63d71fab023e3bbf3f3eab2ca8cb99c889bec8138919474bcfffd29727c367dd3399ed483216c308c0887610edb0961dc83167234586cc0f0aeb58ce49a6a250d554a01439c340dd8afe36c72251c7887f7a5fefe9bb1c45128f573c1a7ae99ca058f2f1172cee7d7a9f2d5a0f66ec9dc74b35abe5611eeb5193f0ff6c82868d38745c19932964eb16146ef9cf5080f960248f665a4e0bc659269a833f31b7174550f87251e88ff0e004205674934e9522e17dca85d0b6b51c29306414cf832838426449d52e38ab7fbe4e27f2eb468af3c862e0071e5416c2bec21975dc1cad52d5eeef0cebd16ce084a7fd9111d12c90c3e684984cf9717a89804ce266b416c7104457626544e136b8da3af37c15127dbb6ed671ca3d6a1dea57429796838798b1d5a666bb163f441d1d7b83986eb4808b5271bf4461f7555d25a56a5abc5ca87b9642f8a5447f320f8b9e88a5f0bf7135946bbc54926a2c5d14259f48d838b06e1346f92584af37cfca6f2fcb102192afcbd2b5bd4ccce4b47665f5d24fae0c09b96e7de6a92618f9cc20792d5214bafda9eb283f512463feac50fa4e5729cb9bb52aee43d98e85e53724b5abdb98f748d1efa36d7f6ba9b8c769b1141e47f646fe1d34962b863890cd85859f86121d590ea7fb6b3906b4fe2a330247befdb11c4af5a812fee2102a570f1f0a98f82edd3ba0c2b66e05b64087cd2c0d948788e8091c3bd64cbf39a9ceba5d00ee50a928f6aacd06b25c0584eed4b54d1cb0dd6dd2b98772507aa1597e329fa923a2e0459e7b0da5edfe080bd54d552e5158b5770f3f210d14e0944a86780d3ec23dd69aa663edcdcaddd137b4220cebb0549691e197aaf714d1a8d889bcf1381062f778819d602d7154ae0967f23397a943ba80f7fde879c60d555a4defcef46ab6ba592cfff449f6b31270c716c71c7e27685b11e3ae691cdb229ac6cea1c1d7d7a42a8a9ee60a89ec1edc21519f9e487bf0e93ae81b91ebfa0ad712d7cf9eb2e5922bf2e47e52817d19288f3a080c2dbf867a72a2d05f564f1b23f7f98383411e224182a543b4d85709aaad9640d722dd49264f8c8952a74f0ad696fc607aa3b76805b28eecf260e7a2d30de28ae02826920e72cbd806b2311b53ace0bffbd70f78404dd9d7db8913386372f40ebb567678ce35ab67df12cd83af09665e265ae21b9cfba78c1a7e8e6a149669dec2548a4d1af109c831af0195ac72a79e22fd2e0f05675361e76231bc001a215374bfa914cc1ee8597680b572cb85ea8aa14b2acf0df1b6414a701c6a7b00b84a8b511231509c24a438c929c39d0f4fbbb7dbf05dfcc7ce3740d3493936bf65167afa8745b77184c46bbac1bbe84c511dafc0da2abcbbf0a6675ecfae803d08a91f4cbeee4c9a6fcb28799a76e64908685a20e7bd30659be12283ba4ec773f148dbac0cbad76c71e81d425e3c40cf63421b7019261b16f3fa09bd5108d24048107fc299fd6723e624187899776f58938210f34680a1b56d37120c66304587ae287ef9892bc336f6ebd6be9a3e907292fea7b48454b36ff762d6e4c90d0a7d3574f2ade3ca24b837525793213738cff469cd12fdb343c4bf107b8eb485848027f5bad2db9be1bfefc5b262038a3a32baca76179fefb2472c8e467489c14719da19dcf901a1de4d13c3562b0566f0f40ef60dc827add8b489f26f169a6077bf1b3b6b0c72813e9471c64b127c21c3f2b19d27ddf1ffc755d1c535bf68cb23db7fe8c7f37a5b21baa4696d74b32afc700bfc14d607171b4b8eb9c1dc8b0b3efc1025e6818842ce131404fefda554149615b31fb350374475527c7209603b5e926f028a96610260033184e503c8281aa90fe6c36455c5f04ca239a69592c106aa609fafd07ac0f24486cd8e62288a273f0a32699d1bcaae687aaac42dc844ec26b3692084fdaba340f84a0925ef9fa406deb018aa16e97db2a52ab33e35f5451b59d592f4a50b260f9dc5c2adaa0831643f23ccca4b1ce9ba97cb4fc69b66fd2e417521ed906e245eae0ba114f739caae780073be149d9d86d92d42e49519fc5ad2d04a9716429fe27dbba170ac46d21f5e3e389a1b78e991f559297dce7c3ce546255dd0f1be1eb0ae4746ea3134500e652033f1c3874dd8fceed989df2f2ab4ba974d270757b440f00c000a00433b"], 0x10fc}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) socket$inet6(0xa, 0x100800000000002, 0x88) [ 236.312544] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 236.471105] audit: type=1400 audit(1569835618.107:45): avc: denied { relabelto } for pid=8059 comm="syz-executor.0" name="bus" dev="sda1" ino=16572 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lvm_control_t:s0 tclass=file permissive=1 [ 236.603964] audit: type=1400 audit(1569835618.177:46): avc: denied { write } for pid=8059 comm="syz-executor.0" name="bus" dev="sda1" ino=16572 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lvm_control_t:s0 tclass=file permissive=1 [ 236.640356] audit: type=1400 audit(1569835618.187:47): avc: denied { read } for pid=8059 comm="syz-executor.0" path="/root/syzkaller-testdir843063594/syzkaller.WDgKQM/26/bus" dev="sda1" ino=16572 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lvm_control_t:s0 tclass=file permissive=1 09:26:58 executing program 5: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$llc_int(r0, 0x10c, 0x3, &(0x7f0000000000)=0xfffffffd, 0x4) 09:26:58 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @ipv4={[], [], @empty}}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) connect$unix(r1, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x2) clone(0x2502001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sendmmsg$sock(r0, &(0x7f0000000500)=[{{&(0x7f00000002c0)=@in={0x2, 0x0, @local}, 0x80, 0x0}}], 0x1, 0x200000c0) r2 = socket$inet6(0xa, 0x1, 0x0) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={0x0}}, 0x0) 09:26:58 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) fsetxattr$security_smack_entry(0xffffffffffffffff, 0x0, &(0x7f0000000080)='^/\x00', 0x3, 0x0) socket$kcm(0x2, 0x1, 0x0) socket$kcm(0x2b, 0x8000000000001, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r1, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmmsg$alg(r6, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6", 0x1}], 0x1}], 0x1, 0x0) dup2(r6, 0xffffffffffffffff) dup(r0) r7 = socket$kcm(0x2b, 0x8000000000001, 0x0) r8 = dup2(r7, r7) setsockopt$bt_l2cap_L2CAP_CONNINFO(r8, 0x6, 0x3, &(0x7f0000000000), 0x6) r9 = socket$kcm(0x2b, 0x8000000000001, 0x0) r10 = dup2(r9, r9) setsockopt$bt_l2cap_L2CAP_CONNINFO(r10, 0x6, 0x3, &(0x7f0000000000), 0x6) r11 = socket$kcm(0x2b, 0x8000000000001, 0x0) r12 = dup2(r11, r11) setsockopt$bt_l2cap_L2CAP_CONNINFO(r12, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$vivid(0x0, 0x1, 0x2) syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0xcb5e, 0x800) r13 = socket$kcm(0x2b, 0x8000000000001, 0x0) r14 = dup2(r13, r13) setsockopt$bt_l2cap_L2CAP_CONNINFO(r14, 0x6, 0x3, &(0x7f0000000000), 0x6) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x953a9fffb92df692, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x0, 0x0) r15 = socket$kcm(0x2b, 0x8000000000001, 0x0) r16 = dup2(r15, r15) setsockopt$bt_l2cap_L2CAP_CONNINFO(r16, 0x6, 0x3, &(0x7f0000000000), 0x6) r17 = socket$kcm(0x2b, 0x8000000000001, 0x0) r18 = dup2(r17, r17) setsockopt$bt_l2cap_L2CAP_CONNINFO(r18, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x4, 0x20000) r19 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_EDID(r19, 0xc0285629, 0x0) 09:26:58 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) fsetxattr$security_smack_entry(0xffffffffffffffff, 0x0, &(0x7f0000000080)='^/\x00', 0x3, 0x0) socket$kcm(0x2, 0x1, 0x0) socket$kcm(0x2b, 0x8000000000001, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r1, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6adc9", 0x3}], 0x1}], 0x1, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmmsg$alg(r6, &(0x7f0000002880)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d6", 0x1}], 0x1}], 0x1, 0x0) dup2(r6, 0xffffffffffffffff) dup(r0) r7 = socket$kcm(0x2b, 0x8000000000001, 0x0) r8 = dup2(r7, r7) setsockopt$bt_l2cap_L2CAP_CONNINFO(r8, 0x6, 0x3, &(0x7f0000000000), 0x6) r9 = socket$kcm(0x2b, 0x8000000000001, 0x0) r10 = dup2(r9, r9) setsockopt$bt_l2cap_L2CAP_CONNINFO(r10, 0x6, 0x3, &(0x7f0000000000), 0x6) r11 = socket$kcm(0x2b, 0x8000000000001, 0x0) r12 = dup2(r11, r11) setsockopt$bt_l2cap_L2CAP_CONNINFO(r12, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$vivid(0x0, 0x1, 0x2) syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0xcb5e, 0x800) r13 = socket$kcm(0x2b, 0x8000000000001, 0x0) r14 = dup2(r13, r13) setsockopt$bt_l2cap_L2CAP_CONNINFO(r14, 0x6, 0x3, &(0x7f0000000000), 0x6) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x953a9fffb92df692, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x0, 0x0) r15 = socket$kcm(0x2b, 0x8000000000001, 0x0) r16 = dup2(r15, r15) setsockopt$bt_l2cap_L2CAP_CONNINFO(r16, 0x6, 0x3, &(0x7f0000000000), 0x6) r17 = socket$kcm(0x2b, 0x8000000000001, 0x0) r18 = dup2(r17, r17) setsockopt$bt_l2cap_L2CAP_CONNINFO(r18, 0x6, 0x3, &(0x7f0000000000), 0x6) syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x4, 0x20000) r19 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_EDID(r19, 0xc0285629, 0x0) 09:26:58 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) io_setup(0x8, &(0x7f0000000240)=0x0) io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f00000000c0)="4c7b6f916d2a99f8", 0x8}]) 09:26:58 executing program 2: syz_open_dev$char_usb(0xc, 0xb4, 0x5) r0 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/exec\x00', 0x2, 0x0) r1 = fcntl$getown(r0, 0x9) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8000000, 0x0, 0x1000000000, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bind$inet6(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x3, 0x100000001) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$RTC_PLL_GET(r2, 0x80207011, &(0x7f0000000080)) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) semget$private(0x0, 0x0, 0x0) setsockopt$sock_int(r3, 0x1, 0x9, &(0x7f00000000c0)=0x3, 0x4) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, 0x0, 0xfffffffffffffd98) timer_create(0x0, 0x0, 0x0) times(0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07) ioctl$BLKROGET(0xffffffffffffffff, 0x125e, 0x0) openat$apparmor_thread_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0) timer_create(0x0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, 0x0, 0x0) accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000400)='net/tcp\x00\xcdWq\xe9*\a4g\a^\x90\xb6\xe4kH2\x80/\x88\xb6\xbb\xeb`\xb8@#\x83tH\xae\xa4y\x1d\\]\x93\x93\xb5e\xd9\xd4\xb8A# \xc8*s\xd0g>\x16\xabM\x7foK\xec\x17f\xb9x\x11\xbf\xab\x16\xc5\xcb\x94\xff\x1c\xa0\x01\xb3I\x1c\xb9\xcc\xbb\xbe\x9c\xd0!\x13\xe1\xbc.\xfaG3\x85\xe0,') sendfile(r3, r4, 0x0, 0x80000003) 09:26:58 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r1 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x22, 0x7}}, &(0x7f0000014ff5)='syzka\x00\x00\x00\x05\x00\xf3', 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r1, 0x0, 0x44, 0x0, &(0x7f0000000200)="e460cdfbef24080000000a9386dd6a00000000072feb3014cd3ec8a755c1e1380081ffad000000e8d5000000010000001400000500242f09880bd320d98a61a90021c9bf", 0x0, 0x401}, 0x28) 09:26:58 executing program 4: socket$nl_route(0x10, 0x3, 0x0) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x0) r0 = gettid() fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) sendmsg(0xffffffffffffffff, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) setresgid(0x0, 0x0, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) ioctl$KDSETKEYCODE(r1, 0x4b4d, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) tkill(r0, 0x1000000000016) [ 237.079371] audit: type=1400 audit(1569835618.717:48): avc: denied { open } for pid=8059 comm="syz-executor.0" path="/root/syzkaller-testdir843063594/syzkaller.WDgKQM/26/bus" dev="sda1" ino=16572 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lvm_control_t:s0 tclass=file permissive=1 09:26:58 executing program 5: r0 = gettid() r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) prctl$PR_SET_PTRACER(0x59616d61, r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) setxattr$security_capability(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.capability\x00', &(0x7f00000001c0)=@v3={0x3000000, [{}, {0x7fffffff}], 0xee01}, 0x18, 0x1) ptrace$setopts(0x4206, r0, 0x0, 0x0) 09:26:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb, 0x0, 0xfffffffffffffffd]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {0x0, 0x0, 0x0, 0x5, 0x64a}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:26:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000080)="66b829018ec0b9800000c00f3235002000000f3066baf80cb8c8f61a8eef66bafc0ced0f787e0036400fc75a00c4e1f9e601c4018575504f0f87d485a71b64440f01c43e662666470f38804185", 0x4d}], 0x1, 0x0, 0x0, 0xfffffffffffffe96) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xffe8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:26:59 executing program 1: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0) read(r0, 0x0, 0x108) timer_create(0x0, &(0x7f0000000040), 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x0, 0x0) r3 = dup2(r1, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) timer_settime(0x0, 0x0, 0x0, 0x0) tkill(0x0, 0x0) [ 237.457676] *** Guest State *** 09:26:59 executing program 2: syz_open_dev$char_usb(0xc, 0xb4, 0x5) r0 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/exec\x00', 0x2, 0x0) r1 = fcntl$getown(r0, 0x9) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8000000, 0x0, 0x1000000000, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bind$inet6(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x3, 0x100000001) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$RTC_PLL_GET(r2, 0x80207011, &(0x7f0000000080)) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) semget$private(0x0, 0x0, 0x0) setsockopt$sock_int(r3, 0x1, 0x9, &(0x7f00000000c0)=0x3, 0x4) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, 0x0, 0xfffffffffffffd98) timer_create(0x0, 0x0, 0x0) times(0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07) ioctl$BLKROGET(0xffffffffffffffff, 0x125e, 0x0) openat$apparmor_thread_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0) timer_create(0x0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, 0x0, 0x0) accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000400)='net/tcp\x00\xcdWq\xe9*\a4g\a^\x90\xb6\xe4kH2\x80/\x88\xb6\xbb\xeb`\xb8@#\x83tH\xae\xa4y\x1d\\]\x93\x93\xb5e\xd9\xd4\xb8A# \xc8*s\xd0g>\x16\xabM\x7foK\xec\x17f\xb9x\x11\xbf\xab\x16\xc5\xcb\x94\xff\x1c\xa0\x01\xb3I\x1c\xb9\xcc\xbb\xbe\x9c\xd0!\x13\xe1\xbc.\xfaG3\x85\xe0,') sendfile(r3, r4, 0x0, 0x80000003) [ 237.481219] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 237.496826] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 237.507545] CR3 = 0x0000000000000000 [ 237.510832] ================================================================== [ 237.516331] RSP = 0x000000000000005f RIP = 0x0000000000000076 [ 237.519067] BUG: KASAN: null-ptr-deref in kvm_write_guest_virt_system+0x64/0x90 [ 237.519084] Write of size 24 at addr 0000000000000000 by task syz-executor.4/8112 [ 237.526431] RFLAGS=0x00010002 DR7 = 0x0000000000000400 [ 237.532508] [ 237.532528] CPU: 0 PID: 8112 Comm: syz-executor.4 Not tainted 4.19.75 #0 [ 237.532537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.532542] Call Trace: [ 237.532611] dump_stack+0x172/0x1f0 [ 237.532634] ? kvm_write_guest_virt_system+0x64/0x90 [ 237.532688] kasan_report.cold+0x199/0x2ba [ 237.532709] check_memory_region+0x123/0x190 [ 237.546889] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 237.548106] memset+0x24/0x40 [ 237.548124] kvm_write_guest_virt_system+0x64/0x90 [ 237.548215] handle_vmread+0x7fe/0xa10 [ 237.555441] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 237.564360] ? handle_invpcid+0xa80/0xa80 [ 237.564456] ? __lock_is_held+0xb6/0x140 [ 237.564476] ? handle_invpcid+0xa80/0xa80 [ 237.564494] vmx_handle_exit+0x276/0x16b0 [ 237.564506] ? lock_acquire+0x16f/0x3f0 [ 237.564533] ? vcpu_enter_guest+0xf15/0x5ed0 [ 237.564552] vcpu_enter_guest+0x10ca/0x5ed0 [ 237.572627] DS: sel=0x0000, attr=0x00005, limit=0x00000000, base=0x0000000000000000 [ 237.575910] ? kvm_vcpu_ioctl+0x181/0xf90 [ 237.575929] ? emulator_read_emulated+0x50/0x50 [ 237.582432] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 237.584761] ? lock_acquire+0x16f/0x3f0 [ 237.584778] ? kvm_check_async_pf_completion+0x2d8/0x440 [ 237.584798] kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 237.595245] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 237.599460] ? kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 237.599482] kvm_vcpu_ioctl+0x4dc/0xf90 [ 237.599496] ? kvm_vcpu_block+0xcc0/0xcc0 [ 237.599512] ? mark_held_locks+0x100/0x100 [ 237.599581] ? __might_fault+0x12b/0x1e0 [ 237.599648] ? __fget+0x340/0x540 [ 237.605542] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 237.611446] ? find_held_lock+0x35/0x130 [ 237.611461] ? __fget+0x340/0x540 [ 237.611478] ? kvm_vcpu_block+0xcc0/0xcc0 [ 237.611495] do_vfs_ioctl+0xd5f/0x1380 [ 237.611567] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.611647] ? selinux_file_ioctl+0x125/0x5e0 [ 237.624586] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 237.628421] ? ioctl_preallocate+0x210/0x210 [ 237.628438] ? selinux_file_mprotect+0x620/0x620 [ 237.628460] ? iterate_fd+0x360/0x360 [ 237.635551] GDTR: limit=0x00000000, base=0x0000000000000000 [ 237.636973] ? nsecs_to_jiffies+0x30/0x30 [ 237.636996] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.648126] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 237.653112] ? security_file_ioctl+0x8d/0xc0 [ 237.653130] ksys_ioctl+0xab/0xd0 [ 237.653148] __x64_sys_ioctl+0x73/0xb0 [ 237.653224] do_syscall_64+0xfd/0x620 [ 237.653251] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 237.662810] IDTR: limit=0x00000000, base=0x0000000000000000 [ 237.670000] RIP: 0033:0x459a29 [ 237.670015] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 237.670024] RSP: 002b:00007f2d4d8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 237.670037] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 237.670044] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 237.670052] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 237.670060] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2d4d8ad6d4 [ 237.670067] R13: 00000000004c2ddb R14: 00000000004d6618 R15: 00000000ffffffff [ 237.670087] ================================================================== [ 237.670092] Disabling lock debugging due to kernel taint [ 237.674110] kobject: 'loop2' (000000003d468016): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 237.677131] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 237.760011] Kernel panic - not syncing: panic_on_warn set ... [ 237.760011] [ 237.772372] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 237.772831] CPU: 0 PID: 8112 Comm: syz-executor.4 Tainted: G B 4.19.75 #0 [ 237.781472] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 237.784909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.784913] Call Trace: [ 237.784933] dump_stack+0x172/0x1f0 [ 237.784952] ? kvm_write_guest_virt_system+0x64/0x90 [ 237.792511] Interruptibility = 00000000 ActivityState = 00000000 [ 237.798569] panic+0x263/0x507 [ 237.798585] ? __warn_printk+0xf3/0xf3 [ 237.804118] *** Host State *** [ 237.806616] ? kvm_write_guest_virt_system+0x64/0x90 [ 237.806630] ? preempt_schedule+0x4b/0x60 [ 237.806647] ? ___preempt_schedule+0x16/0x18 [ 237.812560] RIP = 0xffffffff811c9733 RSP = 0xffff88804edff8c0 [ 237.814389] ? trace_hardirqs_on+0x5e/0x220 [ 237.814408] ? kvm_write_guest_virt_system+0x64/0x90 [ 237.820268] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 237.827535] kasan_end_report+0x47/0x4f [ 237.827549] kasan_report.cold+0xa9/0x2ba [ 237.827565] check_memory_region+0x123/0x190 [ 237.832731] FSBase=00007f890ae82700 GSBase=ffff8880ae900000 TRBase=fffffe0000034000 [ 237.849751] memset+0x24/0x40 [ 237.849766] kvm_write_guest_virt_system+0x64/0x90 [ 237.849781] handle_vmread+0x7fe/0xa10 [ 237.849794] ? handle_invpcid+0xa80/0xa80 [ 237.849812] ? __lock_is_held+0xb6/0x140 [ 237.849827] ? handle_invpcid+0xa80/0xa80 [ 237.849843] vmx_handle_exit+0x276/0x16b0 [ 237.859940] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 [ 237.864801] ? lock_acquire+0x16f/0x3f0 [ 237.864818] ? vcpu_enter_guest+0xf15/0x5ed0 [ 237.873763] CR0=0000000080050033 CR3=0000000099146000 CR4=00000000001426e0 [ 237.879365] vcpu_enter_guest+0x10ca/0x5ed0 [ 237.879384] ? kvm_vcpu_ioctl+0x181/0xf90 [ 237.879398] ? emulator_read_emulated+0x50/0x50 [ 237.879410] ? lock_acquire+0x16f/0x3f0 [ 237.879427] ? kvm_check_async_pf_completion+0x2d8/0x440 [ 237.887623] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff87001400 [ 237.893952] kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 237.893964] ? kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 237.893979] kvm_vcpu_ioctl+0x4dc/0xf90 [ 237.893991] ? kvm_vcpu_block+0xcc0/0xcc0 [ 237.894002] ? mark_held_locks+0x100/0x100 [ 237.894017] ? __might_fault+0x12b/0x1e0 [ 237.894028] ? __fget+0x340/0x540 [ 237.894046] ? find_held_lock+0x35/0x130 [ 237.903750] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 237.906831] ? __fget+0x340/0x540 [ 237.906850] ? kvm_vcpu_block+0xcc0/0xcc0 [ 237.916619] *** Control State *** [ 237.924507] do_vfs_ioctl+0xd5f/0x1380 [ 237.924523] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.924537] ? selinux_file_ioctl+0x125/0x5e0 [ 237.924549] ? ioctl_preallocate+0x210/0x210 [ 237.924560] ? selinux_file_mprotect+0x620/0x620 [ 237.924581] ? iterate_fd+0x360/0x360 [ 237.934580] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000e2 [ 237.938412] ? nsecs_to_jiffies+0x30/0x30 [ 237.938432] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.947052] EntryControls=0000d1ff ExitControls=002fefff [ 237.954250] ? security_file_ioctl+0x8d/0xc0 [ 237.954266] ksys_ioctl+0xab/0xd0 [ 237.954280] __x64_sys_ioctl+0x73/0xb0 [ 237.954295] do_syscall_64+0xfd/0x620 [ 237.954311] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 237.954321] RIP: 0033:0x459a29 [ 237.954336] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 237.966050] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 237.966242] RSP: 002b:00007f2d4d8acc78 EFLAGS: 00000246 [ 237.970259] VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 [ 237.975060] ORIG_RAX: 0000000000000010 [ 237.975068] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 237.975076] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 237.975083] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 237.975094] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2d4d8ad6d4 [ 237.985017] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 [ 237.985871] R13: 00000000004c2ddb R14: 00000000004d6618 R15: 00000000ffffffff [ 237.990902] reason=80000021 qualification=0000000000000000 [ 237.995338] Kernel Offset: disabled [ 238.352152] Rebooting in 86400 seconds..