[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 40.821091][ T27] audit: type=1800 audit(1548020226.236:25): pid=7906 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 40.848912][ T27] audit: type=1800 audit(1548020226.246:26): pid=7906 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 40.886000][ T27] audit: type=1800 audit(1548020226.246:27): pid=7906 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 45.364479][ T8042] sshd (8042) used greatest stack depth: 19848 bytes left Warning: Permanently added '10.128.0.62' (ECDSA) to the list of known hosts. 2019/01/20 21:37:17 fuzzer started 2019/01/20 21:37:20 dialing manager at 10.128.0.26:36039 2019/01/20 21:37:20 syscalls: 1 2019/01/20 21:37:20 code coverage: enabled 2019/01/20 21:37:20 comparison tracing: enabled 2019/01/20 21:37:20 extra coverage: extra coverage is not supported by the kernel 2019/01/20 21:37:20 setuid sandbox: enabled 2019/01/20 21:37:20 namespace sandbox: enabled 2019/01/20 21:37:20 Android sandbox: /sys/fs/selinux/policy does not exist 2019/01/20 21:37:20 fault injection: enabled 2019/01/20 21:37:20 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/01/20 21:37:20 net packet injection: enabled 2019/01/20 21:37:20 net device setup: enabled 21:40:34 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x2040, 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000040)={{0xffffffffffffffff, 0x3, 0xffffffff, 0x3, 0x814a}, 0x9, 0xfff, 0x6}) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video36\x00', 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000100)=0x20) r2 = syz_open_dev$audion(&(0x7f0000000140)='/dev/audio#\x00', 0x1, 0x40000) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@mcast2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@loopback}}, &(0x7f0000000280)=0xe8) ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f00000002c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @dev={0xfe, 0x80, [], 0xa}, @loopback, 0x6, 0x2, 0x2, 0x500, 0x8, 0x400000, r3}) ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f0000000340)={0x2d3, 0x6, 0x0, 0x1}) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f0000000380)=""/227) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000540)={&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000480)="318146a06e9823123c68a909a453ccea3d03bbc7f7e857a81940b2c6449db560574c68ed61e069254962edf88605a8d8695a876e68de0d2058bc73d3e789b26a10cb3ef692214985ee80507896578cf22d801fb839d7a44531322f986501a5965c9cc9918bf21d88a53e30eeb5eea5d1704b6b3a17b1bf1edd51bf7297f05efe7031d16232c8eb71cb068bbb", 0x8c, r1}, 0x68) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000005, 0x810, r2, 0x80000000) times(&(0x7f00000005c0)) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r1, 0xc0505405, &(0x7f0000000600)={{0x3, 0x2, 0x7ff, 0x0, 0x100000001}, 0x6, 0x7, 0x100000000}) r4 = socket$nl_crypto(0x10, 0x3, 0x15) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000006c0)={0xffffffffffffffff}, 0x13f, 0xf}}, 0x20) write$RDMA_USER_CM_CMD_MIGRATE_ID(r2, &(0x7f0000000740)={0x12, 0x10, 0xfa00, {&(0x7f0000000680), r5, r2}}, 0x18) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000780)=@sack_info={0x0, 0x4, 0xfffffffffffffffc}, &(0x7f00000007c0)=0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000800)={r7, 0x8}, &(0x7f0000000840)=0x8) r8 = dup2(r6, r6) fgetxattr(r4, &(0x7f0000000880)=@random={'user.', '\x00'}, &(0x7f00000008c0)=""/96, 0x60) syz_open_dev$binder(&(0x7f0000000940)='/dev/binder#\x00', 0x0, 0x800) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000000980)={0xff1, 0x4, [0x4e60]}) fcntl$setsig(r4, 0xa, 0x21) ioctl$UI_SET_PROPBIT(r2, 0x4004556e, 0x5) sendto$inet(r2, &(0x7f00000009c0)="834bcd3720bfcdc14e7c5fdf8fb8fc788c18e808a1b883cbd1190509577df41f10663e0343dd735b9e7dedc6dce2d488eef5c83b63ea3f6aeb138365c3d2fe555364ad6f4a36737ab4c78cf4a6d130d90e4e135729e753bb465e838791e421f7e8cadc9399b37129ae38690b39c65a3c0266aa97", 0x74, 0x4040, 0x0, 0x0) ioctl$TUNSETOFFLOAD(r8, 0x400454d0, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x9, 0x3, 0x380, 0x0, 0x1a0, 0x1a0, 0x1a0, 0x0, 0x2b0, 0x2b0, 0x2b0, 0x2b0, 0x2b0, 0x3, &(0x7f0000000a40), {[{{@ipv6={@ipv4={[], [], @multicast2}, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, [0xff000000, 0xffffffff, 0x0, 0xffffffff], [0x0, 0xffffffff, 0xffffffff], 'veth0_to_hsr\x00', 'bcsf0\x00', {0xff}, {0xff}, 0xff, 0x8588, 0x0, 0x49}, 0x0, 0x138, 0x1a0, 0x0, {}, [@common=@hbh={0x48, 'hbh\x00', 0x0, {0x100, 0x5, 0x1, [0x8001, 0x5, 0x0, 0x3, 0x4, 0xcb1, 0x66, 0x1, 0x2, 0x8, 0x13e0, 0x800, 0x2, 0x3, 0x1, 0x800], 0x1}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x1}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x8, 0x80000000, 'netbios-ns\x00', 'syz0\x00', 0x1}}}, {{@ipv6={@mcast1, @dev={0xfe, 0x80, [], 0x21}, [0x0, 0xff000000, 0xffffffff], [0xffffffff, 0xffffffff, 0xffffff00, 0xffffffff], 'team_slave_1\x00', 'batadv0\x00', {0xff}, {0xff}, 0x0, 0x3, 0x0, 0x20}, 0x0, 0xc8, 0x110}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@rand_addr=0x9d0, 'eql\x00', 0x9}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0) ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f0000000e80)={0x7f02d4e7db1e76d9, @raw_data="17542fb5b7a46ae8cf22280a9e2dba5cd233e78281cee148e2b0afe25e58ff65bdc6a68d51f92691696094d6efa3710482f13f2958e96f702c9063bae81d1a8e12e5f6b6cff114ab9cee5587e868272f8e463b962693a4bf916c62afbcfc2770c37e159c628dae8a540df16abe477e48a763e24e7c8118fdcea42ce8967cc6916da2abbb2ff60a0207284282380680c0454f03011695710d516c93891c58f5037ff978e4fb518ea905d7ee8af6d10713bfe153811001e26f51b20c79af481d11b03522d7a9e7019b"}) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000f80), &(0x7f0000000fc0)=0x4) [ 248.980726][ T8069] IPVS: ftp: loaded support on port[0] = 21 21:40:34 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x40000, 0x0) ioctl$TIOCSBRK(r0, 0x5427) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00') ioctl$RTC_AIE_ON(r1, 0x7001) ioctl$CAPI_NCCI_OPENCOUNT(r0, 0x80044326, &(0x7f0000000080)=0x6) getsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x1, &(0x7f00000000c0), &(0x7f0000000100)=0x4) fcntl$setlease(r0, 0x400, 0x0) syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000012c0)=[{&(0x7f00000001c0)="5061bd810099742d0f01355eda619dabddddbe502eb55a856d6934e117e84299d53c4b7b8bba725b96c00f620455df01a3f3ed49e0ecde2bee691536e9687074b2679b0dab1c622bb180ec1d3925ae6fd409528b42e2585aa2d0801a7022247018a8823a13ef731408f9243b783d4c3b003d0a4075d4e69d422cc4f7447413c6c0448bce370e55c6fdf97273ee6997c407f508c16cd412a58d2ef115e81ce0ca0536ef79a00e40e48c28a3ffd1608a334fa02d11599dcf6f281dbf101e75e908264df756d598e01bff7568437305e76e3831d4f81fdfd2e2dde4a1d0366a708b61c01ac22f0de3a54104957ff2b21902172946933b4c7901c49c3b16888bf9d76cbaf89968bc64059886ee725f8482ce470f96aa7783d5517164e6fe5c95e398c1dbbd535c4539d8d0b6faeb21c83e9c95826d4aeddf0c99c85ac383f957688f31ea41d97e4d53271f9febf73811dbffdb196bc4a21f83dba2fb149f93faf7f5f2ca836c8b0266069cb98b1c523aae82e202692536b0af7f1aa3bca3fa4998c338fe9b01533d0ed63ebaedd0a96a0d923dc897829bc05e6651085b05bdad2e088c075595b342346746f8b9dec733717cf44a066aabc4f63f609e0c620ecff4ff89dee32034b37d20134cafba5a18e061e0e8f309f0f517a52ee934c9031f15140f9ed0aea54fbc8e3d3e14edadeb458adc166705ae02e4bd6506a31d8fa5e5f4ae945e73f8722656e2b7f5c8bfbefb0ae3ad174c94bcf562cc47de56a0cab56187647d34de8087cfbdd9b0120e7c2fd4ef0ab5da6e4fa2feeda052793b9cc146b4f6ff2d2d294354be8f1ecbdfacbf3b2f9a72ce6825f8b1216c8969dbc6e62b60999a6c5e164c92ddd759ee0131a6d4d3b11bb222e588d36fd09ba20594d484be2e7df5e0a80b463f2905c0f8da4b3bb725477cee3269fd3f53f0d7391adec0f9d8d5439efdeb10e63e26942b6b1c0312de9298780c9dd738c6122901eca4892576841a591ed9fe3885da85a05b0bf53c931e59f51b50c04cd844f32f6edea1a66cb72b1845bc159ea05d23329ae41c0a17603d82b7f449bc2e54fc0a8eb54ac0cb8f0814eee670e60906757e1ad83495dca5b810c8e24f73a2c7133da8c62157db03ece475d7f5d8358a515c8739ed935b5d9d13b06265b35faae67d7e0790950acce4e852f5e302831f452b549fd870fa893a79a62a07f0f9a5a756d8842bf62733db8acd2b90380fdfe8ed5e942e3bf74412ef3467bef7c4d6b584e5ca68b0910477f75bbe588969bcbd6b443169062b786bd4ec42d4a003adff18616a7c26f9ffc5ca4259899c2a4b29e81419bad9659d776322d98e0bfadeba8f22610fcd964b1d9bdf123a91c3e26563b06e878b8e9cbbca089df3a2f428d4cf381e43f3d895719603f18e7a3aa9ee5d3d001b693eef52eb76ac0e1dfaa61ad060a3702360ad137fb71f3a42760d1b307b0aa994c6353acd0a2d470ef36c15447319611279fcda6b8de8f69c225d222b1e0aa70a4be5f4e2fc1a05df0dfe8d71719c488c640a03edd03f9fa3c74c57d1c208e4a7fc0f7ae6cc105beaa6a1afea11494e6dcf6d82ada0fd0dbfe6c2656551e268d80d73c8978030f8d716667fb3a3c01c92b92b229276032497a7d6e432b3b9b972666c73c79a59abf9dce2f7592c8be55f0558a69418410064bfce8cabd89c9a1698c768ebc2f47bf5259426f0cf40795474d1fc8db0b5b76664e9dfeb36f734c0e8486d0323b3810b2c65e8f937342db509837d63d54fdc1da7b521af1a74d5683b5584a4000030e26b11e3083cfdfaf43e818d50d787924c448fd185ec63b64fb6f8251f1d8e5800549f0e08d5052f2019e18e58a60965cce8780c70506856f530d2f2f5bb4d34cfe0168c910abfb014c177fd3a9e11b8a53c303028558da760eca18dbae119fccef7c456e5870cc8af36052369cd3df664f01b1fc9c245de2a12877d4a8fef71af87f9000d2c723a43dcfa583d6f75082d6268c207ec905478f0563ed3f5dbb683418e54623a444ec43e4b54c5bc7e5c2f18210e4cf905fbe0e940d14cbf2031fa0a662464300393c24a74513517532c8bd40d828585fd7b709886c130f56eac7b3c1a6dc5b59ea8c6c56040c9c17c3cebc7e9d12c2ba13b582e74586aa6aaefdfcaa6ce821a969ace67011fc6fd899c5b2d94faf721f7d65f91b6e5af2a66928d2bfe1ff4e6fb304c9ad3930532571f1be3b903bf775d90bebdd4ab97f69aab5af5bd47448e935b2e8aa269f5e64ac76e78cf73c9912628ee03146373e6ad2fb34b570091ccc5b0080d002144da1b5c72db13f5d2f031a18fe571d22e96154be9d0056092e324585727edf20b32868b940daa251e18d37c8628d0dd55587454162cf0d933a3351db882f3430e13947f7ed09960166a1eeb4bd3b93221d5176802d0c80c1f954872ca4e6bed714acddf17bc6fcc754798dca036130bd2650f2b43f154c02545a190349cbb1938331a055452204d217f6f100e323827da226d7519cebe43fdb8110141b1d40971aba60faeae5652a61fb4ad3395cfede2ba797fc2ef5484c9379b4c4a318e449565e1ccf7770bea55ec1bbc199408d7b7b8b4624c81ccb33bf3a5139a423b3881e7d3b75310166d61b863fc97840e4669f6172d32805bd7b0c68b1a677090643bfb79fa74421ddcedf48215660132203ed3321cb012ea1ccad72051bb7074ca7938fce23462dc75b1fb3919882919e2ae5867556caa993b30ddc8e73efd250a7c67101a90465d182ec04b9509590fae25280f627742277fe72333ce2251f722ff5ecc7b581eef91cf6573728552cbb67c61bb7d6611bd7df8e882dcb89b8e507a476e3d8dabb35badb6991a808bda8f0e14ea9e47e3a6828765ce334f5987fee3587f9c8e3bdd0b3d03b3f1eb818321c891dda11915d2bb83a9b276f8a7e7050435e70453d072da09c7b30ce5d1f3be3903115d0812e5d0a0f494e28179d5d19834f5a0293652f9dedc2efe410e9ba5de2bd6b381fade9987f852326398a3d544f293735bc67a53f9a89debac1e55408fa18d0625726112c3e925ceb03a95375296f34e006915a9942768de0f901b0cc013e456d7f2a92104445768a42b920fc9f920d6ce3b1e63cc5606b7eb526199f02997c466e747eee4f47153a20a7a54884184823e8b37f97018c5c3b4932326b915aab64c5e7f8275f3bdcb9a7245d7e803ed4f8a1037db95cb6508048978e4a8ef9b84697e84e6ffe3d3519d74cfe9a2a394686ee143bdeda6501a07098ba9d3fac1826c5647fca085767e3f566ef56b9571f55e89e148021b8653ac0bb3b96a14612af5a891971fab58e7a8a0ea2bf1530966af285f064f0f05a314baa0aff406a90e6ee87950b1f0dd70af16170c51853b8561d74d84b93ca686c833868590bd715562b04b448b95f4e71d3a62eaa5706d857e305cb7fedea53e63b8114cf006f940cfcd1c509c393b02214bc99df393ca3767ee5f0bda6841eeedb372fc05e02753562a13ce2a58716e277bb79c9469230b0684c435e26709d754d52ab928bb5d359428a702d0906a8034285d9c5eb5f7df1829d4307eaf0d46f5b455f3304f585af9234b67b95eb3a3062a93f44bb90a2ccbc696b3a74b79ddaaad22f412b2060bab95602be02075726bfe2c8b07a07619a05ce8176114f8fcd00b0ceb572612d8071b06d93085f83fee3b5c2e01d852eed5a9033e4eb9c5d9738330f83fdbf2504956abe76b1e4354fc9cb8840873a2384a4bf3b65464e2c8f13338e09e2f26549a3393d02e6cb29f2daf388abb77c2c525d58a540b3ea2d9b810f99ceeb7ce76976300fdab92c127b83889aa80e5a6227622c6fb2ccb377c11bcf1a8c8ca464b324588e7042d9aa4879088b7ee9853821ad07d0c77c7441e8c7dbc463d2270487d6896871f0735ba12e90d7d4f1b095e9eaad13c2a396f7a104f351db0420cced1c24bd875d517b17188c31eed50262695178718bebf159ef567c4841de27d701413b47ba7189e1ce82501ab3597354497e38fd044a5e329068e25e5a0b256c37820df5d0a1fdf926f15e2f5ee44759de83ef69ca4958dfcc8671f051d9c5dbb6d5a900222210b624d426dd39cd34460318c13988ebc384b5e88458c7fc9f50e8e9248943bcae3221f6029a375102484de7b7c96ecb4bf5faae069a29f1ca1b86db66caaff63264b7aa33beaf0f71d7e9ff769500cb035d6e159e87eb02af4150bef7377ec0a3be69328c9422e034fa7237fc94123abb362d80d16187560eeb632651509a26baf6159ef6862b7aba8ee79da209466c54699722436fd83485bd92bbbfa6e75653c90c5daed28b17a7a73bc31cd2540b6c40464e484c9ff14a37c50a8e6b171302e3d1aad0358ed41ee84f5d84897e2b1f0f3f112de296693ccca6c3fe66061af261752632b839b97926eec4c515d0c1765d546c4091345479e6fc034a6b0fa583993265b5b6bbf28c82882030d374e9bffb60f6f367f86a2dfeff692b8f3b9032ea34a8a144d2cf5e3966b77a9aaa833c6b32d2c4c80ca88e82ba0e454ad1be4f3ae9b070f6a7bf10b776171f5ba63c53c99ceab9c7bc6e24866d44adfd56e5005327299def0f153623e61ffa6c7dcced32d1acb0867725458eadbb750f7aed64ae0121098d18f3725138bbdb9204744456871528b561a852140517ad7cb2727ecffd2fcceb7e32a6bd1fcf1b72739ace24d4db782b5f2f7c6acb94519d252db5b4b95ed9b73615297bd4dceb55d78b64ebabad7f3417b5e8a6ced8b60679e186b02ddff8f2d4570f26b743e7b1099d02a36678781dbc6a86663313724c73224c9d65d0ae3f6636b6d3487474d65700ff72ffbebdf794e3d99dd3b377fb550ecb7e7db111b6c17bbe676d38562fc999d2d35326f70b40082b85bb74ad4b3c988c636c910223bc44025d16a9780f943a9e1bb16bb0c2d07d8ad78d2f27417dc6e278adb3c7e384e0b4279f3e7e36d91a79b63bbb8265dbae762f1d0a993e292bff0f38e436f7e7896d93665584d3dab6e36f5c17cb337ed31ef93caf867b9846d8fc00bad3d7b4e3703c037bbcae47c5dfdce58ba7a7fe2d73f76c16f69a3327593767516f9b0b9429fea2c82873d7d053d3459ab0511d35009c92262d757c92817a8a92339aaec244c03470d1fc72de5b2de2614fd1376a1491d276eacf076d561ef1154b03256401c2395ff5c657ef6292ebbe2d3e20b07e8bedd6df9bf959e4c11dcff44cdbb3cc18eb584ce626740e0a9fab93b81ffe38553b5b9e5c3acbfb480985df20b4c92f1a5a708a7e1cb2e5d0dfad223688263afe60611477a527c3d08177126cb55d001307cdf29c2b3dc2437fa12bb04da2efb390bacdb9c71c04ae5eecf0652529d7dcd687a543b1659731e20dac3390760c27a1bba0568219f1cd1fcd1e72f29f8a95104bfb3ca7ec0065e6ba728045e969ed70b17903935828f706836ab6cd34516a1766737467205a2ad417e7e6b05122c7ba17c793513c7e65045f17d9548f8639486dc831f9c0e9089fa357a53300e649e7d1ed947ef19e484daf5cbe13ee173450fde95e59d5922aea6940aa22a1cedd568afd1af40d942bf1b57553535a2c5358d93cb7275e45807e9d041bf2b45a9af1916ec6d7bd342bda98ae780f2f24ef99131ca7f94d6f61c071939b8b4b2f623ddcccfd9069505bb17dec987d3f098362e5376b78a49ac38f3f6eb7509eead3d67fb9579ae6bc3ff48157ed3c0c0a4cebe6ea874399ff57d545e8406d50bf935173d2d1dc4dc8f3c", 0x1000, 0x5}, {&(0x7f00000011c0)="2d119cb44812035a328c08feee08d7717b4378d78f39a64be29ae9df770fa10f92bfee8521e1d1e64b288e9466533536e74a", 0x32, 0x80}, {&(0x7f0000001200)="fcf602df4992d3eeb925a34abca8ccf8296ac7388b2e8dee96078c2bce9b3638b1c88b33ce9c5a480355a4ece83d3f5575adb87e5834b57982c85b30cf98c4a044c4e5ca061957efec4eb47e0d9b6b206828853e6ce89864eb949a8c8d022b227a2de37849f0bc39de19532db168d1a79d5e213b0f75683d214054f5c60771b74c8ff9d0d68c2239314dd030c3c09deac0d48ebcaf75a427120c55d75b883737c4a6b1cb7d63c1365efcb98f15bdb984", 0xb0, 0xe2c2}], 0x400, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r1, 0xc058534b, &(0x7f0000001340)={0x1000, 0xfffffffffffffffd, 0x81, 0x4, 0xe6, 0x9}) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000001400)={0x0, 0x100000000, 0x6, &(0x7f00000013c0)=0x2}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r1, 0xc058534b, &(0x7f0000001440)={0x5, 0x800, 0x100000001, 0x8, 0x8, 0x100000001}) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f00000014c0)={0x0, r1, 0xed7, 0x4, 0x10000, 0x1}) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000001640)={@pppoe={0x18, 0x0, {0x3, @empty, 'teql0\x00'}}, {&(0x7f0000001500)=""/206, 0xce}, &(0x7f0000001600), 0x2}, 0xa0) r2 = fanotify_init(0x4, 0x800) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000001700)=0x7fc2, 0x8) set_mempolicy(0x4001, &(0x7f0000001740)=0x3, 0x6) ioctl$int_out(r1, 0x5460, &(0x7f0000001780)) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f00000017c0)={0x0, 0xc00, 0x4, 0x40, &(0x7f0000ffc000/0x4000)=nil, 0xff}) lremovexattr(&(0x7f0000001800)='./file0\x00', &(0x7f0000001840)=@known='trusted.overlay.upper\x00') ioctl$RTC_RD_TIME(r1, 0x80247009, &(0x7f0000001880)) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f00000018c0)={0x74fcfe0c, 0x5}) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000001900)={0x0, 0xdb, 0x3, 0x4, 0x80, 0x3975}) ioctl$RTC_RD_TIME(r2, 0x80247009, &(0x7f0000001940)) ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000001980)=0xff) connect$l2tp(r0, &(0x7f00000019c0)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e22, @multicast1}, 0x0, 0x4, 0x3, 0x2}}, 0x26) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000001a00)) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000001a40)=""/167) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001b40)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000001c80)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001c40)={&(0x7f0000001b80)={0xa0, r3, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x14}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x23}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x5e}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x5c}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x7f}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [], @multicast2}}]}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x924}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x14}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e20}, @IPVS_DEST_ATTR_U_THRESH={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}]}, 0xa0}, 0x1, 0x0, 0x0, 0x84}, 0x0) r4 = getpgid(0xffffffffffffffff) tkill(r4, 0x26) [ 249.143250][ T8069] chnl_net:caif_netlink_parms(): no params data found [ 249.241895][ T8072] IPVS: ftp: loaded support on port[0] = 21 [ 249.256161][ T8069] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.265909][ T8069] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.280271][ T8069] device bridge_slave_0 entered promiscuous mode 21:40:34 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.stat\x00', 0x0, 0x0) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000040)={0x1, 0x6, [@broadcast, @dev={[], 0x17}, @random="946af3665099", @broadcast, @empty, @empty]}) r1 = semget$private(0x0, 0x7, 0x0) semop(r1, &(0x7f0000000080)=[{0x3, 0x476c, 0x800}, {0x3, 0x80000000, 0x800}, {0x5, 0x3b2, 0x1800}, {0x1, 0x20, 0x1800}, {0x6, 0xcdf, 0x1000}, {0x7, 0x200, 0x1000}, {0x4, 0x5, 0x800}, {0x4, 0x4, 0x800}], 0x8) write$UHID_DESTROY(r0, &(0x7f00000000c0), 0x4) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'vxcan1\x00', 0x600}) semop(r1, &(0x7f0000000140)=[{0x7, 0x8, 0x800}, {0x1, 0x1, 0x1800}, {0x3, 0x7b, 0x1800}], 0x3) write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x1000000000, 0x0, 0x0, 0x3, 0x2, 0x6, 0x1200, 0x26a, 0x40, 0x383, 0x0, 0x3f, 0x38, 0x1, 0x6, 0x29, 0x20}, [{0x70000002, 0x5ab6, 0x7, 0xfffffffffffffffa, 0x7, 0x6, 0x5, 0x9}, {0x5, 0x9, 0xbc, 0x80000001, 0x5, 0x155c34ba, 0x6, 0x1ff}], "b00ab7415970966590d43ad1065bb2b00aed5ba4243f852d79cb62c68f8ce66b59f73c2f6a3eafc29359bc", [[], [], [], [], []]}, 0x5db) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000780)=@assoc_id=0x0, &(0x7f00000007c0)=0x4) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000800)={r2}, &(0x7f0000000840)=0x8) sendto$rose(r0, &(0x7f0000000880)="8bb1becacfdcaae237a5fc569b8a880b30ac0e4a1fd562c6d4081a33bf4974ebfaa7b2c5b8ca7dd3a4115a1b9fbcc8bc8f1cc87483d3c71c97bbc6407b251e5c62075089973e6ce6c7e3834d986b5b9027520791265c534381fbd0a8a2984ffd0a905c7ac2a63767fadf0ebdcc63c2163d3a90531d8a9b6a557a5443957f4a606089ea7dab9e3c0808fa1e1b57186aa91cf0d68756f4c517df4f97cfef27d8571bec948388051d192a817ef46bd1", 0xae, 0x1, &(0x7f0000000940)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, 0x0, [@null, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000980)=r0, 0x4) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f00000009c0)={0x1, 0x0, 0x1, 0x1, {0x1, 0x2, 0x4, 0x8}}) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000a00)=0xa9d9, 0x4) ioctl$VIDIOC_G_PRIORITY(r0, 0x80045643, 0x3) ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000a40)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000a80)={0x0, 0x0}, &(0x7f0000000ac0)=0xc) r4 = add_key(&(0x7f0000000b00)='asymmetric\x00', &(0x7f0000000b40)={'syz', 0x0}, &(0x7f0000000b80)="3824e8f6236042361caa2eb9b8748c562a5e39f1e81ccc2724429c55f95398e08c9e5cca4552e07133f370e34b26080163ad05be268837137ada38b5bfbe1075f1dd42456159d6334528c8b699af9ff137d40e2bc07afde1084e123aa915695c26d06f287507d37a2b5ba96ce1e240fdf14c995240f44148de1303c23166334d47a81a932decda0efe78d87f4953d11b9d858e410910f2cfd3fe25973271ae4d0ff83dae52939a087c68e60bb47465c46a86aca45449dc1eb305d4d7e68329d47ba74f753943b8d30098e03b", 0xcc, 0xfffffffffffffffd) keyctl$get_persistent(0x16, r3, r4) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000c80)={r0, 0x6, 0x2, r0}) getsockopt$inet_tcp_int(r0, 0x6, 0x1f, &(0x7f0000000cc0), &(0x7f0000000d00)=0x4) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000d40), 0x4) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000d80)={0x2, 0xad6}, 0x2) setsockopt$inet6_buf(r0, 0x29, 0x3f, &(0x7f0000000dc0)="7dfe0e1de9f3fcbaac9b7db546", 0xd) openat$dir(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x1, 0x0) socket$vsock_dgram(0x28, 0x2, 0x0) write$FUSE_STATFS(r0, &(0x7f0000000e40)={0x60, 0x0, 0x1, {{0xfff, 0x2, 0x20000000000000, 0x8, 0x1, 0x10000, 0x2, 0x9}}}, 0x60) ioctl$VIDIOC_S_AUDIO(r0, 0x40345622, &(0x7f0000000ec0)={0xfffffffffffffff9, "7cab65c9b3378dd9f400aeab527012205d664d05e8c241ff2fa8e7cf4cdabd19", 0x1, 0x1}) [ 249.309580][ T8069] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.317412][ T8069] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.327367][ T8069] device bridge_slave_1 entered promiscuous mode [ 249.393772][ T8069] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 249.417077][ T8069] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 249.479905][ T8069] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 249.489474][ T8069] team0: Port device team_slave_0 added [ 249.496392][ T8069] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 249.504816][ T8069] team0: Port device team_slave_1 added [ 249.545330][ T8069] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 249.561787][ T8075] IPVS: ftp: loaded support on port[0] = 21 [ 249.587562][ T8069] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready 21:40:35 executing program 3: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000) getpeername$netrom(r0, &(0x7f00000000c0)={{0x3, @null}, [@null, @null, @rose, @null, @null, @default, @remote, @default]}, &(0x7f0000000140)=0x48) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r0, 0x800455d1, &(0x7f0000000180)) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r0, 0x800455d1, &(0x7f00000001c0)) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000200)="84af9e83be1a57920fb9cf947e3d1700", 0x10) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000000240)=[0x3, 0xcad]) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000280)=0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000002c0)=0x0) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000300)={r0, r0, 0x20}) r3 = syz_open_dev$evdev(&(0x7f0000000340)='/dev/input/event#\x00', 0x4000000, 0x103800) r4 = semget$private(0x0, 0x4, 0x80) semctl$GETVAL(r4, 0x0, 0xc, &(0x7f0000000380)=""/10) r5 = dup(r0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r3, &(0x7f00000003c0)={0x2000}) ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x2db) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000400)={0x1, 'hsr0\x00', 0x4}, 0x18) getpeername$packet(r5, &(0x7f0000000480)={0x11, 0x0, 0x0}, &(0x7f00000004c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000640)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1080008}, 0xc, &(0x7f0000000600)={&(0x7f0000000500)=@ipv6_newaddr={0xd4, 0x14, 0x1, 0x70bd27, 0x25dfdbfc, {0xa, 0x40, 0x2c8, 0xff, r6}, [@IFA_CACHEINFO={0x14, 0x6, {0x6, 0x1ff, 0xfffffffffffffffc, 0x8}}, @IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x2}, @IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @multicast2}}, @IFA_LOCAL={0x14, 0x2, @remote}, @IFA_ADDRESS={0x14, 0x1, @loopback}, @IFA_ADDRESS={0x14, 0x1, @rand_addr="ea0bc02dc9f9cd70a85d39ed097be2e1"}, @IFA_CACHEINFO={0x14, 0x6, {0x1, 0x9, 0x4, 0x7}}, @IFA_CACHEINFO={0x14, 0x6, {0x8001, 0x27, 0xe60, 0x3}}]}, 0xd4}, 0x1, 0x0, 0x0, 0xc001}, 0x80) r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r0, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, r7, 0x108, 0x70bd2d, 0x25dfdbff, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x401}}, ["", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x40004) ioctl$TIOCGPTPEER(r0, 0x5441, 0x3f) io_setup(0x20, &(0x7f00000007c0)) getsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000800), &(0x7f0000000840)=0x4) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000880)=0x2, 0x8) statfs(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)=""/227) ioctl$int_out(r3, 0x5460, &(0x7f0000000a00)) ioctl$sock_inet_SIOCGIFNETMASK(r5, 0x891b, &(0x7f0000000a40)={'ip6gretap0\x00', {0x2, 0x4e23, @multicast2}}) ioctl$sock_ax25_SIOCDELRT(r0, 0x890c, &(0x7f0000000a80)={@default, @default, 0x1, [@bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000b40)='TIPCv2\x00') sendmsg$TIPC_NL_NET_SET(r5, &(0x7f0000000c80)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x30002}, 0xc, &(0x7f0000000c40)={&(0x7f0000000b80)={0xc0, r8, 0x202, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xa93}]}, @TIPC_NLA_MEDIA={0x10, 0x5, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}]}, @TIPC_NLA_BEARER={0x14, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xa281}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8000}]}, @TIPC_NLA_MEDIA={0x48, 0x5, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffffffffff01}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x96e}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0xc0}}, 0x4000000) [ 249.630431][ T8072] chnl_net:caif_netlink_parms(): no params data found [ 249.687747][ T8069] device hsr_slave_0 entered promiscuous mode [ 249.774599][ T8069] device hsr_slave_1 entered promiscuous mode 21:40:35 executing program 4: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x0, 0x0) openat$cgroup(r0, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x800, 0x0) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000001500)={0x0, @multicast1, @dev}, &(0x7f0000001540)=0xc) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000001580)={@initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x5d, r2}) r3 = getpgrp(0xffffffffffffffff) rt_sigqueueinfo(r3, 0x17, &(0x7f00000015c0)={0x25, 0x9, 0x3}) iopl(0x5) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000001640)={0x483, 0x6}, 0x2) ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000001680)) setpgid(r3, r3) getsockopt$inet_tcp_int(r0, 0x6, 0x3, &(0x7f00000016c0), &(0x7f0000001700)=0x4) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000001740)='tls\x00', 0x4) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) r4 = syz_genetlink_get_family_id$fou(&(0x7f00000017c0)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f0000001880)={&(0x7f0000001780)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001840)={&(0x7f0000001800)={0x3c, r4, 0x24, 0x70bd2a, 0x25dfdbfd, {}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e22}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e20}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x8}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8010}, 0xc0) write$FUSE_POLL(r1, &(0x7f00000018c0)={0x18, 0x0, 0x5}, 0x18) getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000001900), &(0x7f0000001940)=0x8) r5 = shmget$private(0x0, 0x4000, 0x1bc9, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_LOCK(r5, 0xb) getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000001980)=0x1000, &(0x7f00000019c0)=0x2) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000001a00)={0x7, 0x1ff, 0xf184, 0x0, 0x1}) ioctl$CAPI_MANUFACTURER_CMD(r1, 0xc0104320, &(0x7f0000001b80)={0x10001, &(0x7f0000001a80)="c9579b2eeb0f36f75960ee7f25a8d13e324384c146237a08330c31e2db74a65da7faf444e9bbacc80edc7d2cfec682c5a350ab1f075212a5d7c6986875d961c7066ed4a3903fdff4b8371552bd2ad69f504276069fa7dc626035e8064e605c10035f1307afcbd2721d7353e99f8260dc94853cd1746c81a52cedfcc286e4cd63548c45f0b5cb0ac03af56bb4dafe5689fb30e6605fe4abc140450380684c45bfb38168720832d461a23e28c5c1438e1ef029af47daba8e342ea97b6be6b8548455e80e8a1cf4fcd442e2c55a884fbec75f6d7aab7a39927cc0bee3cee330f6392242bf35753daa31afcf86c4ef08de758d"}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000001bc0)={0x0, 0x0}, &(0x7f0000001c00)=0xc) r7 = getgid() getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000001c40)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000001d40)=0xe8) getresgid(&(0x7f0000001d80), &(0x7f0000001dc0), &(0x7f0000001e00)=0x0) shmctl$IPC_SET(r5, 0x1, &(0x7f0000001e40)={{0x3f, r6, r7, r8, r9, 0x40, 0xffffffff}, 0x2, 0x1, 0x9, 0x5, r3, r3, 0xfff}) mount$fuse(0x0, &(0x7f0000001ec0)='./file0\x00', &(0x7f0000001f00)='fuse\x00', 0x200010, &(0x7f0000001f40)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id', 0x3d, r6}, 0x2c, {'group_id', 0x3d, r7}, 0x2c, {[{@allow_other='allow_other'}, {@allow_other='allow_other'}, {@blksize={'blksize', 0x3d, 0x200}}, {@default_permissions='default_permissions'}, {@max_read={'max_read', 0x3d, 0x6}}, {@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0xc00}}, {@default_permissions='default_permissions'}, {@allow_other='allow_other'}], [{@fsmagic={'fsmagic', 0x3d, 0x9}}, {@dont_measure='dont_measure'}, {@smackfshat={'smackfshat', 0x3d, 'syz1\x00'}}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'staff_u'}}, {@obj_user={'obj_user', 0x3d, 'syz1\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}}) syz_open_pts(r1, 0x40000) [ 249.827731][ T8069] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 249.848861][ T8078] IPVS: ftp: loaded support on port[0] = 21 [ 249.867087][ T8069] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 249.955770][ T8069] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.963070][ T8069] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.971173][ T8069] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.978320][ T8069] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.999070][ T8072] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.007130][ T8072] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.015333][ T8072] device bridge_slave_0 entered promiscuous mode [ 250.076856][ T8072] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.084028][ T8072] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.093004][ T8072] device bridge_slave_1 entered promiscuous mode [ 250.130163][ T8081] IPVS: ftp: loaded support on port[0] = 21 [ 250.163288][ T8072] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 250.208345][ T22] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.228717][ T22] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.242798][ T8072] bond0: Enslaving bond_slave_1 as an active interface with an up link 21:40:35 executing program 5: r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x3, 0x2) r1 = getpgrp(0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000080)={{0x8, 0x0, 0x5, 0x1, '\x00', 0x7ff}, 0x6, 0x10, 0x9, r1, 0x5, 0x401, 'syz0\x00', &(0x7f0000000040)=['/dev/cec#\x00', '/dev/cec#\x00', '/dev/cec#\x00', '/dev/cec#\x00', '%proc\x00'], 0x2e, [], [0x10000, 0x2, 0x4, 0x2]}) ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f00000001c0)={0x6, 0xfffffffffffffd7e}) ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000200)={0x100, 0x0, 0x10003, 0x17a0}) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000240), &(0x7f0000000280)=0x14) write$uinput_user_dev(r0, &(0x7f00000002c0)={'syz0\x00', {0x2, 0x9, 0x9, 0x2}, 0x13, [0x8001, 0x1, 0x7, 0x0, 0x5, 0x10000, 0x4, 0x0, 0x0, 0x20, 0x10000, 0x8, 0x0, 0x10de, 0x400, 0xffff, 0x7fffffff, 0x9, 0x5, 0x2, 0x7, 0x5, 0x8, 0xe, 0x6, 0x9, 0x7, 0x6, 0xe00b, 0x5, 0xffffffffffff8976, 0x400, 0xf8, 0x4, 0x2, 0x2, 0x1, 0x3, 0x1, 0x400, 0x0, 0xfd, 0x3ff, 0x1f, 0x7, 0x9, 0xa37e, 0x4, 0x7, 0x2, 0x1000, 0x8, 0x7ff, 0xfffffffffffffffa, 0x4, 0x400, 0x3ff, 0x2, 0x10000, 0xbdf, 0x0, 0x80000000, 0x401, 0x7ff], [0xcc, 0x7, 0x0, 0x9b1, 0x9, 0x4, 0x7f, 0xf29d, 0x1, 0xfffffffffffff801, 0xc0000, 0x100000001, 0x4692, 0x6, 0x5, 0xd7, 0x9f04, 0x100000000, 0x7, 0x3, 0x1, 0x1f, 0xb046, 0x4, 0x4, 0x3, 0x5, 0x4, 0x2d8d0000000, 0x2, 0x9, 0x7, 0x7f, 0x8001, 0x1, 0x2e, 0x101, 0xfffffffffffffffc, 0x9, 0x2b9, 0x3, 0xfffffffffffffffe, 0x8, 0x7ff, 0x2, 0x7, 0x1, 0x2, 0x2, 0x401, 0x1000, 0x0, 0x80, 0x80000000, 0xbae2, 0x5, 0x8c, 0x5, 0x2, 0xc2, 0x3, 0x55, 0x1, 0x2400], [0x5, 0x63e, 0x1, 0x1f, 0x401, 0xfffffffffffffeff, 0x3f, 0x5, 0x5d0, 0x8001, 0xd4, 0x97, 0x5, 0x3, 0x5, 0x0, 0xfffffffffffffffd, 0x7, 0x0, 0x400, 0x5, 0x2, 0x20, 0x4, 0x3, 0x4, 0x9, 0x3, 0x2, 0x401, 0xffffffffffffffff, 0x7, 0x1, 0x4, 0x3, 0x4, 0x2, 0x2, 0x2695, 0x8, 0x8e4, 0xdb, 0xe18, 0xffffffff, 0x8, 0x5, 0x1f, 0xe713, 0x7fffffff, 0x8ee, 0x3, 0x4, 0x7, 0x7, 0x9, 0x2, 0x10001, 0x80000001, 0x400, 0x9, 0x10, 0x2, 0xff, 0x1], [0x80000001, 0xc4, 0x7, 0xffff, 0x8, 0x80000001, 0x100, 0x400, 0x10001, 0x12, 0x4, 0x6, 0x81, 0x200, 0x1, 0x1f, 0xffffffff, 0x1, 0x4, 0xffffffffffff7fff, 0x2, 0x6, 0x6, 0xffff, 0x101, 0x8, 0xffff, 0x7, 0x7fff, 0x9, 0x101, 0x10001, 0x1, 0x4, 0x2f, 0x0, 0x4, 0x4, 0x7, 0x1ff, 0xcfb, 0x208, 0x80, 0x57, 0x6, 0x6, 0x10000, 0x6, 0x4, 0xc26, 0x400, 0x7, 0x7, 0xd9, 0x5, 0x7ff, 0x8, 0x3, 0x4, 0x1000, 0x6, 0x5, 0x9800000000000000, 0x200]}, 0x45c) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000740), &(0x7f0000000780)=0x14) ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x1f) r2 = socket$inet6(0xa, 0x2, 0x233d0d4a) ioctl$IMCLEAR_L2(r0, 0x80044946, &(0x7f00000007c0)=0x886e) iopl(0x7b) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000800)={@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, 0x7, 0x0, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @null, @null]}) syz_open_dev$sndmidi(&(0x7f0000000880)='/dev/snd/midiC#D#\x00', 0xf852, 0x10000) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000900)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f0000000c40)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x900}, 0xc, &(0x7f0000000c00)={&(0x7f0000000940)={0x288, r3, 0xa00, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x1c, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_MEDIA={0xd0, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x473fa86d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2000000000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1b}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}]}, @TIPC_NLA_BEARER={0x94, 0x1, [@TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'ib', 0x3a, 'veth0_to_team\x00'}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc59b}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffffffffffffc}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x9, @loopback, 0x2}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x80, @dev={0xfe, 0x80, [], 0xa}, 0xfff}}}}]}, @TIPC_NLA_SOCK={0x34, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}]}, @TIPC_NLA_LINK={0xbc, 0x4, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6509}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x101}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}]}]}, 0x288}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000) ioctl$CAPI_GET_ERRCODE(r0, 0x80024321, &(0x7f0000000c80)) ioctl$VIDIOC_STREAMOFF(r0, 0x40045613, &(0x7f0000000cc0)=0x5a) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000d00)={0x0, 0x0, 0x8, 0x0, [], [{0x8, 0x7, 0x80000000, 0x40, 0x1000000000, 0x10001}, {0x2, 0xffffffffffff8000, 0x6, 0x3, 0x2, 0x7f}], [[], [], [], [], [], [], [], []]}) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f0000000fc0)) sendto$inet6(r2, &(0x7f0000001000)="e20058ec7ac7d10258059a8be8978b65e23991396d84b08e5f1ce0f286652faddd8dd5fbe260da0eddd9cf5178810e288772394d4f405f84c25f84b3b4896ff11e398a0e5a4656367a28c9d185d832f791bddad6f318650bd07371d6d796a7c23b7af617bbc8e0992b31", 0x6a, 0x0, &(0x7f0000001080)={0xa, 0x4e22, 0x80, @ipv4={[], [], @loopback}, 0x2}, 0x1c) ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f00000010c0)={0xff, "0ff6f83882d87a8a29c81d2f33ad34398f1fe9e7da6a636820ae8adf2ee59d9d", 0x7, 0x80, 0x0, 0x10000, 0x4, 0x3, 0x3ff, 0x8}) ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000001180)={0x7, 0x65, {0x57, 0xf6b, 0x5, {0x3, 0xea}, {0xffffffff, 0x2}, @period={0x5b, 0x100000001, 0x9, 0x7d, 0x8, {0x7fc, 0x6, 0x3, 0x2e36}, 0x1, &(0x7f0000001140)=[0x7ff]}}, {0x57, 0x100, 0x6, {0x0, 0x3ff}, {}, @cond=[{0x10000, 0x1, 0x5, 0x80, 0x40}, {0x18000000, 0x8f, 0xffffffffffffffff, 0x2, 0x49, 0x2}]}}) userfaultfd(0x80800) unlinkat(r0, &(0x7f0000001200)='./file0\x00', 0x200) ioctl$SIOCX25GDTEFACILITIES(r0, 0x89ea, &(0x7f0000001240)) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001280)={0xaa, 0x10}) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000001300)={'filter\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f00000012c0)=[{}], 0x0, [{}, {}]}, 0x98) getsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x1, &(0x7f00000013c0), &(0x7f0000001400)=0x4) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) [ 250.264884][ T8075] chnl_net:caif_netlink_parms(): no params data found [ 250.330298][ T8072] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 250.339486][ T8072] team0: Port device team_slave_0 added [ 250.361304][ T8069] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.389853][ T8072] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 250.401352][ T8072] team0: Port device team_slave_1 added [ 250.410535][ T8072] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 250.466465][ T8072] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 250.476376][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 250.557799][ T8072] device hsr_slave_0 entered promiscuous mode [ 250.594663][ T8072] device hsr_slave_1 entered promiscuous mode [ 250.645008][ T8075] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.652106][ T8075] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.660832][ T8075] device bridge_slave_0 entered promiscuous mode [ 250.668453][ T8078] chnl_net:caif_netlink_parms(): no params data found [ 250.681923][ T8085] IPVS: ftp: loaded support on port[0] = 21 [ 250.701300][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 250.709184][ T8072] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 250.717263][ T8075] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.724961][ T8075] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.732734][ T8075] device bridge_slave_1 entered promiscuous mode [ 250.765057][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 250.777920][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 250.786596][ T8072] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 250.818568][ T8069] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 250.826465][ T8069] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.858004][ T8078] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.865815][ T8078] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.873611][ T8078] device bridge_slave_0 entered promiscuous mode [ 250.882952][ T8075] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 250.907342][ T8075] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 250.922664][ T8078] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.930320][ T8078] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.938692][ T8078] device bridge_slave_1 entered promiscuous mode [ 250.967687][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 250.988897][ T8075] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 250.997781][ T8075] team0: Port device team_slave_0 added [ 251.013676][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 251.023286][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 251.032058][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.039190][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.050094][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 251.063207][ T8078] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 251.072174][ T8075] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 251.081154][ T8075] team0: Port device team_slave_1 added [ 251.111645][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 251.120843][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 251.129772][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.136865][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.148052][ T8072] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 251.159847][ T8078] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 251.169257][ T8075] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 251.204067][ T8081] chnl_net:caif_netlink_parms(): no params data found [ 251.217523][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 251.233380][ T8075] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 251.250303][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 251.279423][ T8078] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 251.289341][ T8078] team0: Port device team_slave_0 added [ 251.327815][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 251.340028][ T8078] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 251.348258][ T8078] team0: Port device team_slave_1 added [ 251.397664][ T8075] device hsr_slave_0 entered promiscuous mode [ 251.434745][ T8075] device hsr_slave_1 entered promiscuous mode [ 251.495159][ T8075] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 251.503220][ T8075] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 251.513071][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 251.530707][ T8078] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 251.540160][ T8078] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 251.554947][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 251.562636][ T8081] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.569981][ T8081] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.580569][ T8081] device bridge_slave_0 entered promiscuous mode [ 251.591559][ T8081] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.599071][ T8081] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.607020][ T8081] device bridge_slave_1 entered promiscuous mode [ 251.638696][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 251.650119][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 251.659357][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 251.685186][ T8081] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 251.726315][ T8078] device hsr_slave_0 entered promiscuous mode [ 251.774725][ T8078] device hsr_slave_1 entered promiscuous mode [ 251.839753][ T8078] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 251.852850][ T8078] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 251.863001][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 251.877945][ T8081] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 251.933737][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 251.942408][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 251.957407][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 251.982146][ T8085] chnl_net:caif_netlink_parms(): no params data found [ 252.003552][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 252.012752][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 252.024868][ T8069] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 252.035519][ T8081] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 252.043749][ T8081] team0: Port device team_slave_0 added [ 252.055439][ T8075] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 252.068711][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 252.078445][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 252.088286][ T8069] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 252.096392][ T8069] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 252.107380][ T8081] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 252.115897][ T8081] team0: Port device team_slave_1 added [ 252.122260][ T8081] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 252.152595][ T8085] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.160973][ T8085] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.169293][ T8085] device bridge_slave_0 entered promiscuous mode [ 252.177600][ T8085] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.185390][ T8085] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.193608][ T8085] device bridge_slave_1 entered promiscuous mode [ 252.202719][ T8081] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 252.215736][ T8072] 8021q: adding VLAN 0 to HW filter on device bond0 [ 252.225548][ T8078] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 252.273881][ T8085] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 252.288169][ T8069] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 252.337623][ T8081] device hsr_slave_0 entered promiscuous mode [ 252.384551][ T8081] device hsr_slave_1 entered promiscuous mode [ 252.435446][ T8081] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 252.445848][ T8081] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 252.458193][ T8085] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 252.487405][ T8069] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 252.498854][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 252.519697][ T8085] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 252.527996][ T8085] team0: Port device team_slave_0 added [ 252.534927][ T8085] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 252.543177][ T8085] team0: Port device team_slave_1 added [ 252.553617][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 252.565843][ T8081] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 252.573248][ T8085] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 252.594824][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 252.602619][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 252.614882][ T8072] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 252.621696][ T8072] 8021q: adding VLAN 0 to HW filter on device team0 [ 252.639045][ T8085] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 252.666684][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 252.678488][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 252.689624][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 252.723677][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 252.738087][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 252.754837][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.761932][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state 21:40:38 executing program 0: clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000100)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f00000002c0)=""/11, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)) r1 = creat(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x400000109) dup2(r0, r1) execve(&(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0) open$dir(&(0x7f0000000240)='./file0\x00', 0x841, 0x0) clone(0x3102101ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) ioctl$EVIOCREVOKE(r1, 0x40044591, 0x0) [ 252.770161][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 252.779116][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 252.788209][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.795367][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 252.804444][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 252.815057][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 252.845778][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 252.898222][ T8085] device hsr_slave_0 entered promiscuous mode [ 252.955267][ T8085] device hsr_slave_1 entered promiscuous mode [ 253.000819][ T8085] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 253.013297][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 253.038714][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 253.048216][ T8085] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 253.065646][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 253.074890][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 253.088219][ T8075] 8021q: adding VLAN 0 to HW filter on device bond0 [ 253.107101][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 253.117385][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 253.127118][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 253.139313][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 253.167083][ T8078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 253.181439][ T8085] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 253.198837][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 21:40:38 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) [ 253.218166][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 253.233091][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 253.243924][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 253.258349][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 253.283041][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 253.293261][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 253.301714][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 253.313201][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 253.323849][ T8072] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 253.333631][ T8072] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 253.345515][ T8072] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 253.352289][ T8072] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 253.375659][ T8073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 253.383531][ T8073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 253.392821][ T8073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 253.401921][ T8073] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 253.421076][ T8075] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 253.428525][ T8075] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.439639][ T8078] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 253.447444][ T8078] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.469504][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 253.495209][ T8081] 8021q: adding VLAN 0 to HW filter on device bond0 [ 253.502375][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 253.520117][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 253.531565][ T2979] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.538757][ T2979] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.557352][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 253.568976][ T8072] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 253.582062][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 253.593586][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 253.601409][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 253.611585][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 253.621203][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 253.630286][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.637427][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.646509][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 253.655491][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 253.664101][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.671285][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.683707][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 253.702107][ T8072] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 253.720854][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 253.741422][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready 21:40:39 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) [ 253.757272][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 253.769271][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 253.779089][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 253.801263][ T2979] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.808471][ T2979] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.818828][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 253.827895][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 253.838014][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 253.849711][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 253.860788][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 253.877433][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 253.890350][ T8081] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 253.897940][ T8081] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.922665][ T8085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 253.938445][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 253.957605][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 253.968471][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 253.982241][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 254.030773][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 254.040298][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 254.049665][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 254.060051][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 254.069085][ T2979] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.076257][ T2979] bridge0: port 1(bridge_slave_0) entered forwarding state [ 254.084458][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 254.093301][ T8126] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1. [ 254.096383][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 254.123424][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 254.139636][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 254.157190][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 254.166343][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 254.178703][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 21:40:39 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) [ 254.200737][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 254.210507][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 254.220074][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 254.245708][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 254.270328][ T8126] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop1. [ 254.279573][ T2979] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.286743][ T2979] bridge0: port 2(bridge_slave_1) entered forwarding state [ 254.294630][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 254.303269][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 254.316586][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 254.333640][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 254.350999][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 254.362060][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 254.372829][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 21:40:39 executing program 1: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@name, 0x10) r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f00000001c0)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, 0x0}, 0x0) [ 254.397530][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 254.434977][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 254.443940][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 254.467434][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 254.481293][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 254.491859][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready 21:40:39 executing program 1: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@name, 0x10) r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f00000001c0)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, 0x0}, 0x0) 21:40:40 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) [ 254.529266][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 254.552343][ T8075] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 254.588033][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 254.620692][ T8085] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready 21:40:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) flistxattr(r1, &(0x7f0000000040)=""/199, 0xc7) [ 254.639354][ T8085] 8021q: adding VLAN 0 to HW filter on device team0 [ 254.649584][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 254.671242][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 254.679837][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 254.689815][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 254.715260][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 254.723752][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 254.736858][ T8075] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 254.743667][ T8075] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 254.756008][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 254.775314][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 254.790327][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 254.799683][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 254.816305][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 254.830298][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 254.841447][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.848610][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 254.870145][ T8075] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 254.880749][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 254.909116][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 254.917843][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 254.926833][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 254.942666][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 254.952207][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 254.968018][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 254.980725][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 254.992443][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.999642][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 255.008288][ T8075] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 255.018649][ T8078] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 255.028778][ T8078] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 255.041775][ T8078] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 255.048681][ T8078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 255.065573][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 255.078398][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 255.086568][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 255.095435][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 255.103712][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 255.112867][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 255.121353][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 255.135678][ T8078] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 255.145363][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 255.161422][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 255.173785][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 255.199894][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready 21:40:40 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) fremovexattr(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) [ 255.217970][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 255.230208][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 255.242454][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 255.259431][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 255.271907][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 255.286372][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 255.302596][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 255.312458][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 255.330854][ T8078] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 255.341976][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 255.352751][ T8081] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 255.359932][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 255.369317][ T8073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 255.383738][ T8073] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 255.407709][ T8085] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 255.446390][ T8073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 255.467029][ T8073] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 255.506232][ T8085] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 255.513061][ T8085] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 255.529104][ T8081] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 255.547906][ T8085] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready 21:40:41 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f00000000c0)=ANY=[@ANYBLOB="00643e5eea5e"]) fcntl$getown(0xffffffffffffffff, 0x9) [ 255.563202][ T8085] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 255.577963][ T8081] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 255.666210][ C0] hrtimer: interrupt took 34774 ns 21:40:41 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:41 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0xa, 0x2400000001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000034000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x1e4) clone(0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet6_buf(r1, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000e5f000)=0xffffffffffffff3e) 21:40:41 executing program 4: syz_open_dev$midi(0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='/exe\x00\x00\x00\x00\x00\x04\x89\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\x1e\x18\xf0\xc7o\xbb#*\aBJ\xe1\xe9\x01\xd2\xdau\xaf\x1f\x02\x00\xf5\xab&\xd7\xe0q\xfb53\x1c\xe3\x9cZ\x00\x00') ioctl$FS_IOC_FSGETXATTR(r0, 0xc020660b, &(0x7f0000000040)={0x0, 0x121, 0x0, 0x1000000, 0x0, 0x100000000000000}) 21:40:41 executing program 5: socket$inet(0x2, 0x6, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@remote, 0x0, 0x0, 0x0, 0xa}, 0x90) r0 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x1, 0x2) ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0xd) getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000500)=ANY=[@ANYBLOB="d3e1172424607e70c66c6599d3e5981df9e191cab8a09e8de85c3570310d0987fc6beaa71251baff03000072579ee24c067a6ac7464134864aa60a9f181f4d47de0f2372c476d3812d51094e56471ca54de8bd2d274ba94488a45d7a8deaee3a00"], 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000180)={'veth0\x00', 0x3000}) ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f00000000c0)="737c472b386300649a27ebc7e6a1214b33fc1d7cf9a4c558b100592a082e09bd81adeb49c74c3bd0f5524d8b5b5130ec2b9319058460208d0a9fe43944557bba9a0534dfb41857a4a9c7f207bd10c67079faa937a4253046d490488de99b84d306d21ba359b1850af1875b33da5b8050834b54a7610c9b3f2edf8539b2156cf1ca38cddb4f9d2a3158b22c1842abe9063a7cb4d96028b89815eb17") r1 = syz_open_dev$radio(&(0x7f0000000600)='/dev/radio#\x00', 0x2, 0x2) ioctl$BLKSECDISCARD(r1, 0x127d, &(0x7f00000003c0)=0x8) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-monitor\x00', 0x40000, 0x0) getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000300)=0x11ec, &(0x7f0000000640)=0x2) r3 = syz_open_procfs(0x0, &(0x7f0000000400)='\x88\x94Z\x16\xdb\b\x00\x00\x00*\b~\xfe\x87\xad1\x05\xa0\x0e\x9d[\x93\xd6|\x10f\x9d\x17\x9b[\xc1\xd5\xbf\x1e\x80UrE\x85') fcntl$notify(r3, 0x402, 0xffffffffffffdffd) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r5 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r5, 0x8, &(0x7f0000000280)="025cc83d6d345f8f760070") openat$cgroup_int(r2, &(0x7f0000000380)='rdma.max\x00', 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0x7f, 0x1, 0x3, 0x0, 0xffffffffffffff9c}, 0x21d) ioctl$EXT4_IOC_RESIZE_FS(r4, 0x40086610, &(0x7f0000000340)=0x4) getegid() ioctl$UI_DEV_DESTROY(r5, 0x5502) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x80000, 0x0) r7 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet_dccp_buf(r6, 0x21, 0x80, &(0x7f00000000c0)="eae8d3b1e52a341b690e3da6f6080cf4c8f8c6eec17f2748c87b651f7b6e9f2162916305edb7726051ae35933b51cc4988d31fb739919b79b18f6e7aa2cdf487ad2458f1cb2fcc47ca58b4b8fab1061471c08350e11ae5b13c0caded3e846eb87af79e9f5fa2ae3ac75b7b746d278caecb17e5b5203256759542", 0x7a) syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x9, 0x40) prctl$PR_GET_TSC(0x19, &(0x7f0000000140)) setsockopt$inet6_MCAST_JOIN_GROUP(r4, 0x29, 0x2a, &(0x7f0000000440)={0x3bf, {{0xa, 0x4e24, 0x3, @mcast1, 0x9}}}, 0x88) getsockopt$inet6_tcp_int(r6, 0x6, 0x3, &(0x7f0000000240), &(0x7f00000002c0)=0x4) setsockopt$inet6_MRT6_ADD_MIF(r7, 0x29, 0xca, &(0x7f0000000000)={0x1, 0x1, 0x3, 0x7, 0xffffffff}, 0xc) 21:40:41 executing program 2: clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, &(0x7f00000002c0)={r0, r1/1000+10000}, 0x10) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f00000000c0)="240000002e0007031dfffd946fa2830020200a0009000000001d85680c1ba3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) fchmod(r2, 0xc0) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000300)={'security\x00'}, &(0x7f00000001c0)=0x54) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x0) fstat(r3, &(0x7f0000000200)) geteuid() setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0) 21:40:41 executing program 3: perf_event_open(&(0x7f0000000600)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/fuse\x00', 0x2, 0x0) mkdir(&(0x7f00000009c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000040)='./file0\x00') mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000780)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 21:40:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000280)={0x77, 0x0, [0x0, 0x0, 0x40000003]}) 21:40:41 executing program 4: r0 = gettid() socketpair$nbd(0x1, 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) epoll_create(0x0) write$P9_RMKDIR(0xffffffffffffffff, 0x0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x5f0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) fcntl$setlease(r1, 0x400, 0x1) fadvise64(r1, 0x0, 0x4, 0x5) chroot(&(0x7f0000000000)='./file0\x00') socket(0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) tkill(r0, 0x1000000000016) 21:40:41 executing program 2: clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, &(0x7f00000002c0)={r0, r1/1000+10000}, 0x10) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f00000000c0)="240000002e0007031dfffd946fa2830020200a0009000000001d85680c1ba3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) fchmod(r2, 0xc0) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000300)={'security\x00'}, &(0x7f00000001c0)=0x54) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x0) fstat(r3, &(0x7f0000000200)) geteuid() setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0) 21:40:41 executing program 3: bpf$MAP_UPDATE_ELEM(0x3, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x20) [ 256.105741][ T8213] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 21:40:41 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:41 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)="2e00000018008100e00f80ecdb4cb92e0a480e181e0cd300e8bd6efb120008000e00100000000000000000000000", 0x2e}], 0x1}, 0x0) socket$kcm(0x29, 0x5, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000540)={0x0}, 0x10) [ 256.476862][ T8235] IPv6: NLM_F_CREATE should be specified when creating new route 21:40:41 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:41 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x2}, 0x10) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000580)=0xffffffffffffffff) sendto$inet(r0, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @local}, 0x10) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) setpgid(0x0, r2) sendto$inet(r0, &(0x7f0000000380)="a5fe9e7be7060850100792f46b647308d3e2a67328969288734cc681008a84b40408261762639ee5e5881d4fb471fcb9639d30513ab42a04f920d8c1fa0c6ed49b0028fda44d1e42c7beccab2998e3392614583dd729cd341292ded369a34c4c75e12e8e0f519531fc8f11e74b74f2e5ad24cd0ab65395a2307394f4843830000000000000000635abea9833df32f75d92d392390b4fef75c9923a1745b53c38ac98529f9d0905cccb399fe9b23d114721591b63910313f828bc2db4e018d1de905efa0000000000000000", 0xcb, 0x8801, 0x0, 0x0) 21:40:41 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:41 executing program 5: perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r0, 0x800040c004500a, &(0x7f0000000040)=0x80000002) read$FUSE(r0, &(0x7f0000000240), 0x1000) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000dfd000/0x200000)=nil) syz_genetlink_get_family_id$net_dm(&(0x7f0000000080)='NET_DM\x00') prctl$PR_GET_FPEMU(0x9, &(0x7f00000001c0)) sendmsg$NET_DM_CMD_START(0xffffffffffffffff, 0x0, 0x20000044) setxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f00000012c0)=ANY=[@ANYBLOB], 0x1, 0x2) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 21:40:42 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f00000000c0)=ANY=[@ANYBLOB="00643e5eea5e"]) setitimer(0x0, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) 21:40:42 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="0a0000000700000025000000000000009500000000000000"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) 21:40:42 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 256.652963][ T8251] syz-executor2 calls setitimer() with new_value NULL pointer. Misfeature support will be removed 21:40:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) faccessat(0xffffffffffffffff, 0x0, 0x0, 0x0) clock_gettime(0x0, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) 21:40:44 executing program 3: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x80000001, 0x0) fgetxattr(r0, &(0x7f0000000180)=@known='trusted.overlay.nlink\x00', 0x0, 0x0) 21:40:44 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000200)="b8010000000f01d965660faeb603000000b8358556370f23c80f21f8350400d0000f23f8640fc7ae02000000ea00600000fa00c4c18566220f20d835080000000f22d8360f01cf66baf80cb83bd30c85ef66bafc0cb06aee0fc7b49f0a000000", 0x60}], 0x1, 0x5, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) semget$private(0x0, 0x3, 0x400) 21:40:44 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:44 executing program 5: perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r0, 0x800040c004500a, &(0x7f0000000040)=0x80000002) read$FUSE(r0, &(0x7f0000000240), 0x1000) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000dfd000/0x200000)=nil) syz_genetlink_get_family_id$net_dm(&(0x7f0000000080)='NET_DM\x00') prctl$PR_GET_FPEMU(0x9, &(0x7f00000001c0)) sendmsg$NET_DM_CMD_START(0xffffffffffffffff, 0x0, 0x20000044) setxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f00000012c0)=ANY=[@ANYBLOB], 0x1, 0x2) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 21:40:44 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x40000000) link(0x0, 0x0) 21:40:44 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup2(r1, r0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 259.405954][ T8292] IPVS: ftp: loaded support on port[0] = 21 21:40:44 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup2(r1, r0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:45 executing program 4: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00d']) 21:40:45 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup2(r1, r0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:45 executing program 4: chdir(0x0) symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') chroot(0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) [ 259.924406][ T8292] IPVS: ftp: loaded support on port[0] = 21 21:40:45 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:45 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:45 executing program 5: perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r0, 0x800040c004500a, &(0x7f0000000040)=0x80000002) read$FUSE(r0, &(0x7f0000000240), 0x1000) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000dfd000/0x200000)=nil) syz_genetlink_get_family_id$net_dm(&(0x7f0000000080)='NET_DM\x00') prctl$PR_GET_FPEMU(0x9, &(0x7f00000001c0)) sendmsg$NET_DM_CMD_START(0xffffffffffffffff, 0x0, 0x20000044) setxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f00000012c0)=ANY=[@ANYBLOB], 0x1, 0x2) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 21:40:45 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x50, r1, 0x101, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x50}}, 0x0) 21:40:45 executing program 4: ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1}) r0 = socket$inet6(0xa, 0x3, 0x84) connect$inet6(r0, &(0x7f0000000080), 0x1c) sendmmsg(r0, &(0x7f0000000000), 0x400000000000058, 0x0) 21:40:45 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 260.406478][ T8339] netlink: 'syz-executor2': attribute type 1 has an invalid length. 21:40:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000280)={0x77, 0x0, [0x0, 0x0, 0x40000006]}) 21:40:45 executing program 4: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x80000001, 0x0) fgetxattr(r0, &(0x7f0000000180)=@known='trusted.overlay.nlink\x00', &(0x7f0000000240)=""/129, 0x81) 21:40:45 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 260.458047][ T8341] netlink: 'syz-executor2': attribute type 1 has an invalid length. 21:40:46 executing program 4: syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x10000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f023c123f3188a070") clone(0x400002102001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) 21:40:46 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x50, r1, 0x101, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x50}}, 0x0) 21:40:46 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 260.660356][ T8350] kvm [8349]: vcpu0, guest rIP: 0xfff0 Hyper-V unhandled rdmsr: 0x40000006 21:40:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) ppoll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0, 0x0, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x0) [ 260.820928][ T8361] netlink: 'syz-executor2': attribute type 1 has an invalid length. 21:40:46 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:46 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:46 executing program 3: openat$rfkill(0xffffffffffffff9c, 0x0, 0x4000, 0x0) openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$P9_RSTATFS(0xffffffffffffffff, 0x0, 0x0) 21:40:46 executing program 2: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace(0x4207, r2) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'yam0\x00\x01\x17\x8b\x00', 0x8001}) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$setregset(0x4209, r3, 0x20000004, &(0x7f0000000040)={0x0}) tgkill(r2, r3, 0x4) 21:40:46 executing program 5: bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003840)=[{{0x0, 0x0, &(0x7f0000002b80)=[{&(0x7f0000000280)=""/190, 0xbe}], 0x100000000000021c}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/fib_trie\x00') preadv(0xffffffffffffffff, 0x0, 0x0, 0x1f000000) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000180)) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x0, 0x0) rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev}, 0x1c) mlockall(0x400000003) add_key$keyring(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getresgid(0x0, 0x0, &(0x7f0000000740)) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) clone(0x2b02001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) accept$alg(0xffffffffffffffff, 0x0, 0x0) 21:40:46 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:46 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:47 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:47 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:47 executing program 4: r0 = socket(0x10, 0x802, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000200)={'erspan0\x00', 0x1}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000593000)={0x2, 0x0, @remote}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x10) sendto$inet(r1, &(0x7f0000000040), 0xff69, 0x0, 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'erspan0\x00\x00\x00\x00\x00\x00\a\x06\x00'}) 21:40:47 executing program 3: openat$rfkill(0xffffffffffffff9c, 0x0, 0x4000, 0x0) openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000180)="2e26660f71e0a9640fae553e0f017001650f01cabaf80c66b8f38e558466efbafc0cec0f20e06635400000000f22e066b98e0900000f32f80f08f618", 0x3c}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$P9_RSTATFS(0xffffffffffffffff, 0x0, 0x0) 21:40:47 executing program 2: r0 = syz_open_dev$video4linux(&(0x7f00000003c0)='/dev/v4l-subdev#\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0205647, &(0x7f0000000200)) 21:40:47 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:47 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) io_setup(0x8001, &(0x7f0000000000)=0x0) io_destroy(r1) 21:40:47 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:47 executing program 2: clone(0xb102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mknod(&(0x7f0000000440)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) creat(&(0x7f00000001c0)='./file1\x00', 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000540)=""/11, 0x485) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)) r1 = creat(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x109) r2 = dup2(r0, r1) execve(&(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0) open$dir(&(0x7f0000000240)='./file0\x00', 0x841, 0x0) clone(0x3102001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) ioctl$LOOP_CLR_FD(r2, 0x4c01) 21:40:47 executing program 2: bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x8, {0x0, 0x20, 0x1ff, 0x0, 0x1, 0x9}, 0x8001}, 0xe) recvmmsg(0xffffffffffffffff, &(0x7f0000003840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, 0x0) rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) mlockall(0x400000003) add_key$keyring(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) accept$alg(0xffffffffffffffff, 0x0, 0x0) 21:40:47 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 262.658718][ T8454] __ntfs_error: 3 callbacks suppressed [ 262.658734][ T8454] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. [ 262.776248][ T8454] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. 21:40:48 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 262.978525][ T8464] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. 21:40:48 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:48 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:49 executing program 4: getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, &(0x7f00000017c0)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0) getpid() syz_read_part_table(0x0, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @broadcast}, 0x10) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 21:40:49 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:40:49 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="0affefff7f000000001e6ea64aa8e1c9", 0x10) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet_sctp(r2, &(0x7f00000072c0)=[{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000200)="a84be206082fd9e12f4e608bebf3e7283268c4c2e0130906258decd8f76453cad68aa0d553b5e22b84d9da17d88edfa13c", 0x31}], 0x1}], 0x1, 0x0) 21:40:49 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:49 executing program 5: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000280)='./file0\x00', 0x0) name_to_handle_at(r0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0xc, 0x0, "a58a5b2b"}, 0x0, 0x1400) 21:40:49 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) [ 263.963646][ T8485] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. 21:40:49 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:49 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:40:49 executing program 5: [ 264.286764][ T8503] __loop_clr_fd: partition scan of loop4 failed (rc=-22) 21:40:49 executing program 2: 21:40:49 executing program 5: 21:40:49 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 264.485353][ T8523] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. 21:40:50 executing program 4: 21:40:50 executing program 2: 21:40:50 executing program 5: 21:40:50 executing program 3: syz_mount_image$ntfs(0x0, &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:40:50 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 264.681383][ T8081] __loop_clr_fd: partition scan of loop4 failed (rc=-22) 21:40:50 executing program 4: 21:40:50 executing program 2: 21:40:50 executing program 5: 21:40:50 executing program 1: r0 = memfd_create(0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:50 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:50 executing program 3: syz_mount_image$ntfs(0x0, &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:40:50 executing program 4: 21:40:50 executing program 2: 21:40:50 executing program 5: 21:40:50 executing program 1: r0 = memfd_create(0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:50 executing program 3: syz_mount_image$ntfs(0x0, &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:40:50 executing program 5: 21:40:50 executing program 4: 21:40:50 executing program 2: 21:40:50 executing program 1: r0 = memfd_create(0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:50 executing program 5: 21:40:51 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:51 executing program 4: 21:40:51 executing program 2: 21:40:51 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:40:51 executing program 5: 21:40:51 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:51 executing program 5: 21:40:51 executing program 2: 21:40:51 executing program 4: 21:40:51 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:51 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:51 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:40:51 executing program 4: 21:40:51 executing program 2: 21:40:51 executing program 5: 21:40:51 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:51 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:40:51 executing program 2: 21:40:51 executing program 4: 21:40:52 executing program 5: 21:40:52 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:52 executing program 2: 21:40:52 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:52 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:40:52 executing program 4: 21:40:52 executing program 5: 21:40:52 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) [ 266.875579][ T8666] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:40:52 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:52 executing program 2: 21:40:52 executing program 4: 21:40:52 executing program 5: 21:40:52 executing program 4: 21:40:52 executing program 2: 21:40:52 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:52 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:40:52 executing program 5: 21:40:52 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 21:40:52 executing program 4: 21:40:52 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 267.389030][ T8698] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:40:52 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 21:40:52 executing program 4: 21:40:52 executing program 5: 21:40:52 executing program 2: 21:40:53 executing program 2: 21:40:53 executing program 4: 21:40:53 executing program 5: 21:40:53 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:40:53 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:53 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:53 executing program 2: [ 267.864987][ T8734] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:40:53 executing program 5: 21:40:53 executing program 4: 21:40:53 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:53 executing program 2: 21:40:53 executing program 5: 21:40:53 executing program 4: 21:40:53 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:53 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:53 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) 21:40:53 executing program 2: 21:40:53 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:53 executing program 4: [ 268.260922][ T8757] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:40:53 executing program 5: 21:40:53 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:53 executing program 2: 21:40:53 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) 21:40:53 executing program 5: setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) ioctl$TIOCLINUX5(0xffffffffffffffff, 0x541c, 0x0) clone(0x3102001ff8, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x24) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x5, 0xfa}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) 21:40:53 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x40000000) unlink(0x0) [ 268.620876][ T8786] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:40:54 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:40:54 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:54 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 268.726321][ T8794] IPVS: ftp: loaded support on port[0] = 21 21:40:54 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)) 21:40:54 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:40:54 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:54 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) [ 268.933606][ T8808] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:40:54 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) [ 269.094881][ T8794] IPVS: ftp: loaded support on port[0] = 21 21:40:54 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:40:54 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:40:57 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:57 executing program 5: 21:40:57 executing program 3: 21:40:57 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:40:57 executing program 4: 21:40:57 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:40:57 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:40:57 executing program 4: 21:40:57 executing program 3: 21:40:57 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:57 executing program 5: 21:40:57 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:40:57 executing program 3: 21:40:57 executing program 4: 21:40:57 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:40:57 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:57 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:40:57 executing program 3: 21:40:57 executing program 5: 21:40:57 executing program 4: 21:40:57 executing program 5: 21:40:57 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:57 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) sendfile(r0, r1, 0x0, 0x10000) 21:40:57 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:40:57 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:40:57 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 272.395364][ T27] audit: type=1804 audit(1548020457.816:31): pid=8896 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor4" name="/root/syzkaller-testdir416894712/syzkaller.aKZHdO/34/file0" dev="sda1" ino=16634 res=1 [ 272.471707][ T8898] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 272.688676][ T27] audit: type=1804 audit(1548020458.106:32): pid=8896 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor4" name="/root/syzkaller-testdir416894712/syzkaller.aKZHdO/34/file0" dev="sda1" ino=16634 res=1 21:40:58 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:40:58 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:58 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:40:58 executing program 3 (fault-call:0 fault-nth:0): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:40:58 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:58 executing program 4: pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) epoll_wait(r0, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x8, 0x9) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2) ioctl$TCFLSH(r3, 0x540b, 0x5) sendto$unix(0xffffffffffffffff, &(0x7f0000000140), 0x14ded905162a6a4b, 0x0, 0x0, 0x429) recvfrom(0xffffffffffffffff, &(0x7f0000001240)=""/4096, 0xffffff7e, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_SELECTION(r3, 0xc040565f, &(0x7f0000000080)={0xf, 0x101, 0x1, {0x54f, 0x81, 0x2, 0x7}}) [ 272.982395][ T8920] FAULT_INJECTION: forcing a failure. [ 272.982395][ T8920] name failslab, interval 1, probability 0, space 0, times 1 [ 273.034804][ T8920] CPU: 1 PID: 8920 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 273.043754][ T8920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.053846][ T8920] Call Trace: [ 273.057170][ T8920] dump_stack+0x1db/0x2d0 [ 273.061517][ T8920] ? dump_stack_print_info.cold+0x20/0x20 [ 273.067254][ T8920] should_fail.cold+0xa/0x14 [ 273.067276][ T8920] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 273.067301][ T8920] ? ___might_sleep+0x1e7/0x310 [ 273.082542][ T8920] ? arch_local_save_flags+0x50/0x50 [ 273.087850][ T8920] __should_failslab+0x121/0x190 [ 273.092804][ T8920] should_failslab+0x9/0x14 [ 273.097315][ T8920] __kmalloc+0x2dc/0x740 [ 273.101579][ T8920] ? strncpy_from_user+0x4e0/0x4e0 [ 273.106701][ T8920] ? fput+0x128/0x1a0 [ 273.110694][ T8920] ? do_syscall_64+0x8c/0x800 [ 273.115397][ T8920] ? __x64_sys_memfd_create+0x13c/0x4b0 [ 273.120955][ T8920] __x64_sys_memfd_create+0x13c/0x4b0 [ 273.126348][ T8920] ? memfd_fcntl+0x1870/0x1870 [ 273.131115][ T8920] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 273.136597][ T8920] do_syscall_64+0x1a3/0x800 [ 273.141212][ T8920] ? syscall_return_slowpath+0x5f0/0x5f0 [ 273.146850][ T8920] ? prepare_exit_to_usermode+0x232/0x3b0 [ 273.152599][ T8920] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 273.158171][ T8920] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.164067][ T8920] RIP: 0033:0x458099 21:40:58 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:58 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) dup2(r1, r0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:58 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:40:58 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 273.167961][ T8920] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 273.187558][ T8920] RSP: 002b:00007fe51cc57a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 273.187590][ T8920] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458099 [ 273.187600][ T8920] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bd0a7 [ 273.187616][ T8920] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 273.187626][ T8920] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe51cc586d4 21:40:58 executing program 4: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000200)) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x154, &(0x7f00000000c0)=ANY=[@ANYBLOB="7018000000000000b88faa074016ecc85219fd4830d117ab4a810b080273c2e555161968d2c4a90f3cc16ae626530067deefde63ee00dedfd22a8d83f9bc2d4f9c5971"], &(0x7f0000000080)='(\x89\"2\v\xcc\xa3', 0xfb, 0x1000, &(0x7f0000001240)=""/4096}, 0x1e) [ 273.187636][ T8920] R13: 00000000004c68e5 R14: 00000000004dbc08 R15: 0000000000000003 21:40:58 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:59 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:40:59 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:40:59 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) dup2(r1, r0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:59 executing program 4: r0 = socket(0x10, 0x3, 0x0) setrlimit(0x200c, &(0x7f0000000200)={0x401, 0x10000000001}) r1 = perf_event_open(&(0x7f00000004c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/psched\x00') r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") sendfile(r1, r2, 0x0, 0xffffffffffff8000) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000040)={0x0, 0x80, "674876f4655a1ab802a3d108272e24a0af93b70beafdd591d38af5d77e2d9068d7a06c43a667d85e73af603d06f38426b40b016505418574de2efd8ee06ec95829c74bf06369ba48d5ec7468bb8be25cd846a91610202d6bf96af5dc4ac42ec7e4f4a4f7732ff2d28b5bd8dd23045a411a81f74380538e4e4be1078ea3dbdc0a"}, &(0x7f0000000100)=0x88) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={r4, 0x40}, 0x8) getsockname$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev}, &(0x7f00000001c0)=0x1c) 21:40:59 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:59 executing program 3 (fault-call:0 fault-nth:1): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 273.796367][ T8957] FAULT_INJECTION: forcing a failure. [ 273.796367][ T8957] name failslab, interval 1, probability 0, space 0, times 0 [ 273.878070][ T8957] CPU: 1 PID: 8957 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 273.887048][ T8957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.897113][ T8957] Call Trace: [ 273.900417][ T8957] dump_stack+0x1db/0x2d0 [ 273.904778][ T8957] ? dump_stack_print_info.cold+0x20/0x20 [ 273.910552][ T8957] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 273.910573][ T8957] ? print_usage_bug+0xd0/0xd0 [ 273.910600][ T8957] should_fail.cold+0xa/0x14 [ 273.910626][ T8957] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 273.931732][ T8957] ? ___might_sleep+0x1e7/0x310 [ 273.931750][ T8957] ? arch_local_save_flags+0x50/0x50 [ 273.931792][ T8957] __should_failslab+0x121/0x190 [ 273.946850][ T8957] should_failslab+0x9/0x14 [ 273.951365][ T8957] kmem_cache_alloc+0x2be/0x710 [ 273.956255][ T8957] ? shmem_destroy_callback+0xc0/0xc0 [ 273.961638][ T8957] shmem_alloc_inode+0x1c/0x50 [ 273.966409][ T8957] alloc_inode+0x66/0x190 [ 273.970762][ T8957] new_inode_pseudo+0x71/0x1b0 [ 273.975543][ T8957] ? prune_icache_sb+0x1c0/0x1c0 [ 273.980498][ T8957] ? _raw_spin_unlock+0x2d/0x50 [ 273.985361][ T8957] new_inode+0x1f/0x40 [ 273.989437][ T8957] shmem_get_inode+0xe1/0x8d0 [ 273.994124][ T8957] ? shmem_encode_fh+0x340/0x340 [ 273.999101][ T8957] ? lock_downgrade+0xbe0/0xbe0 [ 274.003957][ T8957] ? lock_release+0xc40/0xc40 [ 274.008677][ T8957] ? __check_object_size+0xa3/0x790 [ 274.013897][ T8957] __shmem_file_setup.part.0+0x7e/0x2b0 [ 274.019454][ T8957] shmem_file_setup+0x66/0x90 [ 274.024139][ T8957] __x64_sys_memfd_create+0x2a2/0x4b0 [ 274.024157][ T8957] ? memfd_fcntl+0x1870/0x1870 [ 274.024181][ T8957] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 274.034299][ T8957] do_syscall_64+0x1a3/0x800 [ 274.034321][ T8957] ? syscall_return_slowpath+0x5f0/0x5f0 [ 274.034340][ T8957] ? prepare_exit_to_usermode+0x232/0x3b0 [ 274.034362][ T8957] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 274.061266][ T8957] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.067180][ T8957] RIP: 0033:0x458099 [ 274.071078][ T8957] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 274.090685][ T8957] RSP: 002b:00007fe51cc57a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 274.099099][ T8957] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458099 [ 274.107096][ T8957] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bd0a7 [ 274.115089][ T8957] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 21:40:59 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) dup2(r1, r0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:59 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:59 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:59 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:40:59 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) dup2(r1, r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) [ 274.123082][ T8957] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe51cc586d4 [ 274.131051][ T8957] R13: 00000000004c68e5 R14: 00000000004dbc08 R15: 0000000000000003 21:40:59 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:00 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:41:00 executing program 4: openat$vcs(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/vcs\x00', 0x200400, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x220200, 0x0) getsockopt$inet_udp_int(r1, 0x11, 0x0, &(0x7f00000000c0), &(0x7f00000002c0)=0xfffffffffffffeb0) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000006c0)={0x0, @in={{0x2, 0x4e24, @empty}}}, &(0x7f0000000780)=0x84) setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000007c0)={r5, 0x7}, 0x8) bind$netlink(r4, &(0x7f0000000300)={0x10, 0x0, 0x0, 0x400401}, 0xfffffffffffffffc) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f00000001c0)={0x1, r1}) r6 = getpgrp(0x0) ioprio_set$pid(0x1, r6, 0xc3) fallocate(r2, 0x20000000200004, 0x1, 0xffffffdffffffc00) r7 = socket$inet6(0xa, 0x3, 0x7) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000340)) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000500)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000380)=0xe8) sendmsg$nl_generic(r4, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000003c0)={&(0x7f0000000600)={0x14, 0x3e, 0x400, 0x70bd2b, 0x0, {0x20}}, 0x14}}, 0xa1a80ebfc9a59709) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x10000001) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) getpeername$inet(r1, &(0x7f0000000840)={0x2, 0x0, @multicast1}, &(0x7f0000000880)=0x10) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000200)={@remote={0xfe, 0x80, [0x0, 0x2a8, 0x0, 0x0, 0x8000a0ffffffff, 0x16f, 0x0, 0x0, 0x6]}, 0x8, r8}) signalfd4(r7, &(0x7f0000000280)={0xffffffffffffffc0}, 0x8, 0x80804) connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast2, 0xd}, 0x1c) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000000900)) setsockopt$inet6_MRT6_DEL_MFC(r3, 0x29, 0xcd, &(0x7f0000000640)={{0xa, 0x4e22, 0x4, @ipv4={[], [], @multicast2}, 0xfffffffffffffff9}, {0xa, 0x4e23, 0x96, @remote, 0xffffffffffffff17}, 0x8, [0x4f0, 0xfc, 0x3, 0x5, 0x10001, 0xfff, 0x2, 0x81bb]}, 0x5c) ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000800)={0x9, 0x3}) sendmsg$nl_generic(r4, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xfdffffff}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x1c, 0x22, 0x1, 0x0, 0x0, {0x4}, [@typed={0x8, 0xc, @pid}]}, 0x1c}}, 0x0) close(r0) 21:41:00 executing program 3 (fault-call:0 fault-nth:2): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:00 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:00 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:00 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) dup2(r1, r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) [ 274.665065][ T9001] FAULT_INJECTION: forcing a failure. [ 274.665065][ T9001] name failslab, interval 1, probability 0, space 0, times 0 21:41:00 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) dup2(r1, r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:00 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:00 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 274.764497][ T9001] CPU: 0 PID: 9001 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 274.773488][ T9001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 274.783550][ T9001] Call Trace: [ 274.783581][ T9001] dump_stack+0x1db/0x2d0 [ 274.783626][ T9001] ? dump_stack_print_info.cold+0x20/0x20 [ 274.783646][ T9001] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.783670][ T9001] ? check_preemption_disabled+0x48/0x290 [ 274.783690][ T9001] ? __shmem_file_setup.part.0+0x7e/0x2b0 [ 274.783716][ T9001] should_fail.cold+0xa/0x14 [ 274.819304][ T9001] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 274.825133][ T9001] ? ___might_sleep+0x1e7/0x310 [ 274.830001][ T9001] ? arch_local_save_flags+0x50/0x50 [ 274.835327][ T9001] __should_failslab+0x121/0x190 [ 274.840275][ T9001] should_failslab+0x9/0x14 [ 274.844784][ T9001] kmem_cache_alloc+0x2be/0x710 [ 274.849660][ T9001] ? kasan_check_read+0x11/0x20 [ 274.854522][ T9001] __d_alloc+0xae/0xbe0 [ 274.854545][ T9001] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 274.854563][ T9001] ? _raw_spin_unlock+0x2d/0x50 [ 274.854578][ T9001] ? inode_sb_list_add+0x223/0x310 [ 274.854594][ T9001] ? current_time+0x104/0x1b0 [ 274.854608][ T9001] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.854625][ T9001] ? lockdep_init_map+0x10c/0x5b0 [ 274.854649][ T9001] d_alloc_pseudo+0x1e/0x30 [ 274.854668][ T9001] alloc_file_pseudo+0x14f/0x3b0 [ 274.854686][ T9001] ? alloc_file+0x4d0/0x4d0 [ 274.854702][ T9001] ? __check_object_size+0xa3/0x790 [ 274.854730][ T9001] __shmem_file_setup.part.0+0x108/0x2b0 [ 274.854748][ T9001] shmem_file_setup+0x66/0x90 [ 274.854764][ T9001] __x64_sys_memfd_create+0x2a2/0x4b0 [ 274.854779][ T9001] ? memfd_fcntl+0x1870/0x1870 [ 274.854798][ T9001] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 274.854823][ T9001] do_syscall_64+0x1a3/0x800 [ 274.854841][ T9001] ? syscall_return_slowpath+0x5f0/0x5f0 [ 274.854859][ T9001] ? prepare_exit_to_usermode+0x232/0x3b0 [ 274.854879][ T9001] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 274.854901][ T9001] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.854914][ T9001] RIP: 0033:0x458099 [ 274.854928][ T9001] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 274.854934][ T9001] RSP: 002b:00007fe51cc57a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 274.854947][ T9001] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458099 [ 274.854954][ T9001] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bd0a7 21:41:00 executing program 3 (fault-call:0 fault-nth:3): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:00 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) [ 274.854961][ T9001] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 274.854968][ T9001] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe51cc586d4 [ 274.854975][ T9001] R13: 00000000004c68e5 R14: 00000000004dbc08 R15: 0000000000000003 21:41:00 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 275.120299][ T9016] FAULT_INJECTION: forcing a failure. [ 275.120299][ T9016] name failslab, interval 1, probability 0, space 0, times 0 [ 275.221210][ T9016] CPU: 1 PID: 9016 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 275.230198][ T9016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.240254][ T9016] Call Trace: [ 275.243566][ T9016] dump_stack+0x1db/0x2d0 [ 275.247919][ T9016] ? dump_stack_print_info.cold+0x20/0x20 [ 275.253686][ T9016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.259958][ T9016] ? check_preemption_disabled+0x48/0x290 [ 275.265711][ T9016] ? __shmem_file_setup.part.0+0x7e/0x2b0 [ 275.271451][ T9016] should_fail.cold+0xa/0x14 [ 275.276066][ T9016] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 275.281909][ T9016] ? ___might_sleep+0x1e7/0x310 [ 275.286772][ T9016] ? arch_local_save_flags+0x50/0x50 [ 275.292084][ T9016] __should_failslab+0x121/0x190 [ 275.297061][ T9016] should_failslab+0x9/0x14 [ 275.301577][ T9016] kmem_cache_alloc+0x2be/0x710 [ 275.306446][ T9016] ? kasan_check_read+0x11/0x20 [ 275.311320][ T9016] __d_alloc+0xae/0xbe0 [ 275.315504][ T9016] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 275.321238][ T9016] ? _raw_spin_unlock+0x2d/0x50 [ 275.326108][ T9016] ? inode_sb_list_add+0x223/0x310 [ 275.331239][ T9016] ? current_time+0x104/0x1b0 [ 275.335926][ T9016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.342194][ T9016] ? lockdep_init_map+0x10c/0x5b0 [ 275.347253][ T9016] d_alloc_pseudo+0x1e/0x30 [ 275.351768][ T9016] alloc_file_pseudo+0x14f/0x3b0 [ 275.356722][ T9016] ? alloc_file+0x4d0/0x4d0 [ 275.361240][ T9016] ? __check_object_size+0xa3/0x790 [ 275.366466][ T9016] __shmem_file_setup.part.0+0x108/0x2b0 [ 275.372124][ T9016] shmem_file_setup+0x66/0x90 [ 275.376823][ T9016] __x64_sys_memfd_create+0x2a2/0x4b0 [ 275.382203][ T9016] ? memfd_fcntl+0x1870/0x1870 [ 275.386980][ T9016] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 275.392473][ T9016] do_syscall_64+0x1a3/0x800 [ 275.397091][ T9016] ? syscall_return_slowpath+0x5f0/0x5f0 [ 275.402737][ T9016] ? prepare_exit_to_usermode+0x232/0x3b0 [ 275.408476][ T9016] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 275.414058][ T9016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 275.419958][ T9016] RIP: 0033:0x458099 [ 275.423857][ T9016] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 275.443958][ T9016] RSP: 002b:00007fe51cc57a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 275.452413][ T9016] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458099 [ 275.460400][ T9016] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bd0a7 [ 275.468385][ T9016] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 275.476414][ T9016] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe51cc586d4 [ 275.484407][ T9016] R13: 00000000004c68e5 R14: 00000000004dbc08 R15: 0000000000000003 21:41:00 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:41:00 executing program 4: openat$vcs(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/vcs\x00', 0x200400, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x220200, 0x0) getsockopt$inet_udp_int(r1, 0x11, 0x0, &(0x7f00000000c0), &(0x7f00000002c0)=0xfffffffffffffeb0) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000006c0)={0x0, @in={{0x2, 0x4e24, @empty}}}, &(0x7f0000000780)=0x84) setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000007c0)={r5, 0x7}, 0x8) bind$netlink(r4, &(0x7f0000000300)={0x10, 0x0, 0x0, 0x400401}, 0xfffffffffffffffc) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f00000001c0)={0x1, r1}) r6 = getpgrp(0x0) ioprio_set$pid(0x1, r6, 0xc3) fallocate(r2, 0x20000000200004, 0x1, 0xffffffdffffffc00) r7 = socket$inet6(0xa, 0x3, 0x7) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000340)) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000500)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000380)=0xe8) sendmsg$nl_generic(r4, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000003c0)={&(0x7f0000000600)={0x14, 0x3e, 0x400, 0x70bd2b, 0x0, {0x20}}, 0x14}}, 0xa1a80ebfc9a59709) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x10000001) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) getpeername$inet(r1, &(0x7f0000000840)={0x2, 0x0, @multicast1}, &(0x7f0000000880)=0x10) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000200)={@remote={0xfe, 0x80, [0x0, 0x2a8, 0x0, 0x0, 0x8000a0ffffffff, 0x16f, 0x0, 0x0, 0x6]}, 0x8, r8}) signalfd4(r7, &(0x7f0000000280)={0xffffffffffffffc0}, 0x8, 0x80804) connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast2, 0xd}, 0x1c) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000000900)) setsockopt$inet6_MRT6_DEL_MFC(r3, 0x29, 0xcd, &(0x7f0000000640)={{0xa, 0x4e22, 0x4, @ipv4={[], [], @multicast2}, 0xfffffffffffffff9}, {0xa, 0x4e23, 0x96, @remote, 0xffffffffffffff17}, 0x8, [0x4f0, 0xfc, 0x3, 0x5, 0x10001, 0xfff, 0x2, 0x81bb]}, 0x5c) ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000800)={0x9, 0x3}) sendmsg$nl_generic(r4, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xfdffffff}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x1c, 0x22, 0x1, 0x0, 0x0, {0x4}, [@typed={0x8, 0xc, @pid}]}, 0x1c}}, 0x0) close(r0) 21:41:00 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:00 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:01 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:01 executing program 3 (fault-call:0 fault-nth:4): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:01 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:01 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:01 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) [ 275.836290][ T9046] FAULT_INJECTION: forcing a failure. [ 275.836290][ T9046] name failslab, interval 1, probability 0, space 0, times 0 [ 275.972448][ T9046] CPU: 1 PID: 9046 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 275.981468][ T9046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.991569][ T9046] Call Trace: [ 275.991601][ T9046] dump_stack+0x1db/0x2d0 [ 275.991629][ T9046] ? dump_stack_print_info.cold+0x20/0x20 [ 275.991694][ T9046] should_fail.cold+0xa/0x14 [ 275.991730][ T9046] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 275.991757][ T9046] ? ___might_sleep+0x1e7/0x310 [ 275.991779][ T9046] ? arch_local_save_flags+0x50/0x50 [ 275.991813][ T9046] __should_failslab+0x121/0x190 [ 275.991842][ T9046] should_failslab+0x9/0x14 [ 275.991859][ T9046] kmem_cache_alloc+0x2be/0x710 [ 276.040106][ T9046] ? d_instantiate+0x7b/0xa0 [ 276.044730][ T9046] ? find_held_lock+0x35/0x120 [ 276.049538][ T9046] __alloc_file+0x93/0x480 [ 276.053962][ T9046] ? ____fput+0x20/0x20 [ 276.058131][ T9046] ? kasan_check_read+0x11/0x20 [ 276.062993][ T9046] ? do_raw_spin_unlock+0xa0/0x330 [ 276.068128][ T9046] ? do_raw_spin_trylock+0x270/0x270 [ 276.073437][ T9046] alloc_empty_file+0x72/0x170 [ 276.078249][ T9046] alloc_file+0x5e/0x4d0 [ 276.082629][ T9046] alloc_file_pseudo+0x24a/0x3b0 [ 276.082652][ T9046] ? alloc_file+0x4d0/0x4d0 [ 276.082670][ T9046] ? __check_object_size+0xa3/0x790 [ 276.082703][ T9046] __shmem_file_setup.part.0+0x108/0x2b0 [ 276.082725][ T9046] shmem_file_setup+0x66/0x90 [ 276.082744][ T9046] __x64_sys_memfd_create+0x2a2/0x4b0 [ 276.082762][ T9046] ? memfd_fcntl+0x1870/0x1870 [ 276.082782][ T9046] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 276.082806][ T9046] do_syscall_64+0x1a3/0x800 [ 276.127852][ T9046] ? syscall_return_slowpath+0x5f0/0x5f0 [ 276.127874][ T9046] ? prepare_exit_to_usermode+0x232/0x3b0 [ 276.127898][ T9046] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 276.127929][ T9046] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.127943][ T9046] RIP: 0033:0x458099 21:41:01 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:01 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:01 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 276.127979][ T9046] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 276.174280][ T9046] RSP: 002b:00007fe51cc57a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 276.182721][ T9046] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000458099 [ 276.190717][ T9046] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bd0a7 [ 276.198697][ T9046] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 276.206676][ T9046] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe51cc586d4 [ 276.214658][ T9046] R13: 00000000004c68e5 R14: 00000000004dbc08 R15: 0000000000000003 21:41:02 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:41:02 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:02 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:02 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = socket$inet_smc(0x2b, 0x1, 0x0) close(r0) r2 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x0, 0x0) close(r1) ioctl$FS_IOC_GETVERSION(r2, 0x80087601, &(0x7f0000000100)) getsockopt$inet_tcp_int(r1, 0x6, 0x5, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 21:41:02 executing program 3 (fault-call:0 fault-nth:5): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:02 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:02 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:02 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:02 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:02 executing program 4: syz_open_dev$amidi(&(0x7f0000000440)='/dev/amidi#\x00', 0x4, 0x81) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0xf33e5972000000, 0x4) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) ioctl$SG_GET_SCSI_ID(r1, 0x2276, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') r3 = memfd_create(&(0x7f0000000600)='\xac\x00\x00\xe9\xd98\xc11)\x9c\xf1)\x87vX\xa9\xa2\xbc\xb4\xc9\xcc\xe2A\xeb\xa7\xb9\x8c/\x820\xc9\xcb\x87>\xda\xc7\xbd\x12', 0x1000000000004) ftruncate(r3, 0x1000000) sendfile(r2, r3, &(0x7f00000000c0)=0xf10001, 0xeffffdef) fgetxattr(r0, &(0x7f0000000240)=@known='trusted.overlay.nlink\x00', &(0x7f0000000280)=""/207, 0xcf) syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x0, 0x0) r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000200)={r1, 0x0, 0xfffffffffffff000, 0xfffffffff0000000}) setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000140)=0xe3, 0x2) syz_open_dev$vbi(&(0x7f0000000380)='/dev/vbi#\x00', 0x1, 0x2) creat(&(0x7f0000000180)='./file0\x00', 0x0) rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000008dc0)='./file1\x00') r5 = gettid() getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f00000004c0)={0x0}, &(0x7f0000000500)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000540)={r6, 0x40, 0x30}, 0xc) syz_open_procfs(r5, &(0x7f0000000400)='net/ip6_mr_cache\x00') lseek(r4, 0x0, 0x0) 21:41:02 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:02 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 277.210458][ T9100] FAULT_INJECTION: forcing a failure. [ 277.210458][ T9100] name failslab, interval 1, probability 0, space 0, times 0 [ 277.232359][ T9100] CPU: 0 PID: 9100 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 277.241332][ T9100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.251384][ T9100] Call Trace: [ 277.254682][ T9100] dump_stack+0x1db/0x2d0 [ 277.259027][ T9100] ? dump_stack_print_info.cold+0x20/0x20 [ 277.264746][ T9100] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 277.270901][ T9100] ? inode_init_owner+0x340/0x340 [ 277.275977][ T9100] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.282240][ T9100] should_fail.cold+0xa/0x14 [ 277.286865][ T9100] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 277.292687][ T9100] ? ___might_sleep+0x1e7/0x310 [ 277.297556][ T9100] ? arch_local_save_flags+0x50/0x50 [ 277.302839][ T9100] ? evm_inode_post_setattr+0x47/0x70 [ 277.308201][ T9100] __should_failslab+0x121/0x190 [ 277.313126][ T9100] should_failslab+0x9/0x14 [ 277.317616][ T9100] kmem_cache_alloc+0x2be/0x710 [ 277.322445][ T9100] ? find_held_lock+0x35/0x120 [ 277.327209][ T9100] ? do_sys_ftruncate+0x41e/0x550 [ 277.332217][ T9100] getname_flags+0xd6/0x5b0 [ 277.336702][ T9100] getname+0x1a/0x20 [ 277.340624][ T9100] do_sys_open+0x3a5/0x7c0 [ 277.345042][ T9100] ? filp_open+0x80/0x80 [ 277.349268][ T9100] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.355324][ T9100] ? trace_hardirqs_off_caller+0x300/0x300 [ 277.361110][ T9100] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 277.366567][ T9100] __x64_sys_open+0x7e/0xc0 [ 277.371068][ T9100] do_syscall_64+0x1a3/0x800 [ 277.375652][ T9100] ? syscall_return_slowpath+0x5f0/0x5f0 [ 277.381290][ T9100] ? prepare_exit_to_usermode+0x232/0x3b0 [ 277.386994][ T9100] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 277.392532][ T9100] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.398422][ T9100] RIP: 0033:0x412041 [ 277.402298][ T9100] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 277.421880][ T9100] RSP: 002b:00007fe51cc57a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 277.430283][ T9100] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000412041 [ 277.438235][ T9100] RDX: 00007fe51cc57afa RSI: 0000000000000002 RDI: 00007fe51cc57af0 [ 277.446188][ T9100] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 21:41:02 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:02 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:02 executing program 5: r0 = memfd_create(0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:02 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, 0x0, 0x0) [ 277.454147][ T9100] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 277.462111][ T9100] R13: 0000000000000000 R14: 00000000004dbc08 R15: 0000000000000003 21:41:03 executing program 3 (fault-call:0 fault-nth:6): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:03 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:03 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, 0x0, 0x0) 21:41:03 executing program 5: r0 = memfd_create(0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 277.815100][ T9131] FAULT_INJECTION: forcing a failure. [ 277.815100][ T9131] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 277.828360][ T9131] CPU: 0 PID: 9131 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 277.828373][ T9131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.828389][ T9131] Call Trace: [ 277.847382][ T9131] dump_stack+0x1db/0x2d0 [ 277.847411][ T9131] ? dump_stack_print_info.cold+0x20/0x20 [ 277.860736][ T9131] ? debug_smp_processor_id+0x1c/0x20 [ 277.866122][ T9131] ? perf_trace_lock+0x12f/0x750 [ 277.871088][ T9131] should_fail.cold+0xa/0x14 [ 277.875693][ T9131] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 277.881500][ T9131] ? find_held_lock+0x35/0x120 [ 277.886282][ T9131] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.892532][ T9131] ? check_preemption_disabled+0x48/0x290 [ 277.898276][ T9131] ? debug_smp_processor_id+0x1c/0x20 [ 277.903677][ T9131] ? perf_trace_lock+0x12f/0x750 [ 277.908653][ T9131] ? lock_acquire+0x1db/0x570 [ 277.913340][ T9131] should_fail_alloc_page+0x50/0x60 [ 277.918557][ T9131] __alloc_pages_nodemask+0x323/0xdc0 [ 277.923937][ T9131] ? inode_init_owner+0x340/0x340 [ 277.928992][ T9131] ? __alloc_pages_slowpath+0x2c50/0x2c50 [ 277.929009][ T9131] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.929055][ T9131] ? ___might_sleep+0x1e7/0x310 [ 277.929076][ T9131] ? trace_hardirqs_off+0xb8/0x310 [ 277.929099][ T9131] cache_grow_begin+0x9c/0x8c0 [ 277.955723][ T9131] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 21:41:03 executing program 4: syz_open_dev$amidi(&(0x7f0000000440)='/dev/amidi#\x00', 0x4, 0x81) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0xf33e5972000000, 0x4) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) ioctl$SG_GET_SCSI_ID(r1, 0x2276, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') r3 = memfd_create(&(0x7f0000000600)='\xac\x00\x00\xe9\xd98\xc11)\x9c\xf1)\x87vX\xa9\xa2\xbc\xb4\xc9\xcc\xe2A\xeb\xa7\xb9\x8c/\x820\xc9\xcb\x87>\xda\xc7\xbd\x12', 0x1000000000004) ftruncate(r3, 0x1000000) sendfile(r2, r3, &(0x7f00000000c0)=0xf10001, 0xeffffdef) fgetxattr(r0, &(0x7f0000000240)=@known='trusted.overlay.nlink\x00', &(0x7f0000000280)=""/207, 0xcf) syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x0, 0x0) r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000200)={r1, 0x0, 0xfffffffffffff000, 0xfffffffff0000000}) setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000140)=0xe3, 0x2) syz_open_dev$vbi(&(0x7f0000000380)='/dev/vbi#\x00', 0x1, 0x2) creat(&(0x7f0000000180)='./file0\x00', 0x0) rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000008dc0)='./file1\x00') r5 = gettid() getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f00000004c0)={0x0}, &(0x7f0000000500)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000540)={r6, 0x40, 0x30}, 0xc) syz_open_procfs(r5, &(0x7f0000000400)='net/ip6_mr_cache\x00') lseek(r4, 0x0, 0x0) 21:41:03 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:03 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, 0x0, 0x0) 21:41:03 executing program 5: r0 = memfd_create(0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 277.962171][ T9131] ? check_preemption_disabled+0x48/0x290 [ 277.967915][ T9131] kmem_cache_alloc+0x645/0x710 [ 277.972796][ T9131] ? find_held_lock+0x35/0x120 [ 277.977574][ T9131] ? do_sys_ftruncate+0x41e/0x550 [ 277.982629][ T9131] getname_flags+0xd6/0x5b0 [ 277.987147][ T9131] getname+0x1a/0x20 [ 277.991049][ T9131] do_sys_open+0x3a5/0x7c0 [ 277.995486][ T9131] ? filp_open+0x80/0x80 [ 277.999734][ T9131] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.005799][ T9131] ? trace_hardirqs_off_caller+0x300/0x300 [ 278.005817][ T9131] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 278.005835][ T9131] __x64_sys_open+0x7e/0xc0 [ 278.005853][ T9131] do_syscall_64+0x1a3/0x800 [ 278.005870][ T9131] ? syscall_return_slowpath+0x5f0/0x5f0 [ 278.005886][ T9131] ? prepare_exit_to_usermode+0x232/0x3b0 [ 278.005906][ T9131] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 278.005929][ T9131] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.005940][ T9131] RIP: 0033:0x412041 [ 278.005955][ T9131] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 278.005963][ T9131] RSP: 002b:00007fe51cc57a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 278.005977][ T9131] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000412041 [ 278.005986][ T9131] RDX: 00007fe51cc57afa RSI: 0000000000000002 RDI: 00007fe51cc57af0 [ 278.005995][ T9131] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 278.006004][ T9131] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 278.006023][ T9131] R13: 0000000000000000 R14: 00000000004dbc08 R15: 0000000000000003 [ 278.125414][ T9131] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. 21:41:03 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:03 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:03 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:03 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000), 0x0) 21:41:03 executing program 3 (fault-call:0 fault-nth:7): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 278.450925][ T9160] FAULT_INJECTION: forcing a failure. [ 278.450925][ T9160] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 278.464229][ T9160] CPU: 0 PID: 9160 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 278.464243][ T9160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.464248][ T9160] Call Trace: [ 278.464279][ T9160] dump_stack+0x1db/0x2d0 [ 278.464300][ T9160] ? dump_stack_print_info.cold+0x20/0x20 [ 278.464320][ T9160] ? debug_smp_processor_id+0x1c/0x20 [ 278.464339][ T9160] ? perf_trace_lock+0x12f/0x750 [ 278.464366][ T9160] should_fail.cold+0xa/0x14 [ 278.464390][ T9160] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 278.464404][ T9160] ? find_held_lock+0x35/0x120 [ 278.464426][ T9160] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.464444][ T9160] ? check_preemption_disabled+0x48/0x290 [ 278.464466][ T9160] ? debug_smp_processor_id+0x1c/0x20 [ 278.464481][ T9160] ? perf_trace_lock+0x12f/0x750 [ 278.464496][ T9160] ? lock_acquire+0x1db/0x570 [ 278.464519][ T9160] should_fail_alloc_page+0x50/0x60 [ 278.464537][ T9160] __alloc_pages_nodemask+0x323/0xdc0 [ 278.464555][ T9160] ? inode_init_owner+0x340/0x340 [ 278.464579][ T9160] ? __alloc_pages_slowpath+0x2c50/0x2c50 [ 278.464596][ T9160] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.464628][ T9160] ? ___might_sleep+0x1e7/0x310 [ 278.522412][ T9160] ? trace_hardirqs_off+0xb8/0x310 [ 278.522438][ T9160] cache_grow_begin+0x9c/0x8c0 [ 278.522463][ T9160] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 278.576862][ T9160] ? check_preemption_disabled+0x48/0x290 [ 278.576891][ T9160] kmem_cache_alloc+0x645/0x710 [ 278.576907][ T9160] ? find_held_lock+0x35/0x120 [ 278.576925][ T9160] ? do_sys_ftruncate+0x41e/0x550 [ 278.576947][ T9160] getname_flags+0xd6/0x5b0 [ 278.576967][ T9160] getname+0x1a/0x20 [ 278.576983][ T9160] do_sys_open+0x3a5/0x7c0 [ 278.577004][ T9160] ? filp_open+0x80/0x80 [ 278.577041][ T9160] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.641524][ T9160] ? trace_hardirqs_off_caller+0x300/0x300 21:41:03 executing program 2: r0 = memfd_create(0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:03 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:03 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000), 0x0) [ 278.647339][ T9160] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 278.652829][ T9160] __x64_sys_open+0x7e/0xc0 [ 278.657342][ T9160] do_syscall_64+0x1a3/0x800 [ 278.661946][ T9160] ? syscall_return_slowpath+0x5f0/0x5f0 [ 278.667589][ T9160] ? prepare_exit_to_usermode+0x232/0x3b0 [ 278.673318][ T9160] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 278.673349][ T9160] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.673363][ T9160] RIP: 0033:0x412041 [ 278.673380][ T9160] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 278.673389][ T9160] RSP: 002b:00007fe51cc57a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 278.673410][ T9160] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000412041 [ 278.724689][ T9160] RDX: 00007fe51cc57afa RSI: 0000000000000002 RDI: 00007fe51cc57af0 [ 278.732664][ T9160] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 278.740653][ T9160] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 278.748628][ T9160] R13: 0000000000000000 R14: 00000000004dbc08 R15: 0000000000000003 [ 278.809042][ T9160] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. 21:41:04 executing program 4: syz_open_dev$amidi(&(0x7f0000000440)='/dev/amidi#\x00', 0x4, 0x81) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0xf33e5972000000, 0x4) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) ioctl$SG_GET_SCSI_ID(r1, 0x2276, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') r3 = memfd_create(&(0x7f0000000600)='\xac\x00\x00\xe9\xd98\xc11)\x9c\xf1)\x87vX\xa9\xa2\xbc\xb4\xc9\xcc\xe2A\xeb\xa7\xb9\x8c/\x820\xc9\xcb\x87>\xda\xc7\xbd\x12', 0x1000000000004) ftruncate(r3, 0x1000000) sendfile(r2, r3, &(0x7f00000000c0)=0xf10001, 0xeffffdef) fgetxattr(r0, &(0x7f0000000240)=@known='trusted.overlay.nlink\x00', &(0x7f0000000280)=""/207, 0xcf) syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x0, 0x0) r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000200)={r1, 0x0, 0xfffffffffffff000, 0xfffffffff0000000}) setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000140)=0xe3, 0x2) syz_open_dev$vbi(&(0x7f0000000380)='/dev/vbi#\x00', 0x1, 0x2) creat(&(0x7f0000000180)='./file0\x00', 0x0) rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000008dc0)='./file1\x00') r5 = gettid() getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f00000004c0)={0x0}, &(0x7f0000000500)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000540)={r6, 0x40, 0x30}, 0xc) syz_open_procfs(r5, &(0x7f0000000400)='net/ip6_mr_cache\x00') lseek(r4, 0x0, 0x0) 21:41:04 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:04 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000), 0x0) 21:41:04 executing program 2: r0 = memfd_create(0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:04 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:04 executing program 3 (fault-call:0 fault-nth:8): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 278.987658][ T9190] FAULT_INJECTION: forcing a failure. [ 278.987658][ T9190] name failslab, interval 1, probability 0, space 0, times 0 21:41:04 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 279.043182][ T9190] CPU: 0 PID: 9190 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 279.052153][ T9190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.062213][ T9190] Call Trace: [ 279.065517][ T9190] dump_stack+0x1db/0x2d0 [ 279.069871][ T9190] ? dump_stack_print_info.cold+0x20/0x20 [ 279.075592][ T9190] ? do_sys_open+0x59a/0x7c0 [ 279.080190][ T9190] ? __x64_sys_open+0x7e/0xc0 [ 279.084876][ T9190] ? do_syscall_64+0x1a3/0x800 21:41:04 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 279.084897][ T9190] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.084926][ T9190] should_fail.cold+0xa/0x14 [ 279.084950][ T9190] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 279.084980][ T9190] ? ___might_sleep+0x1e7/0x310 [ 279.110998][ T9190] ? arch_local_save_flags+0x50/0x50 [ 279.116301][ T9190] ? rcu_lockdep_current_cpu_online+0x1aa/0x220 [ 279.122550][ T9190] __should_failslab+0x121/0x190 [ 279.127499][ T9190] should_failslab+0x9/0x14 [ 279.132003][ T9190] kmem_cache_alloc+0x2be/0x710 [ 279.136896][ T9190] ? __alloc_file+0x93/0x480 [ 279.141493][ T9190] ? rcu_read_lock_sched_held+0x110/0x130 [ 279.147232][ T9190] ? kmem_cache_alloc+0x341/0x710 [ 279.152295][ T9190] security_file_alloc+0x39/0x170 [ 279.157363][ T9190] __alloc_file+0x128/0x480 [ 279.161909][ T9190] ? ____fput+0x20/0x20 [ 279.166101][ T9190] ? mark_held_locks+0x100/0x100 [ 279.171070][ T9190] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.177329][ T9190] alloc_empty_file+0x72/0x170 [ 279.182123][ T9190] path_openat+0x112/0x5660 [ 279.186632][ T9190] ? add_lock_to_list.isra.0+0x450/0x450 21:41:04 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 279.192302][ T9190] ? __alloc_fd+0x549/0x700 [ 279.196820][ T9190] ? find_held_lock+0x35/0x120 [ 279.201590][ T9190] ? path_lookupat.isra.0+0xba0/0xba0 [ 279.206965][ T9190] ? do_dup2+0x580/0x580 [ 279.211230][ T9190] ? kasan_check_read+0x11/0x20 [ 279.216111][ T9190] ? do_raw_spin_unlock+0xa0/0x330 [ 279.221237][ T9190] ? do_raw_spin_trylock+0x270/0x270 [ 279.226524][ T9190] ? __phys_addr_symbol+0x30/0x70 [ 279.226555][ T9190] do_filp_open+0x26f/0x370 [ 279.226574][ T9190] ? may_open_dev+0x100/0x100 21:41:04 executing program 2: r0 = memfd_create(0x0, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) [ 279.236091][ T9190] ? exit_files+0xb0/0xb0 [ 279.236112][ T9190] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 279.236143][ T9190] ? digsig_verify.cold+0x32/0x32 [ 279.256379][ T9190] ? get_unused_fd_flags+0x122/0x1a0 [ 279.261672][ T9190] ? __alloc_fd+0x700/0x700 [ 279.266183][ T9190] ? getname_flags+0x277/0x5b0 [ 279.270964][ T9190] do_sys_open+0x59a/0x7c0 [ 279.275418][ T9190] ? filp_open+0x80/0x80 [ 279.279678][ T9190] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.285746][ T9190] ? trace_hardirqs_off_caller+0x300/0x300 [ 279.285766][ T9190] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 279.285786][ T9190] __x64_sys_open+0x7e/0xc0 [ 279.285805][ T9190] do_syscall_64+0x1a3/0x800 [ 279.285824][ T9190] ? syscall_return_slowpath+0x5f0/0x5f0 [ 279.285842][ T9190] ? prepare_exit_to_usermode+0x232/0x3b0 [ 279.285862][ T9190] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 279.285886][ T9190] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.285899][ T9190] RIP: 0033:0x412041 [ 279.285930][ T9190] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 279.285946][ T9190] RSP: 002b:00007fe51cc57a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 279.312252][ T9190] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000412041 [ 279.312263][ T9190] RDX: 00007fe51cc57afa RSI: 0000000000000002 RDI: 00007fe51cc57af0 [ 279.312273][ T9190] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 279.312283][ T9190] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 21:41:04 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 279.312293][ T9190] R13: 0000000000000000 R14: 00000000004dbc08 R15: 0000000000000003 21:41:04 executing program 3 (fault-call:0 fault-nth:9): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 279.514823][ T9216] FAULT_INJECTION: forcing a failure. [ 279.514823][ T9216] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 279.528070][ T9216] CPU: 1 PID: 9216 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 279.536995][ T9216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.547057][ T9216] Call Trace: [ 279.550357][ T9216] dump_stack+0x1db/0x2d0 [ 279.554696][ T9216] ? dump_stack_print_info.cold+0x20/0x20 [ 279.560444][ T9216] ? debug_smp_processor_id+0x1c/0x20 [ 279.565827][ T9216] should_fail.cold+0xa/0x14 [ 279.570426][ T9216] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 279.576238][ T9216] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.582495][ T9216] ? rcu_read_unlock+0x16/0x60 [ 279.587270][ T9216] ? find_held_lock+0x35/0x120 [ 279.592062][ T9216] ? rcu_read_unlock+0x16/0x60 [ 279.596846][ T9216] should_fail_alloc_page+0x50/0x60 [ 279.602052][ T9216] __alloc_pages_nodemask+0x323/0xdc0 [ 279.607422][ T9216] ? lock_downgrade+0xbe0/0xbe0 [ 279.612285][ T9216] ? kasan_check_read+0x11/0x20 [ 279.617145][ T9216] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 279.623133][ T9216] ? __alloc_pages_slowpath+0x2c50/0x2c50 [ 279.628876][ T9216] ? ___might_sleep+0x1e7/0x310 [ 279.633741][ T9216] ? trace_hardirqs_off+0xb8/0x310 [ 279.633764][ T9216] cache_grow_begin+0x9c/0x8c0 [ 279.633779][ T9216] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 279.633803][ T9216] ? check_preemption_disabled+0x48/0x290 [ 279.643662][ T9216] kmem_cache_alloc+0x645/0x710 [ 279.643680][ T9216] ? __lock_acquire+0x572/0x4a10 [ 279.643709][ T9216] __alloc_file+0x93/0x480 [ 279.643727][ T9216] ? ____fput+0x20/0x20 [ 279.643751][ T9216] ? mark_held_locks+0x100/0x100 [ 279.655684][ T9216] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.655709][ T9216] alloc_empty_file+0x72/0x170 [ 279.655728][ T9216] path_openat+0x112/0x5660 [ 279.655749][ T9216] ? add_lock_to_list.isra.0+0x450/0x450 [ 279.655778][ T9216] ? __alloc_fd+0x549/0x700 [ 279.665538][ T9216] ? find_held_lock+0x35/0x120 [ 279.665555][ T9216] ? path_lookupat.isra.0+0xba0/0xba0 [ 279.665573][ T9216] ? do_dup2+0x580/0x580 [ 279.665600][ T9216] ? kasan_check_read+0x11/0x20 [ 279.665623][ T9216] ? do_raw_spin_unlock+0xa0/0x330 [ 279.665642][ T9216] ? do_raw_spin_trylock+0x270/0x270 [ 279.665665][ T9216] ? __phys_addr_symbol+0x30/0x70 [ 279.674252][ T9216] do_filp_open+0x26f/0x370 [ 279.674271][ T9216] ? may_open_dev+0x100/0x100 [ 279.674289][ T9216] ? exit_files+0xb0/0xb0 [ 279.674308][ T9216] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 279.674333][ T9216] ? digsig_verify.cold+0x32/0x32 [ 279.674353][ T9216] ? get_unused_fd_flags+0x122/0x1a0 [ 279.674374][ T9216] ? __alloc_fd+0x700/0x700 [ 279.685516][ T9216] ? getname_flags+0x277/0x5b0 [ 279.685542][ T9216] do_sys_open+0x59a/0x7c0 [ 279.685564][ T9216] ? filp_open+0x80/0x80 [ 279.685589][ T9216] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.685607][ T9216] ? trace_hardirqs_off_caller+0x300/0x300 [ 279.685632][ T9216] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 279.685652][ T9216] __x64_sys_open+0x7e/0xc0 [ 279.774131][ T9216] do_syscall_64+0x1a3/0x800 [ 279.774154][ T9216] ? syscall_return_slowpath+0x5f0/0x5f0 [ 279.774176][ T9216] ? prepare_exit_to_usermode+0x232/0x3b0 [ 279.783365][ T9216] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 279.830896][ T9216] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.836798][ T9216] RIP: 0033:0x412041 [ 279.840691][ T9216] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 279.860288][ T9216] RSP: 002b:00007fe51cc57a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 279.868706][ T9216] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000412041 [ 279.876671][ T9216] RDX: 00007fe51cc57afa RSI: 0000000000000002 RDI: 00007fe51cc57af0 [ 279.884655][ T9216] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 279.892624][ T9216] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 279.900592][ T9216] R13: 0000000000000000 R14: 00000000004dbc08 R15: 0000000000000003 [ 279.938982][ T9216] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. 21:41:05 executing program 4: syz_open_dev$amidi(&(0x7f0000000440)='/dev/amidi#\x00', 0x4, 0x81) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0xf33e5972000000, 0x4) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) ioctl$SG_GET_SCSI_ID(r1, 0x2276, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') r3 = memfd_create(&(0x7f0000000600)='\xac\x00\x00\xe9\xd98\xc11)\x9c\xf1)\x87vX\xa9\xa2\xbc\xb4\xc9\xcc\xe2A\xeb\xa7\xb9\x8c/\x820\xc9\xcb\x87>\xda\xc7\xbd\x12', 0x1000000000004) ftruncate(r3, 0x1000000) sendfile(r2, r3, &(0x7f00000000c0)=0xf10001, 0xeffffdef) fgetxattr(r0, &(0x7f0000000240)=@known='trusted.overlay.nlink\x00', &(0x7f0000000280)=""/207, 0xcf) syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x0, 0x0) r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000200)={r1, 0x0, 0xfffffffffffff000, 0xfffffffff0000000}) setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000140)=0xe3, 0x2) syz_open_dev$vbi(&(0x7f0000000380)='/dev/vbi#\x00', 0x1, 0x2) creat(&(0x7f0000000180)='./file0\x00', 0x0) rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000008dc0)='./file1\x00') r5 = gettid() getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f00000004c0)={0x0}, &(0x7f0000000500)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000540)={r6, 0x40, 0x30}, 0xc) syz_open_procfs(r5, &(0x7f0000000400)='net/ip6_mr_cache\x00') lseek(r4, 0x0, 0x0) 21:41:05 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:05 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:05 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:05 executing program 0: socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:41:05 executing program 3 (fault-call:0 fault-nth:10): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:05 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 280.122268][ T9234] FAULT_INJECTION: forcing a failure. [ 280.122268][ T9234] name failslab, interval 1, probability 0, space 0, times 0 21:41:05 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 280.171994][ T9234] CPU: 0 PID: 9234 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 280.180944][ T9234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.190999][ T9234] Call Trace: [ 280.194309][ T9234] dump_stack+0x1db/0x2d0 [ 280.198650][ T9234] ? dump_stack_print_info.cold+0x20/0x20 [ 280.204395][ T9234] ? check_preemption_disabled+0x48/0x290 [ 280.210152][ T9234] should_fail.cold+0xa/0x14 [ 280.214761][ T9234] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 280.220583][ T9234] ? ___might_sleep+0x1e7/0x310 [ 280.225458][ T9234] ? arch_local_save_flags+0x50/0x50 [ 280.230762][ T9234] __should_failslab+0x121/0x190 [ 280.235722][ T9234] should_failslab+0x9/0x14 [ 280.240236][ T9234] kmem_cache_alloc+0x2be/0x710 [ 280.245090][ T9234] ? trace_hardirqs_on+0xbd/0x310 [ 280.250129][ T9234] ? kasan_check_read+0x11/0x20 [ 280.254984][ T9234] ? __schedule+0x148d/0x1e60 [ 280.259677][ T9234] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.265940][ T9234] __kernfs_new_node+0xfe/0x8a0 [ 280.270826][ T9234] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 280.276293][ T9234] ? add_lock_to_list.isra.0+0x450/0x450 [ 280.281935][ T9234] ? pci_mmcfg_check_reserved+0x170/0x170 [ 280.287684][ T9234] ? bd_set_size+0x2c1/0x370 [ 280.292281][ T9234] ? find_held_lock+0x35/0x120 [ 280.297058][ T9234] ? bd_set_size+0x2c1/0x370 [ 280.301659][ T9234] kernfs_new_node+0x99/0x130 [ 280.306377][ T9234] kernfs_create_dir_ns+0x52/0x160 [ 280.312027][ T9234] internal_create_group+0x8cd/0xd80 [ 280.317336][ T9234] ? remove_files.isra.0+0x190/0x190 [ 280.322626][ T9234] ? down_read+0x120/0x120 [ 280.327085][ T9234] ? resched_curr+0x1a0/0x1a0 [ 280.331779][ T9234] sysfs_create_group+0x20/0x30 [ 280.336634][ T9234] lo_ioctl+0x1147/0x23e0 [ 280.340974][ T9234] ? lo_rw_aio+0x1e50/0x1e50 [ 280.345568][ T9234] ? __fget+0x473/0x710 [ 280.349762][ T9234] ? lo_rw_aio+0x1e50/0x1e50 [ 280.354360][ T9234] blkdev_ioctl+0x10e0/0x2120 [ 280.359063][ T9234] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.365307][ T9234] ? blkpg_ioctl+0xc10/0xc10 21:41:05 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) [ 280.369913][ T9234] ? lock_downgrade+0xbe0/0xbe0 [ 280.374772][ T9234] ? kasan_check_read+0x11/0x20 [ 280.379623][ T9234] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 280.385607][ T9234] ? rcu_read_unlock_special+0x380/0x380 [ 280.391281][ T9234] ? __fget+0x49a/0x710 [ 280.395453][ T9234] block_ioctl+0xee/0x130 [ 280.399784][ T9234] ? blkdev_fallocate+0x410/0x410 [ 280.404820][ T9234] do_vfs_ioctl+0x107b/0x17d0 [ 280.409522][ T9234] ? putname+0xef/0x130 [ 280.413695][ T9234] ? ioctl_preallocate+0x2f0/0x2f0 21:41:05 executing program 0: socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) [ 280.418848][ T9234] ? __fget_light+0x2db/0x420 [ 280.423562][ T9234] ? fget_raw+0x20/0x20 [ 280.427764][ T9234] ? do_sys_open+0x3f9/0x7c0 [ 280.432359][ T9234] ? do_syscall_64+0x8c/0x800 [ 280.437050][ T9234] ? do_syscall_64+0x8c/0x800 [ 280.441831][ T9234] ? lockdep_hardirqs_on+0x415/0x5d0 [ 280.447111][ T9234] ? security_file_ioctl+0x93/0xc0 [ 280.452214][ T9234] ksys_ioctl+0xab/0xd0 [ 280.456356][ T9234] __x64_sys_ioctl+0x73/0xb0 [ 280.460942][ T9234] do_syscall_64+0x1a3/0x800 [ 280.465579][ T9234] ? syscall_return_slowpath+0x5f0/0x5f0 [ 280.471223][ T9234] ? prepare_exit_to_usermode+0x232/0x3b0 [ 280.476956][ T9234] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 280.482512][ T9234] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.488414][ T9234] RIP: 0033:0x457f07 [ 280.492290][ T9234] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 cd b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 280.511882][ T9234] RSP: 002b:00007fe51cc57a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 280.520272][ T9234] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457f07 [ 280.528223][ T9234] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 280.536175][ T9234] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 280.544138][ T9234] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 280.552105][ T9234] R13: 0000000000000000 R14: 00000000004dbc08 R15: 0000000000000003 [ 280.566989][ T9234] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. 21:41:06 executing program 3 (fault-call:0 fault-nth:11): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:06 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 280.892585][ T9266] FAULT_INJECTION: forcing a failure. [ 280.892585][ T9266] name failslab, interval 1, probability 0, space 0, times 0 [ 280.905742][ T9266] CPU: 1 PID: 9266 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 280.914679][ T9266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.924734][ T9266] Call Trace: [ 280.928043][ T9266] dump_stack+0x1db/0x2d0 [ 280.932388][ T9266] ? dump_stack_print_info.cold+0x20/0x20 [ 280.938136][ T9266] should_fail.cold+0xa/0x14 [ 280.942766][ T9266] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 280.948689][ T9266] ? find_held_lock+0x35/0x120 [ 280.953459][ T9266] ? is_bpf_text_address+0xac/0x170 [ 280.958707][ T9266] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.964965][ T9266] __should_failslab+0x121/0x190 [ 280.969926][ T9266] should_failslab+0x9/0x14 [ 280.974444][ T9266] kmem_cache_alloc+0x47/0x710 [ 280.979207][ T9266] ? print_usage_bug+0xd0/0xd0 [ 280.983998][ T9266] radix_tree_node_alloc.constprop.0+0x1eb/0x340 [ 280.990336][ T9266] idr_get_free+0x72c/0xee0 [ 280.994834][ T9266] ? __save_stack_trace+0x8a/0xf0 [ 280.999884][ T9266] ? radix_tree_iter_tag_clear+0x90/0x90 [ 281.005526][ T9266] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 281.011355][ T9266] ? kasan_slab_alloc+0xf/0x20 [ 281.016131][ T9266] ? kmem_cache_alloc+0x12d/0x710 [ 281.021172][ T9266] ? kernfs_new_node+0x99/0x130 [ 281.026029][ T9266] ? kernfs_create_dir_ns+0x52/0x160 [ 281.031325][ T9266] ? internal_create_group+0x8cd/0xd80 [ 281.036797][ T9266] ? sysfs_create_group+0x20/0x30 [ 281.041814][ T9266] ? lo_ioctl+0x1147/0x23e0 [ 281.046316][ T9266] ? blkdev_ioctl+0x10e0/0x2120 [ 281.051164][ T9266] ? block_ioctl+0xee/0x130 [ 281.055664][ T9266] ? do_vfs_ioctl+0x107b/0x17d0 [ 281.060510][ T9266] ? ksys_ioctl+0xab/0xd0 [ 281.064851][ T9266] ? __x64_sys_ioctl+0x73/0xb0 [ 281.069611][ T9266] ? do_syscall_64+0x1a3/0x800 [ 281.074382][ T9266] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.080451][ T9266] ? print_usage_bug+0xd0/0xd0 [ 281.085228][ T9266] idr_alloc_u32+0x1d8/0x3a0 [ 281.089842][ T9266] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 281.095390][ T9266] ? lock_acquire+0x1db/0x570 [ 281.100069][ T9266] ? __kernfs_new_node+0x125/0x8a0 [ 281.105188][ T9266] idr_alloc_cyclic+0x153/0x330 [ 281.110047][ T9266] ? idr_alloc+0x1b0/0x1b0 [ 281.114497][ T9266] ? add_lock_to_list.isra.0+0x450/0x450 [ 281.120151][ T9266] __kernfs_new_node+0x1c1/0x8a0 [ 281.125095][ T9266] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 281.130563][ T9266] ? add_lock_to_list.isra.0+0x450/0x450 [ 281.136190][ T9266] ? print_usage_bug+0xd0/0xd0 [ 281.140978][ T9266] ? bd_set_size+0x2c1/0x370 [ 281.145581][ T9266] ? find_held_lock+0x35/0x120 [ 281.150350][ T9266] ? bd_set_size+0x2c1/0x370 [ 281.154941][ T9266] kernfs_new_node+0x99/0x130 [ 281.159625][ T9266] kernfs_create_dir_ns+0x52/0x160 [ 281.164749][ T9266] internal_create_group+0x8cd/0xd80 [ 281.170217][ T9266] ? remove_files.isra.0+0x190/0x190 [ 281.175497][ T9266] ? down_read+0x120/0x120 [ 281.179915][ T9266] ? resched_curr+0x1a0/0x1a0 [ 281.184601][ T9266] sysfs_create_group+0x20/0x30 [ 281.189492][ T9266] lo_ioctl+0x1147/0x23e0 [ 281.193841][ T9266] ? lo_rw_aio+0x1e50/0x1e50 [ 281.198447][ T9266] ? __fget+0x473/0x710 [ 281.202603][ T9266] ? lo_rw_aio+0x1e50/0x1e50 [ 281.207197][ T9266] blkdev_ioctl+0x10e0/0x2120 [ 281.211873][ T9266] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.218125][ T9266] ? blkpg_ioctl+0xc10/0xc10 [ 281.222731][ T9266] ? lock_downgrade+0xbe0/0xbe0 [ 281.227576][ T9266] ? kasan_check_read+0x11/0x20 [ 281.232465][ T9266] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 281.238452][ T9266] ? rcu_read_unlock_special+0x380/0x380 [ 281.244107][ T9266] ? __fget+0x49a/0x710 [ 281.248282][ T9266] block_ioctl+0xee/0x130 [ 281.252624][ T9266] ? blkdev_fallocate+0x410/0x410 [ 281.257659][ T9266] do_vfs_ioctl+0x107b/0x17d0 [ 281.262357][ T9266] ? putname+0xef/0x130 [ 281.266515][ T9266] ? ioctl_preallocate+0x2f0/0x2f0 [ 281.271673][ T9266] ? __fget_light+0x2db/0x420 [ 281.276352][ T9266] ? fget_raw+0x20/0x20 [ 281.280516][ T9266] ? do_sys_open+0x3f9/0x7c0 [ 281.285144][ T9266] ? do_syscall_64+0x8c/0x800 [ 281.289827][ T9266] ? do_syscall_64+0x8c/0x800 [ 281.294506][ T9266] ? lockdep_hardirqs_on+0x415/0x5d0 [ 281.299799][ T9266] ? security_file_ioctl+0x93/0xc0 [ 281.304933][ T9266] ksys_ioctl+0xab/0xd0 [ 281.309111][ T9266] __x64_sys_ioctl+0x73/0xb0 [ 281.313710][ T9266] do_syscall_64+0x1a3/0x800 [ 281.318312][ T9266] ? syscall_return_slowpath+0x5f0/0x5f0 [ 281.323953][ T9266] ? prepare_exit_to_usermode+0x232/0x3b0 [ 281.329703][ T9266] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 281.335269][ T9266] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.341166][ T9266] RIP: 0033:0x457f07 [ 281.345065][ T9266] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 cd b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.364682][ T9266] RSP: 002b:00007fe51cc57a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 281.373110][ T9266] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457f07 [ 281.381097][ T9266] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 281.389091][ T9266] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 281.397098][ T9266] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 281.405075][ T9266] R13: 0000000000000000 R14: 00000000004dbc08 R15: 0000000000000003 21:41:06 executing program 4: syz_open_dev$amidi(&(0x7f0000000440)='/dev/amidi#\x00', 0x4, 0x81) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0xf33e5972000000, 0x4) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) ioctl$SG_GET_SCSI_ID(r1, 0x2276, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') r3 = memfd_create(&(0x7f0000000600)='\xac\x00\x00\xe9\xd98\xc11)\x9c\xf1)\x87vX\xa9\xa2\xbc\xb4\xc9\xcc\xe2A\xeb\xa7\xb9\x8c/\x820\xc9\xcb\x87>\xda\xc7\xbd\x12', 0x1000000000004) ftruncate(r3, 0x1000000) sendfile(r2, r3, &(0x7f00000000c0)=0xf10001, 0xeffffdef) fgetxattr(r0, &(0x7f0000000240)=@known='trusted.overlay.nlink\x00', &(0x7f0000000280)=""/207, 0xcf) syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x0, 0x0) r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000200)={r1, 0x0, 0xfffffffffffff000, 0xfffffffff0000000}) setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000140)=0xe3, 0x2) syz_open_dev$vbi(&(0x7f0000000380)='/dev/vbi#\x00', 0x1, 0x2) creat(&(0x7f0000000180)='./file0\x00', 0x0) rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000008dc0)='./file1\x00') r5 = gettid() getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f00000004c0)={0x0}, &(0x7f0000000500)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000540)={r6, 0x40, 0x30}, 0xc) syz_open_procfs(r5, &(0x7f0000000400)='net/ip6_mr_cache\x00') lseek(r4, 0x0, 0x0) 21:41:06 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:06 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:06 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 281.494563][ T9266] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. 21:41:07 executing program 3 (fault-call:0 fault-nth:12): syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:07 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:07 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:07 executing program 0: socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) [ 281.686679][ T9281] FAULT_INJECTION: forcing a failure. [ 281.686679][ T9281] name failslab, interval 1, probability 0, space 0, times 0 [ 281.699538][ T9281] CPU: 0 PID: 9281 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190118 #15 [ 281.708500][ T9281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.718577][ T9281] Call Trace: [ 281.721872][ T9281] dump_stack+0x1db/0x2d0 [ 281.726221][ T9281] ? dump_stack_print_info.cold+0x20/0x20 [ 281.731964][ T9281] should_fail.cold+0xa/0x14 21:41:07 executing program 1 (fault-call:6 fault-nth:0): r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 281.736567][ T9281] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 281.742424][ T9281] ? find_held_lock+0x35/0x120 [ 281.747200][ T9281] ? is_bpf_text_address+0xac/0x170 [ 281.752402][ T9281] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.758701][ T9281] __should_failslab+0x121/0x190 [ 281.763650][ T9281] should_failslab+0x9/0x14 [ 281.768163][ T9281] kmem_cache_alloc+0x47/0x710 [ 281.772961][ T9281] ? print_usage_bug+0xd0/0xd0 [ 281.777753][ T9281] radix_tree_node_alloc.constprop.0+0x1eb/0x340 [ 281.784105][ T9281] idr_get_free+0x72c/0xee0 [ 281.788623][ T9281] ? __save_stack_trace+0x8a/0xf0 [ 281.793639][ T9281] ? radix_tree_iter_tag_clear+0x90/0x90 [ 281.799254][ T9281] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 281.805070][ T9281] ? kasan_slab_alloc+0xf/0x20 [ 281.809832][ T9281] ? kmem_cache_alloc+0x12d/0x710 [ 281.814884][ T9281] ? kernfs_new_node+0x99/0x130 [ 281.819734][ T9281] ? kernfs_create_dir_ns+0x52/0x160 [ 281.825007][ T9281] ? internal_create_group+0x8cd/0xd80 [ 281.830476][ T9281] ? sysfs_create_group+0x20/0x30 [ 281.835513][ T9281] ? lo_ioctl+0x1147/0x23e0 [ 281.840007][ T9281] ? blkdev_ioctl+0x10e0/0x2120 [ 281.844860][ T9281] ? block_ioctl+0xee/0x130 [ 281.849356][ T9281] ? do_vfs_ioctl+0x107b/0x17d0 [ 281.854193][ T9281] ? ksys_ioctl+0xab/0xd0 [ 281.858527][ T9281] ? __x64_sys_ioctl+0x73/0xb0 [ 281.863285][ T9281] ? do_syscall_64+0x1a3/0x800 [ 281.868062][ T9281] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.874145][ T9281] ? print_usage_bug+0xd0/0xd0 [ 281.878912][ T9281] idr_alloc_u32+0x1d8/0x3a0 [ 281.883485][ T9281] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 281.889028][ T9281] ? lock_acquire+0x1db/0x570 [ 281.893736][ T9281] ? __kernfs_new_node+0x125/0x8a0 [ 281.898846][ T9281] idr_alloc_cyclic+0x153/0x330 [ 281.903695][ T9281] ? idr_alloc+0x1b0/0x1b0 [ 281.908109][ T9281] ? retint_kernel+0x2d/0x2d [ 281.912704][ T9281] __kernfs_new_node+0x1c1/0x8a0 [ 281.917654][ T9281] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 281.923129][ T9281] ? add_lock_to_list.isra.0+0x450/0x450 [ 281.928747][ T9281] ? pci_mmcfg_check_reserved+0x170/0x170 [ 281.934465][ T9281] ? bd_set_size+0x2c1/0x370 [ 281.939085][ T9281] ? find_held_lock+0x35/0x120 [ 281.943874][ T9281] ? bd_set_size+0x2c1/0x370 [ 281.948463][ T9281] kernfs_new_node+0x99/0x130 [ 281.953151][ T9281] kernfs_create_dir_ns+0x52/0x160 [ 281.958262][ T9281] internal_create_group+0x8cd/0xd80 [ 281.963544][ T9281] ? remove_files.isra.0+0x190/0x190 [ 281.968806][ T9281] ? down_read+0x120/0x120 [ 281.973218][ T9281] ? resched_curr+0x1a0/0x1a0 [ 281.977924][ T9281] sysfs_create_group+0x20/0x30 [ 281.982785][ T9281] lo_ioctl+0x1147/0x23e0 [ 281.987143][ T9281] ? lo_rw_aio+0x1e50/0x1e50 [ 281.991728][ T9281] ? __fget+0x473/0x710 [ 281.995905][ T9281] ? lo_rw_aio+0x1e50/0x1e50 [ 282.000489][ T9281] blkdev_ioctl+0x10e0/0x2120 [ 282.005166][ T9281] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.011416][ T9281] ? blkpg_ioctl+0xc10/0xc10 [ 282.016051][ T9281] ? lock_downgrade+0xbe0/0xbe0 [ 282.020894][ T9281] ? kasan_check_read+0x11/0x20 [ 282.025752][ T9281] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 282.031745][ T9281] ? rcu_read_unlock_special+0x380/0x380 [ 282.037383][ T9281] ? __fget+0x49a/0x710 [ 282.041554][ T9281] block_ioctl+0xee/0x130 [ 282.045904][ T9281] ? blkdev_fallocate+0x410/0x410 [ 282.050925][ T9281] do_vfs_ioctl+0x107b/0x17d0 [ 282.055596][ T9281] ? putname+0xef/0x130 [ 282.059749][ T9281] ? ioctl_preallocate+0x2f0/0x2f0 [ 282.064860][ T9281] ? __fget_light+0x2db/0x420 [ 282.069544][ T9281] ? fget_raw+0x20/0x20 [ 282.073697][ T9281] ? do_sys_open+0x3f9/0x7c0 [ 282.078293][ T9281] ? do_syscall_64+0x8c/0x800 [ 282.082973][ T9281] ? do_syscall_64+0x8c/0x800 [ 282.087656][ T9281] ? lockdep_hardirqs_on+0x415/0x5d0 [ 282.092958][ T9281] ? security_file_ioctl+0x93/0xc0 [ 282.098068][ T9281] ksys_ioctl+0xab/0xd0 [ 282.102220][ T9281] __x64_sys_ioctl+0x73/0xb0 [ 282.106817][ T9281] do_syscall_64+0x1a3/0x800 [ 282.111418][ T9281] ? syscall_return_slowpath+0x5f0/0x5f0 [ 282.117056][ T9281] ? prepare_exit_to_usermode+0x232/0x3b0 [ 282.122772][ T9281] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 282.128306][ T9281] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.134185][ T9281] RIP: 0033:0x457f07 [ 282.138106][ T9281] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 cd b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 282.157719][ T9281] RSP: 002b:00007fe51cc57a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 282.166139][ T9281] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457f07 [ 282.174108][ T9281] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 282.182079][ T9281] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 282.190051][ T9281] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 282.198012][ T9281] R13: 0000000000000000 R14: 00000000004dbc08 R15: 0000000000000003 [ 282.209437][ T9281] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. [ 282.309031][ T9292] FAULT_INJECTION: forcing a failure. [ 282.309031][ T9292] name failslab, interval 1, probability 0, space 0, times 0 [ 282.338163][ T9292] CPU: 1 PID: 9292 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190118 #15 [ 282.347138][ T9292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.357193][ T9292] Call Trace: [ 282.360499][ T9292] dump_stack+0x1db/0x2d0 [ 282.364840][ T9292] ? dump_stack_print_info.cold+0x20/0x20 [ 282.370567][ T9292] ? __lock_acquire+0x572/0x4a10 [ 282.375525][ T9292] should_fail.cold+0xa/0x14 [ 282.380127][ T9292] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 282.385947][ T9292] ? ___might_sleep+0x1e7/0x310 [ 282.390806][ T9292] ? arch_local_save_flags+0x50/0x50 [ 282.396108][ T9292] ? snd_seq_write+0x1fa/0x8d0 [ 282.400888][ T9292] __should_failslab+0x121/0x190 [ 282.405834][ T9292] should_failslab+0x9/0x14 [ 282.410352][ T9292] kmem_cache_alloc_node_trace+0x270/0x720 [ 282.416180][ T9292] ? mutex_trylock+0x2d0/0x2d0 [ 282.421003][ T9292] __get_vm_area_node+0x12b/0x3a0 [ 282.426074][ T9292] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.432326][ T9292] __vmalloc_node_range+0x191/0x910 [ 282.437563][ T9292] ? snd_seq_pool_init+0x8b/0x320 [ 282.443108][ T9292] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 282.449096][ T9292] ? snd_seq_pool_init+0x8b/0x320 [ 282.454146][ T9292] ? vfree_atomic+0xe0/0xe0 [ 282.458699][ T9292] ? aa_file_perm+0x491/0x1180 [ 282.463479][ T9292] ? snd_seq_pool_init+0x8b/0x320 [ 282.468506][ T9292] vmalloc+0x6b/0x90 [ 282.472406][ T9292] ? snd_seq_pool_init+0x8b/0x320 [ 282.477428][ T9292] snd_seq_pool_init+0x8b/0x320 [ 282.482287][ T9292] snd_seq_write+0x7b1/0x8d0 [ 282.486911][ T9292] ? snd_seq_client_enqueue_event+0x530/0x530 [ 282.492985][ T9292] ? lock_downgrade+0xbe0/0xbe0 [ 282.497855][ T9292] __vfs_write+0x116/0xb40 [ 282.502290][ T9292] ? snd_seq_client_enqueue_event+0x530/0x530 [ 282.508361][ T9292] ? kernel_read+0x120/0x120 [ 282.512952][ T9292] ? fget_raw+0x20/0x20 [ 282.517114][ T9292] ? __mutex_unlock_slowpath+0x195/0x870 [ 282.522758][ T9292] ? apparmor_file_permission+0x25/0x30 [ 282.528302][ T9292] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.534537][ T9292] ? security_file_permission+0x94/0x320 [ 282.540178][ T9292] ? rw_verify_area+0x118/0x360 [ 282.545014][ T9292] vfs_write+0x20c/0x580 [ 282.549285][ T9292] ksys_write+0x105/0x260 [ 282.553614][ T9292] ? __ia32_sys_read+0xb0/0xb0 [ 282.558407][ T9292] ? trace_hardirqs_off_caller+0x300/0x300 [ 282.564261][ T9292] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 282.569705][ T9292] __x64_sys_write+0x73/0xb0 [ 282.574284][ T9292] do_syscall_64+0x1a3/0x800 [ 282.578859][ T9292] ? syscall_return_slowpath+0x5f0/0x5f0 [ 282.584472][ T9292] ? prepare_exit_to_usermode+0x232/0x3b0 [ 282.590175][ T9292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 282.595710][ T9292] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.601581][ T9292] RIP: 0033:0x458099 [ 282.605458][ T9292] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 282.625055][ T9292] RSP: 002b:00007f4eb01b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 282.633455][ T9292] RAX: ffffffffffffffda RBX: 00007f4eb01b8c90 RCX: 0000000000458099 [ 282.641407][ T9292] RDX: 000000000000fef2 RSI: 0000000020000000 RDI: 0000000000000003 [ 282.649359][ T9292] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 21:41:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0x100000001, 0x7}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:08 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:08 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) [ 282.657317][ T9292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4eb01b96d4 [ 282.665282][ T9292] R13: 00000000004c74fc R14: 00000000004dce68 R15: 0000000000000007 [ 282.678634][ T9292] syz-executor1: vmalloc: allocation failure: 24000 bytes, mode:0x6000c0(GFP_KERNEL), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 282.694341][ T9292] CPU: 1 PID: 9292 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190118 #15 [ 282.703284][ T9292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.703297][ T9292] Call Trace: [ 282.703324][ T9292] dump_stack+0x1db/0x2d0 [ 282.703346][ T9292] ? dump_stack_print_info.cold+0x20/0x20 [ 282.703366][ T9292] ? idr_get_free+0xee0/0xee0 [ 282.731391][ T9292] ? __lock_is_held+0xb6/0x140 [ 282.736174][ T9292] warn_alloc.cold+0xc3/0x1c9 [ 282.740863][ T9292] ? zone_watermark_ok_safe+0x420/0x420 [ 282.746417][ T9292] ? rcu_read_lock_sched_held+0x110/0x130 [ 282.752152][ T9292] ? mutex_trylock+0x2d0/0x2d0 21:41:08 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) [ 282.752180][ T9292] ? __get_vm_area_node+0x2df/0x3a0 [ 282.752196][ T9292] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.752220][ T9292] __vmalloc_node_range+0x57a/0x910 [ 282.773587][ T9292] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 282.779596][ T9292] ? snd_seq_pool_init+0x8b/0x320 [ 282.784646][ T9292] ? vfree_atomic+0xe0/0xe0 [ 282.789178][ T9292] ? aa_file_perm+0x491/0x1180 [ 282.793949][ T9292] ? snd_seq_pool_init+0x8b/0x320 [ 282.798997][ T9292] vmalloc+0x6b/0x90 [ 282.802910][ T9292] ? snd_seq_pool_init+0x8b/0x320 21:41:08 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 282.807942][ T9292] snd_seq_pool_init+0x8b/0x320 [ 282.812807][ T9292] snd_seq_write+0x7b1/0x8d0 [ 282.817418][ T9292] ? snd_seq_client_enqueue_event+0x530/0x530 [ 282.823535][ T9292] ? lock_downgrade+0xbe0/0xbe0 [ 282.828402][ T9292] __vfs_write+0x116/0xb40 [ 282.832833][ T9292] ? snd_seq_client_enqueue_event+0x530/0x530 [ 282.838910][ T9292] ? kernel_read+0x120/0x120 [ 282.843519][ T9292] ? fget_raw+0x20/0x20 [ 282.847689][ T9292] ? __mutex_unlock_slowpath+0x195/0x870 [ 282.853344][ T9292] ? apparmor_file_permission+0x25/0x30 [ 282.858898][ T9292] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.865148][ T9292] ? security_file_permission+0x94/0x320 [ 282.870798][ T9292] ? rw_verify_area+0x118/0x360 [ 282.875663][ T9292] vfs_write+0x20c/0x580 [ 282.879923][ T9292] ksys_write+0x105/0x260 [ 282.884271][ T9292] ? __ia32_sys_read+0xb0/0xb0 [ 282.889056][ T9292] ? trace_hardirqs_off_caller+0x300/0x300 [ 282.894886][ T9292] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 282.900365][ T9292] __x64_sys_write+0x73/0xb0 [ 282.904965][ T9292] do_syscall_64+0x1a3/0x800 21:41:08 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 282.909562][ T9292] ? syscall_return_slowpath+0x5f0/0x5f0 [ 282.915217][ T9292] ? prepare_exit_to_usermode+0x232/0x3b0 [ 282.920953][ T9292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 282.926532][ T9292] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.932432][ T9292] RIP: 0033:0x458099 [ 282.936344][ T9292] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 21:41:08 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 282.955964][ T9292] RSP: 002b:00007f4eb01b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 282.964411][ T9292] RAX: ffffffffffffffda RBX: 00007f4eb01b8c90 RCX: 0000000000458099 [ 282.972379][ T9292] RDX: 000000000000fef2 RSI: 0000000020000000 RDI: 0000000000000003 [ 282.980360][ T9292] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 282.988337][ T9292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4eb01b96d4 [ 282.996311][ T9292] R13: 00000000004c74fc R14: 00000000004dce68 R15: 0000000000000007 21:41:08 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 283.054649][ T9292] Mem-Info: [ 283.059070][ T9292] active_anon:134273 inactive_anon:191 isolated_anon:0 [ 283.059070][ T9292] active_file:10283 inactive_file:34355 isolated_file:0 [ 283.059070][ T9292] unevictable:0 dirty:112 writeback:0 unstable:0 [ 283.059070][ T9292] slab_reclaimable:12789 slab_unreclaimable:109157 [ 283.059070][ T9292] mapped:58482 shmem:244 pagetables:1482 bounce:0 [ 283.059070][ T9292] free:1224816 free_pcp:456 free_cma:0 21:41:08 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:08 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) [ 283.144305][ T9292] Node 0 active_anon:537036kB inactive_anon:764kB active_file:40992kB inactive_file:137420kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:233928kB dirty:448kB writeback:0kB shmem:976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 421888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 283.236391][ T9292] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 283.263617][ T9292] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 21:41:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0x100000001, 0x7}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) [ 283.313731][ T9328] ntfs: (device loop3): parse_options(): The mft_zone_multiplier option requires an argument. [ 283.431612][ T9292] lowmem_reserve[]: 0 2535 2537 2537 [ 283.437586][ T9292] Node 0 DMA32 free:1094452kB min:36080kB low:45100kB high:54120kB active_anon:539180kB inactive_anon:764kB active_file:40992kB inactive_file:137420kB unevictable:0kB writepending:448kB present:3129332kB managed:2599668kB mlocked:0kB kernel_stack:7776kB pagetables:5928kB bounce:0kB free_pcp:1956kB local_pcp:460kB free_cma:0kB [ 283.512993][ T9292] lowmem_reserve[]: 0 0 2 2 [ 283.536691][ T9292] Node 0 Normal free:1816kB min:2076kB low:2080kB high:2084kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:96kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 283.599966][ T9292] lowmem_reserve[]: 0 0 0 0 [ 283.605400][ T9292] Node 1 Normal free:3784756kB min:53780kB low:67224kB high:80668kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 283.634005][ T9292] lowmem_reserve[]: 0 0 0 0 [ 283.638972][ T9292] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 283.653408][ T9292] Node 0 DMA32: 10447*4kB (UM) 843*8kB (UME) 445*16kB (UM) 206*32kB (UME) 99*64kB (UME) 12*128kB (UME) 2*256kB (ME) 3*512kB (UM) 2*1024kB (ME) 4*2048kB (UME) 248*4096kB (M) = 1098212kB [ 283.671765][ T9292] Node 0 Normal: 2*4kB (ME) 6*8kB (ME) 2*16kB (ME) 2*32kB (ME) 0*64kB 1*128kB (M) 0*256kB 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 1816kB [ 283.686302][ T9292] Node 1 Normal: 67*4kB (UE) 277*8kB (U) 262*16kB (U) 67*32kB (UME) 13*64kB (UME) 9*128kB (UE) 6*256kB (UM) 4*512kB (UM) 2*1024kB (M) 2*2048kB (UE) 919*4096kB (M) = 3784756kB [ 283.703915][ T9292] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 283.713556][ T9292] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 283.722953][ T9292] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 283.732678][ T9292] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 283.742255][ T9292] 44894 total pagecache pages 21:41:09 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:09 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:09 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:09 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:41:09 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='\ntfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0x100000001, 0x7}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) [ 283.747097][ T9292] 0 pages in swap cache [ 283.751270][ T9292] Swap cache stats: add 0, delete 0, find 0/0 [ 283.757396][ T9292] Free swap = 0kB [ 283.761116][ T9292] Total swap = 0kB [ 283.764929][ T9292] 1965979 pages RAM [ 283.768750][ T9292] 0 pages HighMem/MovableOnly [ 283.773404][ T9292] 343988 pages reserved [ 283.777664][ T9292] 0 pages cma reserved 21:41:09 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:09 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0x100000001, 0x7}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:09 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x6, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:09 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='%tfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:09 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:09 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:09 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x1f4, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:09 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r1, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r1, 0x0, 0x0, 0x0, 0x0) 21:41:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:10 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='stfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:10 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0xffffff95, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x1f4, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:10 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='n\nfs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:10 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:10 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x4, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:10 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='n%fs\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:10 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, 0x0, 0x0) 21:41:10 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x5, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:10 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='nt\ns\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:10 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, 0x0, 0x0) 21:41:11 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:11 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x8, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:11 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:11 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, 0x0, 0x0) 21:41:11 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='nt%s\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:11 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:11 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000), 0x0) 21:41:11 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x1e, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:11 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='nt.s\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:11 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:11 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:11 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000), 0x0) 21:41:11 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x21, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:11 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='nt/s\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:12 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x22, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000), 0x0) 21:41:12 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:41:12 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x23, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:12 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntss\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:12 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:41:12 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x26, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:12 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:41:12 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xbf, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:12 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:13 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x02\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:13 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x1f4, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 5: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:13 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:13 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x500, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:13 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x03\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:13 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x1e00, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:13 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:13 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x1f00, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:13 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x04\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:13 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:14 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:14 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:14 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2100, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:14 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:14 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x05\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:14 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:14 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2200, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:14 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:14 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:14 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2300, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:14 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280), 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:14 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x06\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:14 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:14 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280), 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:14 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2600, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:14 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:14 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280), 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:14 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:14 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\a\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:15 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:15 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xbf00, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:15 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:15 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:15 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:15 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xf401, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:15 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\b\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:15 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:15 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:15 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:15 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x517565, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:15 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:15 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:15 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\t\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:15 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:15 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, 0x0, 0x0) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:15 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x1000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:15 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:41:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:16 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:41:16 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\n\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:16 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x4000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:16 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, 0x0, 0x0) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:16 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:41:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:16 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, 0x0, 0x0) 21:41:16 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x5000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:16 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:41:16 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, 0x0, 0x0) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:16 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, 0x0, 0x0) 21:41:16 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\v\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:16 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(0xffffffffffffffff, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:16 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(0xffffffffffffffff, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:16 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:16 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, 0x0, 0x0) 21:41:16 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x8000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:17 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(0xffffffffffffffff, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:17 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\f\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:17 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:17 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x1e000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:17 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:17 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:17 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000), 0x0) 21:41:17 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x1f000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:17 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:17 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000), 0x0) 21:41:17 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x20000000, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 293.775240][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 293.782017][T10043] Bluetooth: hci0: sending frame failed (-49) [ 295.854372][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 295.860849][T10043] Bluetooth: hci0: sending frame failed (-49) [ 297.934342][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:41:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:27 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:27 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\r\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:27 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:27 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000), 0x0) 21:41:27 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x21000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:27 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:27 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) [ 302.262586][ T2521] Bluetooth: hci0: Frame reassembly failed (-84) 21:41:27 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x22000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:27 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x0e\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:27 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:27 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 304.264241][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 304.270689][T10043] Bluetooth: hci0: sending frame failed (-49) [ 306.334272][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 306.340368][T10043] Bluetooth: hci0: sending frame failed (-49) [ 308.414296][ T12] Bluetooth: hci0: command 0x1009 tx timeout 21:41:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:37 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:37 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:37 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:37 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x23000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x0f\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:37 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:37 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:37 executing program 2: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:38 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, 0x0, 0x0) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:38 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x26000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:41:38 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x10\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:38 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:38 executing program 2: perf_event_open(&(0x7f0000000600)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/fuse\x00', 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000002000)=ANY=[], 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x121041, 0x0) getxattr(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000780)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) stat(&(0x7f00000008c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x200000, 0x0) read$FUSE(r0, &(0x7f0000001000), 0x1000) umount2(&(0x7f00000004c0)='./file0\x00', 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0) openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:41:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:41:38 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x65755100, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:38 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:38 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, 0x0, 0x0) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:38 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x11\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:38 executing program 2: perf_event_open(&(0x7f0000000600)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/fuse\x00', 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000002000)=ANY=[], 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x121041, 0x0) getxattr(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000780)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) stat(&(0x7f00000008c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x200000, 0x0) read$FUSE(r0, &(0x7f0000001000), 0x1000) umount2(&(0x7f00000004c0)='./file0\x00', 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0) openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:41:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:41:38 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, 0x0, 0x0) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:38 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:38 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x95ffffff, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) 21:41:38 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:38 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:38 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xbf000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:38 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x12\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:38 executing program 2: perf_event_open(&(0x7f0000000600)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/fuse\x00', 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000002000)=ANY=[], 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x121041, 0x0) getxattr(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000780)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) stat(&(0x7f00000008c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x200000, 0x0) read$FUSE(r0, &(0x7f0000001000), 0x1000) umount2(&(0x7f00000004c0)='./file0\x00', 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0) openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:41:39 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) 21:41:39 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xf4010000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:39 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x13\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:39 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:39 executing program 2: perf_event_open(&(0x7f0000000600)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/fuse\x00', 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000002000)=ANY=[], 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x121041, 0x0) getxattr(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000780)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) stat(&(0x7f00000008c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x200000, 0x0) read$FUSE(r0, &(0x7f0000001000), 0x1000) umount2(&(0x7f00000004c0)='./file0\x00', 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0) openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:41:39 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xfdffffff, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:39 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) 21:41:39 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:39 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xfeffffff, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:39 executing program 2: perf_event_open(&(0x7f0000000600)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/fuse\x00', 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000002000)=ANY=[], 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x121041, 0x0) getxattr(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000780)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) stat(&(0x7f00000008c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x200000, 0x0) read$FUSE(r0, &(0x7f0000001000), 0x1000) umount2(&(0x7f00000004c0)='./file0\x00', 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0) openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:41:39 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x14\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:39 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xffffff95, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:39 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f00000000c0)="240000002e0007031dfffd946fa2830020200a0009000000001d85680c1ba3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) 21:41:39 executing program 2: perf_event_open(&(0x7f0000000600)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/fuse\x00', 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000002000)=ANY=[], 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x121041, 0x0) getxattr(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000780)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) stat(&(0x7f00000008c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x200000, 0x0) read$FUSE(r0, &(0x7f0000001000), 0x1000) umount2(&(0x7f00000004c0)='./file0\x00', 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0) openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0) 21:41:40 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xfffffffd, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:40 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x15\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:40 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:40 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x100002000000105, &(0x7f0000000080)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x10000}]) 21:41:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000000000000010000000000001c340000ffff"]) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x7b, 0x0, [0x484]}) 21:41:40 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xfffffffe, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:40 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x16\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:40 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x51756500000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:40 executing program 4: r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x2}, 0x10) syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x200000, 0x0}, &(0x7f0000000580)="5f39203a1ec6", 0x0, 0x0, 0x0, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000003c0)={0x0, 0x5000}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="cd"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0, 0x800000000000000}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f0000000100)={0x0, 0x0, 0x3f00000000000000}) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@initdev}}, &(0x7f0000000300)=0xe8) setfsuid(r3) ptrace(0x4206, r2) ptrace(0x8, r2) syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0xffffffffffff28cb, 0x2200) syz_open_dev$vcsn(0x0, 0x0, 0x0) [ 316.654195][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 316.661414][T10043] Bluetooth: hci0: sending frame failed (-49) [ 318.735506][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 318.741633][T10043] Bluetooth: hci0: sending frame failed (-49) [ 320.814365][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:41:50 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:41:50 executing program 2: bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x8, {0x0, 0x20, 0x1ff, 0x0, 0x0, 0x9}, 0x8001}, 0xe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/fib_trie\x00') getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev}, 0x1c) mlockall(0x400000003) add_key$keyring(0x0, &(0x7f0000000300), 0x0, 0x0, 0x0) getresgid(0x0, &(0x7f0000000700), &(0x7f0000000740)) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) accept$alg(0xffffffffffffffff, 0x0, 0x0) 21:41:50 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x100000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:50 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x17\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:50 executing program 4: r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x2}, 0x10) syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x200000, 0x0}, &(0x7f0000000580)="5f39203a1ec6", 0x0, 0x0, 0x0, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000003c0)={0x0, 0x5000}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="cd"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0, 0x800000000000000}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f0000000100)={0x0, 0x0, 0x3f00000000000000}) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@initdev}}, &(0x7f0000000300)=0xe8) setfsuid(r3) ptrace(0x4206, r2) ptrace(0x8, r2) syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0xffffffffffff28cb, 0x2200) syz_open_dev$vcsn(0x0, 0x0, 0x0) 21:41:50 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:41:50 executing program 4: r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x2}, 0x10) syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x200000, 0x0}, &(0x7f0000000580)="5f39203a1ec6", 0x0, 0x0, 0x0, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000003c0)={0x0, 0x5000}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="cd"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0, 0x800000000000000}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f0000000100)={0x0, 0x0, 0x3f00000000000000}) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@initdev}}, &(0x7f0000000300)=0xe8) setfsuid(r3) ptrace(0x4206, r2) ptrace(0x8, r2) syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0xffffffffffff28cb, 0x2200) syz_open_dev$vcsn(0x0, 0x0, 0x0) 21:41:50 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x400000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:50 executing program 4: r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x2}, 0x10) syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x200000, 0x0}, &(0x7f0000000580)="5f39203a1ec6", 0x0, 0x0, 0x0, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000003c0)={0x0, 0x5000}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="cd"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0, 0x800000000000000}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f0000000100)={0x0, 0x0, 0x3f00000000000000}) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@initdev}}, &(0x7f0000000300)=0xe8) setfsuid(r3) ptrace(0x4206, r2) ptrace(0x8, r2) syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0xffffffffffff28cb, 0x2200) syz_open_dev$vcsn(0x0, 0x0, 0x0) 21:41:50 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x500000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:41:50 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x18\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:41:51 executing program 4: r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x2}, 0x10) syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x200000, 0x0}, &(0x7f0000000580)="5f39203a1ec6", 0x0, 0x0, 0x0, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000003c0)={0x0, 0x5000}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="cd"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0, 0x800000000000000}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f0000000100)={0x0, 0x0, 0x3f00000000000000}) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@initdev}}, &(0x7f0000000300)=0xe8) setfsuid(r3) ptrace(0x4206, r2) ptrace(0x8, r2) syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0xffffffffffff28cb, 0x2200) syz_open_dev$vcsn(0x0, 0x0, 0x0) [ 327.294233][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 327.300432][T10043] Bluetooth: hci0: sending frame failed (-49) [ 329.374277][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 329.380397][T10043] Bluetooth: hci0: sending frame failed (-49) [ 331.454328][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:42:00 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:00 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x800000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:00 executing program 4: r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x2}, 0x10) syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x200000, 0x0}, &(0x7f0000000580)="5f39203a1ec6", 0x0, 0x0, 0x0, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000003c0)={0x0, 0x5000}) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="cd"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0, 0x800000000000000}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f0000000100)={0x0, 0x0, 0x3f00000000000000}) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@initdev}}, &(0x7f0000000300)=0xe8) setfsuid(r3) ptrace(0x4206, r2) ptrace(0x8, r2) syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0xffffffffffff28cb, 0x2200) syz_open_dev$vcsn(0x0, 0x0, 0x0) 21:42:00 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x19\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:00 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:42:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, &(0x7f0000000040)) 21:42:00 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x1e00000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:00 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='sysfs\x00*\x86OK\xc0\v\xce\x1b\xdb cr\x13\xb1\xe8\x94\xd1 q_\x9d\xc1\x12[\x04,r&\xeb\x016\xd9bN\xa1\xd23t\xa6`\xfeZ\xc1sr/\xd3g\xad\"\xe8U0%\xa2\xe8\xbe\v\xc5QCy\xafr\x13\xd3+\x8d]\x06\xdc\x8f\xbf,\x84\x9e\xd9\xcd\xef\xc7K\x03\xdf\xa9\xcbZ\x90\xb2\x8bK$\xd7\x86,=f\xfc\xa51g\xd5BB5CZ=\xbbv\xbc}0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mount$bpf(0x0, &(0x7f0000000500)='./file0\x00', 0x0, 0x100420, &(0x7f0000000580)={[], [{@fscontext={'fscontext', 0x3d, 'root'}}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}]}) 21:42:01 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) [ 335.718261][T10501] e sysfs: Unknown parameter 'fscontext' 21:42:01 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x1a\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:01 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x1f00000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:01 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) [ 335.769988][T10507] e sysfs: Unknown parameter 'fscontext' [ 337.614248][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 337.620428][T10043] Bluetooth: hci0: sending frame failed (-49) [ 339.694226][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 339.700379][T10043] Bluetooth: hci0: sending frame failed (-49) [ 341.774330][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:42:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:42:11 executing program 2: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) ioctl(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$adsp(0x0, 0x0, 0x4000000000006000) r2 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x101000) r3 = openat(0xffffffffffffff9c, &(0x7f0000001380)='./file0\x00', 0x0, 0x0) geteuid() getgid() ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, 0x0) r4 = creat(&(0x7f0000000600)='./file0\x00', 0x4) getsockname(r4, &(0x7f0000000100)=@xdp, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000900)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0003801000000000000000000000000000000000000000000000000000048004c454400000000000000000000000000000000000000000000000000000073797a300000000000000000000000000000000000000000000000013c0000000004000000000000ac1414bb00000000ff000000ffffff00aaaaaaaaaa10000000000000000000000000000000000000000000ff00ff0000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000600090100000100050000766c616e3000000000000000000000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c65000000000000000000000000000000000000000000000000aaaaaaaaaaaa0000000000000000000000000000000000000000000000000000ac1414bb000000000f00000000000000e0000001ac14141bffffffff000000ff00000000000000000000000000000000000000000000000000ff000000ff0000000000000000000000000000000000000000000000000000000000000000000000ff00ffffff0000000000000000000000020dd9f001000300010401626f6e64300000000000000000000000697036746e6c3000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000040000000000000000000000f0003001000000000000000000000000000000000000000000000000000040004552524f5200000000000000000000000000000000000000000000000000a1410700dba40403cb387a7c2d51f6efc3110a6c776d11ac7472ff7c719000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000e8000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1) arch_prctl$ARCH_SET_GS(0x1001, 0x5) clone(0x802102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, 0x0) ioctl$DRM_IOCTL_DMA(r4, 0xc0406429, &(0x7f0000000500)={0x0, 0x3, &(0x7f0000000400)=[0x7, 0x4, 0x0], &(0x7f0000000440)=[0x800000, 0x80000000, 0x0, 0x2e2d, 0x7], 0x20, 0x2, 0x800, &(0x7f0000000480)=[0x87, 0x0], &(0x7f00000004c0)=[0x2]}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000380)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0xc202, &(0x7f0000000000)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) ioctl$RTC_PLL_SET(r3, 0x40207012, &(0x7f0000000240)={0x4, 0x8, 0xeaa, 0x101, 0x8001, 0x100000001}) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x101003, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000140)=@assoc_value={0x0, 0x88}, &(0x7f00000001c0)=0x8) fanotify_mark(r5, 0x41, 0x0, r5, 0x0) 21:42:11 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2000000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:11 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:11 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x1b\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:11 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:42:11 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2100000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:11 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000300)={{0x2, 0x0, @dev}, {0x1, @remote}, 0x0, {0x2, 0x0, @empty}, 'veth1_to_team\x00'}) 21:42:11 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:42:11 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x1c\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:11 executing program 4: openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:11 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2200000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:11 executing program 2: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) 21:42:11 executing program 4: openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:42:11 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2300000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:11 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x0, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:42:11 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:11 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x1d\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:11 executing program 4: openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) 21:42:11 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x2600000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:12 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) [ 346.596744][ T2521] Bluetooth: hci0: Frame reassembly failed (-84) 21:42:12 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x95ffffff00000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:12 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) 21:42:12 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:12 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\x1e\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:12 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xbf00000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:12 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x0, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) [ 348.654262][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 348.660398][T10043] Bluetooth: hci0: sending frame failed (-49) [ 350.734288][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 350.740423][T10043] Bluetooth: hci0: sending frame failed (-49) [ 352.814306][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:42:22 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:22 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:22 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, 0x0) 21:42:22 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xf401000000000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:22 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf!\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:22 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x0, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:42:22 executing program 4: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:22 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xfdffffff00000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:22 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) [ 357.293562][ T2490] Bluetooth: hci0: Frame reassembly failed (-84) 21:42:22 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\"\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:22 executing program 4: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:22 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xfeffffff00000000, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 359.294284][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 359.300460][T10703] Bluetooth: hci0: sending frame failed (-49) [ 359.534269][ T12] Bluetooth: hci1: command 0x1003 tx timeout [ 359.540373][T10703] Bluetooth: hci1: sending frame failed (-49) [ 361.374263][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 361.380363][T10703] Bluetooth: hci0: sending frame failed (-49) [ 361.614257][ T17] Bluetooth: hci1: command 0x1001 tx timeout [ 361.620353][T10703] Bluetooth: hci1: sending frame failed (-49) [ 363.454256][ T12] Bluetooth: hci0: command 0x1009 tx timeout [ 363.694264][ T12] Bluetooth: hci1: command 0x1009 tx timeout 21:42:32 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:32 executing program 4: perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:32 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0xffffffff00000000, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:42:32 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf#\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:32 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x0, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:42:32 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:32 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x4, @time, {}, {}, @connect}], 0xfef2) [ 367.511712][ T2521] Bluetooth: hci0: Frame reassembly failed (-84) 21:42:33 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf$\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:33 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:33 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x5, @time, {}, {}, @connect}], 0xfef2) 21:42:33 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:33 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf%\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 368.163857][ T2521] Bluetooth: hci1: Frame reassembly failed (-84) [ 369.534403][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 369.540566][T10703] Bluetooth: hci0: sending frame failed (-49) [ 370.174255][ T17] Bluetooth: hci1: command 0x1003 tx timeout [ 370.180453][T10703] Bluetooth: hci1: sending frame failed (-49) [ 371.614350][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 371.620447][T10703] Bluetooth: hci0: sending frame failed (-49) [ 372.254239][ T17] Bluetooth: hci1: command 0x1001 tx timeout [ 372.260332][T10703] Bluetooth: hci1: sending frame failed (-49) [ 373.694381][ T12] Bluetooth: hci0: command 0x1009 tx timeout [ 374.334278][ T12] Bluetooth: hci1: command 0x1009 tx timeout 21:42:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:43 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x0, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:42:43 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x8, @time, {}, {}, @connect}], 0xfef2) 21:42:43 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4000, 0x0) 21:42:43 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf&\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:43 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x1e, @time, {}, {}, @connect}], 0xfef2) 21:42:43 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, 0x0, 0x4000, 0x0) 21:42:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:43 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:43 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf\'\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:43 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, 0x0, 0x4000, 0x0) 21:42:43 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x21, @time, {}, {}, @connect}], 0xfef2) 21:42:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:43 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x0, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:42:43 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, 0x0, 0x4000, 0x0) 21:42:43 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x22, @time, {}, {}, @connect}], 0xfef2) 21:42:43 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) [ 378.411948][ T21] Bluetooth: hci0: Frame reassembly failed (-84) 21:42:43 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf(\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:44 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x0, 0x0) 21:42:44 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x23, @time, {}, {}, @connect}], 0xfef2) [ 380.414323][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 380.420421][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 382.494467][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 382.500564][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 384.574455][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:42:53 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:42:53 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:53 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x0, 0x0) 21:42:53 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x26, @time, {}, {}, @connect}], 0xfef2) 21:42:53 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, 0x0, 0x0) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:42:53 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf)\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:54 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x0, 0x0) 21:42:54 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:42:54 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xbf, @time, {}, {}, @connect}], 0xfef2) [ 388.643678][ T2490] Bluetooth: hci0: Frame reassembly failed (-84) 21:42:54 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf*\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:42:54 executing program 4: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000000100), 0x0, 0x20000001, 0x0, 0x0) splice(r1, 0x0, r0, 0x0, 0x3ff, 0x0) 21:42:54 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x1f4, @time, {}, {}, @connect}], 0xfef2) [ 390.654208][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 390.660339][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 392.734249][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 392.740491][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 394.814244][ T12] Bluetooth: hci0: command 0x1009 tx timeout 21:43:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:04 executing program 2: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:43:04 executing program 4: syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={0xac, 0x223}, @dev}, @icmp=@parameter_prob={0x5, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x223}, @dev}}}}}}, 0x0) 21:43:04 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x500, @time, {}, {}, @connect}], 0xfef2) 21:43:04 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, 0x0, 0x0) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:04 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf+\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:04 executing program 4: ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = socket(0x8000000000000010, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) write(r0, &(0x7f0000000000)="3e0000004e001f00ff03f4f900230400768511579131f4941fd41109028001cba80054de6e03f6d18cc9decdfd07849c0000000000000000000000000000", 0x3e) 21:43:04 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x1e00, @time, {}, {}, @connect}], 0xfef2) 21:43:04 executing program 2: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:43:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 399.022067][T10978] netlink: 42 bytes leftover after parsing attributes in process `syz-executor4'. 21:43:04 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf,\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:04 executing program 2: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) [ 399.088155][T10983] netlink: 42 bytes leftover after parsing attributes in process `syz-executor4'. 21:43:04 executing program 4: r0 = socket$inet(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, 0x1c, 0x609}, 0x14}}, 0x0) 21:43:04 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x1f00, @time, {}, {}, @connect}], 0xfef2) 21:43:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:04 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:05 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, 0x0, 0x0) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:05 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:43:05 executing program 4: perf_event_open(&(0x7f0000000600)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/fuse\x00', 0x2, 0x0) mkdir(&(0x7f00000009c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000780)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f00000004c0)='./file0\x00', 0x0) 21:43:05 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2000, @time, {}, {}, @connect}], 0xfef2) 21:43:05 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:05 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf-\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:05 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:05 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:43:05 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c) 21:43:05 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2100, @time, {}, {}, @connect}], 0xfef2) 21:43:05 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf.\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:05 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:05 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000), 0x0) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:05 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:43:05 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2200, @time, {}, {}, @connect}], 0xfef2) 21:43:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:05 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:05 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf/\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:05 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) [ 400.440704][ T21] Bluetooth: hci0: Frame reassembly failed (-84) 21:43:05 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:05 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2300, @time, {}, {}, @connect}], 0xfef2) 21:43:06 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:06 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf0\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:06 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000), 0x0) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:06 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2600, @time, {}, {}, @connect}], 0xfef2) 21:43:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 402.494328][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 402.500582][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 404.574338][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 404.580472][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 406.654302][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:43:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:16 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:16 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf1\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:16 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:16 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xbf00, @time, {}, {}, @connect}], 0xfef2) 21:43:16 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000), 0x0) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:16 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:16 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xf401, @time, {}, {}, @connect}], 0xfef2) 21:43:16 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) [ 411.059341][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 21:43:16 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf2\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:16 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x517565, @time, {}, {}, @connect}], 0xfef2) 21:43:16 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) [ 413.134272][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 413.140448][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 415.214261][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 415.220374][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 417.294280][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:43:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:26 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:26 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x1000000, @time, {}, {}, @connect}], 0xfef2) 21:43:26 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:26 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)='Z#', 0x2) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:26 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf3\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:26 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:26 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:26 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf4\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 421.302026][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 21:43:26 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x4000000, @time, {}, {}, @connect}], 0xfef2) 21:43:26 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:26 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x5000000, @time, {}, {}, @connect}], 0xfef2) [ 423.374300][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 423.380420][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 425.454296][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 425.460385][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 427.534318][ T12] Bluetooth: hci0: command 0x1009 tx timeout 21:43:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:36 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:36 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:36 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf5\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:36 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x8000000, @time, {}, {}, @connect}], 0xfef2) 21:43:36 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)='Z#', 0x2) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:36 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x1e000000, @time, {}, {}, @connect}], 0xfef2) 21:43:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:36 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:36 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf6\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:37 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:43:37 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:37 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x1f000000, @time, {}, {}, @connect}], 0xfef2) 21:43:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf7\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:37 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:43:37 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:43:37 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x20000000, @time, {}, {}, @connect}], 0xfef2) 21:43:37 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:37 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:43:37 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)='Z#', 0x2) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:37 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf8\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 432.327515][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 21:43:37 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x21000000, @time, {}, {}, @connect}], 0xfef2) 21:43:37 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:43:37 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:43:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:38 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf9\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:38 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) [ 434.334203][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 434.340290][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 436.414356][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 436.420509][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 438.494432][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:43:48 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:43:48 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x22000000, @time, {}, {}, @connect}], 0xfef2) 21:43:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:43:48 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf:\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:48 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee", 0x3) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:48 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x23000000, @time, {}, {}, @connect}], 0xfef2) [ 443.048107][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 21:43:48 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) umount2(0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:43:48 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf;\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:48 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x26000000, @time, {}, {}, @connect}], 0xfef2) [ 445.054309][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 445.060527][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 447.134284][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 447.140397][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 449.214248][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:43:58 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)) 21:43:58 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) umount2(0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:43:58 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x65755100, @time, {}, {}, @connect}], 0xfef2) 21:43:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:58 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee", 0x3) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:43:58 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf<\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:43:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 453.255407][ T2490] Bluetooth: hci0: Frame reassembly failed (-84) 21:43:58 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x95ffffff, @time, {}, {}, @connect}], 0xfef2) 21:43:58 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) umount2(0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:43:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:43:58 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xbf000000, @time, {}, {}, @connect}], 0xfef2) 21:43:58 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf=\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 455.294351][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 455.300491][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 457.374494][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 457.380611][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 459.454538][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:44:08 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) 21:44:08 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) umount2(0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:08 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xf4010000, @time, {}, {}, @connect}], 0xfef2) 21:44:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:44:08 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee", 0x3) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:44:08 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntf>\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:44:08 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xfdffffff, @time, {}, {}, @connect}], 0xfef2) [ 463.504884][T11513] cgroup: fork rejected by pids controller in /syz0 21:44:08 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) 21:44:09 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) umount2(0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:44:09 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfA\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) [ 463.704729][ T8137] Bluetooth: hci0: Frame reassembly failed (-84) 21:44:09 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xfeffffff, @time, {}, {}, @connect}], 0xfef2) 21:44:09 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) umount2(0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:44:09 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xffffff95, @time, {}, {}, @connect}], 0xfef2) 21:44:09 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) umount2(0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:09 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfB\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:09 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 21:44:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 465.774240][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 465.780369][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 467.854296][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 467.860408][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 469.934266][ T12] Bluetooth: hci0: command 0x1009 tx timeout 21:44:19 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) 21:44:19 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) umount2(0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:19 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xfffffffd, @time, {}, {}, @connect}], 0xfef2) 21:44:19 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfC\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:44:19 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 21:44:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:44:19 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) umount2(0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:19 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xfffffffe, @time, {}, {}, @connect}], 0xfef2) [ 474.412947][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 21:44:19 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfD\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) 21:44:20 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x51756500000000, @time, {}, {}, @connect}], 0xfef2) [ 476.414448][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 476.420564][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 478.494552][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 478.500697][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 480.574542][ T12] Bluetooth: hci0: command 0x1009 tx timeout 21:44:29 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:29 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x100000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:29 executing program 4: 21:44:29 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfE\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:29 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 21:44:29 executing program 2: 21:44:30 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x400000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:30 executing program 4: 21:44:30 executing program 2: 21:44:30 executing program 4: 21:44:30 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:30 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfF\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:30 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x500000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:30 executing program 2: 21:44:30 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000004a80)='/dev/full\x00', 0x0, 0x0) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0) 21:44:30 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:30 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfG\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:30 executing program 2: r0 = socket$inet6(0xa, 0x401000000001, 0x0) close(r0) socket$netlink(0x10, 0x3, 0x800000000a) r1 = open(&(0x7f0000000000)='./bus\x00', 0x1141042, 0x0) ftruncate(r1, 0x2007fff) recvmmsg(r0, &(0x7f0000002280)=[{{0x0, 0x0, &(0x7f0000001b00)=[{&(0x7f0000000580)=""/222, 0xde}, {&(0x7f0000000740)=""/198, 0xc6}], 0x2}}], 0x1, 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) 21:44:30 executing program 4: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) socket$inet(0x2, 0x3, 0x1) connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sendto$inet(r2, &(0x7f0000000380)="0500", 0x2, 0x20008888, 0x0, 0x0) splice(r0, 0x0, r2, 0x0, 0xffe9, 0x0) 21:44:30 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x800000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:30 executing program 0: futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0) 21:44:30 executing program 5: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:30 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x1e00000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:30 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfH\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:31 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x1f00000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:31 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:31 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2000000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:31 executing program 5: recvmmsg(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:31 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfI\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:31 executing program 2 (fault-call:3 fault-nth:0): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:44:31 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2100000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:31 executing program 5: recvmmsg(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:31 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfJ\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:31 executing program 0: syz_open_dev$sndtimer(&(0x7f0000000200)='/dev/snd/timer\x00', 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4) creat(&(0x7f0000000080)='./file0\x00', 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) 21:44:31 executing program 4 (fault-call:10 fault-nth:0): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) 21:44:31 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2200000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:31 executing program 5: recvmmsg(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) [ 486.492061][ T21] Bluetooth: hci0: Frame reassembly failed (-84) [ 486.498915][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 486.499009][ C1] protocol 88fb is buggy, dev hsr_slave_1 21:44:32 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfK\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:32 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0), 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:32 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2300000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:32 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0), 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) [ 487.094602][T11798] FAULT_INJECTION: forcing a failure. [ 487.094602][T11798] name failslab, interval 1, probability 0, space 0, times 0 [ 487.107573][T11798] CPU: 0 PID: 11798 Comm: syz-executor4 Not tainted 5.0.0-rc2-next-20190118 #15 [ 487.116604][T11798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 487.126665][T11798] Call Trace: [ 487.129972][T11798] dump_stack+0x1db/0x2d0 [ 487.134326][T11798] ? dump_stack_print_info.cold+0x20/0x20 [ 487.140067][T11798] ? debug_smp_processor_id+0x1c/0x20 [ 487.145448][T11798] ? perf_trace_lock+0x12f/0x750 [ 487.150395][T11798] ? trace_hardirqs_on+0xbd/0x310 [ 487.155439][T11798] should_fail.cold+0xa/0x14 [ 487.160046][T11798] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 487.165870][T11798] ? __sigqueue_alloc+0x235/0x710 [ 487.170901][T11798] ? find_held_lock+0x35/0x120 [ 487.175683][T11798] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 487.181945][T11798] __should_failslab+0x121/0x190 [ 487.186899][T11798] should_failslab+0x9/0x14 [ 487.191415][T11798] kmem_cache_alloc+0x47/0x710 [ 487.196199][T11798] __sigqueue_alloc+0x3ca/0x710 [ 487.201066][T11798] ? dequeue_signal+0x6a0/0x6a0 [ 487.205919][T11798] ? find_held_lock+0x35/0x120 [ 487.210692][T11798] ? __lock_acquire+0x572/0x4a10 [ 487.215645][T11798] ? lock_downgrade+0xbe0/0xbe0 [ 487.220516][T11798] __send_signal+0xdbb/0x1a10 [ 487.225204][T11798] ? prepare_signal+0xe10/0xe10 [ 487.230078][T11798] ? lock_acquire+0x1db/0x570 [ 487.234760][T11798] ? force_sig_info+0x55/0x310 [ 487.239539][T11798] ? kasan_check_write+0x14/0x20 [ 487.244478][T11798] ? do_raw_spin_lock+0x156/0x360 [ 487.249530][T11798] ? lock_release+0xc40/0xc40 [ 487.254219][T11798] ? rwlock_bug.part.0+0x90/0x90 [ 487.259181][T11798] ? trace_hardirqs_on_caller+0x310/0x310 [ 487.265445][T11798] send_signal+0x49/0xd0 [ 487.269707][T11798] force_sig_info+0x251/0x310 [ 487.274406][T11798] force_sig_fault+0x11b/0x180 [ 487.279179][T11798] ? force_sigsegv+0x120/0x120 [ 487.283962][T11798] ? kasan_check_write+0x14/0x20 [ 487.288903][T11798] ? up_read+0x212/0x2b0 [ 487.293159][T11798] __bad_area_nosemaphore+0x332/0x420 [ 487.298545][T11798] ? vmacache_find+0x65/0x310 [ 487.303248][T11798] ? downgrade_write+0x270/0x270 [ 487.308202][T11798] bad_area+0x69/0x80 [ 487.312212][T11798] __do_page_fault+0x996/0xda0 [ 487.316998][T11798] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 487.323085][T11798] do_page_fault+0xe6/0x7d8 [ 487.327597][T11798] ? trace_hardirqs_on_caller+0xc0/0x310 [ 487.333259][T11798] ? vmalloc_sync_all+0x30/0x30 [ 487.338117][T11798] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 487.344289][T11798] ? syscall_return_slowpath+0x5f0/0x5f0 [ 487.349934][T11798] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 487.355665][T11798] ? page_fault+0x8/0x30 [ 487.359920][T11798] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 487.365481][T11798] ? page_fault+0x8/0x30 [ 487.369736][T11798] page_fault+0x1e/0x30 [ 487.373890][T11798] RIP: 0033: (null) [ 487.378475][T11798] Code: Bad RIP value. [ 487.382548][T11798] RSP: 002b:00007f9354187c80 EFLAGS: 00010286 [ 487.388620][T11798] RAX: ffffffffffffffff RBX: 00007f9354187c90 RCX: 0000000000458099 [ 487.396786][T11798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 487.404760][T11798] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 487.412729][T11798] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f93541886d4 [ 487.420701][T11798] R13: 00000000004c5e0b R14: 00000000004da168 R15: 0000000000000006 [ 488.494294][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 488.500398][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 490.574347][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 490.580480][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 492.654328][ T17] Bluetooth: hci0: command 0x1009 tx timeout [ 496.654449][T11808] FAULT_INJECTION: forcing a failure. [ 496.654449][T11808] name failslab, interval 1, probability 0, space 0, times 0 [ 496.667498][T11808] CPU: 1 PID: 11808 Comm: syz-executor2 Not tainted 5.0.0-rc2-next-20190118 #15 [ 496.676539][T11808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 496.686609][T11808] Call Trace: [ 496.689921][T11808] dump_stack+0x1db/0x2d0 [ 496.694272][T11808] ? dump_stack_print_info.cold+0x20/0x20 [ 496.699989][T11808] ? __cancel_work_timer+0x235/0x810 [ 496.705308][T11808] should_fail.cold+0xa/0x14 [ 496.709912][T11808] ? hci_dev_do_close+0xece/0x1170 [ 496.715033][T11808] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 496.720834][T11808] ? lock_downgrade+0xbe0/0xbe0 [ 496.725691][T11808] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 496.731942][T11808] ? try_to_grab_pending+0x9d0/0x9d0 [ 496.737226][T11808] __should_failslab+0x121/0x190 [ 496.742174][T11808] should_failslab+0x9/0x14 [ 496.746684][T11808] kmem_cache_alloc_node+0x56/0x710 [ 496.751886][T11808] ? wait_for_completion+0x810/0x810 [ 496.757168][T11808] __alloc_skb+0xf4/0x730 [ 496.761490][T11808] ? skb_trim+0x190/0x190 [ 496.765823][T11808] ? mutex_unlock+0xd/0x10 [ 496.770265][T11808] ? hci_dev_do_close+0xb3e/0x1170 [ 496.775375][T11808] ? hci_unregister_dev+0x204/0x980 [ 496.780561][T11808] ? lock_acquire+0x1db/0x570 [ 496.785262][T11808] hci_sock_dev_event+0x1e0/0x730 [ 496.790305][T11808] ? do_raw_write_lock+0x14f/0x310 [ 496.795420][T11808] ? hci_send_monitor_ctrl_event+0x520/0x520 [ 496.801443][T11808] ? do_raw_write_trylock+0x270/0x270 [ 496.806818][T11808] ? trace_hardirqs_off_caller+0x300/0x300 [ 496.812686][T11808] hci_unregister_dev+0x32d/0x980 [ 496.817700][T11808] ? _raw_spin_unlock_irq+0x5e/0x90 [ 496.822889][T11808] ? hci_bdaddr_list_clear+0x2f0/0x2f0 [ 496.828352][T11808] ? __percpu_up_read+0x60/0x60 [ 496.833214][T11808] hci_uart_tty_close+0x206/0x260 [ 496.838256][T11808] ? hci_uart_close+0x50/0x50 [ 496.842928][T11808] tty_ldisc_close.isra.0+0x100/0x180 [ 496.848412][T11808] tty_set_ldisc+0x1f8/0x690 [ 496.853008][T11808] tty_ioctl+0xffa/0x16c0 [ 496.857334][T11808] ? tty_register_device+0x40/0x40 [ 496.862438][T11808] ? find_held_lock+0x35/0x120 [ 496.867209][T11808] ? __fget+0x473/0x710 [ 496.871385][T11808] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 496.877617][T11808] ? lock_downgrade+0xbe0/0xbe0 [ 496.882454][T11808] ? kasan_check_read+0x11/0x20 [ 496.887306][T11808] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 496.893300][T11808] ? rcu_read_unlock_special+0x380/0x380 [ 496.898927][T11808] ? __fget+0x49a/0x710 [ 496.903070][T11808] ? ksys_dup3+0x660/0x660 [ 496.907476][T11808] ? tty_register_device+0x40/0x40 [ 496.912576][T11808] do_vfs_ioctl+0x107b/0x17d0 [ 496.917258][T11808] ? wait_for_completion+0x810/0x810 [ 496.922540][T11808] ? ioctl_preallocate+0x2f0/0x2f0 [ 496.927646][T11808] ? __fget_light+0x2db/0x420 [ 496.932310][T11808] ? fget_raw+0x20/0x20 [ 496.936458][T11808] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 496.942686][T11808] ? fput+0x128/0x1a0 [ 496.946658][T11808] ? do_syscall_64+0x8c/0x800 [ 496.951319][T11808] ? do_syscall_64+0x8c/0x800 [ 496.955984][T11808] ? lockdep_hardirqs_on+0x415/0x5d0 [ 496.961270][T11808] ? security_file_ioctl+0x93/0xc0 [ 496.966377][T11808] ksys_ioctl+0xab/0xd0 [ 496.970586][T11808] __x64_sys_ioctl+0x73/0xb0 [ 496.975165][T11808] do_syscall_64+0x1a3/0x800 [ 496.979745][T11808] ? syscall_return_slowpath+0x5f0/0x5f0 [ 496.985368][T11808] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 496.991125][T11808] ? __switch_to_asm+0x34/0x70 [ 496.995882][T11808] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 497.001421][T11808] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 497.007300][T11808] RIP: 0033:0x458099 [ 497.011180][T11808] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 497.030952][T11808] RSP: 002b:00007f9d44173c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 497.039358][T11808] RAX: ffffffffffffffda RBX: 00007f9d44173c90 RCX: 0000000000458099 [ 497.047322][T11808] RDX: 0000000020000000 RSI: 0000000000005423 RDI: 0000000000000003 21:44:42 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 21:44:42 executing program 0 (fault-call:2 fault-nth:0): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:44:42 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x2600000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:42 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfL\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:42 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0), 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:42 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x0, 0x0, 0x0, 0x0) [ 497.055300][T11808] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 497.063279][T11808] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9d441746d4 [ 497.071258][T11808] R13: 00000000004c23cc R14: 00000000004d4af8 R15: 0000000000000004 [ 497.167478][T11854] FAULT_INJECTION: forcing a failure. [ 497.167478][T11854] name failslab, interval 1, probability 0, space 0, times 0 [ 497.214635][T11854] CPU: 1 PID: 11854 Comm: syz-executor0 Not tainted 5.0.0-rc2-next-20190118 #15 [ 497.223714][T11854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 497.233789][T11854] Call Trace: [ 497.237107][T11854] dump_stack+0x1db/0x2d0 [ 497.237163][T11854] ? dump_stack_print_info.cold+0x20/0x20 [ 497.237185][T11854] ? ldsem_down_read+0x33/0x40 [ 497.247410][T11854] should_fail.cold+0xa/0x14 [ 497.247432][T11854] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 497.247458][T11854] ? ___might_sleep+0x1e7/0x310 [ 497.247480][T11854] ? arch_local_save_flags+0x50/0x50 [ 497.262645][T11854] __should_failslab+0x121/0x190 [ 497.262667][T11854] should_failslab+0x9/0x14 [ 497.262684][T11854] kmem_cache_alloc_trace+0x2d1/0x760 [ 497.262711][T11854] h4_open+0x46/0x160 [ 497.273043][T11854] hci_uart_tty_ioctl+0x2d4/0xa70 [ 497.273067][T11854] tty_ioctl+0xb53/0x16c0 [ 497.273086][T11854] ? hci_uart_init_work+0x150/0x150 [ 497.273108][T11854] ? tty_register_device+0x40/0x40 [ 497.282530][T11854] ? find_held_lock+0x35/0x120 [ 497.282549][T11854] ? __fget+0x473/0x710 [ 497.282569][T11854] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 497.282591][T11854] ? lock_downgrade+0xbe0/0xbe0 [ 497.282613][T11854] ? kasan_check_read+0x11/0x20 [ 497.282631][T11854] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 497.292078][T11854] ? rcu_read_unlock_special+0x380/0x380 [ 497.292104][T11854] ? __fget+0x49a/0x710 [ 497.292126][T11854] ? ksys_dup3+0x660/0x660 [ 497.301450][T11854] ? tty_register_device+0x40/0x40 [ 497.301469][T11854] do_vfs_ioctl+0x107b/0x17d0 [ 497.301487][T11854] ? wait_for_completion+0x810/0x810 [ 497.301508][T11854] ? ioctl_preallocate+0x2f0/0x2f0 [ 497.376823][T11854] ? __fget_light+0x2db/0x420 [ 497.381506][T11854] ? fget_raw+0x20/0x20 [ 497.385672][T11854] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 497.391911][T11854] ? fput+0x128/0x1a0 [ 497.396388][T11854] ? do_syscall_64+0x8c/0x800 [ 497.401070][T11854] ? do_syscall_64+0x8c/0x800 [ 497.405746][T11854] ? lockdep_hardirqs_on+0x415/0x5d0 [ 497.411043][T11854] ? security_file_ioctl+0x93/0xc0 [ 497.416181][T11854] ksys_ioctl+0xab/0xd0 [ 497.420347][T11854] __x64_sys_ioctl+0x73/0xb0 [ 497.424943][T11854] do_syscall_64+0x1a3/0x800 [ 497.429539][T11854] ? syscall_return_slowpath+0x5f0/0x5f0 [ 497.435172][T11854] ? prepare_exit_to_usermode+0x232/0x3b0 [ 497.440914][T11854] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 497.446471][T11854] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 497.452358][T11854] RIP: 0033:0x458099 21:44:42 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) [ 497.456275][T11854] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 497.475874][T11854] RSP: 002b:00007f5ee7350c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 497.484284][T11854] RAX: ffffffffffffffda RBX: 00007f5ee7350c90 RCX: 0000000000458099 [ 497.492263][T11854] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 497.500274][T11854] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 497.508271][T11854] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ee73516d4 21:44:42 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x95ffffff00000000, @time, {}, {}, @connect}], 0xfef2) [ 497.516235][T11854] R13: 00000000004c096d R14: 00000000004d2470 R15: 0000000000000004 21:44:43 executing program 0 (fault-call:2 fault-nth:1): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:44:43 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xbf00000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:43 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x2, 0x0, 0x0, 0x0) 21:44:43 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) [ 499.294420][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 499.300517][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 501.374387][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 501.380515][ T1169] Bluetooth: hci0: sending frame failed (-49) [ 503.454761][ T12] Bluetooth: hci0: command 0x1009 tx timeout 21:44:52 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x2, &(0x7f0000000000)) 21:44:52 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfM\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:52 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:44:52 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:52 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xf401000000000000, @time, {}, {}, @connect}], 0xfef2) 21:44:52 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x3, 0x0, 0x0, 0x0) [ 507.645504][ T8137] Bluetooth: hci0: Frame reassembly failed (-84) 21:44:53 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xfdffffff00000000, @time, {}, {}, @connect}], 0xfef2) 21:44:53 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0), 0x0, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) [ 507.699086][ T2521] Bluetooth: hci1: Frame reassembly failed (-84) 21:44:53 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xfeffffff00000000, @time, {}, {}, @connect}], 0xfef2) 21:44:53 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0), 0x0, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:44:53 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfN\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:44:53 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0xffffffff00000000, @time, {}, {}, @connect}], 0xfef2) [ 509.694381][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 509.694472][ T12] Bluetooth: hci1: command 0x1003 tx timeout [ 509.702917][T10703] Bluetooth: hci0: sending frame failed (-49) [ 509.712622][T10703] Bluetooth: hci1: sending frame failed (-49) [ 511.774489][ T17] Bluetooth: hci1: command 0x1001 tx timeout [ 511.780561][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 511.780645][T10703] Bluetooth: hci1: sending frame failed (-49) [ 511.793936][T10703] Bluetooth: hci0: sending frame failed (-49) [ 513.854589][ T12] Bluetooth: hci0: command 0x1009 tx timeout [ 513.860633][ T12] Bluetooth: hci1: command 0x1009 tx timeout 21:45:03 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000000)) 21:45:03 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0), 0x0, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:45:03 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x2, 0x0) 21:45:03 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfO\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:45:03 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:45:03 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x4, 0x0, 0x0, 0x0) 21:45:03 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{0x0}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) [ 517.942464][ T2521] Bluetooth: hci0: Frame reassembly failed (-84) [ 517.959349][ T2521] Bluetooth: hci0: Frame reassembly failed (-84) [ 517.974797][ T8137] Bluetooth: hci1: Frame reassembly failed (-84) 21:45:03 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:45:03 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{0x0}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:45:03 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5409, 0x0) 21:45:03 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfP\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:45:03 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) [ 520.014442][ T12] Bluetooth: hci1: command 0x1003 tx timeout [ 520.022363][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 520.028456][T10703] Bluetooth: hci0: sending frame failed (-49) [ 520.034771][ T2490] Bluetooth: hci1: Frame reassembly failed (-84) [ 522.094368][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 522.100533][T10703] Bluetooth: hci0: sending frame failed (-49) [ 522.107197][ T12] Bluetooth: hci1: command 0x1001 tx timeout [ 522.113433][ T2490] Bluetooth: hci1: Frame reassembly failed (-84) [ 524.174306][ T17] Bluetooth: hci1: command 0x1009 tx timeout [ 524.174393][ T12] Bluetooth: hci0: command 0x1009 tx timeout 21:45:13 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x540b, &(0x7f0000000000)) 21:45:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540b, 0x0) 21:45:13 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{0x0}], 0x1, &(0x7f00000011c0)=""/40, 0x28, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:45:13 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:45:13 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfQ\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:45:13 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x5, 0x0, 0x0, 0x0) 21:45:13 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:45:13 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:45:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540c, 0x0) [ 528.193314][ T2490] Bluetooth: hci0: Frame reassembly failed (-84) [ 528.211330][ T2490] Bluetooth: hci1: Frame reassembly failed (-84) 21:45:13 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:45:13 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:45:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540d, 0x0) [ 530.254285][ T12] Bluetooth: hci1: command 0x1003 tx timeout [ 530.261941][ T12] Bluetooth: hci0: command 0x1003 tx timeout [ 530.268088][T10703] Bluetooth: hci0: sending frame failed (-49) [ 530.274530][ T2521] Bluetooth: hci1: Frame reassembly failed (-84) [ 532.334253][ T12] Bluetooth: hci0: command 0x1001 tx timeout [ 532.340739][ T12] Bluetooth: hci1: command 0x1001 tx timeout [ 532.340832][T10703] Bluetooth: hci0: sending frame failed (-49) [ 532.347880][ T2521] Bluetooth: hci1: Frame reassembly failed (-84) [ 534.414241][ T12] Bluetooth: hci1: command 0x1009 tx timeout [ 534.414247][ T17] Bluetooth: hci0: command 0x1009 tx timeout 21:45:23 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x540c, &(0x7f0000000000)) 21:45:23 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:45:23 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfR\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:45:23 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x6, 0x0, 0x0, 0x0) 21:45:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540e, 0x0) 21:45:23 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, 0x0) preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:45:23 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x100000000000022c, 0x0) [ 538.446325][ T2521] Bluetooth: hci0: Frame reassembly failed (-84) 21:45:23 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:45:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540f, 0x0) [ 538.504385][ T2521] Bluetooth: hci1: Frame reassembly failed (-84) 21:45:23 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x100000000000022c, 0x0) 21:45:24 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfS\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:45:24 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x100000000000022c, 0x0) [ 540.494274][ T17] Bluetooth: hci0: command 0x1003 tx timeout [ 540.500391][T10703] Bluetooth: hci0: sending frame failed (-49) [ 540.584254][ T17] Bluetooth: hci1: command 0x1003 tx timeout [ 540.590574][ T2521] Bluetooth: hci1: Frame reassembly failed (-84) [ 542.574421][ T17] Bluetooth: hci0: command 0x1001 tx timeout [ 542.580537][T10703] Bluetooth: hci0: sending frame failed (-49) [ 542.654367][ T17] Bluetooth: hci1: command 0x1001 tx timeout [ 542.660651][ T7] Bluetooth: hci1: Frame reassembly failed (-84) [ 544.654264][ T12] Bluetooth: hci0: command 0x1009 tx timeout [ 544.734460][ T12] Bluetooth: hci1: command 0x1009 tx timeout 21:45:34 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x540d, &(0x7f0000000000)) 21:45:34 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:45:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5410, 0x0) 21:45:34 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, 0x0, 0x0, 0x0) 21:45:34 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfT\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:45:34 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lgetxattr(0x0, 0x0, 0x0, 0x0) setsockopt(r2, 0x1, 0x9, &(0x7f0000000000)="5a23ee88", 0x4) setsockopt$inet_int(r2, 0x7, 0x0, 0x0, 0x0) 21:45:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5412, 0x0) 21:45:34 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, 0x0, 0x0, 0x0) 21:45:34 executing program 1: r0 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x901) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x21, 0x0, 0x0, @time, {}, {}, @connect}], 0xfef2) 21:45:34 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)) 21:45:34 executing program 5: recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000f80)=""/197, 0xc5}], 0x1, 0x0, 0x0, 0x7fffffff}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, 0x0, 0x0, 0x0) 21:45:34 executing program 3: syz_mount_image$ntfs(&(0x7f0000000000)='ntfU\x00', &(0x7f0000000580)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mft_zone_multiplier={'mft_zone_multiplier', 0x2c}}]}) 21:45:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5413, 0x0) [ 549.559724][T12168] Bluetooth: hci0: Frame reassembly failed (-84) [ 549.574959][ T8137] BUG: unable to handle kernel paging request at ffffffffffffffd6 [ 549.582774][ T8137] #PF error: [normal kernel read fault] [ 549.588333][ T8137] PGD 9874067 P4D 9874067 PUD 9876067 PMD 0 [ 549.594342][ T8137] Oops: 0000 [#1] PREEMPT SMP KASAN [ 549.599539][ T8137] CPU: 1 PID: 8137 Comm: kworker/u4:5 Not tainted 5.0.0-rc2-next-20190118 #15 [ 549.608409][ T8137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 549.618490][ T8137] Workqueue: events_unbound flush_to_ldisc [ 549.624313][ T8137] RIP: 0010:h4_recv_buf+0x1ea/0xda0 [ 549.629530][ T8137] Code: b6 14 10 48 89 c8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d7 0a 00 00 48 ba 00 00 00 00 00 fc ff df 48 8b 45 d0 4c 8d 60 70 <0f> b7 58 2a 4c 89 e0 48 c1 e8 03 0f b6 04 10 84 c0 74 08 3c 03 0f [ 549.649132][ T8137] RSP: 0018:ffff8880593e76c0 EFLAGS: 00010246 [ 549.655194][ T8137] RAX: ffffffffffffffac RBX: 0000000000000000 RCX: ffffffffffffffd6 [ 549.663166][ T8137] RDX: dffffc0000000000 RSI: ffffffff858bc8f2 RDI: 0000000000000005 [ 549.671137][ T8137] RBP: ffff8880593e7748 R08: ffff8880593dc440 R09: 0000000000000003 [ 549.679107][ T8137] R10: ffffed1015ce5b8f R11: ffff8880ae72dc7b R12: 000000000000001c [ 549.687081][ T8137] R13: ffff88809e52acc0 R14: ffff8880a07fb6a0 R15: 0000000000000006 [ 549.695050][ T8137] FS: 0000000000000000(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 549.703978][ T8137] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 549.710568][ T8137] CR2: ffffffffffffffd6 CR3: 000000005b1eb000 CR4: 00000000001406e0 [ 549.718583][ T8137] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 549.726546][ T8137] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 549.734507][ T8137] Call Trace: [ 549.737795][ T8137] ? __lock_is_held+0xb6/0x140 [ 549.742557][ T8137] h4_recv+0xe4/0x200 [ 549.746537][ T8137] hci_uart_tty_receive+0x22b/0x530 [ 549.751745][ T8137] ? hci_uart_write_work+0x710/0x710 [ 549.757031][ T8137] tty_ldisc_receive_buf+0x164/0x1c0 [ 549.762319][ T8137] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 549.768584][ T8137] tty_port_default_receive_buf+0x114/0x190 [ 549.774498][ T8137] ? tty_port_lower_dtr_rts+0x90/0x90 [ 549.779895][ T8137] ? process_one_work+0xbf1/0x1ce0 [ 549.785028][ T8137] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 549.791261][ T8137] flush_to_ldisc+0x3b2/0x590 [ 549.795947][ T8137] ? tty_insert_flip_string_flags+0x1b0/0x1b0 [ 549.802014][ T8137] ? __lock_is_held+0xb6/0x140 [ 549.806786][ T8137] process_one_work+0xd0c/0x1ce0 [ 549.811720][ T8137] ? __bpf_trace_sched_wake_idle_without_ipi+0x10/0x10 [ 549.818564][ T8137] ? __switch_to_asm+0x34/0x70 [ 549.823341][ T8137] ? pwq_dec_nr_in_flight+0x4a0/0x4a0 [ 549.828731][ T8137] ? __schedule+0x89f/0x1e60 [ 549.833335][ T8137] ? pci_mmcfg_check_reserved+0x170/0x170 [ 549.839051][ T8137] ? lockdep_hardirqs_on+0x415/0x5d0 [ 549.844339][ T8137] ? worker_thread+0x3b7/0x14a0 [ 549.849198][ T8137] ? find_held_lock+0x35/0x120 [ 549.853974][ T8137] ? lock_acquire+0x1db/0x570 [ 549.858656][ T8137] ? worker_thread+0x3cd/0x14a0 [ 549.863508][ T8137] ? kasan_check_write+0x14/0x20 [ 549.868443][ T8137] ? do_raw_spin_lock+0x156/0x360 [ 549.873463][ T8137] ? lock_release+0xc40/0xc40 [ 549.878140][ T8137] ? rwlock_bug.part.0+0x90/0x90 [ 549.883074][ T8137] ? trace_hardirqs_on_caller+0x310/0x310 [ 549.888807][ T8137] worker_thread+0x143/0x14a0 [ 549.893508][ T8137] ? process_one_work+0x1ce0/0x1ce0 [ 549.898705][ T8137] ? __kthread_parkme+0xc3/0x1b0 [ 549.903641][ T8137] ? lock_acquire+0x1db/0x570 [ 549.908326][ T8137] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 549.914129][ T8137] ? lockdep_hardirqs_on+0x415/0x5d0 [ 549.919414][ T8137] ? trace_hardirqs_on+0xbd/0x310 [ 549.924438][ T8137] ? __kthread_parkme+0xc3/0x1b0 [ 549.929377][ T8137] ? trace_hardirqs_off_caller+0x300/0x300 [ 549.935225][ T8137] ? do_raw_spin_trylock+0x270/0x270 [ 549.940508][ T8137] ? schedule+0x108/0x350 [ 549.944832][ T8137] ? do_raw_spin_trylock+0x270/0x270 [ 549.950114][ T8137] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 549.955916][ T8137] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 549.962148][ T8137] ? __kthread_parkme+0xfb/0x1b0 [ 549.967082][ T8137] kthread+0x357/0x430 [ 549.971143][ T8137] ? process_one_work+0x1ce0/0x1ce0 [ 549.976365][ T8137] ? kthread_stop+0x920/0x920 [ 549.981051][ T8137] ret_from_fork+0x3a/0x50 [ 549.985476][ T8137] Modules linked in: [ 549.989364][ T8137] CR2: ffffffffffffffd6 [ 549.993529][ T8137] ---[ end trace db5e5ed70fdcd85e ]--- [ 549.998974][ T8137] RIP: 0010:h4_recv_buf+0x1ea/0xda0 [ 550.004160][ T8137] Code: b6 14 10 48 89 c8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d7 0a 00 00 48 ba 00 00 00 00 00 fc ff df 48 8b 45 d0 4c 8d 60 70 <0f> b7 58 2a 4c 89 e0 48 c1 e8 03 0f b6 04 10 84 c0 74 08 3c 03 0f [ 550.023750][ T8137] RSP: 0018:ffff8880593e76c0 EFLAGS: 00010246 [ 550.029818][ T8137] RAX: ffffffffffffffac RBX: 0000000000000000 RCX: ffffffffffffffd6 [ 550.037781][ T8137] RDX: dffffc0000000000 RSI: ffffffff858bc8f2 RDI: 0000000000000005 [ 550.045746][ T8137] RBP: ffff8880593e7748 R08: ffff8880593dc440 R09: 0000000000000003 [ 550.053711][ T8137] R10: ffffed1015ce5b8f R11: ffff8880ae72dc7b R12: 000000000000001c [ 550.061691][ T8137] R13: ffff88809e52acc0 R14: ffff8880a07fb6a0 R15: 0000000000000006 [ 550.069660][ T8137] FS: 0000000000000000(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 550.078579][ T8137] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 550.083578][ T3864] kobject: 'loop4' (00000000fad09bde): kobject_uevent_env [ 550.085155][ T8137] CR2: ffffffffffffffd6 CR3: 000000005b1eb000 CR4: 00000000001406e0 [ 550.085167][ T8137] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 550.085183][ T8137] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 550.092291][ T3864] kobject: 'loop4' (00000000fad09bde): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 550.100228][ T8137] Kernel panic - not syncing: Fatal exception [ 550.101170][ T8137] Kernel Offset: disabled [ 550.137495][ T8137] Rebooting in 86400 seconds..