[ 63.460003] audit: type=1800 audit(1547671138.523:26): pid=9074 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 63.479402] audit: type=1800 audit(1547671138.533:27): pid=9074 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 63.498967] audit: type=1800 audit(1547671138.543:28): pid=9074 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 64.932636] audit: type=1800 audit(1547671140.013:29): pid=9074 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.53' (ECDSA) to the list of known hosts. 2019/01/16 20:39:13 fuzzer started 2019/01/16 20:39:18 dialing manager at 10.128.0.26:34017 2019/01/16 20:39:18 syscalls: 1 2019/01/16 20:39:18 code coverage: enabled 2019/01/16 20:39:18 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2019/01/16 20:39:18 setuid sandbox: enabled 2019/01/16 20:39:18 namespace sandbox: enabled 2019/01/16 20:39:18 Android sandbox: /sys/fs/selinux/policy does not exist 2019/01/16 20:39:18 fault injection: enabled 2019/01/16 20:39:18 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/01/16 20:39:18 net packet injection: enabled 2019/01/16 20:39:18 net device setup: enabled 20:41:22 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000040)={0x24020019980330}, &(0x7f0000000140)) clone(0x800000001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setpriority(0x2, 0x0, 0x800000000000e6) msgget(0x1, 0x80) fstat(r0, &(0x7f0000000300)) syzkaller login: [ 207.768262] IPVS: ftp: loaded support on port[0] = 21 [ 207.885441] chnl_net:caif_netlink_parms(): no params data found [ 207.947083] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.953986] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.961893] device bridge_slave_0 entered promiscuous mode [ 207.970484] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.977129] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.984962] device bridge_slave_1 entered promiscuous mode [ 208.011079] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 208.021542] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 208.047011] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 208.055256] team0: Port device team_slave_0 added [ 208.061361] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 208.069370] team0: Port device team_slave_1 added [ 208.075223] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 208.083225] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 208.375678] device hsr_slave_0 entered promiscuous mode [ 208.472334] device hsr_slave_1 entered promiscuous mode [ 208.663224] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 208.670636] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 208.694418] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.701161] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.708187] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.714689] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.782426] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 208.788641] 8021q: adding VLAN 0 to HW filter on device bond0 [ 208.800343] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 208.812607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 208.823027] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.831050] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.840908] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 208.857849] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 208.864015] 8021q: adding VLAN 0 to HW filter on device team0 [ 208.877490] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 208.885053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.893432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.901675] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.908140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.922287] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 208.934144] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 208.946951] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 208.956054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.964361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 208.972354] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.978774] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.986919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.995695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 209.010592] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 209.022100] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 209.033578] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 209.045135] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 209.053768] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 209.064121] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 209.075073] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 209.082435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 209.091082] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 209.099543] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 209.108209] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 209.116895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 209.125146] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 209.133634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 209.141945] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 209.155805] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 209.163462] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 209.182285] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 209.199901] 8021q: adding VLAN 0 to HW filter on device batadv0 20:41:24 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000140)={0x1d, r2}, 0x10) setsockopt(r0, 0x65, 0x1, 0x0, 0x0) [ 209.314766] capability: warning: `syz-executor0' uses 32-bit capabilities (legacy support in use) 20:41:24 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x38, 0x10, 0xe3b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xf19}, [@IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@IFLA_VTI_LOCAL={0x8, 0x4, @multicast2}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) [ 209.491277] device vti0 entered promiscuous mode 20:41:24 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0), 0x1c) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x13, &(0x7f0000000040)={'nat\x00', 0x2, [{}, {}]}, 0x48) 20:41:24 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000100)={0x1d, r1}, 0x10) bind$can_raw(r0, &(0x7f0000000000), 0x10) 20:41:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 209.727239] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 20:41:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:25 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xae64, 0x0) 20:41:25 executing program 1: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x480000, 0x0) ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000040)={[], 0x6, 0xec8, 0x8, 0x0, 0x8000, 0x6000, 0x10000, [], 0x1ff}) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000200)={@local, @dev={0xac, 0x14, 0x14, 0x23}, 0x1, 0x2, [@remote, @multicast1]}, 0x18) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000240)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e23, 0xaaa6, @remote}, @in={0x2, 0x4e23, @rand_addr=0x8b64}], 0x3c) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000280)={0x0, 0xff}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000300)={r1, 0xbb2, 0x9}, &(0x7f0000000340)=0x8) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000440)={@broadcast, @empty, 0x0}, &(0x7f0000000480)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000004c0)={'team0\x00', r3}) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000500)=0x100000000, 0x4) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000540), &(0x7f0000000580)=0x4) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5387, &(0x7f00000005c0)) r4 = accept$inet(r0, &(0x7f0000000600)={0x2, 0x0, @initdev}, &(0x7f0000000640)=0x10) write$P9_RMKDIR(r0, &(0x7f0000000680)={0x14, 0x49, 0x1, {0x8, 0x3, 0x7}}, 0x14) ioctl$RTC_AIE_ON(r0, 0x7001) getsockopt$inet_sctp_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f00000006c0)={r2, 0x0, 0x127, 0x0, 0xffffffff, 0x5}, &(0x7f0000000700)=0x14) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0xffffffffffffff7f) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000740)={0x3, 0xfffffffffffffffe, 0x9, 0x8, 0x11, 0x2, 0x7, 0x7f, 0x9, 0x10001}) r5 = syz_open_dev$evdev(&(0x7f0000000780)='/dev/input/event#\x00', 0xcd70, 0x101000) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f00000007c0)={r1, @in6={{0xa, 0x4e21, 0x8, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x1f}}, 0x800}}}, 0x84) ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000000880)) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f00000008c0)=""/9) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5387, &(0x7f0000000900)) fcntl$setpipe(r5, 0x407, 0x252) fsetxattr$security_smack_transmute(r0, &(0x7f0000000940)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000980)='TRUE', 0x4, 0x2) r6 = syz_open_dev$audion(&(0x7f00000009c0)='/dev/audio#\x00', 0x1, 0x200000) ioctl$KVM_GET_VCPU_EVENTS(r6, 0x8040ae9f, &(0x7f0000000a00)) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) ioctl$PPPIOCATTCHAN(r6, 0x40047438, &(0x7f0000000a40)=0x1) ioctl$ION_IOC_HEAP_QUERY(r6, 0xc0184908, &(0x7f0000000ac0)={0x34, 0x0, &(0x7f0000000a80)}) getsockopt$bt_rfcomm_RFCOMM_LM(r6, 0x12, 0x3, &(0x7f0000000b00), &(0x7f0000000b40)=0x4) 20:41:25 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xae64, 0x0) 20:41:25 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xae64, 0x0) 20:41:26 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0xae64, 0x0) 20:41:26 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0xae64, 0x0) [ 211.130263] IPVS: ftp: loaded support on port[0] = 21 20:41:26 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0xae64, 0x0) 20:41:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 211.300909] chnl_net:caif_netlink_parms(): no params data found 20:41:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 211.380603] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.387226] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.395027] device bridge_slave_0 entered promiscuous mode [ 211.403139] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.409578] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.417445] device bridge_slave_1 entered promiscuous mode [ 211.452885] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 211.463306] bond0: Enslaving bond_slave_1 as an active interface with an up link 20:41:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 211.503100] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 211.511054] team0: Port device team_slave_0 added [ 211.518712] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 211.526870] team0: Port device team_slave_1 added 20:41:26 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0xae64, 0x0) [ 211.561167] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 211.573142] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 211.665386] device hsr_slave_0 entered promiscuous mode [ 211.782347] device hsr_slave_1 entered promiscuous mode [ 212.003758] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 212.011154] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready 20:41:27 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0xae64, 0x0) [ 212.048926] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.055433] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.062526] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.068992] bridge0: port 1(bridge_slave_0) entered forwarding state 20:41:27 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0xae64, 0x0) [ 212.190758] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 212.197061] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.209674] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 212.222112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 212.243870] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.254221] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.269605] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 212.284590] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 212.290680] 8021q: adding VLAN 0 to HW filter on device team0 [ 212.316134] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 212.323484] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 212.332906] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 212.340961] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.347496] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.370703] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 212.378420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 212.386706] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 212.394753] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.401170] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.416640] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 212.427362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 212.440056] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 212.447539] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 212.460997] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 212.468845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 212.477778] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 212.490009] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 212.498982] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 212.507006] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 212.515494] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 212.526753] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 212.533943] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 212.542285] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 212.555426] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 212.562477] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 212.570329] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 212.583573] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 212.589600] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 212.610482] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 212.627002] 8021q: adding VLAN 0 to HW filter on device batadv0 20:41:28 executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) shutdown(r0, 0x0) getcwd(&(0x7f0000000040)=""/34, 0x22) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6e, &(0x7f0000000100)=[@in6={0xa, 0x0, 0x1f, @remote, 0x8}], 0x1c) 20:41:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:28 executing program 1: r0 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) r1 = request_key(&(0x7f00000001c0)='cifs.idmap\x00', &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000240)='#[,GPL)(\x00', 0xffffffffffffffff) keyctl$read(0xb, r1, &(0x7f0000000280), 0x0) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000080)={0x8000001, 0x4}) getresuid(&(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100)=0x0) fstat(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r0, r2, r3) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000280)={0x8000, 0x3, 0x7f72}) 20:41:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:28 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000080), &(0x7f00000000c0)=0x40) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4) connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @broadcast}, 0x10) setsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000100)="aaaad095bc768ee35bb0412a02f1d06d2cb684450b5891d1ded3969a403b1ffea66eefb9ea54", 0x26) sendmmsg(r0, &(0x7f0000008780)=[{{0x0, 0x0, &(0x7f0000001bc0), 0x0, &(0x7f0000001c40)}}, {{&(0x7f0000000000)=@ethernet={0x307, @remote}, 0x80, &(0x7f0000003700), 0x0, &(0x7f0000003780)}}], 0x2, 0x0) 20:41:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:28 executing program 1: poll(&(0x7f0000000000), 0x33, 0x7) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x300, 0x0) mq_timedreceive(r0, &(0x7f0000000040)=""/181, 0xb5, 0x1f6, &(0x7f0000000100)={0x77359400}) ioctl$KDDISABIO(r0, 0x4b37) 20:41:28 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000300)=@filter={'filter\x00', 0xe, 0x2, 0x1d0, [0x0, 0x20000100, 0x20000130, 0x20000200], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000004000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5f626f6e64000000aaaaaaaaaa00000000000000ffffffffffff00000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffff0a1b000000000000aaaaaaaaaa0000000000000000007000000070000000a0000000415544495400000000000000000000000000000000000000000000000000000008000000000000000000000000000000"]}, 0x248) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000440)={'filter\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000bc0), 0x0, [{}, {}]}, 0x98) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) ioctl$VT_RELDISP(r3, 0x5605) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_ADD(r3, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f00000000c0)={0x1c, r4, 0x318, 0x70bd27, 0x25dfdbfc, {}, [@FOU_ATTR_IPPROTO={0x8, 0x3, 0xff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40000) 20:41:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:28 executing program 1: r0 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)=0x199) r1 = dup3(r0, r0, 0x80000) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f0000000040)={0x7fffffff, 0x10000, 0x980, {r2, r3+10000000}, 0x4, 0x408}) 20:41:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xae64, 0x0) 20:41:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in, @in6=@mcast1}}, {{@in=@remote}}}, &(0x7f0000000040)=0xfffffffffffffcaa) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000013000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 20:41:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xae64, 0x0) 20:41:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xae64, 0x0) 20:41:29 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x200000e, 0x13, r0, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x802, 0x0) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x20001, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r2, 0x8935, &(0x7f00000001c0)={'veth0_to_team\x00', 0x7fff}) r3 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/btrfs-control\x00', 0x80000, 0x0) ioctl$SG_GET_SCSI_ID(r3, 0x2276, &(0x7f0000000200)) openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) fcntl$dupfd(r3, 0x0, r0) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000000)={0x0, 0x80000}) r4 = openat$vfio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio\x00', 0x101000, 0x0) ioctl$UI_DEV_CREATE(r4, 0x5501) 20:41:29 executing program 0 (fault-call:4 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 214.434416] FAULT_INJECTION: forcing a failure. [ 214.434416] name failslab, interval 1, probability 0, space 0, times 1 [ 214.445869] CPU: 0 PID: 9421 Comm: syz-executor0 Not tainted 5.0.0-rc1+ #7 [ 214.452989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.462362] Call Trace: [ 214.465001] dump_stack+0x173/0x1d0 [ 214.468673] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 214.473902] should_fail+0xa19/0xb20 [ 214.477668] __should_failslab+0x278/0x2a0 [ 214.481959] should_failslab+0x29/0x70 [ 214.485891] kmem_cache_alloc_trace+0x125/0xb40 [ 214.490604] ? kvm_create_pit+0x9d/0x1280 [ 214.494784] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.500203] kvm_create_pit+0x9d/0x1280 [ 214.504216] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.509611] ? vmalloc_to_page+0x56e/0x6a0 [ 214.513879] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 214.519101] kvm_arch_vm_ioctl+0x1f34/0x2940 [ 214.523557] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.528956] ? vmalloc_to_page+0x56e/0x6a0 [ 214.533238] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 214.538462] kvm_vm_ioctl+0x991/0x2df0 [ 214.542388] ? __msan_poison_alloca+0x1f0/0x2a0 [ 214.547085] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 214.551957] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 214.557190] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 214.562081] do_vfs_ioctl+0xebd/0x2bf0 [ 214.566011] ? security_file_ioctl+0x92/0x200 [ 214.570566] __se_sys_ioctl+0x1da/0x270 [ 214.574606] __x64_sys_ioctl+0x4a/0x70 [ 214.578527] do_syscall_64+0xbc/0xf0 [ 214.582277] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 214.587495] RIP: 0033:0x457ec9 [ 214.590722] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 214.609645] RSP: 002b:00007fe485a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 214.617377] RAX: ffffffffffffffda RBX: 00007fe485a65c90 RCX: 0000000000457ec9 [ 214.624679] RDX: 0000000000000000 RSI: 000000000000ae64 RDI: 0000000000000004 [ 214.631987] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 214.639293] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe485a666d4 [ 214.646593] R13: 00000000004c0f7c R14: 00000000004d2ba0 R15: 0000000000000006 20:41:29 executing program 1: r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0xfc0004) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef}, 0xb) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x9) recvfrom$packet(r1, 0x0, 0x0, 0x40, 0x0, 0x0) 20:41:29 executing program 0 (fault-call:4 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 214.891179] FAULT_INJECTION: forcing a failure. [ 214.891179] name failslab, interval 1, probability 0, space 0, times 0 [ 214.902675] CPU: 0 PID: 9434 Comm: syz-executor0 Not tainted 5.0.0-rc1+ #7 [ 214.909708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 214.919159] Call Trace: [ 214.921811] dump_stack+0x173/0x1d0 [ 214.925499] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 214.930723] should_fail+0xa19/0xb20 [ 214.934485] __should_failslab+0x278/0x2a0 [ 214.938759] should_failslab+0x29/0x70 [ 214.942685] kmem_cache_alloc_trace+0x125/0xb40 [ 214.947389] ? kthread_create_worker+0x20f/0x610 [ 214.952201] kthread_create_worker+0x20f/0x610 [ 214.956838] kvm_create_pit+0x382/0x1280 [ 214.960934] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.966322] ? vmalloc_to_page+0x56e/0x6a0 [ 214.970603] kvm_arch_vm_ioctl+0x1f34/0x2940 [ 214.975056] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 214.980446] ? vmalloc_to_page+0x56e/0x6a0 [ 214.984753] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 214.989986] kvm_vm_ioctl+0x991/0x2df0 [ 214.993932] ? __msan_poison_alloca+0x1f0/0x2a0 [ 214.998636] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 215.003519] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 215.008743] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 215.013619] do_vfs_ioctl+0xebd/0x2bf0 [ 215.017564] ? security_file_ioctl+0x92/0x200 [ 215.022097] __se_sys_ioctl+0x1da/0x270 [ 215.026105] __x64_sys_ioctl+0x4a/0x70 [ 215.030019] do_syscall_64+0xbc/0xf0 [ 215.033789] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 215.038997] RIP: 0033:0x457ec9 [ 215.042250] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 215.061275] RSP: 002b:00007fe485a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 215.069016] RAX: ffffffffffffffda RBX: 00007fe485a65c90 RCX: 0000000000457ec9 [ 215.076300] RDX: 0000000000000000 RSI: 000000000000ae64 RDI: 0000000000000004 [ 215.083691] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 215.090984] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe485a666d4 [ 215.098277] R13: 00000000004c0f7c R14: 00000000004d2ba0 R15: 0000000000000006 20:41:30 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001640)=ANY=[@ANYBLOB="48000000ad964bdd66e92b000c0d000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012000c00010069703667726500001800020014001600ff010900000000000000000000000001"], 0x33}}, 0x0) fstatfs(r0, &(0x7f0000001540)=""/235) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0xb00, 0x0) ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000140)) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f00000016c0)={0x0}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000001700)={r2, 0x80000, r1}) preadv(r0, &(0x7f00000014c0)=[{&(0x7f0000000000)=""/60, 0x3c}, {&(0x7f00000001c0)=""/210, 0xd2}, {&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000012c0)=""/19, 0x13}, {&(0x7f0000001300)=""/64, 0x40}, {&(0x7f0000001340)=""/197, 0xc5}, {&(0x7f0000001440)=""/102, 0x66}], 0x7, 0x0) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001740)='/dev/mixer\x00', 0x40000, 0x0) ioctl$KDGKBLED(r3, 0x4b64, &(0x7f0000000080)) 20:41:30 executing program 0 (fault-call:4 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:30 executing program 2: r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000040)={0x6, 0x25, 0x0, 0x16, 0x1, 0x1, 0x0, 0x61, 0xffffffffffffffff}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000001c0)=0x0) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000340)=0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000380)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast1}}, 0xffffffffffffffff) getgroups(0x6, &(0x7f0000000480)=[0xffffffffffffffff, 0xffffffffffffffff, 0xee01, 0xee01, 0xee01, 0xee00]) r8 = gettid() r9 = geteuid() r10 = getgid() sendmsg$unix(r0, &(0x7f00000005c0)={&(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000180)=[{&(0x7f0000000100)="0a725dd9a86ffa24b2cbcc4ff6f2a44fbd790c5481db71b4b6529dbc52a9d7f685f7e5a03b1346ddb6a2bb6991be2b3362ba648f238a4b5eaf6ef11a02e8b03e706bca2c01f22b4c3690ebcbdb2e0b6d67a1", 0x52}], 0x1, &(0x7f00000004c0)=[@rights={0x20, 0x1, 0x1, [r1, r1, r1, r0]}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}, @rights={0x28, 0x1, 0x1, [r1, r1, r1, r1, r0, r0]}, @cred={0x20, 0x1, 0x2, r2, r3, r4}, @cred={0x20, 0x1, 0x2, r5, r6, r7}, @cred={0x20, 0x1, 0x2, r8, r9, r10}], 0xd0}, 0x44080) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000600)={0x0, 0x2}, &(0x7f0000000640)=0x8) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000680)={r11}, &(0x7f00000006c0)=0x8) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r1, 0x40045730, &(0x7f0000000700)=0x5) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000740)='sit0\x00') setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f00000007c0)={'filter\x00', 0x7, 0x4, 0x470, 0x0, 0x270, 0x0, 0x388, 0x388, 0x388, 0x4, &(0x7f0000000780), {[{{@uncond, 0xf0, 0x130}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x100000001, 0x7, 0x5ca5}}}, {{@arp={@local, @dev={0xac, 0x14, 0x14, 0xa}, 0x0, 0xff000000, @mac=@local, {[0xff, 0x0, 0x0, 0xff, 0xff, 0xff]}, @mac, {[0x0, 0xff, 0xff, 0x0, 0xff, 0xff]}, 0x5, 0xb8f, 0x3, 0x3, 0xce5d, 0x400, 'caif0\x00', 'nlmon0\x00', {}, {}, 0x0, 0x22}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@dev={[], 0xb}, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x2, 0x4, 0xffffffff}}}, {{@uncond, 0xf0, 0x118}, @unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x8, 0xd7ed}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x4c0) setxattr$security_smack_entry(&(0x7f0000000c80)='./file0\x00', &(0x7f0000000cc0)='security.SMACK64\x00', &(0x7f0000000d00)='RATEEST\x00', 0x8, 0x2) prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000d40)) r12 = syz_genetlink_get_family_id$fou(&(0x7f0000000dc0)='fou\x00') sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000e80)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x401002}, 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x2c, r12, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@FOU_ATTR_IPPROTO={0x8, 0x3, 0xaf}, @FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000800}, 0x80) r13 = inotify_init() ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000ec0)={0x39, 0x16, 0xb, 0x12, 0x9, 0xffffffffffffbda6, 0x5, 0x151}) setsockopt$inet_buf(r0, 0x0, 0x0, &(0x7f0000000f00)="0f2c93865d3a0e7e4a93679fa10666d99bc54d7474498add1466a7ea57e576c03511a0a0f56d719d4f35bac50fcb0ecb6e9a638922bdcbc1c5545f60c0eaec1299e873d6fa2a7d0e9ab408c93ec87c53ba7f47ae0c17579b0acdc97abf238a9234bb3be39145ce0134339d8b2f20bcc4c022c352257966fa8f448971d801681120f2b66f2ba60cf42bb6d9152d5822c527b5893a0b84026819741b985c38b0ddc5aefa7e61982c2d7eb92765ee5c8600799c8e1ac3ed", 0xb6) time(&(0x7f0000000fc0)) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000001000)={r11, 0x5}, &(0x7f0000001040)=0x8) inotify_add_watch(r13, &(0x7f0000001080)='./file0\x00', 0x40) [ 215.292855] FAULT_INJECTION: forcing a failure. [ 215.292855] name failslab, interval 1, probability 0, space 0, times 0 [ 215.304480] CPU: 1 PID: 9444 Comm: syz-executor0 Not tainted 5.0.0-rc1+ #7 [ 215.311513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.320876] Call Trace: [ 215.323511] dump_stack+0x173/0x1d0 [ 215.327179] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 215.332419] should_fail+0xa19/0xb20 [ 215.336188] __should_failslab+0x278/0x2a0 [ 215.340456] should_failslab+0x29/0x70 [ 215.344378] kmem_cache_alloc_trace+0x125/0xb40 [ 215.349165] ? __kthread_create_on_node+0x1af/0x8d0 [ 215.354242] __kthread_create_on_node+0x1af/0x8d0 [ 215.359129] ? kmem_cache_alloc_trace+0x55d/0xb40 [ 215.364011] ? __kthread_init_worker+0x190/0x190 [ 215.368821] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 215.374048] kthread_create_worker+0x37c/0x610 [ 215.378686] kvm_create_pit+0x382/0x1280 [ 215.382776] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 215.388175] ? vmalloc_to_page+0x56e/0x6a0 [ 215.392478] kvm_arch_vm_ioctl+0x1f34/0x2940 [ 215.396928] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 215.402312] ? vmalloc_to_page+0x56e/0x6a0 [ 215.406588] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 215.411818] kvm_vm_ioctl+0x991/0x2df0 [ 215.415761] ? __msan_poison_alloca+0x1f0/0x2a0 [ 215.420471] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 215.425354] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 215.430577] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 215.435469] do_vfs_ioctl+0xebd/0x2bf0 [ 215.439396] ? security_file_ioctl+0x92/0x200 [ 215.443950] __se_sys_ioctl+0x1da/0x270 [ 215.447962] __x64_sys_ioctl+0x4a/0x70 [ 215.451881] do_syscall_64+0xbc/0xf0 [ 215.455653] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 215.460857] RIP: 0033:0x457ec9 [ 215.464084] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 215.483012] RSP: 002b:00007fe485a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 20:41:30 executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x12d) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r1, 0x8}}, 0xfffffffffffffd6c) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000140), r1, 0x0, 0x1, 0x4}}, 0x20) [ 215.490750] RAX: ffffffffffffffda RBX: 00007fe485a65c90 RCX: 0000000000457ec9 [ 215.498038] RDX: 0000000000000000 RSI: 000000000000ae64 RDI: 0000000000000004 [ 215.505345] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 215.512642] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe485a666d4 [ 215.519928] R13: 00000000004c0f7c R14: 00000000004d2ba0 R15: 0000000000000006 20:41:30 executing program 0 (fault-call:4 fault-nth:3): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:30 executing program 1: r0 = socket(0x100000100000000a, 0x2, 0x3) getsockopt$inet_int(r0, 0x0, 0x12, 0x0, &(0x7f0000000100)) [ 215.786975] IPVS: ftp: loaded support on port[0] = 21 [ 215.788709] FAULT_INJECTION: forcing a failure. [ 215.788709] name failslab, interval 1, probability 0, space 0, times 0 [ 215.803744] CPU: 1 PID: 9454 Comm: syz-executor0 Not tainted 5.0.0-rc1+ #7 [ 215.810779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.820149] Call Trace: [ 215.822782] dump_stack+0x173/0x1d0 [ 215.826466] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 215.831700] should_fail+0xa19/0xb20 [ 215.835483] __should_failslab+0x278/0x2a0 [ 215.839773] should_failslab+0x29/0x70 [ 215.843705] __kmalloc+0xaf/0x3a0 [ 215.847203] ? kvm_io_bus_register_dev+0x232/0x830 [ 215.852173] kvm_io_bus_register_dev+0x232/0x830 [ 215.856994] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 215.862346] kvm_create_pit+0xde3/0x1280 [ 215.866951] kvm_arch_vm_ioctl+0x1f34/0x2940 [ 215.871406] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 215.876796] ? vmalloc_to_page+0x56e/0x6a0 [ 215.881071] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 215.886301] kvm_vm_ioctl+0x991/0x2df0 [ 215.890235] ? __msan_poison_alloca+0x1f0/0x2a0 [ 215.894953] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 215.899832] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 215.905058] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 215.909943] do_vfs_ioctl+0xebd/0x2bf0 [ 215.913886] ? security_file_ioctl+0x92/0x200 [ 215.918428] __se_sys_ioctl+0x1da/0x270 [ 215.922466] __x64_sys_ioctl+0x4a/0x70 [ 215.926407] do_syscall_64+0xbc/0xf0 [ 215.930175] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 215.935405] RIP: 0033:0x457ec9 [ 215.938643] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 215.957568] RSP: 002b:00007fe485a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 215.965332] RAX: ffffffffffffffda RBX: 00007fe485a65c90 RCX: 0000000000457ec9 [ 215.972628] RDX: 0000000000000000 RSI: 000000000000ae64 RDI: 0000000000000004 [ 215.980442] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 215.987854] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe485a666d4 [ 215.995153] R13: 00000000004c0f7c R14: 00000000004d2ba0 R15: 0000000000000006 [ 216.067014] chnl_net:caif_netlink_parms(): no params data found 20:41:31 executing program 0 (fault-call:4 fault-nth:4): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 216.145793] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.152412] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.160545] device bridge_slave_0 entered promiscuous mode [ 216.190649] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.197190] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.205321] device bridge_slave_1 entered promiscuous mode [ 216.212993] FAULT_INJECTION: forcing a failure. [ 216.212993] name failslab, interval 1, probability 0, space 0, times 0 [ 216.224865] CPU: 0 PID: 9467 Comm: syz-executor0 Not tainted 5.0.0-rc1+ #7 [ 216.231989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 216.241357] Call Trace: [ 216.243985] dump_stack+0x173/0x1d0 [ 216.247647] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 216.252880] should_fail+0xa19/0xb20 [ 216.256647] __should_failslab+0x278/0x2a0 [ 216.260937] should_failslab+0x29/0x70 [ 216.264878] __kmalloc+0xaf/0x3a0 [ 216.268382] ? kvm_io_bus_register_dev+0x232/0x830 [ 216.273355] kvm_io_bus_register_dev+0x232/0x830 [ 216.278160] kvm_create_pit+0x101e/0x1280 [ 216.282364] kvm_arch_vm_ioctl+0x1f34/0x2940 [ 216.283049] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 216.286811] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 216.299731] ? vmalloc_to_page+0x56e/0x6a0 [ 216.304013] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 216.305706] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 216.309237] kvm_vm_ioctl+0x991/0x2df0 [ 216.320659] ? __msan_poison_alloca+0x1f0/0x2a0 [ 216.325363] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 216.330242] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 216.335465] ? vcpu_stat_clear_per_vm+0x280/0x280 [ 216.340338] do_vfs_ioctl+0xebd/0x2bf0 [ 216.344292] ? security_file_ioctl+0x92/0x200 [ 216.348823] __se_sys_ioctl+0x1da/0x270 [ 216.352832] __x64_sys_ioctl+0x4a/0x70 [ 216.356754] do_syscall_64+0xbc/0xf0 [ 216.360526] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 216.360938] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 216.365731] RIP: 0033:0x457ec9 [ 216.365768] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 216.365784] RSP: 002b:00007fe485a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 216.373856] team0: Port device team_slave_0 added [ 216.375667] RAX: ffffffffffffffda RBX: 00007fe485a65c90 RCX: 0000000000457ec9 [ 216.414396] RDX: 0000000000000000 RSI: 000000000000ae64 RDI: 0000000000000004 [ 216.421706] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 216.429098] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe485a666d4 20:41:31 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") r1 = socket$inet(0x10, 0x3, 0x2000000000c) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@empty, @in6=@loopback}}, {{@in6=@local}, 0x0, @in6}}, &(0x7f0000000080)=0xe8) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f00000000c0)={r0}) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_WINDOW(r2, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, r3, 0x314, 0x70bd26, 0x25dfdbfe, {{}, 0x0, 0x4109, 0x0, {0x14, 0x18, {0x0, @bearer=@l2={'ib', 0x3a, 'vxcan1\x00'}}}}, ["", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="24000000020707041dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) openat$vfio(0xffffffffffffff9c, &(0x7f0000000a40)='/dev/vfio/vfio\x00', 0x2, 0x0) ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000a80)={'\x00', 0x5}) [ 216.436382] R13: 00000000004c0f7c R14: 00000000004d2ba0 R15: 0000000000000006 [ 216.443415] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 216.452416] team0: Port device team_slave_1 added [ 216.475273] netlink: 20 bytes leftover after parsing attributes in process `syz-executor1'. 20:41:31 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00') lseek(r0, 0x200000000, 0x1) [ 216.494513] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 216.502873] netlink: 20 bytes leftover after parsing attributes in process `syz-executor1'. [ 216.518789] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready 20:41:31 executing program 1: pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x4000) ioctl$RTC_EPOCH_READ(r0, 0x8008700d, &(0x7f0000000080)) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/autofs\x00', 0x0, 0x0) ioctl(r1, 0x800000000000937e, &(0x7f0000000040)="01000000000000001804000006000000000000001cd849832f") openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x2000, 0x0) 20:41:31 executing program 0 (fault-call:4 fault-nth:5): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 216.615619] device hsr_slave_0 entered promiscuous mode [ 216.643263] device hsr_slave_1 entered promiscuous mode [ 216.701117] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 216.734978] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready 20:41:31 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r0, 0x80000) read$eventfd(r2, &(0x7f0000000000), 0x8) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r2, 0xc0905664, &(0x7f0000000040)={0x0, 0x0, [], @bt={0x10000, 0xe8, 0x7, 0xe3, 0x3, 0x3, 0x2, 0x1}}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mount(0x0, 0x0, &(0x7f00005f7ffa)='ramfs\x00', 0x0, 0x0) mount(0x0, 0x0, &(0x7f0000753000)='mslos\x00', 0x0, 0x0) mremap(&(0x7f00005bc000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000459000/0x4000)=nil) mbind(&(0x7f0000289000/0x400000)=nil, 0x400000, 0x0, 0x0, 0x0, 0x2) [ 216.797825] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.804461] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.811405] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.818155] bridge0: port 1(bridge_slave_0) entered forwarding state 20:41:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0xffffffff, 0x0) ioctl$PPPOEIOCSFWD(r2, 0x4008b100, &(0x7f0000000080)={0x18, 0x0, {0x0, @random="6d0ede934d7e", 'batadv0\x00'}}) getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000000c0)={0x0, 0x7}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={r3, 0xfffffffffffffff9}, 0x8) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 216.903347] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 216.909567] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.939051] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 216.953935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 216.969037] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.983342] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.994922] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 217.010609] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 217.016802] 8021q: adding VLAN 0 to HW filter on device team0 20:41:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f00000000c0)={0x0, 0x2, 0x8894, 0x6, 0x20}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x121840, 0x0) lsetxattr$security_selinux(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='security.selinux\x00', &(0x7f0000000180)='system_u:object_r:usbtty_device_t:s0\x00', 0x25, 0x1) ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000080)=r3) [ 217.057070] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 217.064291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 217.072785] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 217.080898] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.087413] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.108505] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 217.143145] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 217.160824] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 217.168304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 217.176616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 217.185210] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.191727] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.199175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 217.208056] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 217.220560] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 217.246180] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 217.270860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 217.279738] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 217.288150] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 217.297149] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.307421] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 217.317182] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 217.325432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 217.333544] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 217.352048] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 217.358895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 217.367562] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 217.381227] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 217.387464] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 217.418689] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 217.435722] 8021q: adding VLAN 0 to HW filter on device batadv0 20:41:32 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x2, 0x1, 0x0) mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0xfffffffffffffffc, 0x8972, r1, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) connect$inet(r2, &(0x7f00000e5000)={0x2, 0x4e1f, @loopback}, 0x10) alarm(0x0) connect$inet(r2, &(0x7f0000000000)={0x2, 0xffffffffffffffff, @empty}, 0x10) connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000200)=r3, 0x4) getpeername$unix(r0, &(0x7f00000000c0)=@abs, &(0x7f0000000140)=0x6e) sendto$inet(r2, 0x0, 0x0, 0x0, 0x0, 0x209) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, &(0x7f0000000240)={0x2, [0x6, 0xa3]}) 20:41:32 executing program 2: unshare(0x400) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x541f, &(0x7f0000000040)) r1 = fcntl$dupfd(r0, 0x406, r0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000000)={0x0, 0x4}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f00000001c0)={r2, 0x2, 0x9c, 0x1, 0x6, 0x8000000000, 0x1, 0x4, {r3, @in={{0x2, 0x4e24, @loopback}}, 0x5, 0x0, 0x80000000, 0x9, 0x1}}, &(0x7f0000000140)=0xb0) 20:41:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x80, 0x0) r3 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x4, 0x7031d93dd848cc9b) ioctl$KVM_DEASSIGN_DEV_IRQ(r3, 0x4040ae75, &(0x7f00000000c0)={0x5, 0x100, 0x7, 0x403}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f00000001c0)=0x0) sched_rr_get_interval(r4, &(0x7f0000000200)) ioctl$PERF_EVENT_IOC_ID(r2, 0x80082407, &(0x7f0000000140)) ioctl$EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f0000000100)=""/38) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) setsockopt$inet6_MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f0000000180)={0x1bec02dc, 0x1, 0x9, 0x1, 0x4}, 0xc) 20:41:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x200000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f00000000c0)={0x0, 0x1e, "45866868e684f8a44a8d0d8d413cf713662d724fa64a9f122d45a7e57681"}, &(0x7f0000000100)=0x26) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000140)={r4, 0x7, 0x2, 0x4, 0x5, 0x400}, &(0x7f0000000180)=0x14) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x20000, 0x0) ioctl$KDSKBLED(r5, 0x4b65, 0x1ff) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:32 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0xa}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @empty=0xe0ffffff}}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x18, 0x0, &(0x7f0000000040)) 20:41:32 executing program 1: mknod(&(0x7f0000000000)='./file0\x00', 0x80000000064, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setxattr$security_capability(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000580)=@v3, 0x18, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x19) execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) 20:41:33 executing program 2: r0 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='syz_tun\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f00000000c0)=0x2, 0x3) setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000040)=0x8000000939, 0x4) recvmsg(r0, &(0x7f0000000280)={&(0x7f0000000200)=@hci, 0xfffffffffffffde0, &(0x7f0000000340), 0x0, &(0x7f0000000380)=""/93, 0xfffffebd}, 0x0) sendto$unix(r0, &(0x7f0000000080), 0x7272, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000)) getsockopt$inet_buf(r0, 0x0, 0x2e, &(0x7f0000000100)=""/39, &(0x7f0000000140)=0x27) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x64, r1, 0x300, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'nr0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x101}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}]}, @IPVS_CMD_ATTR_DEST={0x18, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x64}}, 0x0) 20:41:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0xae64, 0x0) [ 218.074485] raw_sendmsg: syz-executor2 forgot to set AF_INET. Fix it! 20:41:33 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000280)="68b20b64806e1e3c837631cb3ca2cdfeae7220bf9d74eede7296009437022795606779431fe51bed187c3797d64e5063561465b64c7edc92a8b98d3a063c8a7efda419239fa865a5e62b99fea1229bb036a6cad42693f3ff7feb18795c8c642bfb700a8beeb2877e6d4b76ca8d9350527a25053ba14f6009964f784449687fb5180769e539c37a52722e9ab4011a1ce55dc762b57b377234af9826c9971ed970025e687b18e16eb30b7d8dc5de17fd8194b39d22819dcd32bb77559ce9abdfaae0589df523b2b83021d876c33db70c6907700b219d2e7b3bba257680f085a0c4c5c19272ed040a7d172206414760530b6b2c2f881432630668c82fd2765656d4") sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000140)=ANY=[@ANYBLOB="020e000014000000000000000000000005000600008000000a00000000000000000000000000000000000000000000000000000000000000080012000000020000000000000000001f000000000000004000000000000000ac14ffbb000000000000000000000000ac1414000000000000000000000000000500ee00008000000a00000000000000fe8000000000000000000000000000ff00000000000000007e34f20a521426e134b2ac4139c42ff18e849ab6c946e50d145dd05b78b254c8082a2a8e6d8588ce2ff448c0bca5d29f81b50df7244a0a1bd3a6c43290ca3d189d1e1105021b5aceb41b164db6a528d430ba2359d2af6ddf0cf1d54892847b72edb0fb93be66a41180fd07f8b95e9c3d6954f0eca4e218556b6ec4df0d2983cb3aabf79d0d2bea48202081fd39ce4bbda74c"], 0xa0}}, 0x0) sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="022400820008000000"], 0x10}}, 0x0) 20:41:33 executing program 2: r0 = socket(0x19, 0x5, 0x2) write(r0, &(0x7f0000000040)="2400b40400ff141c020b5aff6e100500000780cc0800020000141410d805000000000000e826821a57a2876431f208905871b3d9a1597a2ac3efea4bbc4ef1bb69b78630e6869981fc9b42d07a4f139fe9da6e28a85bf8ad9d0ac25b03edf82a70d6758f599ac1aef22cb7f7d95a8a255a5f14d1c05ecfc1e8b04b751f4788c46a0d70402891012a579218dbae08fe8c36a4ac35f5fbdba2a78ad940a3a899e7398e7449b084", 0xa6) 20:41:33 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x8) openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x20000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0xae64, 0x0) 20:41:33 executing program 0: socketpair(0x10, 0x4, 0x100000000, &(0x7f0000000140)={0xffffffffffffffff}) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1f}}, 0x10) r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xfff, 0x2) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ADD(r1, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x50}, 0x4c, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="040729bd7000ffdbdf25150000002c00090008000200090000005022e6517e0f7231eda9b5ed47c66808000200050000000800020006000000080001000400000008000200000000003800020008000200ff00000008000200dd000000040004000800010000000080040004000400040008000100fe0700000800010000000000b00001000c0002000800020006000000380004001400010002004e24ac1e00010000000000000000200002000a004e2200000f43fe0a9e9fc9457924bc9f6f31f1fffa8207000000380004001400010002004e21ac1414aa0000000000000000200002000a004e21ffff000000000000000000000000ffff00000d6c018000c0db376b855e997593eb43000800030007000000100001007564703a73797a3200000000080003000100000008000300000200000800030006000000fc000100380004001400010002004e21ac1414aa0000000000000000200002000a004e2400000008fe8000000000000000000000000000aa0180000038000400200001000a004e220000000100000000000000000000ffffac14140cff0300001400020002004e24000000000000000000000000080003007f000000380004001400010002004e20000000000000000000000000200002000a004e24000006e10000000000000000000000000000000107000000380004001400010002004e20000000040000000000000000200002000a004e2200000000ee8000000000000000000000000000bbf7ffffff100001007564703a73797a30000000002c00090008000200ad03000008000200ffffff7f080002008d00000008000100c52900000800020001800000dc000100100001007564703a73797a3100000000080003b64c0000001c0002000800030003000000080001001b000000080001000b000000100001007564703a73797a32000000001400020008000200ff7f00000800010010000000140002000800040004000000080001001f00000038000400200001000a004e2000000400fe800000000000000000000000f7ff16060000001400020002004e20e000000200000000000000003400020008000400020000000800020000000080080001000000000008000300940c0000080001001700000008000400050000001401010034000200080001001a00000008000300060000000800010019000000080004000800000008000300080000000800030005000000080003000000000044000400200001000a004e2300000001fe8000000000000000000000000000bb04000000200002000a004e2300000040ff02000000000000000000000000000104000000100001007564703a73797a31000000000c2bcbfacc841d65b5a2aeafbee400020008000100010000000800030001000000100001007564703a73797a3200000000100001007564703a73797a3200000000080003000000000044000400200001000a004e210000287f00000000000000000000000000000001ea970000200002000a004e21000000020000000000"], 0x440}, 0x1, 0x0, 0x0, 0x10}, 0x4000) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r3, 0xae64, 0x0) 20:41:33 executing program 1: r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x1, 0x100) getsockname$packet(r0, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000440)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000480)={r1, 0x1, 0x6, @link_local}, 0x10) sendmsg$kcm(r0, &(0x7f00000002c0)={&(0x7f0000000140)=@vsock={0x28, 0x0, 0x2710, @host}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000080)="7b2fbf519cb63778b38a8900d164e07fd500d2e9", 0x14}, {&(0x7f00000001c0)="3f92f4735116ee004b66f0d81ab96ae3ae2a22e8f3c496ea673d783b4bb7b1b979ad6f683751e266ffe7c861d1668595e76ac9e8d18b14ea403703b5a1139ff8fb475d1552cc7a54738f5c4d941af44441bcb66c9b97385ef9823095fb9d8d3329a965f1d60a394dde25c353a601f0de7e4862be6c19602cba163c70d43f6d4befb4988ea3b2c9c7dcec40a22020cbcd", 0x90}], 0x2}, 0x20000000) r2 = socket$kcm(0x10, 0x800000000002, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f0000000300)=""/242) sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="1d000000130081aee4050cecff0e00fa078b5bdb4cb90478485e510bef", 0x1d}], 0x1, &(0x7f0000000140)}, 0x0) 20:41:33 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000280)='/dev/dsp#\x00', 0x4, 0x2002) bind$tipc(r1, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x9e) setsockopt$inet_int(r0, 0x0, 0x31, &(0x7f0000000040)=0xffffffc, 0x4) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x10000, 0x0) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000180)={0x0, 0x3c, "fd6d31fa8a1b2d1ec6b5def96f018579a085f553471f9e911a11dd84a399e461fc565ab478264510bf8d404ce913f5ecd4fc7b72d13d834ba8fbb688"}, &(0x7f0000000100)=0x44) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000200)=@sack_info={r3, 0x1, 0x6}, 0xc) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000340)={0x3, 0xffffffff00000001, 0x7}) write$selinux_attr(r2, &(0x7f00000000c0)='system_u:object_r:boot_t:s0\x00', 0x1c) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000)='TIPCv2\x00') getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000380)={r3, @in6={{0xa, 0x4e23, 0x81d, @loopback, 0x9}}}, &(0x7f0000000080)=0x84) 20:41:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10010174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c888c9ff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000001c0)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x8}]}}) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x5, 0x0) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x2) 20:41:33 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000001fc0)=0x2000000003) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000040), &(0x7f0000000080)=0x4) write$binfmt_elf64(r0, 0x0, 0x0) ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000000)) 20:41:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000040)=0x4, 0x4) 20:41:33 executing program 2: unshare(0x40000000020400) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x200, 0x0) getsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f00000000c0)=""/50, &(0x7f0000000140)=0x32) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_GET_SG_TABLESIZE(r1, 0x227f, &(0x7f0000000100)) write$P9_RRENAME(r0, &(0x7f0000000080)={0x7, 0x15, 0x2}, 0xff42) 20:41:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x1, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000140)={0xffffffffffffffff}, 0x13f, 0x1009}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r2, &(0x7f00000001c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000080), r3, 0xffffffffffff7fff}}, 0x18) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:33 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XC\x9e\xd5T\xfa\aBJ\xb9\xb3\xf8h>\xcf\x89\xde\xe9\x01\xd2\xdau\xc0\x1f\x02\x00\xf5\x8d&\xd7\xa0q\xfb53\x1c\xe3\x9cZ\xee\xffP\x83\xcf\a\xddFE\\\x91MJ\xff\x1e|\xf7\xedW\xc0\xc2\x05o\\\xa9\xfc\xf0<\xbf\x82\xbd\x13SG73\x92E\xd3\xc7\x06A\xbeb\x81\xd7\xe1\xb4\xb7\t\x91\x14\xc5q\x87\"\x98\xdd\x7f! \xe2\xb6\xfa*.*,\x9cn\x004u\vya\xfa,\x15\x84\xc0\xb5\xa5\x00\xae\n\xc3\x9b\xc7jx\xd9\x15\x82fu\x9fvj>\x8c\x84\xc0\x9c\xf3\xad\x88\x82\x94\x7f\xfa\x1f\xb4\xc0Pr{\xeb\x12\xc5~\x06\xffY\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x89$W\x8a\xd4\x9e\xa1\x14LtH\xd6@\xaa\x88\xa6jq\xb7}s\xa9$\xff\x02\x7f\xdc\xb5P\x16\x16S\xd4\xcbW\b\x83\x85$\x82\x86\xf5\xbe\x9d\x87f\xc7\f)\xe6\xf5\x06=\xfet\xa1\xb0\xb5 y\x15\x90H!\vM\'\x1a\xc9L\x88\x9b\x06<\xa3J\tW\x9a\xf061\xf1(\xe6\xdd,\x96m\xae\xcd|o~\x0fN\xbc\xaf\x80%\f\xfa\xb0q\x84\x83\x80x\xc7\x1d\x80\x9d\x06\xdc\v\xacu\xdb\x81E%\xd1\xd1\xac\xafL\xb6\xf4\x89\x0f9s\x82\xaecf\x97\xf6\x88\tN8\xdb\\\"w\x0fS\alc\r\xf9\xbbL\x14\x91\x89\xff\xa9u\xf5 \x871\x1c[\xaa\xfc\x11\xc9\v\xdc%\xfc\x80;q\x15=\xdc9\x95\xb2\xdfI\xcd\xd7\x84\xbc[\xea@\x86\x10p\xda\xdb9^\x85\xc9<\xdf\xa0\x8e') mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffc, 0x12, r0, 0x0) r1 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r1, 0x10d, 0x95, 0x0, &(0x7f0000000000)) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240)='TIPC\x00') sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2004000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, r2, 0x400, 0x70bd2d, 0x25dfdbfb, {{}, 0x0, 0x4102, 0x0, {0x10, 0x13, @l2={'eth', 0x3a, 'erspan0\x00'}}}, ["", "", ""]}, 0x2c}}, 0x40) 20:41:34 executing program 2: r0 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000080)={'syz'}, 0x0, 0x0, r0) keyctl$unlink(0x16, r1, 0x0) 20:41:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x8000, 0x0) r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0)='nbd\x00') sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r4, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x28}}, 0x8000) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:34 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x8000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0xc08c5335, &(0x7f0000000040)={0x3, 0x2, 0x1, 'queue1\x00', 0x9}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl(0xffffffffffffffff, 0xffffffffbfffbfa4, &(0x7f0000000000)) 20:41:34 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = syz_open_dev$loop(&(0x7f0000000680)='/dev/loop#\x00', 0x0, 0x800000000105082) r2 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000480)="acc0a556610d696c73505a84e624aa4782dc9efaad2b1d1a46222a97c7063b6e07f6e2082a351acba6a70d50127ebeb865a7691243d5324867cb6aa79b2cdb488edda2591ad009000000297a08dbe56d8cda0f4cd06c6e73edd22b32fffa5e44e098f89dd0d2387997827f831fc5d791317aa40a1a58be14ee52adbd2424", 0xfffffffffffffe7c}], 0x1, 0x81003) preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/67, 0x43}, {&(0x7f0000000140)=""/90, 0x5a}, {&(0x7f00000001c0)=""/160, 0xa0}, {&(0x7f0000000280)=""/49, 0x31}], 0x4, 0x0) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) socket$alg(0x26, 0x5, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000300)='/dev/audio\x00', 0x200000, 0x0) ioctl$RTC_ALM_READ(r3, 0x80247008, &(0x7f0000000340)) flistxattr(r3, &(0x7f0000000380)=""/99, 0x63) sendfile(r1, r1, 0x0, 0x102000000) 20:41:34 executing program 1: mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x800000000044031, 0xffffffffffffffff, 0x0) io_pgetevents(0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x28400, 0x0) fsetxattr$security_smack_entry(r0, &(0x7f00000000c0)='security.SMACK64IPIN\x00', &(0x7f0000000100)='/dev/vfio/vfio\x00', 0xf, 0x1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000040)={0x1, 0xffffffff, 0x6, 0xb6, 0xe984, 0xfffffffffffffff8}) 20:41:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:34 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400240) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) dup(r1) 20:41:34 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg(r0, 0x0, 0x20000081) sendmsg$nl_netfilter(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="200000000201010000000000000000000a0000000c001200080000000029ec715330f1d3767e10b4adc7492fee95af379f7bec8bcba0beaacd3cef8c65295a2f9e66211300f8c72246736cd9c1c7ee0d93f7805bd82dbcb86069dd1f648e0207b5117b7ca32a176e68db668852af30ca410094f31829646ea550261b0107431fafaa4ddbd54cd864a95252847b948ae50f7b0a473d880b489c5a8dac0f2383a1dc551458448164739787126e26dd3681b52c25110800000000000000c7e3b418b6ed9d1fc0d70e20666f7181c454659f65fc72bc5fdd25db2657a40acaa0dd37111bdb590b720b73c1cab8b4095d702828175c04ea85c0f306cb5f949bf18cf1a56519c4c79a546605d5ff6f8b2a570b3c4320", @ANYRES32=0x0], 0x20}}, 0x0) r1 = dup3(r0, r0, 0x80000) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x8d9, 0x0, 0x0, 0x1, "69422b158f20681dd09e8decc833b36707c68bef778e2550781d7f420d09367996e4451a1a0c546e2b75cf15f48d69c276f619d92725cc13326174fd87328519", "339f1c52d18a67da52446d0f10e912ab598dc6d41a1b9873797c337755f8ea4d", [0x7, 0x3]}) 20:41:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x8, 0x10000) r4 = open(&(0x7f0000000080)='./file0\x00', 0x200000, 0xae) ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f00000000c0)={r4, 0x0, 0x1000, 0x1000}) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) [ 219.564244] netlink: 'syz-executor2': attribute type 18 has an invalid length. 20:41:34 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400240) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) dup(r1) 20:41:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x5) r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x24) setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000080)=@routing={0x2f, 0x8, 0x1, 0x1, 0x0, [@mcast2, @local, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @rand_addr="27c369baac7f84103964e5bcaff93b96"]}, 0x48) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:34 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400240) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) dup(r1) 20:41:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x2c0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS(r3, 0x80605414, &(0x7f0000000080)=""/179) [ 219.823898] netlink: 'syz-executor2': attribute type 18 has an invalid length. 20:41:35 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400240) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) dup(r1) 20:41:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000080)=ANY=[@ANYPTR]) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0xae64, 0x0) 20:41:35 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400240) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="0600000000000000000000000000000000000000000000000000c0eb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e911000000000000000000000000000000"]) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4188aea7, &(0x7f0000000180)={0x3, 0x0, [0x0, 0x1], [0xc2]}) 20:41:35 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400240) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:35 executing program 0: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x2a840, 0x0) ioctl$PPPIOCDISCONN(r0, 0x7439) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r2, 0xae64, 0x0) 20:41:35 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x8a000, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f00000002c0)={&(0x7f0000000100), 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xd0, r1, 0x0, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x1c, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x942}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NODE={0x24, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x553}]}, @TIPC_NLA_BEARER={0x70, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5bc}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @loopback}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x3, @ipv4={[], [], @remote}, 0x1ff}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffffffffff001}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0xd0}}, 0x4000004) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000300)) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000b6dfc8)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0203000313000000000000000000000005000600000000000a00000000000000000000000000000055000000000000000000eaffffff000005000900ff0000000a0000009c570000fe8000000000000000000000000000ff000000000000000002000100000000000000050c0000000005000500000000000f000000001b0000ff0200eb82aff50000000000000000010000000000000000de85803c0154d51a455efd70aa7bba3388d03fef53aa585bc4d3159d2f39b0d8dde08406f48810f65d839f56e19fba3ef4f842f5e6776127f144aba39d780d5219bcc4464b7339cd919400874a577aa3e67b97439c7f84f0f7549b7bc0ea9a24539cb29dd0383d51b3fe326b0cca3d17588ca5b0f4bc34b1"], 0x98}}, 0x0) 20:41:35 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_ENUMINPUT(r3, 0xc050561a, &(0x7f0000000080)={0xffffffff, "962b28c99980f59e165f5bae83667db8f48e4288b17a2853b6e1e40852bb905b", 0x2, 0x10001, 0x5, 0xc000c, 0x10}) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:35 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:35 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xb, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="faff090032000000000000000000000000000000a25903c51fbc36c207b7564831b1c2f34f0ec99ec5615c1a8d5f2fbfdc5797dbff08b289c9282fcc4a963961dc002484011c75ee065f655d8c8aec2f4ae4096ed81d99d57cc08c09d887cd593d6e52534340b7dc11135c9244a40a11239a1ef4328dfcc77fd747204dfd69ffa12846ed4e12603b9c37f3ead18e8b83b26b58"], 0xfffffffffffffdc6}}, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x3fc, 0x0) syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x7, 0x400) r1 = socket$inet(0x2, 0x6, 0x8) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f0000000000)) sendmmsg$inet_sctp(r1, &(0x7f0000000600)=[{&(0x7f0000000640)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10, &(0x7f00000005c0), 0x218, &(0x7f00000c3000)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x241}}], 0x20}], 0x1, 0x40000000) 20:41:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x7, 0x600000) r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000100)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8010120}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='Y\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="fcff2cbd7000fcdbdf2501000000"], 0x15}, 0x1, 0x0, 0x0, 0x5}, 0x54) connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e24, @multicast1}, 0x10) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:36 executing program 1: sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000040)) 20:41:36 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000040)=0xa, 0x4) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x15, 0x4) sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000080), 0xc, &(0x7f0000000340)={&(0x7f0000000240)=@ipv4_getaddr={0x18, 0x16, 0x301}, 0xfd77}}, 0x0) 20:41:36 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:36 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x40801, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000400)='/exe\x00\x00\x00\x00\x00\x04\t\x00K\xdd\xd9\xde\x91\xbe\x10\xee\xbf\x00\x0e\xe9\xa9\x0fy\x80XT\xfa\aBJ\xde\xe9\x01\xd2\xdau\xaf\x1f\x02\x00\xf5\xab&\xd7\xa0q\xfb53\x1c\xe3\x9cZ') sendfile(r0, r1, &(0x7f0000000180)=0x100000, 0x8402) close(r0) connect$netlink(r1, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x8000000}, 0xc) 20:41:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0x26, 0x0, 0xdeb8, 0x40, 0x6, 0x9, 0x4, 0x1, 0x3f, 0x800, 0xdc4, 0x80000000}, {0x80, 0xf, 0xfff, 0x9, 0x7f, 0x7fff, 0x1, 0x264, 0x3, 0x6, 0x4, 0x1, 0x3c}, {0xfffffffffffffff8, 0x100, 0x0, 0x7, 0x80000000, 0xfffffffffffff001, 0x2, 0x7fff, 0x8, 0x80, 0x5, 0xf01, 0x7}], 0x4}) r3 = request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)='\x00', 0xfffffffffffffff9) keyctl$restrict_keyring(0x1d, r3, &(0x7f0000000180)='rxrpc_s\x00', &(0x7f00000001c0)='/dev/kvm\x00') ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:36 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:36 executing program 2: clone(0x200000041fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() r1 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x0, 0x101001) clock_gettime(0x0, &(0x7f0000001780)={0x0, 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000001740)=[{{&(0x7f0000000200)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000001640)=[{&(0x7f0000000280)=""/127, 0x7f}, {&(0x7f0000000300)=""/252, 0xfc}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/108, 0x6c}, {&(0x7f0000001480)=""/159, 0x9f}, {&(0x7f0000001540)=""/209, 0xd1}], 0x6, &(0x7f00000016c0)=""/102, 0x66}, 0x80}], 0x1, 0x10000, &(0x7f00000017c0)={r2, r3+30000000}) sendmsg$nl_route(r1, &(0x7f00000018c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000040}, 0xc, &(0x7f0000001880)={&(0x7f0000001800)=@ipv6_newaddr={0x54, 0x14, 0x10, 0x70bd29, 0x25dfdbfb, {0xa, 0x0, 0x0, 0xfe, r4}, [@IFA_CACHEINFO={0x14, 0x6, {0x6, 0x6, 0xffffffff, 0x4}}, @IFA_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, [], 0x22}}, @IFA_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, [], 0x10}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x20000800) ptrace(0x10, r0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x2, 0x0) ptrace(0x4208, r0) syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0xfff, 0x1000000000000) ptrace$getenv(0x4201, r0, 0x66ec27b0, &(0x7f0000000040)) 20:41:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x40, 0x0) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000080)=0xffffffffffffffff, 0x4) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) recvfrom(r3, &(0x7f00000000c0)=""/169, 0xa9, 0x2000, &(0x7f00000001c0)=@hci={0x1f, r4, 0x2}, 0x80) ioctl$KVM_SET_IRQCHIP(r2, 0xae64, 0x0) 20:41:36 executing program 2: socket$inet(0x2, 0x5, 0x1) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000200)={0x7ff, 0x7fffffff, 0x2, 0x4, 0x8, 0x3f}) timer_create(0xffbffffffffffff1, &(0x7f0000000380)={0x0, 0x20, 0x0, @thr={&(0x7f0000000080), &(0x7f0000000140)}}, &(0x7f0000000400)=0x0) r2 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) ioctl$NBD_CLEAR_QUE(r2, 0xab05) clock_getres(0x8, &(0x7f00000001c0)={0x0, 0x0}) timer_settime(r1, 0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, r3}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f00000000c0)={0x5, @time, 0x7f, {0x0, 0xffff}, 0x1, 0x0, 0x1}) write$ppp(r2, &(0x7f0000000140)="3c585b5a3dcc41f1789d60647421f69d1b63f6eb6aee333a9673f7748ca19e8d66062f1b07a91086f76fe0c4374b2599da2e9af492f2d0efa54d598cd6f872401e1eadf0e170d1610ab5e7f2ce466c582a2ca3c76a5f1f4bf3b27d0242c33e88b0ca9e5bf9058bcd11a63431dfd602", 0x6f) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000040)={'bcsf0\x00'}) 20:41:36 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:36 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x208480, 0x1) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20ncci\x00', 0x224402, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000200)='/dev/cec#\x00', 0x0, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0xfffffffd) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xae64, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x0, 0x2) ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000240)) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="01000000000000000000008001fb0002010cdc7cad99783023ffffff0000000077133a57ebcdfa99d0b61a0000000040000000ce26be75bc475e080dac61d47b9ba5ec05e6c120d488572f76cd866859b62aa3a7c252e4a68998a2e5b78bc0feb8d092b746a32e8c0292c04fea"]) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$pokeuser(0x6, r2, 0x100, 0x2) syz_open_dev$vbi(&(0x7f0000000100)='/dev/vbi#\x00', 0x2, 0x2) 20:41:36 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:36 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = accept4$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, &(0x7f0000000080)=0x6e, 0x80800) getsockname(r0, &(0x7f0000000200)=@rc, &(0x7f0000000280)=0x80) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='fuse\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="2c6d61785f726561643d3078551b05c447ba88295b2feade503ae9d41881fcea08337eacc2d7e61c1933972bb258b48411aefd29428b12b5f0dbc9b3d2a1dcf7c5618f68c0fe181b54f214233ed9b54f227ee7dbb5a65889b97a231605876a5746d3dbf8c3a9adb8e476bac7fdfc354f5021300a43f57fea86ad89cb174a3f38730c461f969e6f0b29a5373a5761b7be9152914e1b39ac0404a0b271c5dbc55ce7ccee1469f384a7e634721dd19e5ba9537daa366500433e5c6aca10fcfcdd1b12b2fa36e617df1f4283288242d59953671e1e13ca17f567b4912376d0fc653058094df83b5f20d96d2aee342d17dc15165366692713fdfce70707192de3113031d5ef318878d08c4f0f9c6e1254ed6007f837e6c7da020fc8606ef21f2b0d9d2aadc8f0c793eec98d8454d8d47782514dd1a07ac1cd1dd1ecad4c1b54897dee0f89df982c124ea86d5a2abc81d6a8068f2c85537ecc7c817d1118115e485bf2d0691ec3f34d9ae9211bd7b51033531ee77af9d5ee582761715646ee3c93012f5f6d1ec043fcc38bd7e0d63a9f3fa3274ec9a624667b0a6a6e867cfb92ed2c462440eb2851525d2c8969371ce37a95bccf843a558e5cce274164d5f7451596844b37f1d96d0dd43a858de5b00df33c71e4f0c576b5075844c99609d198bbe175aacfddc06a49adb6e4876f958c2007f6c48d538e61b6e2b152e7590bb9051bab7656a5fe8f2c396116ac29f1808121922d6dd1e997325caee3100c8949af14d39cfd6b7aa17b575f5fa9754dbadfd834151f1bab79b174bfedbae986a932a4f97cefafa8e66a67d3e88245c4cba13aba7746d021a407970bce96d32a4f5562d30b393a00ad9001a1b0dce6820443187f1f13e44f48e874159e9f839c41663b18a6b90d72f999a2603dbb43a3bbbb48a554c0b995b20cae479384d0ddbb0f3e57d9c883cf3c1314a7244375b4fbf51c"]) chroot(&(0x7f0000000040)='./file0\x00') 20:41:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) fremovexattr(r1, &(0x7f0000000040)=@known='system.advise\x00') ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) prctl$PR_SET_PDEATHSIG(0x1, 0x22) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:37 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:37 executing program 2: r0 = memfd_create(&(0x7f0000000080)='}\x00', 0x0) lseek(r0, 0x0, 0x5) clone(0x200, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f121e0d3f3188a070") execveat(r0, &(0x7f0000000500)='\x00', 0x0, 0x0, 0x1000) fcntl$setlease(r0, 0x400, 0x0) r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) write$FUSE_BMAP(r2, &(0x7f0000000040)={0x18, 0x0, 0x2, {0x80000000}}, 0x18) getsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f00000000c0), 0x4) 20:41:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x2, 0xa, 0x9) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) socket(0x15, 0x1, 0x3) 20:41:37 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) [ 222.165715] syz-executor0 uses obsolete (PF_INET,SOCK_PACKET) 20:41:37 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:37 executing program 2: mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x3, 0x40000) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000140)={[{0x80000001, 0x8, 0x7, 0x8, 0x3, 0x6, 0xff, 0x0, 0xfffffffffffffffa, 0x10000, 0x51, 0x5, 0x2}, {0x0, 0x4, 0x1c, 0xf97, 0x1, 0x1b3b015a, 0x8, 0x1, 0x6, 0x4, 0x0, 0x74, 0x6}, {0x0, 0x80, 0x7, 0x0, 0x7fffffff, 0x10001, 0x5, 0x2, 0x5, 0xffffffffffffff01, 0x20, 0x7fff, 0x2}]}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000ff5)='/dev/hwrng\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4) setsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f0000000080)=0x60, 0x2) 20:41:37 executing program 3: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x240, 0x0) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000040)=0x101) ioctl$SCSI_IOCTL_SYNC(r0, 0x4) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000080)=0x7) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000000c0)=[@mss={0x2, 0x6}, @window={0x3, 0x100000000, 0x7ff}, @window={0x3, 0x3, 0x33}, @window={0x3, 0x8, 0x7}, @sack_perm, @sack_perm], 0x6) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4, 0x7, 0x3}) write$P9_RCLUNK(r0, &(0x7f0000000140)={0x7, 0x79, 0x1ff}, 0x7) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000180)={r0, 0x0, 0x1, 0x20, 0x2}) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000001c0)={{0xffff, 0x400, 0x80000001, 0x7}, 'syz0\x00', 0x48}) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000240)=0x3) ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000340)={0x8, 0x48, &(0x7f0000000280)="2d9a4213366c4476a052d5cb031ac2f283c9ba88e7dab3779a2ae6d4f8f52c1ed239e3277c8b3fba95a7f82a7001e8baec79f23ed8eccd2fdb27e237ef23a6371f1b45e2a6796d9d237995f538299bc829ac865b55cb86605d1d79eb569fd6b77b933234ba6644a7bc9178833d989dfa1673ee562f22c68cf4eb10869c876f1bfe9a25f4d95f011b3d88b56f2db2f9e2569e1f6ba3", {0x7fff, 0x4, 0x3f377f5f, 0x6, 0x200, 0x4, 0x0, 0x7ff}}) getsockopt$inet_buf(r0, 0x0, 0x27, &(0x7f0000000380)=""/72, &(0x7f0000000400)=0x48) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000440)='/dev/zero\x00', 0x10040, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000480)={0x7, {{0x2, 0x4e24, @empty}}}, 0x88) r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000540)='/dev/video37\x00', 0x2, 0x0) r3 = socket(0x10, 0x800, 0x6) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000580)=@sack_info={0x0, 0x10001, 0x9b5}, &(0x7f00000005c0)=0xc) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000600)={r4, @in6={{0xa, 0x4e22, 0x3f, @mcast2, 0x7f}}, 0x9, 0x8}, 0x90) r5 = epoll_create1(0x80000) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000006c0), &(0x7f0000000700)=0xc) ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000740)) write$P9_RLOCK(r0, &(0x7f0000000780)={0x8, 0x35, 0x1, 0x1}, 0x8) fremovexattr(r5, &(0x7f00000007c0)=@known='trusted.overlay.redirect\x00') preadv(r2, &(0x7f0000000a80)=[{&(0x7f0000000800)=""/119, 0x77}, {&(0x7f0000000880)=""/123, 0x7b}, {&(0x7f0000000900)=""/125, 0x7d}, {&(0x7f0000000980)=""/134, 0x86}, {&(0x7f0000000a40)=""/44, 0x2c}], 0x5, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000b00)) vmsplice(r1, &(0x7f0000000e00)=[{&(0x7f0000000c80)="bb30358857dee603baa13407", 0xc}, {&(0x7f0000000cc0)="7fe6e0cd3272e90a7af54cd73e18ffb0b7e117c019839b109e510ba821b72a854bf25035b63a5824ad32f24f920cb0b2978980622f6ebb13", 0x38}, {&(0x7f0000000d00)="f70d3411ce523b904372021b0adae3cac34f0fcbbe833dc9bf42d3f67365aa4952fe2f312a59f35fecc2015be8014d13e54ce4efc58c3ecd77911443c19ac00f9c35b941dc24deebda858a7874153776561afb9efa9ccabb58ac17130e6acd9005574fb60c3aa7dd5187527f2acd095ea8d0c42fd7309ca1d2f068f20d49911c6e6f713731d91c259ed58eac002ef0cfca5d5f1b732f08be4063dea456d112b5017d2c60864794d38b56278ad1879955f393349fb41460609090ae35e67660503a589ae1efc53ef0ea9bccff9b787c3edecda5c67aab6e3d0feff8feddf68a7be95fae33fd4bddd6", 0xe8}], 0x3, 0xd) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000e40)) socket$tipc(0x1e, 0x7, 0x0) write$P9_RMKNOD(r1, &(0x7f0000000e80)={0x14, 0x13, 0x2, {0x0, 0x4, 0x4}}, 0x14) ioctl$VIDIOC_G_STD(r2, 0x80085617, &(0x7f0000000ec0)) 20:41:37 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:37 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getresuid(&(0x7f0000000000), &(0x7f0000000040)=0x0, &(0x7f0000000080)) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@mcast2, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast2}}, &(0x7f0000000200)=0xe8) setreuid(r2, r3) r4 = socket$inet6(0xa, 0x80000000000001, 0x0) r5 = fcntl$dupfd(r4, 0x406, r0) recvfrom$rxrpc(r5, &(0x7f0000000300)=""/243, 0xf3, 0x40, &(0x7f0000000240)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e23, 0x80000001, @local, 0x3}}, 0x24) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}, &(0x7f0000000400)=0x10) ioctl$sock_ifreq(r4, 0x89b1, &(0x7f00000000c0)={'ip_vti0\x00', @ifru_mtu}) 20:41:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x200, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r3, &(0x7f0000000080)={0x2, 0x7}, 0x2) 20:41:37 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:38 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000401fea)='net/ip_tables_matches\x00') r1 = socket$kcm(0x29, 0x2, 0x0) ioctl$KVM_TRANSLATE(0xffffffffffffffff, 0xc018ae85, 0x0) sendfile(r0, r0, &(0x7f0000000000), 0xffffffff) sendmsg$kcm(r1, &(0x7f0000002540)={&(0x7f0000000100)=@sco, 0x80, &(0x7f0000000080), 0x2f9, &(0x7f0000000080)}, 0x0) 20:41:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:38 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:38 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256\x00'}, 0x58) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001400)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@assoc={0x18, 0x117, 0x4, 0x1}], 0x18}, 0x0) write$binfmt_script(r2, &(0x7f00000002c0)=ANY=[@ANYRES16, @ANYPTR64, @ANYRESOCT], 0x21) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000003c0)={0x5, 0x0, 0x0, 0x8, 0x5, [{0x9d, 0x1, 0x3f, 0x0, 0x0, 0x30c}, {0x40, 0x5, 0x1f, 0x0, 0x0, 0x402}, {0xfffffffffffffff7, 0x8000, 0x100000001, 0x0, 0x0, 0x1f80}, {0xffff, 0xff, 0x5}, {0x6, 0x7ff, 0x20, 0x0, 0x0, 0x8}]}) poll(&(0x7f0000000300)=[{r1, 0x1000}, {r1, 0x80}, {r1}, {r2}, {r0, 0x2460}, {r1, 0x1000}], 0x6, 0xc000000000) recvmmsg(r2, &(0x7f00000039c0)=[{{&(0x7f0000000180)=@ethernet, 0x80, 0x0}}, {{&(0x7f0000000340)=@ipx, 0x80, &(0x7f0000003880)=[{&(0x7f0000002880)=""/4096, 0xfffffddf}], 0x10f3, &(0x7f00000038c0)=""/194, 0xc2}}], 0x2, 0x400000000, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={r1, 0x2, 0x1, 0x8001, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}, 0x20) r3 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x9, 0x80001) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000540)) ioctl$VIDIOC_S_CROP(r3, 0x4014563c, &(0x7f0000000500)={0x3, {0x7, 0x5, 0x0, 0x7}}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000200)={0x3ff, 0x4, 0xfffffffffffffc00, 0x1f, 0xeae7, 0x100}) [ 223.222976] IPVS: ftp: loaded support on port[0] = 21 20:41:38 executing program 1: socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x200000000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7, 0x200000) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xb4, r4, 0x202, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x60, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e22}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3f0b}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x9}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1f}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x9}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@dev={0xfe, 0x80, [], 0x27}}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x15e}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:38 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, 0x0, 0x0, 0x0) [ 223.557323] chnl_net:caif_netlink_parms(): no params data found [ 223.665479] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.672516] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.680362] device bridge_slave_0 entered promiscuous mode [ 223.689262] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.695859] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.704330] device bridge_slave_1 entered promiscuous mode [ 223.763288] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 223.774086] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 223.804379] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 223.812644] team0: Port device team_slave_0 added [ 223.820467] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 223.828682] team0: Port device team_slave_1 added [ 223.836348] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 223.844489] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 224.005592] device hsr_slave_0 entered promiscuous mode [ 224.212440] device hsr_slave_1 entered promiscuous mode [ 224.453023] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 224.460395] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 224.486609] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.493213] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.500228] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.506794] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.544445] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.554068] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.601530] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.613211] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 224.626560] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 224.633407] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 224.640846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 224.656141] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 224.662357] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.675783] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 224.684245] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 224.692736] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 224.701201] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.707771] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.723284] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 224.735321] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 224.748078] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 224.756411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 224.765336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 224.773507] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.779926] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.787476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 224.796017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 224.816000] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 224.824567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 224.834666] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 224.850273] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 224.857493] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 224.865883] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 224.874549] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 224.890192] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 224.902345] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 224.912884] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 224.922720] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 224.933765] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 224.940805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 224.949108] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 224.957734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 224.966391] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 224.987118] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 224.993885] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 225.013254] 8021q: adding VLAN 0 to HW filter on device batadv0 20:41:40 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x10000100000002) r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x101, 0x2000) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_MON_SET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x60, r2, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x10, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xbb}]}, @TIPC_NLA_SOCK={0x10, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NODE={0x24, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x8, 0x6, [@TIPC_NLA_NODE_UP={0x4}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x40000) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @rand_addr="ef0f992b7cdae73479c929d9f74df7f4", 0x3}, 0xffffffffffffff2f) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, 0x18) 20:41:40 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x6, &(0x7f00000002c0)=0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x100, 0x0) getsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000040)='./file0\x00', r2}, 0x10) io_submit(r1, 0x1, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x2}]) 20:41:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) iopl(0x20200) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x81, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x4c40, 0x0) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000080)={r2, 0x5, 0xef, r2}) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) 20:41:40 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, 0x0, 0x0, 0x0) 20:41:40 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_mr_vif\x00') ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f0000000100), &(0x7f0000000140)=0x4) clone(0x2102001ff7, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) keyctl$set_reqkey_keyring(0xe, 0x5) add_key(&(0x7f0000000340)='encrypted\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000240)=""/141) 20:41:40 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, 0x0, 0x0, 0x0) 20:41:40 executing program 2: r0 = socket$inet(0x10, 0x2, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x25, 0x40000) ioctl$VIDIOC_OVERLAY(r1, 0x4004560e, &(0x7f0000000080)=0x2) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="23000000660007031dfffd946f610500910027bb4480000000001000421ba3a20400ff", 0x23}], 0x1}, 0x0) 20:41:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x2000, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000080)=0xf26) ioctl$KVM_ASSIGN_SET_INTX_MASK(r1, 0x4040aea4, &(0x7f0000000100)={0x8d, 0x3, 0x4, 0x2, 0x29ecc86a}) ioctl$KVM_SET_IRQCHIP(r1, 0xae64, 0x0) ioctl$KDGKBMETA(r2, 0x4b62, &(0x7f00000000c0)) 20:41:40 executing program 3: r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="c6305e818cc85882a610a1307d68c1a81cd7ad954556e783958af97bd2ca89a5c20add988b2c6ecc7b789bd0bf0ad85bbb83ca491e7d553e796acf2b86fe3aa8498988371f548a0f8f", 0x49, 0xfffffffffffffffd) r1 = request_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz', 0x3}, 0xffffffffffffffff, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000100)={0x0, r1, r0}, 0x0, 0xfffffefc, &(0x7f0000005740)={0x0}) syz_open_dev$sndtimer(&(0x7f00000001c0)='/dev/snd/timer\x00', 0x0, 0x40000) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snapshot\x00', 0x460000, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000340)='/dev/snd/timer\x00') r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/audio\x00', 0x10000, 0x0) ioctl$PPPIOCSFLAGS(r3, 0x40047459, &(0x7f0000000380)=0x20000) bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f00000003c0)='./file0\x00', 0x0, 0x8}, 0x10) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r3, 0xc040564a, &(0x7f0000000240)={0xd06c, 0x0, 0x0, 0x9, 0xe6, 0x6, 0x2, 0x1}) 20:41:40 executing program 1 (fault-call:2 fault-nth:0): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1, 0x17}]}, 0x18}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0) 20:41:40 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) sendmsg(r0, &(0x7f00003bbfc8)={&(0x7f0000fdbf80)=@generic={0x10000000001e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x80, 0x0}, 0x0) write$P9_RXATTRCREATE(r0, &(0x7f0000000240)={0x7, 0x21, 0x2}, 0x7) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f00000000c0)={0x5, 0x10, 0xfa00, {&(0x7f0000000280)}}, 0x457d10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x8000, 0xc1) ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000480)={[0x7004, 0x0, 0x13001, 0x103000], 0x5fe1, 0x84, 0x6}) sendmsg$TIPC_NL_NET_SET(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4011}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xc0, r1, 0x410, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfdec}]}, @TIPC_NLA_NET={0x30, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x49a}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7ff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4ee}]}, @TIPC_NLA_NET={0x40, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10001}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xc0}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fff}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48080}, 0x20000010) [ 225.716799] FAULT_INJECTION: forcing a failure. [ 225.716799] name failslab, interval 1, probability 0, space 0, times 0 [ 225.728724] CPU: 0 PID: 9925 Comm: syz-executor1 Not tainted 5.0.0-rc1+ #7 [ 225.735770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.745139] Call Trace: [ 225.747772] dump_stack+0x173/0x1d0 [ 225.751435] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 225.756798] should_fail+0xa19/0xb20 [ 225.760564] __should_failslab+0x278/0x2a0 [ 225.764839] should_failslab+0x29/0x70 [ 225.768762] kmem_cache_alloc_node+0x123/0xc20 [ 225.773383] ? __alloc_skb+0x218/0xa20 [ 225.777316] __alloc_skb+0x218/0xa20 [ 225.781077] pfkey_sendmsg+0x1e9/0x1a60 [ 225.785087] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 225.790484] ? aa_sk_perm+0x605/0x950 [ 225.794331] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 225.799556] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 225.804776] ___sys_sendmsg+0xdb9/0x11b0 [ 225.808879] ? pfkey_release+0x510/0x510 [ 225.812973] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 225.818206] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 225.823597] ? __fget_light+0x6e1/0x750 [ 225.827607] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 225.832826] __sys_sendmmsg+0x580/0xad0 [ 225.836858] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 225.842440] ? prepare_exit_to_usermode+0x114/0x420 [ 225.847539] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 225.852771] __se_sys_sendmmsg+0xbd/0xe0 [ 225.856873] __x64_sys_sendmmsg+0x56/0x70 [ 225.861059] do_syscall_64+0xbc/0xf0 [ 225.865006] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 225.870302] RIP: 0033:0x457ec9 [ 225.873532] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 225.892488] RSP: 002b:00007fa3b01f0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 225.900252] RAX: ffffffffffffffda RBX: 00007fa3b01f0c90 RCX: 0000000000457ec9 [ 225.907548] RDX: 0400000000000117 RSI: 0000000020000180 RDI: 0000000000000003 20:41:41 executing program 3: shmget$private(0x0, 0x4000, 0x480, &(0x7f0000ffc000/0x4000)=nil) r0 = shmget(0x1, 0x3000, 0x32, &(0x7f0000ffd000/0x3000)=nil) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000040)={&(0x7f0000ffb000/0x2000)=nil, 0x2000}) r2 = shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0x4043) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x40000000000, 0x0) shmdt(r2) [ 225.914845] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 225.922131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa3b01f16d4 [ 225.929457] R13: 00000000004c4d9c R14: 00000000004d8840 R15: 0000000000000004 [ 225.980512] ================================================================== [ 225.987995] BUG: KMSAN: uninit-value in tipc_conn_rcv_sub+0x187/0x9d0 [ 225.994572] CPU: 0 PID: 875 Comm: kworker/u4:14 Not tainted 5.0.0-rc1+ #7 [ 226.001505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.010968] Workqueue: tipc_rcv tipc_conn_recv_work [ 226.016082] Call Trace: [ 226.018675] dump_stack+0x173/0x1d0 [ 226.022476] kmsan_report+0x12e/0x2a0 [ 226.026290] __msan_warning+0x82/0xf0 [ 226.030089] tipc_conn_rcv_sub+0x187/0x9d0 [ 226.034333] tipc_conn_recv_work+0x3dc/0x5e0 [ 226.038757] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 226.043942] ? tipc_conn_send_work+0x11a0/0x11a0 [ 226.048689] ? tipc_conn_send_work+0x11a0/0x11a0 [ 226.053456] process_one_work+0x1607/0x1f80 [ 226.057797] worker_thread+0x111c/0x2460 [ 226.061887] kthread+0x4a1/0x4e0 [ 226.065250] ? process_one_work+0x1f80/0x1f80 [ 226.069736] ? schedule_tail+0x1b2/0x410 [ 226.073796] ? kthread_blkcg+0xf0/0xf0 [ 226.077679] ret_from_fork+0x35/0x40 [ 226.081386] [ 226.082999] Local variable description: ----s.i@tipc_conn_recv_work [ 226.089385] Variable was created at: [ 226.093087] tipc_conn_recv_work+0x68/0x5e0 [ 226.097398] process_one_work+0x1607/0x1f80 [ 226.101800] ================================================================== [ 226.109250] Disabling lock debugging due to kernel taint [ 226.114687] Kernel panic - not syncing: panic_on_warn set ... [ 226.120567] CPU: 0 PID: 875 Comm: kworker/u4:14 Tainted: G B 5.0.0-rc1+ #7 [ 226.128866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.138223] Workqueue: tipc_rcv tipc_conn_recv_work [ 226.143245] Call Trace: [ 226.145833] dump_stack+0x173/0x1d0 [ 226.149464] panic+0x3d1/0xb01 [ 226.152678] kmsan_report+0x293/0x2a0 [ 226.156485] __msan_warning+0x82/0xf0 [ 226.160288] tipc_conn_rcv_sub+0x187/0x9d0 [ 226.164564] tipc_conn_recv_work+0x3dc/0x5e0 [ 226.169002] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 226.174181] ? tipc_conn_send_work+0x11a0/0x11a0 [ 226.178926] ? tipc_conn_send_work+0x11a0/0x11a0 [ 226.183683] process_one_work+0x1607/0x1f80 [ 226.188026] worker_thread+0x111c/0x2460 [ 226.192107] kthread+0x4a1/0x4e0 [ 226.195475] ? process_one_work+0x1f80/0x1f80 [ 226.199967] ? schedule_tail+0x1b2/0x410 [ 226.204026] ? kthread_blkcg+0xf0/0xf0 [ 226.207912] ret_from_fork+0x35/0x40 [ 226.212860] Kernel Offset: disabled [ 226.216483] Rebooting in 86400 seconds..