[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 77.151249] audit: type=1800 audit(1550234127.205:25): pid=9891 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 77.170648] audit: type=1800 audit(1550234127.205:26): pid=9891 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 77.190065] audit: type=1800 audit(1550234127.205:27): pid=9891 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts. 2019/02/15 12:35:40 fuzzer started 2019/02/15 12:35:45 dialing manager at 10.128.0.26:39243 2019/02/15 12:35:45 syscalls: 1 2019/02/15 12:35:45 code coverage: enabled 2019/02/15 12:35:45 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2019/02/15 12:35:45 extra coverage: extra coverage is not supported by the kernel 2019/02/15 12:35:45 setuid sandbox: enabled 2019/02/15 12:35:45 namespace sandbox: enabled 2019/02/15 12:35:45 Android sandbox: /sys/fs/selinux/policy does not exist 2019/02/15 12:35:45 fault injection: enabled 2019/02/15 12:35:45 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/02/15 12:35:45 net packet injection: enabled 2019/02/15 12:35:45 net device setup: enabled 12:37:50 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xc9, 0x0, 0x0) syzkaller login: [ 220.814620] IPVS: ftp: loaded support on port[0] = 21 [ 220.948625] chnl_net:caif_netlink_parms(): no params data found [ 221.011460] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.018513] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.026920] device bridge_slave_0 entered promiscuous mode [ 221.035721] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.042283] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.050382] device bridge_slave_1 entered promiscuous mode [ 221.080633] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 221.091378] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 221.120019] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 221.128388] team0: Port device team_slave_0 added [ 221.135367] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 221.143761] team0: Port device team_slave_1 added [ 221.149733] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 221.158307] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 221.226361] device hsr_slave_0 entered promiscuous mode [ 221.393014] device hsr_slave_1 entered promiscuous mode [ 221.653708] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 221.661216] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 221.687778] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.694319] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.701422] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.707985] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.787452] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 221.793716] 8021q: adding VLAN 0 to HW filter on device bond0 [ 221.807265] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 221.821102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 221.831750] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.841115] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.853094] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 221.871197] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 221.877384] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.892666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 221.900828] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.907341] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.955942] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 221.964445] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.970901] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.980267] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 221.990440] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 221.999171] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 222.015362] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 222.025022] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 222.036892] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 222.043569] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 222.053299] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 222.061309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 222.069644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 222.098487] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 222.124139] 8021q: adding VLAN 0 to HW filter on device batadv0 12:37:52 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) 12:37:52 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @rand_addr=0x3}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000003, &(0x7f0000000040)={0x2, 0x1000004e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='veth1_to_bond\x00', 0x10) r1 = memfd_create(&(0x7f0000000200)='Pev ', 0x0) ftruncate(r1, 0x200739) sendfile(r0, r1, 0x0, 0xa00004000000004) 12:37:52 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @rand_addr=0x3}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000003, &(0x7f0000000040)={0x2, 0x1000004e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='veth1_to_bond\x00', 0x10) r1 = memfd_create(&(0x7f0000000200)='Pev ', 0x0) ftruncate(r1, 0x200739) sendfile(r0, r1, 0x0, 0xa00004000000004) 12:37:52 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r1, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) close(r0) 12:37:52 executing program 0: mknod(&(0x7f0000000100)='./bus\x00', 0x3a0914c44f7b802c, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x3fd, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000540)="0624ee6d446122eeee207fbfac5da5b187d44cd58397dcaff443c1d270f962fa610b3e4e023fd5e9c0b232c05b9c9dae898c399f3c00567b471e1b07124f35470efcd4e4567db0540d5637ec5668372af65a4f0e2abd8b165b0d70606b37440e20cab166c40c2b44437d4b6f39d0c2055f9014cb2ecdd65d7b83e3ce55e84ed968d549f67ab3401e3f07b240a9257be8fc0c22173fd90b153d50a961c368e1716b576d7312e4fcac60a140978abe31e0ad7d05130168764d53a7e2ed333f93fea80f04b97f1317a73edb1b75a77cda96d9da15749688cfb18e451c20fa403a31a1277d59ce68a6c251c32f6800a4fdb7c1ce73cc83e4aac3b9d9eecf8d8c2b78bf64147d1a64a3e4d6ddcf95997d26001462fc90966e856805ffda8068098a44ee9f65eb40297b9eb75fcdd756cf56619863f06803666a880b0b2aedc97613ff051c32672ad101feebdeb6119446f602cf99ecf3d4c7fdf647ff3ad1fa94fbb019b2ac494933d48ba690073c418d141b4c7f8c05e9c0df089c2a362d99f2e1ade288851f1dcc6c14c0a4b6eb2c87ab796deee8094846917b92f2279632b8920a9b6e64f5cf90e3668d4286de31061695f0da24544b97b8b7f8d93ae82b23ea2c", 0x1c0}, {0x0}], 0x2) 12:37:52 executing program 0: bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) clone(0x8013102001ff5, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) 12:37:53 executing program 0: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000040)={0x1, 0x7ff, 0xb, 0x80000001}) unshare(0x28020400) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x91, 0x400000) inotify_rm_watch(r2, 0x0) ioctl$NBD_SET_SOCK(r2, 0xab00, r2) [ 222.969849] ptrace attach of "/root/syz-executor.0"[10083] was attempted by "/root/syz-executor.0"[10084] 12:37:53 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x140, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000040)) 12:37:53 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f00000006c0)={'syz', 0x1}, &(0x7f0000000700)='F', 0x1, 0xfffffffffffffffe) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vfio/vfio\x00', 0x0, 0x0) recvmmsg(r1, &(0x7f0000003880)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)=""/145, 0x91}, {&(0x7f0000000200)=""/3, 0x3}], 0x2, &(0x7f0000000380)=""/100, 0x64}, 0xa93}, {{&(0x7f0000000400)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @ipv4={[], [], @dev}}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000480)=""/22, 0x16}, {&(0x7f00000004c0)=""/61, 0x3d}], 0x2, &(0x7f0000000540)=""/216, 0xd8}, 0x8}, {{&(0x7f0000000640)=@un=@abs, 0x80, &(0x7f0000000a00)=[{&(0x7f0000000740)=""/200, 0xc8}, {&(0x7f0000000840)=""/46, 0x2e}, {&(0x7f0000000880)=""/204, 0xcc}, {&(0x7f0000000980)=""/94, 0x5e}], 0x4}, 0x6}, {{&(0x7f0000000a40)=@generic, 0x80, &(0x7f0000000bc0)=[{&(0x7f0000000ac0)}, {&(0x7f0000000b00)=""/53, 0x35}, {&(0x7f0000000b40)=""/116, 0x74}], 0x3, &(0x7f0000000c00)=""/64, 0x40}, 0x5}, {{&(0x7f0000000c40)=@l2, 0x80, &(0x7f0000000e80)=[{&(0x7f0000000cc0)=""/20, 0x14}, {&(0x7f0000000d00)=""/98, 0x62}, {&(0x7f0000000d80)=""/141, 0x8d}, {&(0x7f0000000e40)=""/55, 0x37}], 0x4, &(0x7f0000000ec0)=""/170, 0xaa}, 0x1}, {{0x0, 0x0, &(0x7f00000021c0)=[{&(0x7f0000000f80)=""/4096, 0x1000}, {&(0x7f0000001f80)=""/223, 0xdf}, {&(0x7f0000002080)=""/71, 0x47}, {&(0x7f0000002100)=""/168, 0xa8}], 0x4, &(0x7f0000002200)=""/23, 0x17}, 0x5}, {{&(0x7f0000002240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}}}, 0x80, &(0x7f00000033c0)=[{&(0x7f00000022c0)}, {&(0x7f0000002300)=""/4096, 0x1000}, {&(0x7f0000003300)=""/162, 0xa2}], 0x3, &(0x7f0000003400)=""/42, 0x2a}, 0x81}, {{&(0x7f0000003440)=@xdp, 0x80, &(0x7f0000003580)=[{&(0x7f00000034c0)=""/64, 0x40}, {&(0x7f0000003500)=""/38, 0x26}, {&(0x7f0000003540)=""/61, 0x3d}], 0x3, &(0x7f00000035c0)=""/219, 0xdb}}, {{&(0x7f00000036c0)=@generic, 0x80, &(0x7f00000037c0)=[{&(0x7f0000003740)=""/78, 0x4e}], 0x1, &(0x7f0000003800)=""/65, 0x41}, 0x1ff}], 0x9, 0x2000, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, 0xffffffffffffffff, 0x0) keyctl$describe(0x6, r0, &(0x7f0000000240)=""/196, 0x13be4e8f87edf409) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f00000000c0)) unlinkat(r2, &(0x7f0000000080)='./file0\x00', 0x0) 12:37:53 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) clock_adjtime(0x1, &(0x7f0000000100)={0x80000000, 0x855, 0x3ff, 0x2, 0x2, 0xdc, 0xfffffffffffffffb, 0x7, 0x7, 0x200, 0x80, 0xb4, 0x7, 0x2, 0x4, 0x80000001, 0xff, 0x100000001, 0x1, 0xe, 0x7, 0x5, 0x8, 0x9, 0x4b, 0x4}) write(r0, &(0x7f0000000000)="1f0000000104ff00fd4354c007110000f3e9000008000100010423dcffdf00", 0x1f) sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000001040501ff20070901810000000000000c000300000000000000c5010c0005000000000000000000"], 0x2c}}, 0x0) [ 223.352147] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. [ 223.370748] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 223.378376] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 223.388203] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. 12:37:53 executing program 0: capset(&(0x7f0000000240)={0x20071026}, &(0x7f0000000080)) r0 = socket$inet(0x2b, 0x801, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000300)={&(0x7f0000000000)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10, 0x0}, 0x20000081) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.stat\x00', 0x0, 0x0) ioctl$EVIOCSCLOCKID(r1, 0x400445a0, &(0x7f00000000c0)=0x7ff) [ 223.398071] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 223.405622] netlink: 'syz-executor.0': attribute type 5 has an invalid length. 12:37:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 223.507834] capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure [ 223.604865] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 12:37:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:37:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:37:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:37:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:37:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:37:54 executing program 1: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x87a7, 0x2) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000040)={0x0, 0x0}) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000080)={0x0, r1}) mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3, &(0x7f00000000c0)=0x1, 0x743f7bdc, 0x2) timer_create(0x5, &(0x7f0000000280)={0x0, 0x39, 0x1, @thr={&(0x7f0000000100)="d220263a6d339505c9bd7dae530b79465326af588383736269c8d25bad75096e77f37d949e38876c262a3450dd86caa826305dc9aaabc511078d30b59bd309c29620da7f10cc4f85e0e51b28088f5f3310e82c5b993c6ae4ef76cee898a79dfd6dff9bf51423afe07e1ed25cec2b8668a68a6c6192d08683f846b41088e3075e94", &(0x7f00000001c0)="cb9ebb5284fdf9c9ad8d9f3574f0d955f0ddb2f73812704f37022fe09fa1597ae49ae4f3f7b7530ee28a25ed60dcae9b49072ee0d84eed9f6657f67bbfc87d4970dd12c1adffd267bc37c1b69831e6948243aeb4dd4492fce2d0d226e4ef8e038fcd8bedd76188d41ce731e6a5d228a8d63148c7683f0e5780e4eb4be8837bdada245550bb4d244c19b134b91254e69f39555fbc6b"}}, &(0x7f00000002c0)) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000300)={'broute\x00'}, &(0x7f0000000380)=0x78) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, &(0x7f0000000400)={0x34, 0x0, &(0x7f00000003c0)}) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000440)) ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f0000000480)='syz1\x00') r2 = semget(0x0, 0x1, 0x4) semctl$IPC_INFO(r2, 0x1, 0x3, &(0x7f00000004c0)=""/51) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000740)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000700)={0xffffffffffffffff}, 0x117, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f0000000780)={0x5, 0x10, 0xfa00, {&(0x7f0000000500), r3}}, 0x18) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f00000007c0)='veth1\x00') r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000800)='/proc/capi/capi20\x00', 0x80, 0x0) ioctl$DRM_IOCTL_MARK_BUFS(r0, 0x40206417, &(0x7f0000000840)={0x5, 0x0, 0xfffffffffffff68f, 0x2, 0x2, 0x8}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000008c0)={'eql\x00', 0x0}) recvfrom$packet(r4, &(0x7f0000000880)=""/40, 0x28, 0x0, &(0x7f0000000900)={0x11, 0x1c, r5, 0x1, 0x9a21, 0x6, @local}, 0x14) getresuid(&(0x7f0000000940), &(0x7f0000000980), &(0x7f00000009c0)) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000a00)=0x4) ioctl$TIOCLINUX3(r4, 0x541c, &(0x7f0000000a40)) getsockopt$ARPT_SO_GET_REVISION_TARGET(r4, 0x0, 0x63, &(0x7f0000000a80)={'TPROXY\x00'}, &(0x7f0000000ac0)=0x1e) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000b00)={0x2, {0xffffffffffffffc1, 0x1, 0x1, 0x1, 0x7f, 0x5}}) ioctl$KDGETMODE(r4, 0x4b3b, &(0x7f0000000b40)) r6 = dup3(r4, r0, 0x80000) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000000b80)={{0xcfc, 0x8}, 'port0\x00', 0xb, 0x80000, 0xb1, 0x8e6, 0x1ff, 0x6, 0x3c3, 0x0, 0x7, 0x8}) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000c40)=0x1ff) epoll_ctl$EPOLL_CTL_DEL(r6, 0x2, r4) write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000c80)={0x2, 0x80000000000}, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000cc0)={'dummy0\x00', r5}) 12:37:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:37:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:37:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 224.723288] IPVS: ftp: loaded support on port[0] = 21 12:37:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 224.935005] chnl_net:caif_netlink_parms(): no params data found [ 225.004895] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.011388] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.019594] device bridge_slave_0 entered promiscuous mode [ 225.035218] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.041679] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.049821] device bridge_slave_1 entered promiscuous mode 12:37:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 225.081268] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 225.092759] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 225.138100] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 225.146564] team0: Port device team_slave_0 added [ 225.163721] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 225.172118] team0: Port device team_slave_1 added [ 225.183169] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 225.191393] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready 12:37:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 225.267084] device hsr_slave_0 entered promiscuous mode [ 225.292891] device hsr_slave_1 entered promiscuous mode [ 225.333879] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 225.341289] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready 12:37:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 225.378616] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.385146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.392324] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.398894] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.489829] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 225.496199] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.525178] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 225.538377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 225.548034] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.564110] bridge0: port 2(bridge_slave_1) entered disabled state 12:37:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 225.586779] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 225.625731] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 225.632138] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.649219] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 225.657613] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.664115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.704596] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 225.712792] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.719328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.728739] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 225.757961] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 225.768628] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 225.779844] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 225.792617] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 225.800949] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 225.809683] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 225.818258] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 225.839117] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready 12:37:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 225.856417] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.865813] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 12:37:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12:37:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:37:56 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:37:56 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x2, 0x3, 0x19) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0xf5) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x23, &(0x7f0000000000)={{{@in=@multicast2, @in=@multicast1}}, {{@in6}, 0x0, @in6=@loopback}}, 0xe8) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000200)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)=ANY=[@ANYBLOB="e0000002000014aa0000000001001b580a368afb"], 0x14) 12:37:56 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:37:56 executing program 1: r0 = socket$kcm(0x2, 0x2, 0x73) connect(r0, &(0x7f0000000100)=@nl=@unspec, 0x80) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x0, 0x9}, 0x8) 12:37:56 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:37:56 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) close(r0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000140)=0xfb8, 0x4) write$binfmt_aout(r2, &(0x7f0000000580)={{0x810f, 0x9, 0x0, 0x203}}, 0x20) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x3e, 0x0) ioctl$ASHMEM_GET_NAME(r4, 0x81007702, &(0x7f0000000100)=""/13) 12:37:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000001c0)) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:57 executing program 1: mkdir(&(0x7f0000000580)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r0 = open(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0) mknodat(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) timer_create(0x7, &(0x7f0000000080)={0x0, 0x15, 0x4, @tid=0xffffffffffffffff}, &(0x7f00000001c0)=0x0) timer_delete(r1) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e23, 0x6, @dev={0xfe, 0x80, [], 0x10}, 0x4}}, 0x0, 0x32b7adbb, 0x0, "ccfc3587efafbaf052b4d7bb5e092d4746224fad07c5f65786940bb7bb078046b96224a1f8bf11dad6502a5df91229bbbfe5029d98488e94c84d1799737332f285519cee9e077affdff717b674e649fb"}, 0xd8) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x188fff, 0x0) r2 = dup(r0) renameat2(r0, &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000200)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000240)=0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={r3, @in6={{0xa, 0x4e21, 0x100000001, @empty, 0x6}}, 0x8000000000000000, 0x5c02, 0x7, 0xa38, 0x8}, 0x98) 12:37:57 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:37:57 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @multicast2}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x246, &(0x7f00006dc000)}, 0xfffffffffffffffb) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) write$binfmt_elf64(r1, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x1f, 0xae, 0x0, 0x2, 0x434, 0x2, 0x3f, 0xdf, 0x3bc, 0x40, 0x275, 0x0, 0xfffffffffffffffa, 0x38, 0x1, 0x3fff8000000, 0x9, 0x8000}, [{0x0, 0x81, 0x40, 0xd086, 0x400, 0x0, 0xfffffffffffffffd, 0x2}, {0x70000003, 0x9, 0x0, 0x7fff, 0x35, 0x1dd00ebf, 0x8, 0x374d}], "f61cb712a0c9ad870a04294e643b74dca56ec92dc3306f6c1f814f256c7a862dc933aa5736fdace880daaed83d998cd0a5fb7ee6933e9da6664f2e54e6e453cf4973fcc7dde3e06b74d9ad93b2acdd2f1449553f9e29cfa37d4246d3850705373ff141f95a01d1267a6cc60d660f4eafa26efc03cbdda1024b8df2cec7663d99bd6aa1027864be8f29784ad1ca083f1641c896853bfe3864c6117f96dea619fadab14b69089f1f4231d7f86889c308bfbdc5b92fe8f04733803c3a314e232f1cc4226cf74ca9cb32c5b6b33230d9fa77e1670501fe7e15", [[], [], [], [], [], []]}, 0x787) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@remote, @in6=@dev}}, {{@in6=@initdev}, 0x0, @in6=@mcast1}}, &(0x7f00000000c0)=0xe8) sendto$inet(r0, 0x0, 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000000080)=@req={0x28, &(0x7f0000000040)={'batadv0\x00', @ifru_ivalue=0x34bef312}}) sendto$inet(r0, &(0x7f0000000200)="2e12fa6d3c3f07d5f683895884851f119a560e10e644ac31a18a14639be0a779e064e7195eceb0921866146e97e3d467cb085e50f33b327fd752ba40ef7b339200ba656ca891df09e5af02e0a22d95247d13c8063e0cf86a05e1682f3b5a0bee7296a961fc7e3a99caa6981ae9f0be2b37e8b62026981229e8fabb7a98440460a2e9", 0x82, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='nc\x00\x8a\x90\xc1\xf9\x8a\x1b\xce\xb7\x17X\xddYI', 0x10) shutdown(r0, 0x1) 12:37:57 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:37:57 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:37:57 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224\x00'}, 0x58) creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x2, 0x500) r2 = accept4(r0, 0x0, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ipv6_route\x00') setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0x15, &(0x7f0000000140)=0xa95, 0x4) sendfile(r2, r3, 0x0, 0x8) 12:37:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:57 executing program 1: r0 = memfd_create(&(0x7f0000000080)='\\\x00', 0x0) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000040)='mime_type,em1^vmnet0..mime_typemime_typevmnet1bdevselfeth1^.\x00') write$binfmt_script(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="754169a9da518c61e87e828e8b5c458b860124766740ba65ca88a6ae7a092a514da028a6ae83a3005501089e3bc3bea667cb7570cacad5c4b314dbcd23891cd10b44bd70da1e5774ce6789f2640221214b59b3d17610737f1a551067120512ef7f43294938700b900424c51d889610b1f8b97fb514456f0968e8e90624a07bf3391859a01fc5516c8241a21a6b437a1ff0f0fb391469a5759c1f31a2acc6a8a45ba40522c6c064953e10036a598fa78393f142872cda174512cfd18f9ab6290628ace1a2250905af006349eabc3318ebbc480591653267c3a922d420a56d2633431e9e6dc7b5f6ea1c919e6aa6652d72b6c874f1cf3b204f80b5293b5e10247fe4c04ec6f669a4964f8e2d20d5d4e44660726bc7b9643495d722446fcfaf20c844d849ada79493730864e5e1ffffffffffffff85dfdb822b1b48db7cbf3196d8fe98411127e3093b0000000000000000"], 0xc) execveat(r0, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x1000) ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f0000000100)=""/23) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c) bind$isdn_base(r1, &(0x7f00000000c0)={0x22, 0x2, 0x30, 0x2, 0x96e}, 0x6) 12:37:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x26, r2, 0x501, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x0, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x0, 0x6, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x0, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x0, 0x4, 0x102}, @IPVS_DAEMON_ATTR_SYNC_ID={0x0, 0x3, 0x3}, @IPVS_DAEMON_ATTR_STATE, @IPVS_DAEMON_ATTR_MCAST_IFN={0x0, 0x2, 'hwsim0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x0, 0x4, 0x7ff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x86}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}]}, 0xffffffffffffff86}, 0x1, 0x0, 0x0, 0x2000000008000}, 0x1) sendmsg$nl_route(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=@setlink={0x78, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_XDP={0x58, 0x2b, [@IFLA_XDP_FD={0x4c, 0x1, {0x0, 0x0, 0x0, 0x0}}, @IFLA_XDP_FLAGS={0x8}]}]}, 0x78}}, 0x0) 12:37:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x26, r2, 0x501, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x0, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x0, 0x6, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x0, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x0, 0x4, 0x102}, @IPVS_DAEMON_ATTR_SYNC_ID={0x0, 0x3, 0x3}, @IPVS_DAEMON_ATTR_STATE, @IPVS_DAEMON_ATTR_MCAST_IFN={0x0, 0x2, 'hwsim0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x0, 0x4, 0x7ff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x86}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}]}, 0xffffffffffffff86}, 0x1, 0x0, 0x0, 0x2000000008000}, 0x1) sendmsg$nl_route(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=@setlink={0x78, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_XDP={0x58, 0x2b, [@IFLA_XDP_FD={0x4c, 0x1, {0x0, 0x0, 0x0, 0x0}}, @IFLA_XDP_FLAGS={0x8}]}]}, 0x78}}, 0x0) [ 227.734869] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 227.753408] netlink: 'syz-executor.1': attribute type 1 has an invalid length. 12:37:58 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 227.898614] netlink: 'syz-executor.1': attribute type 1 has an invalid length. 12:37:58 executing program 1: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x3, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x0, 0x0) write$FUSE_LSEEK(r0, &(0x7f0000000080)={0x18, 0xfffffffffffffffe, 0x6, {0x31da}}, 0x18) futex(&(0x7f0000000040), 0x8, 0x0, &(0x7f0000000140), &(0x7f00000000c0), 0x0) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f0000000100)={0xa0, 0x3131354f, 0xfffffffffffff028, 0x7db0, 0x2, @discrete={0x9, 0x7}}) 12:37:58 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:37:58 executing program 1: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) futimesat(r0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)) r1 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0xe440, 0x103802) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x0, 0x0) write$cgroup_type(r1, &(0x7f00000000c0)='threaded\x1e', 0xff4c) 12:37:58 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 12:37:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x800, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={0xffffffffffffffff}, 0x113, 0xe}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000000100)={0xf, 0x8, 0xfa00, {r2, 0xa}}, 0x10) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9) 12:37:58 executing program 1: r0 = socket$isdn(0x22, 0x3, 0x4) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x5) clone(0x8000000, 0x0, 0x0, 0x0, 0x0) get_mempolicy(&(0x7f0000000000), &(0x7f0000000100), 0x81, &(0x7f0000ffe000/0x2000)=nil, 0x4) getgroups(0x8, &(0x7f00000001c0)=[0xee01, 0x0, 0xee01, 0xffffffffffffffff, 0xee00, 0xee00, 0xee01, 0xee01]) r2 = getgid() lstat(&(0x7f0000000200)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000240), &(0x7f0000000440)=0x0, &(0x7f0000000480)) getresgid(&(0x7f00000004c0), &(0x7f0000000500)=0x0, &(0x7f0000000540)) fstat(r0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = getgid() getgroups(0x7, &(0x7f0000000600)=[r1, r2, r3, r4, r5, r6, r7]) stat(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r9 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/btrfs-control\x00', 0x2000, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(r9, 0x400443c9, &(0x7f00000002c0)={{0x0, 0xfb8, 0x6ac, 0x800, 0x57, 0x1f}}) setgid(r8) r10 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20ncci\x00', 0x107903, 0x0) epoll_pwait(r10, &(0x7f0000000640)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x366, &(0x7f00000006c0)={0x7fffffff}, 0x8) setsockopt$inet_mtu(r10, 0x0, 0xa, &(0x7f0000000180)=0x3, 0x4) r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x1ad61a27c316a130, 0x0) ioctl$KDSKBMODE(r11, 0x4b45, &(0x7f00000000c0)=0x200) 12:37:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:59 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2) write$FUSE_STATFS(r0, &(0x7f0000000200)={0x60}, 0x60) r1 = epoll_create1(0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.upper\x00', &(0x7f0000000440)=ANY=[@ANYBLOB="00fb12029ab5289401b83aa8e29bb310ae54b42379cd3c906ff4057ac4bb4bde85c4f6d8641308f0f2eadfdeb9e844b78d2c90f9a543a4ab7932fee9be0054b63bc27460b27d052e226500727adb00e71b50ef68d243d35fc1140a0a82bbf20cfae76d932bff158d547c2d07b8da65299f208e7e04af3ef2f458e0cf41c71877b7b5b130cf24a661e8777c2c93f37163fb698f9f5ab03c4ae546018ad10b2f9c383fa85c5266e63da7fe86fe615ea1b2016c756785442d3e95c412a4cdeedb7b9ee94ae5765775bc4f0c94a8b1abd2beb2298021589cdf96d5feb58cf241a2c702b31a215316ed3ce01b4c7af9e852295ae400000000000000a0ae9e41561a441b7ffe709dad1b22ec4b1e3aa4ab333f4b689f530b4070d44f979ce715a6fa0934de464533cfc427838e7ffe43fabbdb0b74bb228a0ffe17a32770c861fd43c896c7bf429cb19c3cf8"], 0x112, 0x2) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x7ff, 0x60040) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0x2, 0x0, [0x10000, 0x7, 0x6, 0x2, 0x7f, 0x5, 0x80, 0x10001]}) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000002c0)={{{@in=@multicast2, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@mcast1}}, &(0x7f00000005c0)=0xe8) connect$can_bcm(r2, &(0x7f0000000600)={0x1d, r3}, 0x10) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) r4 = request_key(&(0x7f00000001c0)='cifs.spnego\x00', &(0x7f00000003c0)={'syz', 0x1}, &(0x7f0000000400)='*wlan1:(mime_typelo\x00', 0xfffffffffffffff8) keyctl$get_keyring_id(0x0, r4, 0x934) write$P9_RRENAMEAT(r2, &(0x7f0000000280)={0x7, 0x4b, 0x1}, 0x7) 12:37:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:59 executing program 1: r0 = open(&(0x7f0000000080)='./file0\x00', 0x2000, 0x48) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000140)) r1 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x5, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc040564a, &(0x7f0000000180)={0x0, 0x1, 0x100a, [], &(0x7f0000000100)={0x0, 0x0, [], @p_u8=&(0x7f00000000c0)}}) r2 = dup(r1) write$FUSE_GETXATTR(r2, &(0x7f0000000000)={0x18, 0x0, 0x8, {0x6f}}, 0x18) 12:37:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:59 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4}}}, 0x108) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x147, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00') lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.origin\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x0) preadv(r1, &(0x7f0000000100), 0x2a2, 0x10400003) 12:37:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x0, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:59 executing program 1: r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x6f9b, 0x2, {0xb, @vbi={0x0, 0x200}}}) syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xffffffff80000000, 0x200001) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x2, {0xb, @pix={0x0, 0x1f}}}) 12:37:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x0, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:59 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000300)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_script(r0, &(0x7f0000000640)={'#! ', './file0', [], 0xa, "d1266d12e95afed85a1bf38aaf1b4ba88686b1d7eefe93e87be1cded9d0d73f957a0dc"}, 0x2e) ioctl$SG_IO(r0, 0x2285, 0x0) write$binfmt_script(r0, &(0x7f0000000440)={'#! ', './file0', [], 0xa, "96de86d81aacdb3ba584580de2bfff37e108271616dfd5e3fb5cabab678bd9cf0b8b1c"}, 0x2e) r1 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0xffffffff7fffffff, 0x94400) syz_open_pts(r1, 0x80) write$P9_RREAD(r0, &(0x7f0000000180)={0x2e, 0x75, 0x0, {0x23, "3035949eec64fef5cbb1d182820bc8bced96d6919b684878bef38a5998c79a92fc2af5"}}, 0x2e) write$binfmt_script(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="2321202e2f66696c65300ab8d958259b7169b2d643c65434fc53e2538fbfd5866cd9cf2f188ded000000"], 0x2a) r2 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x400800) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={0xffffffffffffffff}, 0x2, 0x1009}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r2, &(0x7f00000001c0)={0x8, 0x120, 0xfa00, {0x1, {0x2, 0x0, "1f03b1bba6bfb4dc64b6c849c3453db66fa576bec00aa02d38dca0d8645bf7e57407f329055aa822a21e9cf682243819c8282f3a487604f50eda3e21395b25500a3db0fc9e60c556ad131ccb59d56b0d40df5631148ebc7b11d9b47890d1ad45e5d6db74d6e84d89feca3ce5ddf980c563020102e54e39b570320902bfe8747323dc78df86a30516a424929cc413051ef814a64f5fa16a1510493402159212aaf409e8871217f29579c7990a1c5c7b162768934576181bbf9f012cca0a7afb64f1211036ad256344e02e42367bf643cb2c15dc141b171eef544240d457009a88898003f075cb25a706765be874cf21815012569fbc00458dcc66f1cac7787cfb", 0x74, 0x0, 0x3, 0x8, 0x0, 0x4, 0x8, 0x1}, r3}}, 0x128) write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0', [{0x20, 'eth0'}, {0x20, '#! '}, {0x20, '${'}, {0x20, '/dev/sg#\x00'}, {0x20, '#! '}], 0xa, "00fbdd695d"}, 0x2a) write$binfmt_script(r0, &(0x7f0000000080)={'#! ', './file0', [{0x20, '/dev/sg#\x00'}, {0x20, '/dev/sg#\x00'}], 0xa, "7370e8c9eb584ee345b2d52bd5ac60"}, 0x2e) write$binfmt_elf32(r0, &(0x7f00000004c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x58) 12:37:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x0, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:37:59 executing program 1: r0 = socket(0x200000000000011, 0x3, 0x81) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000000c0)=0x1, 0x4) bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r1, 0x1, 0x8, 0x6, @remote}, 0x14) 12:38:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:00 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x5, 0x4000) ioctl$TIOCCONS(r0, 0x541d) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x55, 0x4, 0x0, 0xbe5}, 0x8) ioctl$KIOCSOUND(r0, 0x4b2f, 0x7ff) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000180)=0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000001c0)={{{@in6=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}}}, &(0x7f00000002c0)=0xe8) getgroups(0x1, &(0x7f0000000300)=[0xee00]) r4 = getpid() getresuid(&(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)=0x0) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = getpgrp(0xffffffffffffffff) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000004c0)={{{@in, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f00000005c0)=0xe8) getresgid(&(0x7f0000000600), &(0x7f0000000640), &(0x7f0000000680)=0x0) r10 = fcntl$getown(r0, 0x9) getresuid(&(0x7f00000006c0), &(0x7f0000000700), &(0x7f0000000740)=0x0) r12 = getgid() sendmsg$unix(r0, &(0x7f0000000840)={&(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000140)=[{&(0x7f0000000100)="a5e2a27b413b4081e17f7ae0826c33684239f070c9d827b6198fb3c1ca6d5c8bfd83291021835afad423a84059f62e382e9e00", 0x33}], 0x1, &(0x7f0000000780)=[@cred={0x20, 0x1, 0x2, r1, r2, r3}, @cred={0x20, 0x1, 0x2, r4, r5, r6}, @rights={0x18, 0x1, 0x1, [r0]}, @cred={0x20, 0x1, 0x2, r7, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}], 0x98, 0x80}, 0x4000000) r13 = shmget(0x0, 0x3000, 0x2, &(0x7f0000ffa000/0x3000)=nil) shmctl$IPC_RMID(r13, 0x0) openat$md(0xffffffffffffff9c, &(0x7f0000000880)='/dev/md0\x00', 0x301000, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000008c0)={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x20}}, {0x0, @local}, 0x2, {0x2, 0x4e20, @multicast2}, 'ip6gretap0\x00'}) r14 = syz_open_dev$mice(&(0x7f0000000940)='/dev/input/mice\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000980)) r15 = syz_open_dev$admmidi(&(0x7f00000009c0)='/dev/admmidi#\x00', 0x3, 0x8000) r16 = syz_open_dev$usb(&(0x7f0000000a00)='/dev/bus/usb/00#/00#\x00', 0x3ff, 0x10000) ioctl$KVM_GET_MSR_INDEX_LIST(r16, 0xc004ae02, &(0x7f0000000a40)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r15, 0xc0a85322, &(0x7f0000000a80)) socket$inet6_dccp(0xa, 0x6, 0x0) clock_gettime(0x0, &(0x7f0000000b40)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r15, 0xc058565d, &(0x7f0000000bc0)={0x9, 0x7, 0x4, 0x7e000, {r17, r18/1000+10000}, {0x1, 0x0, 0x6, 0x401, 0x3, 0xfffffffffffffff8, "df1342c9"}, 0x8, 0x4, @planes=&(0x7f0000000b80)={0xfffffffffffffffd, 0x5, @fd=r14, 0x7}, 0x4}) 12:38:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:00 executing program 1: r0 = open(&(0x7f0000000200)='./file0\x00', 0x8000, 0x100) ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f0000000240)) r1 = msgget$private(0x0, 0x0) msgsnd(r1, &(0x7f0000000180)={0x0, "ff02b5d20d399fb5326a28eaad5c665b165e08f3c82405659d22b20a8e198d665e0362f410927aeb0cf8561dccd43e616ab4131d118d015218731f2b9dcb11eb344a98e924fa9c16b43267320d978a"}, 0x57, 0x800) msgrcv(r1, 0x0, 0x0, 0xc802002000000000, 0x0) msgsnd(r1, &(0x7f0000000040)={0x1}, 0x0, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0xa0000, 0x0) ioctl$VIDIOC_G_PARM(r2, 0xc0cc5615, &(0x7f0000000080)={0x7, @raw_data="3a54c2563b02e6c09a1fe815be1c336c032f0b95a530d359ca9c9f229fbca29e0702df1b1bc0fa2101852362d20126acb2775630f98496defe0eb086c86d08e13926d061f4da8def00d1c112221ab76fd49dc9774ecb054860fb51e74b5eb59dd523a8258319cbc05df476aa023192ea0c91be650a8cc076d7a573eb8da575564d74d8b7d064d94634fafb8416cc5984c695fb7e127a00307711e06c0bf6068b70c9a093e799d85c9840b108f8caa3919b3a6b9d7680aca8631c3600d3077b46b028627c8f58b296"}) 12:38:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:00 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000300)={0xc, 0x8, 0xfa00, {0x0}}, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet6_opts(r0, 0x29, 0x3f, &(0x7f0000000040)=""/253, &(0x7f0000000140)=0xfd) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$int_in(r0, 0x80000000005000, 0x0) 12:38:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:01 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x4000, 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f00000000c0)) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x4200, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x11, &(0x7f0000000000), 0x20395dd4) [ 230.980259] IPVS: ftp: loaded support on port[0] = 21 12:38:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:01 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r3, 0x84, 0x1b, &(0x7f0000000100)={0x0, 0x47, "9c74a3c9ff27b674ca1bfe64b06edc1c4e38a6d8534e379221f1fee8bbdb06b6f5ed7675af8950f1a9f37825993d9cb39c304ce4ef48cf5e934f18e02a6dcbcca1812a69404db5"}, &(0x7f0000000180)=0x4f) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000001c0)={0xa7, 0x204, 0x7, 0x7, r5}, 0x10) r6 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/pfkey\x00', 0x500, 0x0) write$FUSE_LSEEK(r6, &(0x7f0000000240)={0x18, 0x0, 0x6}, 0x18) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000005c0)={'vlan0\x00', 0xd803}) r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x40001, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f00000000c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x1, 0x0, 0x3, 0x4, 0x8, 0x5}, 0x20) ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={'vlan0\x00\x00\xf6\xff\xff\xff\xff\xff\xff\xff\x00', {0x2, 0x0, @local}}) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x2f, &(0x7f0000001400)={0x0, {{0x2, 0x0, @loopback}}, {{0x2, 0x0, @multicast1}}}, 0x108) [ 231.233457] chnl_net:caif_netlink_parms(): no params data found 12:38:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 231.342372] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.348870] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.357938] device bridge_slave_0 entered promiscuous mode [ 231.406922] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.413601] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.421770] device bridge_slave_1 entered promiscuous mode 12:38:01 executing program 1: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="4c0d69a01f1003a3ed16b1b022c8c7df36b038eab5353430d0af4d937124fa6f"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='gfs2\x00', 0x0, 0x0) r0 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x0, 0x2) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f0000000240)={{0xfff, 0x9}, 'port0\x00', 0x10, 0x10000, 0x0, 0x8, 0x2, 0x5, 0x0, 0x0, 0x1, 0x3}) r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x6, 0x80) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r1, 0xc0105303, &(0x7f00000000c0)={0x2, 0x7fff, 0x808000000000000}) 12:38:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 231.539489] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 231.565357] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 231.631536] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 231.639940] team0: Port device team_slave_0 added [ 231.673520] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 231.681896] team0: Port device team_slave_1 added [ 231.715476] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 231.734152] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 231.946624] device hsr_slave_0 entered promiscuous mode [ 232.083298] device hsr_slave_1 entered promiscuous mode [ 232.223354] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 232.230831] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 232.267774] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 232.339667] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.350928] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 232.365701] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 232.373792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 232.381427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 232.397025] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 232.403227] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.418250] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 232.425511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 232.434097] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 232.442288] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.448714] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.463454] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 232.478535] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 232.486881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 232.495223] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 232.503652] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 232.511725] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.518219] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.526000] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 232.542729] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 232.554177] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 232.566682] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 232.579752] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 232.591275] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 232.600799] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 232.610770] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 232.622330] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 232.629426] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 232.638582] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 232.647515] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 232.656207] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 232.664996] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.673497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 232.681724] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 232.690330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 232.698580] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 232.708312] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 232.716489] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 232.745512] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 232.761225] 8021q: adding VLAN 0 to HW filter on device batadv0 12:38:03 executing program 2: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x40000, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000009fe8)={0xfffb, 0x1d, 0x3, 0xffffffffffffffff}) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x1013, r1, 0x0) 12:38:03 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='\x00', 0x0) mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x1000008, 0x400012, r0, 0x0) rt_sigaction(0x7, &(0x7f0000b4a000)={0xfffffffffffffffd, {}, 0x0, 0x0}, 0x0, 0x8, &(0x7f00005eaff8)) syz_open_procfs(0x0, &(0x7f0000000480)='net/netstat\x00') syz_open_procfs(0x0, &(0x7f0000000180)='net/arp\x00') 12:38:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x0, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:03 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) close(r0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x50000, 0x0) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_MON_SET(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x28200015}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0xc4, r3, 0xa04, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x94, 0x1, [@TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'team_slave_1\x00'}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'bcsf0\x00'}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x3ee, @ipv4={[], [], @empty}}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x20, @local, 0x5}}}}]}, @TIPC_NLA_NODE={0x1c, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x20}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x80}, 0x4000) 12:38:03 executing program 2: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2400, 0x10) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000040)={0x0, 0x86, 0x10, 0xfffffffffffffffc, 0xdd8}, &(0x7f0000000080)=0x18) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000000c0)={r2, 0x6}, 0x8) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x0) 12:38:03 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha384\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1, 0x20000) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x5, 0x2, 0xfffffffffffffff7, 0x1, 0x5474000000}, &(0x7f0000000080)=0x14) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f00000000c0)={r2, 0xdf, "7bfbf391ae52fef3e992db8b9aec970f2949c1ae445d02f8c2432be9f1cc4fb9bb30de1f67e274249aa1977a3a4f1e639b9009aa74e064214386bb9878376cc4413078ae685d2b23d8bc707422f0297843feb144df70237bec35dca4d8c364909aa089266fe6f17650be9e3b35319fa219f0072549c5fcb87a9dcd0afad41ce1df3d88566f60613c00053d8b7f7a46ca3a06127abfdd2c056be8b6fa4c57f7f6260064c74251cbec170d1b92078dd7aa15dd087d01c32b8679b71a4599530d258c5cd129b4565e7671bbcd5b00ca17b8e8813770d3ba6f74cbf1e026f63ff5"}, &(0x7f00000001c0)=0xe7) sendto$unix(r1, &(0x7f0000000200)="721794c1387c8b74cfe4a6e2c0729d23a8661ca0add75ae7cded4ff6fca0413919349718e6367a1d9423b5cb3d3655b926eec08815515ce4f02530a7df682cd46dcad1770a175413778b0c02dd5e5aa0ccc9b04aec7f12", 0x57, 0x8000, &(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e) 12:38:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x0, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:03 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00') move_pages(0x0, 0x1, &(0x7f0000000140)=[&(0x7f0000ffe000/0x1000)=nil], 0xfffffffffffffffd, 0x0, 0x0) lseek(r0, 0x800000000, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000040)=0x0) move_pages(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000ffd000/0x2000)=nil], &(0x7f00000000c0)=[0x10001, 0xff, 0x5, 0xeb], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x4) sendto$unix(r0, &(0x7f0000000180)="16abf00ac65c05674e503c01b6669f72501f8e90a506952a323da9983e616cd3fa7072e4d08e670c829cba5b7678a93e80eb", 0x32, 0x20048800, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e) ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000240)=""/229) ioctl$KIOCSOUND(r0, 0x4b2f, 0x2) 12:38:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x0, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:04 executing program 2: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000002c0)={'vcan0\x00', 0x0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x200000, 0x0) ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f0000000300)={0x9, 0x2, 0x6, {0xf, @vbi={0x0, 0x6, 0xfff, 0x34524742, [0xc6e1, 0x5], [0x8, 0x4], 0x2}}}) r3 = dup3(r0, r0, 0x80000) sendmsg$can_bcm(r0, &(0x7f0000000480)={&(0x7f0000004000)={0x1d, r1}, 0x10, &(0x7f0000002ff0)={&(0x7f0000000180)={0x1, 0xffffffffffffffff, 0x8000000, {}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "a702ca9c1a8d1dc1e4e29ed4d2927b5e8155ac02a25334d332f97653d9d90256b4da4ec6f2b44831a3b878ada2f3e5883f2f7c806fb61c1993cc4f19a22c61e4"}}, 0x80}}, 0x0) connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10) 12:38:04 executing program 1: r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000001c0)={{{@in=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@dev}}, &(0x7f0000000040)=0xe8) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000002c0)={r1, @local, @local}, 0xc) sendto$inet(r0, &(0x7f0000000100)="410cf89c34d18edd178a6d5548d70f612e995d52a292d125f2b93454263ac182ba8064ba13fcc8badddcb101c8fddcc7310dea5253ec4e62c2151ac4b6e7fe6581dbd9e02d38c89f1080cb83244e2ec3d855222801e8b44108223d6f826d59e1635086339cd33c60f4046276018e7689f9a154b67d02014d9c365da105f9e712a7f2fae6784b5ee857bd71af1d2effab8c4ba2f76bc24c80e438a3d49843536232ac952aeb3b993e04e00e45", 0xac, 0x11, &(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10) getsockopt$inet_int(r0, 0x10d, 0xb5, &(0x7f00000000c0), &(0x7f0000000080)=0x4) getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000340), &(0x7f0000000380)=0x4) r2 = syz_open_dev$usb(&(0x7f0000000300)='/dev/bus/usb/00#/00#\x00', 0xb3b, 0x40000) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000003c0)='dctcp\x00', 0x6) 12:38:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:04 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0) clone(0x10000000000fffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='\x00\x00\x00\x00\x00\xe8\xee\xc9\x96\xc2;\xaf\t\xa8M*\xe4;~y\xb2\xb3\xba\b;/\xb6&\xa5\xaa\xcec\x1e\x8a;\xea;P\xb5w^2\f\xe5\xcc`\xa0\xce\xf0+\x19v\xb9I\xdf\xfe\x13\xd9\x1a\xd6;+\x16\x05\x1a\xa8l>\x82@\x0f\xdf\xcd\x99\x9a\x13\xe2[F\xf0\xc1\xfb\xae\xb5\xb5\x1f\xf3\xe9\xd5\xbf\x13k\xbc)\xa1nbx\x9c\x02\xa6p?\x12\x89\nAr\xe9Q\xb0\x80Q\x8e\xf2\xf0y\xe0\x04\xbd\x93K!\xa0D-\xfc\x12\x02\xe2\xb5WQ\xb4\xb1\xf2\x16)\xc8\b\xc2\x99\x9a\xd9\xa6p\xedK\xb5\x8b\xe8\xbf\xa0\xa1\x13\xd78Mt$\x06\xb6c\xd0Y\x05\xd1l\x98|\xff\xb5\v\x93\x7f\xbc\x1a\x7f\xa9\xc8w\xc9\x8d\x81\x85)N0\xab\xff\v\xbfE\xda\vD\x8f\x12\x0f\xfc\x17\x89\x00\x00\x00\x00\x00\x00\x00') exit(0x0) ioctl$RTC_UIE_OFF(r0, 0x7004) r1 = openat$cgroup_ro(r0, &(0x7f0000000900)='mem\x00\x01y7\x981aS.c\x00r\x89\xc9B\xab\xe3\xfarent\x00\x12\xbe\xcbES\x1c\x85P\x195\x12\x86\xa9\xbd\x12\x88\xc5\x10\x86\"\x03\x16\xfc\x11-?K0o$\a\xb6\x15Pcb\xf6\xf46\xce\x16w\x8f\xbf.\xc2\x84z@\aO#\"\x15Nh\x10\xe3\x9cj\x93b0&\xeb\v\x8b\x17\xf6K\xb9\xf8t\xe6\xa1\xb0\x8c\n\xf1y\xb2Y\x02\xfc\x19\x16\xc2x\\V\xf3\x8a\xb6\x8c\xa6\xee\xf4s\x8aC\xb3\x11}l%\x02P(J\xde\xe7\x1c\xa0\xd4\x96#\xdbmM\xb1\x98x\x19/5\\/=\xd3\xf9\xde\xb4\x12\x83\xd2\a\x00\xadP\xb9\x06\xbc\x14J\x89\xda\x89\xc8\xd1=\xbb\x00\x916\x97\xdd\xa0\xfbH\xad\xa9J\x1d\n\x15$\xbf\xfe\xec\'?^HxA_\x11\x12\xc1\xa1\x0fs{m\xfa\xa5\xa7\x00\xbf=x\xd7\x1f#\x06\xe2\xd5?\xfaw\xad\xb7\xfbq\xf7E\x11c\xa5\xe0)\xe3\x1a\x81\xb4w]R\x15\x00\xb9_9\x15\xa0\x04\v\xc0e\n\x84\xa0\x9c\xa1\x0fh\xde\xc9IN\x87A}\xffUpu8+\x84\xce\x91.\x0f\xe5M\xf1I\x04\x88\xe7\xe4Uz0\xc7\xaf}\xa1\xb9\xa4l\xae\xe4Q\x04\xcb\xe7\xb4X\x80\xed\xb9\xb9haF\x9b~|Vr\x9c<\x1f\\\x02\xf4\b\x90\xdaD\x0er\"s\xd7\x1f\x12Au\xea\xa6\xe3U\x91\xf85\x81\x19\xb0\x06a\x9a0\xa0\xd0Q\xfdN\xfd\x18\x10$\xc6\xa5\x029\xd7\xed-\x9f\n\xb6\f\xae\x92\x02I\xbaw\x91\x14E\xd1L\xa4\x7ffW8\x00\x8e\x0e*\xf9\xbe}\xfa=\x1c\x14T\r\xc1\x88\xe4-\xf7Cf\x1fk\xb9\f\xcc\xbco \x03\xd1\x06JF\xca.\x10|\x9b\xad\xdb\x1c#i\xbd\xe2\xd6w\x03\xa1<\xe5\xcc\x030\xec\x0fW\x1d|h\xee\x8fO\xa3a\xb3\xcba\x05\xa4\xd3\xd4h\xab\xa0\x7f\xc2h\xfd\xbdx\xfd P8\x05\xe8\xb2\x05\xac\xa8\xc8\xe8x\xa7\xaf\xec\x8c3\xba\x9b,e\xc4\x98\xfc\xff\xa4\xf3\xc4)GC\xfe7/$\xf4\xa5\x87\xac9\xd7\x04\xd5\x9f\xed\x0f(\x16%\xaa#\xb3lY\x8f\xe7x\xb8\xca\x1e\xd6\x81w\x1c\x17\x8cJ\xa4r\xea\\I=^;^\x03\x06\xc0\x0f\x8d\x8e\n\xf6\xc2o\xb2\xe3\x16i\xf5|\xcd\n\xddR,\xc3\xc3v\xc7(\xfd\xa4\r\x13\x80DpN\xac\v\a\xe6\xb2e\x87]\xb5T\xecd\xc8|\x1dE(W\x1b&\x8b\xc2\xd6\xfa=\xf5(\xe8`L\af\xfe\xf7\xe4Y\xc7\x8d\xef\x128\xbbPB]', 0x0, 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000180)=""/145, 0x91}], 0x1) socket$packet(0x11, 0x3, 0x300) write$FUSE_NOTIFY_POLL(r1, &(0x7f0000000340)={0x18, 0x1, 0x0, {0x3}}, 0x18) set_mempolicy(0x3, &(0x7f0000000640)=0x4, 0x800) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000240)={0x0, 0xac6f}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000002c0)={r2, 0x8}, &(0x7f0000000300)=0x8) r3 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x4, 0x80003) setsockopt$inet6_opts(r3, 0x29, 0x3f, &(0x7f0000000140)=@fragment={0xaf, 0x0, 0x318, 0x84, 0x0, 0x9, 0x65}, 0x8) 12:38:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:04 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x12, r0, 0x0) mincore(&(0x7f00000b7000/0x3000)=nil, 0x3000, &(0x7f0000000080)=""/144) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xfe51, 0x20000) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffff) setsockopt$netlink_NETLINK_RX_RING(r1, 0x10e, 0x6, &(0x7f0000000140)={0x1c026a60, 0x9, 0x200, 0x100}, 0x10) 12:38:04 executing program 1: socketpair$unix(0x1, 0x80000000003, 0x0, &(0x7f0000000200)={0x0, 0x0}) write$binfmt_elf64(r0, 0x0, 0x0) close(r0) write$binfmt_elf64(r0, &(0x7f0000000240)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0x62, 0xb6a, 0x8, 0x509, 0x3, 0x7, 0x7f, 0x2cf, 0x40, 0x3, 0x5, 0x25, 0x38, 0x2, 0x4cdd5ca9, 0x8a9a, 0x8}, [{0x6474e551, 0x8001, 0x8, 0x7fff, 0x4, 0x20, 0x5, 0x1000}, {0x7, 0xffffffff, 0x8001, 0x1fffffffe00000, 0x8b, 0xffffffff, 0x40, 0x80000001}], "3344f7264d40d2c2b8202906d0eb0a49492238a6364e53534a43c9962b51042f4716394c5277c056d881b756440e4bc1618ffc601d1202249b0f91ad2f75e4ee1883fdd4133aec3b92559e9d7ee9674af2c831da41727a8aa815f674eb1b3f01d7975d5bdb71f05c5c8217e212a79c3a76389d5bcbf38d30f3eae5f9ff7f15aeac8e018a28afd5ff6e3037366fa1e337d1e35f6bd07acd55af89542067f0b75bb9fd0824aaeb75f9769f014cb75fa73917c61c", [[]]}, 0x263) connect$unix(r1, &(0x7f0000000000)=@abs, 0x6e) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x8000000000400006, 0x0) ioctl$SG_GET_PACK_ID(r2, 0x227c, &(0x7f00000000c0)) 12:38:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:04 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) recvmmsg(r0, &(0x7f0000002840)=[{{&(0x7f0000000040)=@tipc, 0x80, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/231, 0xe7}, {&(0x7f00000001c0)=""/180, 0xb4}, {&(0x7f0000000280)=""/73, 0x49}, {&(0x7f0000000300)=""/26, 0x1a}, {&(0x7f0000000340)=""/31, 0x1f}, {&(0x7f0000000380)=""/160, 0xa0}], 0x6, &(0x7f00000004c0)=""/1, 0x1}, 0x2}, {{&(0x7f0000000500)=@x25, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000580)=""/45, 0x2d}, {&(0x7f00000005c0)=""/133, 0x85}, {&(0x7f0000000680)=""/118, 0x76}, {&(0x7f0000000700)=""/100, 0x64}, {&(0x7f0000000780)=""/65, 0x41}, {&(0x7f0000000800)=""/53, 0x35}, {&(0x7f0000000840)=""/128, 0x80}, {&(0x7f00000008c0)=""/219, 0xdb}, {&(0x7f00000009c0)=""/142, 0x8e}], 0x9}, 0x77}, {{&(0x7f0000000b40)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [], @dev}}}}, 0x80, &(0x7f0000000e00)=[{&(0x7f0000000bc0)=""/162, 0xa2}, {&(0x7f0000000c80)=""/215, 0xd7}, {&(0x7f0000000d80)=""/75, 0x4b}], 0x3, &(0x7f0000000e40)=""/73, 0x49}, 0x1}, {{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000ec0)=""/240, 0xf0}], 0x1, &(0x7f0000001000)=""/82, 0x52}, 0x5}, {{&(0x7f0000001080)=@nfc_llcp, 0x80, &(0x7f0000002700)=[{&(0x7f0000001100)=""/197, 0xc5}, {&(0x7f0000001200)=""/253, 0xfd}, {&(0x7f0000001300)=""/4096, 0x1000}, {&(0x7f0000002300)=""/147, 0x93}, {&(0x7f00000023c0)=""/179, 0xb3}, {&(0x7f0000002480)}, {&(0x7f00000024c0)=""/164, 0xa4}, {&(0x7f0000002580)=""/134, 0x86}, {&(0x7f0000002640)=""/127, 0x7f}, {&(0x7f00000026c0)=""/3, 0x3}], 0xa, &(0x7f00000027c0)=""/75, 0x4b}, 0x7f}], 0x5, 0x40012140, 0x0) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000002980)={0x3, [0x1f, 0x9, 0x6]}, &(0x7f00000029c0)=0xa) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x0) setsockopt$packet_int(r0, 0x107, 0x13, 0x0, 0x0) 12:38:04 executing program 1: getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0}, &(0x7f0000000140)=0xc) ioprio_set$uid(0x3, r0, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000017c0)=[{{&(0x7f0000000000)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) r3 = syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0x8, 0x200) ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f00000000c0)) setsockopt$IP_VS_SO_SET_EDITDEST(r3, 0x0, 0x489, &(0x7f0000000240)={{0x7f, @multicast1, 0x4e21, 0x1, 'ovf\x00', 0x20, 0x9, 0x4b}, {@empty, 0x4e21, 0x4, 0x917b, 0x81, 0x80000000}}, 0x44) mmap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0xa, 0x10, r3, 0x0) sendmmsg(r2, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r3, 0x40045402, &(0x7f0000000180)) 12:38:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:04 executing program 2: r0 = epoll_create1(0x80000) r1 = epoll_create1(0x0) close(r0) syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0xffffffffffffffff, 0x2) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000780)={0x4000201f}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000180)={0x2}) 12:38:04 executing program 1: r0 = socket$packet(0x11, 0x400080000000002, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000100)=[{0x4000000028, 0x0, 0x0, 0xfffff010}, {0x80000006}]}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r2 = dup(r1) getsockopt$ARPT_SO_GET_ENTRIES(r2, 0x0, 0x61, &(0x7f0000000200)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000073000000fb93c223f0265712f8f5a468923bed253dbfcb838071b597e1671f1bc8d806005c6998e54b2291689115135b5ebce7f96dced7c8d15cbc2ee835889ba1f8ba09f92af8db0a3d98bab2718027a972cc27bbbe19164ceb3e98cc95df54dbc874fc49781b8f5de5cef694b012929c6fade1d6039797417c3f6e3ad9682a"], &(0x7f0000000000)=0x9b) 12:38:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 234.962630] protocol 88fb is buggy, dev hsr_slave_0 [ 234.968133] protocol 88fb is buggy, dev hsr_slave_1 12:38:05 executing program 2: r0 = syz_open_dev$evdev(&(0x7f00000002c0)='/dev/input/event#\x00', 0x0, 0x819) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = gettid() getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f00000000c0)=0x4) write$FUSE_LK(r1, 0x0, 0x0) ioctl$VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000140)={0x9e89, 0x5, 0x4, 0x100000, {0x0, 0x2710}, {0x1, 0x0, 0x7, 0x8, 0x4, 0x6, "d15f310a"}, 0x81, 0x2, @userptr=0xfffffffffffff722, 0x4}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070") timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) tkill(r2, 0x8001004000000016) 12:38:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x7c9, @mcast2, 0x5}, @in={0x2, 0x4e22, @multicast1}, @in6={0xa, 0x4e22, 0x7fff, @dev={0xfe, 0x80, [], 0x16}, 0x8001}, @in={0x2, 0x4e20, @rand_addr=0x4}], 0x58) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x1a8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, 0x0, &(0x7f0000000480)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x11, 0x0, 0x86dd, 'caif0\x00', 'veth1_to_team\x00', 'syzkaller1\x00', 'veth1_to_team\x00', @remote, [], @link_local, [], 0xe8, 0xe8, 0x118, [@ip6={'ip6\x00', 0x50, {{@dev, @ipv4={[], [], @initdev}, [], [], 0x0, 0x88, 0x9d1e}}}]}}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8}}]}]}, 0x220) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000140)={0x6, 0x7fffffff, 0x3, 0x5, 0x8, 0xf127}) 12:38:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:05 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/raw6\x00') r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = socket(0x10, 0x803, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f00000000c0)) write(r2, &(0x7f0000000000)="2600000022004701050007008980e8ff06006d20002b1f00c0e9ff094a51f10101c7033500b0", 0x26) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000d9bffc), 0x4) sendto(r2, &(0x7f00000005c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvfrom(r2, &(0x7f0000002a00)=""/214, 0xd6, 0x0, &(0x7f0000002b00)=@pppol2tpv3, 0x80) setsockopt$inet6_udp_int(r2, 0x11, 0x65, &(0x7f0000000140)=0x5, 0x4) recvfrom(r2, &(0x7f0000000800)=""/4096, 0x1000, 0x0, &(0x7f0000000380)=@in={0x2, 0x0, @loopback}, 0x80) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000080)={0x9, 0xffff}) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000240)={0x0, 0x0, [], @bt={0x8, 0x101, 0x6, 0x5, 0x9, 0xf2, 0x1, 0x4}}) 12:38:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:05 executing program 1: r0 = socket$inet_sctp(0x2, 0x8000000000011, 0x84) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, 0x0) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@int=0x100000000, 0x4) 12:38:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:05 executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) ioctl$VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0xd) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x400102, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000180)={0x0, 0x7a, "58f3b38597fccc0546e6f523cb31383720aecacb4578ef0afecc8eae5ff19cd73feb5ca3ffb085ef8b89c7219ebe1357461c9ed0650194823145d15edaa3130744fd45046e36db1fba7c39c9f5c8897ea681b21b17ca810f75f7663c87d4f158be1a47b568d48ccb01cf1c22523750474c845d91a129965e9eb7"}, &(0x7f0000000040)=0x82) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, &(0x7f0000000240)=0x4) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1) 12:38:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:06 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) fcntl$setflags(r0, 0x2, 0x1) r1 = syz_open_dev$vbi(&(0x7f0000000340)='/dev/vbi#\x00', 0x0, 0x2) ioctl$RTC_AIE_OFF(r1, 0x7002) ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000004c0)={0x9, @sdr={0x7f535767, 0x6}}) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r2 = socket$inet6(0xa, 0x1, 0x8010000000000084) socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r2, 0x5) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) write$P9_RFLUSH(r0, &(0x7f0000000180)={0x7, 0x6d, 0x2}, 0x7) write$P9_RLINK(r1, &(0x7f0000000380)={0x7, 0x47, 0x1}, 0x7) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000100)=@fragment, 0x8) r4 = accept(r2, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x0, 0x0) readlinkat(r5, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)=""/105, 0x69) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000140)=0xc) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000600)={{0x8, 0x7, 0x4, 0x6, 'syz0\x00', 0x3}, 0x0, 0x4, 0x95, r6, 0x3, 0x7, 'syz0\x00', &(0x7f00000005c0)=['syz0', 'wlan0$-!\x00', '\x00'], 0xe, [], [0x6, 0x1002, 0x200000000000081, 0xff]}) ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000040)={@hyper}) ioctl$int_out(r1, 0x5462, &(0x7f00000003c0)) write$binfmt_misc(r4, &(0x7f0000000000)={'syz0'}, 0x10140) socket$inet6(0xa, 0x6, 0xfffffffffffffff8) 12:38:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:06 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x101002) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0xc) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000040)=""/54) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000080)={0x0, 0x22, "cf0906ee5788780b235be7ecda7240977c74de504db5da2a8854c30a2a66467a35a2"}, &(0x7f00000000c0)=0x2a) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={r1, 0x3fffffffc0, 0x3, [0x101, 0x80000001, 0x80000000]}, 0xe) ioctl$VIDIOC_ENUMOUTPUT(r0, 0xc0485630, &(0x7f0000000140)={0x8, "5f56257425eed673fcae7f61b8dac80222bb7b68f5dbbae2fe2e3a2d1b6e3851", 0x3, 0x4be, 0x2, 0x13a0008, 0x6}) prctl$PR_SVE_SET_VL(0x32, 0x152f7) write$FUSE_INIT(r0, &(0x7f00000001c0)={0x50, 0x0, 0x8, {0x7, 0x1c, 0xffffffffffffff81, 0x80, 0x3, 0x20, 0x3f, 0x3ff}}, 0x50) r2 = socket$unix(0x1, 0x0, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x20, 0x1) setxattr$trusted_overlay_opaque(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='trusted.overlay.opaque\x00', &(0x7f0000000300)='y\x00', 0x2, 0x1) r4 = msgget$private(0x0, 0x2) msgsnd(r4, &(0x7f0000000340)={0x0, "7991b2aca660ffb317f2abf32cf16aef47d5fd9c17af89ca5aa346010e3af8560fe590f4abff96285da60f2f1c67a24df2fd2c557c3a1048f8ffdce27072b08218e0ccae2d0732e1644cd17c73a4b731de8e3939b85bf013dfcf0ed18dcf65622570600afca9f1820f8eaf9f67957063842e085140306e5d51ca6728b3"}, 0x85, 0x800) recvfrom(r2, &(0x7f0000000400)=""/250, 0xfa, 0x40, &(0x7f0000000500)=@rc={0x1f, {0x35f, 0x6, 0x3f, 0x1630c30e, 0x5, 0xe877}, 0x217eec14}, 0x80) fsetxattr$security_smack_entry(r0, &(0x7f0000000580)='security.SMACK64\x00', &(0x7f00000005c0)='\\\x00', 0x2, 0x1) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000600)={0x800100f, 0x1f, 0x2}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000680)={0x0, 0x40, 0x83e3, &(0x7f0000000640)=0xfffffffffffffffd}) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000700)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x28, r5, 0x200, 0x70bd2c, 0x25dfdbff, {{}, 0x0, 0xb, 0x0, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x1) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000a00)={{{@in=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@initdev}}, &(0x7f0000000b00)=0xe8) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xb, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, [@map={0x18, 0xf, 0x1, 0x0, r0}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x7}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x7}, @jmp={0x5, 0x5, 0x7, 0x6, 0x0, 0x0, 0xffffffffffffffff}]}, &(0x7f0000000880)='GPL\x00', 0x8001, 0xa6, &(0x7f00000008c0)=""/166, 0x41100, 0x1, [], r6}, 0x48) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000bc0)={r1, 0x80000001, 0x6, [0x2, 0x5, 0x2fee, 0x4, 0x10000, 0x66]}, 0x14) write$binfmt_elf64(r7, &(0x7f0000000c00)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x9, 0x5, 0x1, 0x0, 0x3, 0x3, 0x80, 0x348, 0x40, 0x350, 0x3, 0x2ab5, 0x38, 0x1, 0x1b60, 0x9, 0xffffffffffffff81}, [{0x1, 0x0, 0x9, 0x1, 0xffffffffffffc15a, 0x7, 0x0, 0x7af}], "61382c3f819b1cbe04a0a21978ed9bc9568a904ca708c4d4d7c0efe99a16b37e45d0078c644566e3e07b06447652a6ef44a82c941fedd29f5fb04be9fc5ad20c747808ca224bcd0f2d6dcd438b1f98eff3b1d172effd558cf42f914ef7a035fd", [[], [], [], []]}, 0x4d8) r8 = syz_genetlink_get_family_id$fou(&(0x7f0000001140)='fou\x00') sendmsg$FOU_CMD_ADD(r3, &(0x7f0000001200)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x1c, r8, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e23}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) fsetxattr$trusted_overlay_origin(r7, &(0x7f0000001240)='trusted.overlay.origin\x00', &(0x7f0000001280)='y\x00', 0x2, 0x1) name_to_handle_at(r3, &(0x7f00000012c0)='./file0\x00', &(0x7f0000001300)={0x92, 0x617, "d2d589e32d7d1177326a048785f1afe2aab60c275aad8dfc73921723b73e3a183f783c84f4811cb50e3ea09c259e2868c890222d05c68c8bb822a75a8194cfe7c18e4d11efcfe5a3fbde7809ae323da98e7429c33e2542ed65ffbf9768a2ff774abffe4c05cb886c656f62c9ea65d31de3d22325f28547f04febec58860baaa863b772f21ce7e0be0708"}, &(0x7f00000013c0), 0x400) gettid() ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000001400)={0x2, 0x1, 'client1\x00', 0x2, "5b8a6a5708be468a", "e9c872f942e78746ffbe2f84d2f90d1af861fa0b8d9d97bf6f2fc79b9f347227", 0x6, 0x1}) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f00000014c0)=[@in6={0xa, 0x4e21, 0x9, @ipv4={[], [], @rand_addr=0x5}, 0x6}, @in6={0xa, 0x4e21, 0x1, @empty, 0x7}, @in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e22, 0x6, @dev={0xfe, 0x80, [], 0x1d}, 0x2}, @in6={0xa, 0x4e22, 0x3, @empty, 0x95}, @in6={0xa, 0x4e21, 0x9, @empty, 0x3}], 0x9c) [ 236.869011] IPVS: ftp: loaded support on port[0] = 21 [ 237.097016] chnl_net:caif_netlink_parms(): no params data found [ 237.179514] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.186339] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.194609] device bridge_slave_0 entered promiscuous mode [ 237.215773] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.222501] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.230689] device bridge_slave_1 entered promiscuous mode [ 237.264078] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 237.277662] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 237.307694] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 237.316256] team0: Port device team_slave_0 added [ 237.325610] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 237.333994] team0: Port device team_slave_1 added [ 237.340200] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 237.351140] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 237.426754] device hsr_slave_0 entered promiscuous mode [ 237.474291] device hsr_slave_1 entered promiscuous mode [ 237.734959] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 237.742741] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 237.783560] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.790130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 237.797294] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.803868] bridge0: port 1(bridge_slave_0) entered forwarding state [ 237.925089] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 237.931272] 8021q: adding VLAN 0 to HW filter on device bond0 [ 237.944734] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 237.967291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 237.984685] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.994229] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.014292] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 238.061041] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 238.067284] 8021q: adding VLAN 0 to HW filter on device team0 [ 238.106448] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 238.113766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 238.122740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 238.131189] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.137721] bridge0: port 1(bridge_slave_0) entered forwarding state [ 238.153066] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 238.178080] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 238.193370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 238.202236] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 238.210352] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.216904] bridge0: port 2(bridge_slave_1) entered forwarding state [ 238.224617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 238.240061] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 238.266138] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 238.273859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 238.283203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 238.292041] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 238.307093] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 238.334112] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 238.341105] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 238.349377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 238.359946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 238.369247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 238.377781] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 238.391614] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 238.414719] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 238.426730] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 238.432909] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 238.443152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 238.451531] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 238.502674] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 238.521600] 8021q: adding VLAN 0 to HW filter on device batadv0 12:38:11 executing program 2: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4000000000000024, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x6, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x1, 0x40) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="41040000d803da76168dabae5ff582bbb739208143aff3a5f1d0dbc6674923d101493e5756f7d83a8bd0017cb41030a2317138aba144a0a0eb889b0ea9c329d388911940eb78263db536754b3b2c91298e50a11223950dcd58137302b01bd60b6cf6f5c0042ffc291ca61b22c9939d4d510ee61ec550b1e859bc46e1ff4f634d4f56e27456f8e2013e43c8a433e3f8f960999d16a584c31eda26835cf11824ee1ff4810c1e87d377634b089211b703524aded2f24d87cc774b4cd35ce2a10d81e71d422932020e91fca8a1cbdc78f8a013284729f762fbce0719176010a112298bda"], &(0x7f0000000140)=0x49) getdents64(r3, &(0x7f00000001c0)=""/79, 0x4f) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x800, 0x1}, &(0x7f0000000100)=0x18) setsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000180)={r4, 0xfffffffffffffff5, 0xe0fb, 0x1}, 0xffffffffffffff9b) close(r1) close(r0) 12:38:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:11 executing program 3: r0 = dup(0xffffffffffffff9c) ioctl$CAPI_NCCI_GETUNIT(r0, 0x80044327, &(0x7f0000000000)=0x2) r1 = socket(0x40000000015, 0x5, 0x0) unshare(0x600) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev}, 0x1c) 12:38:11 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ppp\x00', 0x101002, 0x0) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000380)='/proc/capi/capi20\x00', 0x8000, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f00000003c0)={0xd, 0x1, 0x5}) r2 = memfd_create(&(0x7f0000000ac0)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x06\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86\xbbV,v8y\x9b\x93\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd5\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00]p\x9cFf\xadv\xf8\x8a\xb4jT)\xc8\xb7\xa73?\x1c\x93w\xc67j=\xb1\xc0\xe8\x19\xcc\x84\x87\xf3\xb4\x14\x96\xec!\x17h\n\xf9\xb2\x12T+\xdc\xa6\xe9\"v*\x9e\xb8\x8c\x90}\x9c\xc9\xda\xe5\x18W5\r\xc2\xdb5P1\xc7\x1e|\xc1\xbb\xf4\x1a\xbe1\xca!+1`|h\xa8\xd8\'\xc6\xac\x16\xc4\xc6JuM\x98T\x8d+;\x16\xc5\xe9v\xae\'\x92\xbf\x1f\x17\xb8\x9ax\x8b\xbb\xf1\xc8)\xc5$\xf1M\x98\xb0\x1aP\x043\xc3\xe6\x9e\x87\x89\xebp,\x1di\x12\xf2\fj\xaf\xa6g\x00\xcfY\xf6S\xa3\xf8\x9b\x1d\xba\x1au\xa6\x1c\xae\r\xa9\xe1i)\xd2\xb0\x8f\x1b?wCX\x0f\x99S\xfaA\x13\xbd\xcb\xed\"\xba\xda\xa2\xd1\xefc#\xfd5\xfc\xf3k\xaa\x83+\x83\xc5\x1b\xa7\x82\xe3\xdb\xf2\xfb4B\x19\xf2', 0x0) ioctl$EVIOCGBITSW(r2, 0x80404525, &(0x7f0000000400)=""/21) pwritev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x0) fcntl$setflags(r0, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2(&(0x7f0000000100)={0xffffffffffffffff}, 0x80800) stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) fchownat(r5, &(0x7f0000000140)='./file0\x00', r6, r7, 0x0) accept4$unix(r4, &(0x7f0000000040)=@abs, &(0x7f00000000c0)=0x6e, 0x80000) sendfile(r0, r2, 0x0, 0x20000102000007) 12:38:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:11 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x5) getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000000140)=0xffffffffffffffa2) 12:38:11 executing program 2: r0 = socket(0x40000000015, 0x805, 0x0) unshare(0x40050900) connect$rxrpc(r0, &(0x7f0000000040)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0xca10, @dev={0xfe, 0x80, [], 0x14}}}, 0x24) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, 0x0, 0xfffffffffffffff6) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0xea16}, &(0x7f00000000c0)=0x8) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x8200, 0x0) ioctl$KDGKBMETA(r2, 0x4b62, &(0x7f0000000180)) setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000100)={r1, 0x80000000}, 0x8) syncfs(r2) ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000000)) 12:38:11 executing program 3: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000180)={&(0x7f0000000000)=@nl, 0x80, &(0x7f0000002000)=[{&(0x7f00000001c0)="5500000019007f5300fe01b2a4a280930a60362dffa843359154bda02c0001002caa976b00d1000019000500fe800000000000d21338d54400136ef75afb83de448daa7227c440b8220000060cec4fab91d4000000", 0x55}], 0x1, &(0x7f0000000240)}, 0x0) sendto(r0, &(0x7f00000002c0)="8aec193712af7171d98315946c94cb4109833a907ed0ee8e52cbbc1452c0c4c0df6cadb301751304e189a6f9787710c3ffdc6184d8b0ff53c849b387697e788b7008c9349532983249630a902ee1603532f1146f77fe0d5e97b98ab7c2cc7c1c2d65e7240fcb2542e0911aae691c84e8b53db0a74566ee10b9956a0a97fcabe09c69a31a9992e6395435e56b2a6b613a0aca30c02ad503933f9a0aeac51d73e90322c85d62808ab9fa0b2504f54505e15f006f85bcd266184bea2d9147644bc5fc4e62a9bcaae59cc72307582bc74f33b6fa4ff1957c003fa2a94e982ca8f0210f270df27c3326c3713c7572b5c59a8d7d19ca98c348fd935cb1ee358f", 0xfd, 0x0, &(0x7f00000003c0)=@pptp={0x18, 0x2, {0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x80) r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x6c0d659c, 0x1) write$P9_RVERSION(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="29feffff65ffff000000009d013950323030302e4cb6a2f624e828057e4792ed23d3186b831b93411ddac4cc1588ab63a6f292cb90a0e07ddf80ea4aedd9a72e433b29400c5cd7a8338861824fcee12e9e5762d77c6ac7bab43244c1e1b2b0b1e37b284f7ce55c3e2745b5de9218e001187b45ad3d4d7ba63f36e79deafcfa1ab28bc0bee44770bd6bff161b623a4acc9aa4c87f5ad2cae314d2cc049e08e900128ab341efc491e0d846a72a1e55702b45bdcf96c11362d3ff3d09bf4d2353d4a9f9b44e0c2107"], 0x15) ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000240)={0x7, 0x0, [{}, {}, {}, {}, {}, {}, {}]}) write$cgroup_int(r1, &(0x7f0000000100)=0x400, 0x12) 12:38:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 241.707771] netlink: 13 bytes leftover after parsing attributes in process `syz-executor.3'. [ 241.746332] netlink: 13 bytes leftover after parsing attributes in process `syz-executor.3'. 12:38:11 executing program 2: r0 = syz_open_dev$amidi(&(0x7f0000000240)='/dev/amidi#\x00', 0x5, 0x121000) setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000280), 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x7fff}, 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) getsockopt$sock_buf(r0, 0x1, 0x3f, &(0x7f00000004c0)=""/197, &(0x7f0000000400)=0xc5) r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x8000, 0x6d9d42c9b8e7aa52) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f00000005c0)={0x6, 0xf, 0x4, 0x3074823, {r3, r4/1000+10000}, {0x0, 0xe, 0x1, 0x1000, 0xc3, 0x4, "5088b055"}, 0x62, 0x7, @offset=0x8, 0x4}) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000100)={{0x48000000000, 0x7}, 'port0\x00', 0x82, 0x0, 0x9, 0x6, 0x8, 0xfffffffffffff127, 0x40008000000, 0x0, 0x3, 0x3}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r2, 0x0, 0x3, &(0x7f0000000040)='^#\x00'}, 0x30) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@ipv4={[], [], @empty}, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000000200)=0xe8) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f00000003c0)={0x46ba, 0x3, r5, 0x0, r6, 0x0, 0x2, 0x6}) clock_gettime(0x0, &(0x7f0000000640)={0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000680)={{0x6, 0x7, 0x7, 0x2, 'syz1\x00', 0x80000001}, 0x0, [0x7fffffff, 0x100000001, 0x51d, 0xfffffffffffff001, 0x0, 0x10001, 0x1c39, 0x3, 0x5, 0x5, 0x70a5, 0x3, 0xfffffffffffffffd, 0xcb2, 0x3, 0x100000000, 0xfffffffffffff7ac, 0xfff, 0xfffffffffffff001, 0x8, 0x13, 0x7ff, 0x1, 0x9a9, 0x401, 0x9, 0x5, 0x400, 0xffffffffffff0001, 0x7ef0, 0x8, 0x7, 0x1, 0x401, 0xe4e1, 0x3, 0xf36, 0x200, 0x3, 0x9, 0x1000, 0x6, 0x2, 0x6340, 0xe7, 0xff, 0x5, 0x6, 0x80, 0xfffffffffffffffa, 0x200, 0x9, 0x1, 0x3f, 0xe0, 0x80000001, 0xffffffffffffcf17, 0xffffffff00000001, 0x7fff, 0x0, 0x20, 0x1, 0x8308, 0xffff, 0x8, 0x3ee, 0x1000, 0x9, 0x8, 0x401, 0x200, 0x4, 0xffff, 0x1, 0x9ada, 0x5, 0x593, 0x8000, 0x7657, 0x95a, 0x20, 0x9, 0xc3a1, 0x5, 0x8, 0x2, 0x90a, 0x7, 0x9, 0x1, 0x100000000, 0x2, 0x3, 0x9, 0x2, 0x0, 0x6, 0x8e8f, 0x4, 0x8, 0x1, 0xffffffffffff873c, 0x13, 0x7, 0x1, 0x7, 0x905, 0x2, 0x1, 0x5, 0x7, 0x4, 0x3, 0x4, 0xfffffffffffffff9, 0xb1, 0x8001, 0x200, 0xb547, 0xee, 0x8001, 0x7, 0x9, 0xc96, 0x7f, 0x1, 0x5, 0x80000001], {r7, r8+30000000}}) openat$vsock(0xffffffffffffff9c, &(0x7f0000000480)='/dev/vsock\x00', 0x40000, 0x0) 12:38:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) 12:38:11 executing program 3: r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f00001bf000/0x1000)=nil, 0x1000, 0x0, 0x6011, r0, 0x0) mremap(&(0x7f00001bf000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) r1 = socket(0x0, 0x4, 0x8) setsockopt$netlink_NETLINK_RX_RING(r1, 0x10e, 0x6, &(0x7f0000000000)={0x80000001, 0x100, 0xffffffffffffffff}, 0x10) 12:38:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:12 executing program 4: r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x2000, 0x0) write$P9_RMKNOD(r0, &(0x7f0000000040)={0x14, 0x13, 0x1, {0x51, 0x2, 0x4}}, 0x14) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000080)={@in={{0x2, 0x4e22, @multicast1}}, 0x0, 0x0, 0x0, "13df23e1218f4803f49794a506d3b49f1b909ef1b1f6376727adeb45f9a16e1fb089512ad015e82f15000d6a66da34443c702f2c6735b177d03a5cfc617de51921d43fce2bd1a691dc73a3060e94681b"}, 0xd8) ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, &(0x7f0000000180)) setsockopt$TIPC_MCAST_REPLICAST(r0, 0x10f, 0x86) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8500}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x10, 0x70bd25, 0x25dfdbfc, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x44800}, 0x20000000) getsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000300), &(0x7f0000000340)=0x4) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000380)='/dev/autofs\x00', 0x36080, 0x0) ioctl$KVM_PPC_GET_PVINFO(r0, 0x4080aea1, &(0x7f00000003c0)=""/235) ioctl$IOC_PR_PREEMPT_ABORT(r2, 0x401870cc, &(0x7f00000004c0)={0x20, 0xbb, 0x10001, 0x8}) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000500), 0x4) setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000540)=0x540f28ef, 0x4) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000580)={'filter\x00'}, &(0x7f0000000600)=0x78) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x2100204}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x1c, r1, 0x300, 0x70bd25, 0x25dfdbff, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000740)={{0x3000, 0xf000, 0xf, 0x1, 0x36a, 0x5, 0x2, 0x80000000, 0x4, 0xfffffffffffffc00, 0x200, 0x1}, {0x1, 0x4000, 0x0, 0x8, 0x1, 0x7, 0x1ff, 0x0, 0x8, 0x7, 0x7, 0x6}, {0x0, 0x4000, 0xe, 0x1f, 0x8, 0x5, 0x4f83, 0x3, 0x1, 0x8, 0x3ff, 0x3}, {0x4000, 0x0, 0x0, 0x7fffffff, 0x6, 0x9, 0x10001, 0x40, 0x100, 0x4, 0x80, 0x2}, {0x5000, 0x100000, 0xd, 0x4, 0x0, 0x1ff, 0x0, 0x7, 0xfffffffffffffeff, 0x1, 0xffffffffffffff57}, {0x6000, 0x1, 0x8, 0x7, 0x2, 0x3, 0xbd19, 0x1, 0x9, 0x9, 0x5, 0x8}, {0x3000, 0x0, 0x3, 0x8, 0x8, 0x1, 0x3, 0xf29, 0x800, 0x9, 0xb3, 0xffffffffd6337dcc}, {0x0, 0xf002, 0xb, 0x9, 0x5, 0x1000, 0x5, 0x8592, 0xff, 0x55c, 0x0, 0x80000000}, {0x0, 0x5000}, {0x0, 0xf000}, 0x1, 0x0, 0x6000, 0x407, 0xd, 0x2000, 0xd000, [0x80000000, 0x2520, 0x5, 0x7fff]}) ioctl$BLKTRACESTART(r2, 0x1274, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000880), &(0x7f00000008c0)=0x4) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000900)={{0x5e, @empty, 0x4e21, 0x1, 'wrr\x00', 0x10, 0x80000000, 0x77}, {@dev={0xac, 0x14, 0x14, 0x1b}, 0x4e21, 0x2, 0x3, 0x1000, 0x8}}, 0x44) setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000980)={0x7, 0x9, 0x101, 0x1000, 0x10001, 0x80f, 0x3f, 0x0, 0x744, 0x2, 0x100}, 0xb) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f00000009c0)={0x1, 'sit0\x00', 0x2}, 0x18) ioctl$VIDIOC_ENUMSTD(r2, 0xc0485619, &(0x7f0000000a00)={0x1000, 0x800000, "dc68a5636010d9a3861a246f818c77675955342943b90719", {0x4, 0x9}, 0x1000}) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000a40)={0x3, r2}) ioctl$DRM_IOCTL_CONTROL(r2, 0x40086414, &(0x7f0000000a80)={0x0, 0x1f}) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f0000000ac0)) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000b00)=0x7) ioctl$SG_SET_KEEP_ORPHAN(r2, 0x2287, &(0x7f0000000b40)=0x4) ioctl$VIDIOC_DECODER_CMD(r0, 0xc0485660, &(0x7f0000000b80)={0x7, 0x1, @raw_data=[0x7, 0x7, 0x2, 0x5, 0x9, 0x3, 0x2, 0xfffffffffffffff7, 0xe61, 0x3, 0x1, 0x2557c00000000, 0xffffffff, 0x421, 0x800, 0x9]}) setxattr$trusted_overlay_upper(&(0x7f0000000c00)='./file0\x00', &(0x7f0000000c40)='trusted.overlay.upper\x00', &(0x7f0000000c80)={0x0, 0xfb, 0x7c, 0x7, 0x10001, "a4f1915e5485487bbf896f78492b177e", "deda4c2dbf550b465de475c3a8db6acfdf2452c8b79170a5bf2d15c0da5dfcf5194bb2e22615a3fa29302110ab927067c94e6ed674ff528c2231e67226766907302f4fdf5931188f35b9275291802a1f325d35b8435cc591734ad78c138e431bab372e105f5ed5"}, 0x7c, 0x2) timerfd_gettime(r0, &(0x7f0000000d00)) 12:38:12 executing program 2: r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x6, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x10000000000) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/raw\x00') setsockopt$RXRPC_SECURITY_KEYRING(r1, 0x110, 0x2, &(0x7f0000000080)='!.\x00', 0x3) r2 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x20000) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000100)) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000000140)={0x0, 0x0, 0xe0f, 0x0, 0xffffffff}) 12:38:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) 12:38:12 executing program 3: socketpair$unix(0x1, 0x80000000003, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$pfkey(0xffffffffffffff9c, 0x0, 0x4000408101, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xfffffffffffffffb}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r1, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x1ffffffffffffd) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x1) 12:38:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:12 executing program 2: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) socket$inet(0x2, 0x3, 0x1) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xffffffffffffffff}, 0x4) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) 12:38:12 executing program 3: r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) r1 = getpgid(0xffffffffffffffff) syz_open_procfs$namespace(r1, &(0x7f0000000000)='ns/user\x00') unshare(0x2000400) ioctl(r0, 0x82000004141, &(0x7f0000000040)) 12:38:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) 12:38:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 242.883265] protocol 88fb is buggy, dev hsr_slave_0 [ 242.888845] protocol 88fb is buggy, dev hsr_slave_1 12:38:13 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x2000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000200)={0x8, 0x1, 0x8003, 0x401, 0xfffffffffffffffa, 0x100000001, 0x5, 0x8, 0x0}, &(0x7f0000000240)=0x20) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000280)={r2, 0x4}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000080)={0x0, 0xfffffffffffff001}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={r3, @in={{0x2, 0x4e21, @remote}}, 0x5, 0x2, 0x8, 0x6, 0x2}, &(0x7f00000001c0)=0x98) setsockopt$inet6_MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x40, 0x1, 0x4, 0x80000000, 0x8001}, 0xc) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x8982, 0x0) 12:38:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) [ 242.962929] protocol 88fb is buggy, dev hsr_slave_0 [ 242.968515] protocol 88fb is buggy, dev hsr_slave_1 12:38:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 243.282693] protocol 88fb is buggy, dev hsr_slave_0 [ 243.288275] protocol 88fb is buggy, dev hsr_slave_1 [ 243.407523] syz-executor.2 (10604) used greatest stack depth: 52936 bytes left [ 243.451850] IPVS: ftp: loaded support on port[0] = 21 [ 243.522841] protocol 88fb is buggy, dev hsr_slave_0 [ 243.621469] chnl_net:caif_netlink_parms(): no params data found [ 243.685508] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.692115] bridge0: port 1(bridge_slave_0) entered disabled state [ 243.700203] device bridge_slave_0 entered promiscuous mode [ 243.709577] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.716150] bridge0: port 2(bridge_slave_1) entered disabled state [ 243.724439] device bridge_slave_1 entered promiscuous mode [ 243.755744] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 243.768105] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 243.796553] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 243.805028] team0: Port device team_slave_0 added [ 243.811304] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 243.819763] team0: Port device team_slave_1 added [ 243.826324] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 243.835655] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 243.916533] device hsr_slave_0 entered promiscuous mode [ 243.972749] device hsr_slave_1 entered promiscuous mode [ 244.013404] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 244.021016] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 244.052049] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.058549] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.065678] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.072225] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.158990] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 244.166082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.181086] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 244.196266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 244.205654] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.217319] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.227798] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 244.250151] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 244.256439] 8021q: adding VLAN 0 to HW filter on device team0 [ 244.275112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 244.283591] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.290050] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.338254] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 244.346887] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.354001] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.364056] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 244.378682] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 244.387326] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 244.409740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 244.431750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 244.448297] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 244.454533] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 244.479303] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 244.496376] 8021q: adding VLAN 0 to HW filter on device batadv0 12:38:14 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = gettid() waitid(0x1, r1, &(0x7f0000000140), 0x8, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfffffffffffffdf4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$mice(0x0, 0x0, 0x0) uname(0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, 0x0) pipe2(0x0, 0x0) sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, 0x0, 0x0) shutdown(r2, 0x1) recvfrom$inet6(r2, &(0x7f0000000000)=""/31, 0xfffffeb2, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}, 0x1c) r3 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet6(r3, &(0x7f00000000c0)='A', 0x1, 0x0, 0x0, 0x0) setsockopt$inet6_opts(r2, 0x29, 0x37, 0x0, 0x0) dup2(r0, r2) 12:38:14 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0) 12:38:14 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:14 executing program 2: r0 = socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/sctp\x00') bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={r1, 0x50, &(0x7f0000000140)}, 0x10) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'teql0\x00', 0x4}, 0x18) accept4$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, &(0x7f0000000080)=0x10, 0x800) write(r0, &(0x7f0000000000)="2400000052001f0014f9f407004904000a00071008000100feffffff080d00ad40f700000002000000000000000000000000", 0x8456ce29) [ 244.800808] IPVS: Unknown mcast interface: teql0 [ 244.830821] IPVS: Unknown mcast interface: teql0 12:38:14 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0) [ 244.856309] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 12:38:15 executing program 2: r0 = timerfd_create(0x800000000000000a, 0x0) unshare(0x22020400) r1 = dup(r0) r2 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="56074dfdbc06662d8d17142bd5bfb7fc582ac7c3e6903e9d6d05a5c1083f56f9231f1d57c03d960e35287f40500b440a559fa34c5901d3220c906dad4e10c49cfec191bb76ec1220771f73608a06a66c0dfdfe6aa6a399195b", 0x59, 0xfffffffffffffffc) keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000280)={r2, 0x4be9, 0x7a}, &(0x7f00000002c0)={'enc=', 'raw', ' hash=', {'wp256-generic\x00'}}, &(0x7f0000000340)="7e1085be670c99030c612a1ec8df181a05e33749574f37d02c9e3767ab5ba71ab158854abd8da268ef55a3ea4923b2bbe351818f232721427a2a", &(0x7f0000000380)=""/205) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0x40085400, &(0x7f0000000000)) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000040)={0x0, 0x565, 0x20}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0)={r3, 0x72, "51b7d0294d75f3bcd41cc79a19a69459c106f2699aa181b375638bab9b8e1c098540c62623a96022fe268ef7c0c394f55ac5fc5d4b49d0f6d009870793a9b26fa0fb194027ac33e0da6f10d0791e6e9f76f060d62ab09d8057c36e7b6f91bb1e96d6ec6c541583616fce28037d08f2af9ec2"}, &(0x7f0000000140)=0x7a) 12:38:15 executing program 3: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)}}, 0x20) r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f00000002c0)='X', 0x1, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000002440)="bd2da453f568ada14adacb60ec721e0a9e7cc39eb1705c169cade5940a1a0dd0520eb190340fb75774cd31479cb5747b80681d0811ae946d8183d05eb24436a886e3eeb46833f96ca9292f3ce3c3c2de375bcf606f780516c43dab12ae305922846fba6addcfb294d1bdf5f4491c8a853638b83bd2e62b63bd9005771ad8c6011c6ccc7538104e9590748603954ee414f8ac6486534bd776eb2883f49bc13a84e2d2e0d7787cab3092f657daf3a7df7680b28ff01f836549d461ff5a0e6db30849", 0xc1) r1 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f00000000c0), 0x9a, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f00000000c0)={r1, r0, r1}, &(0x7f0000000300)=""/240, 0xf0, 0x0) 12:38:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:15 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0) 12:38:15 executing program 2: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x800, 0x0) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000040)=0x9, 0x4) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x408040) r1 = socket$inet6(0xa, 0x80003, 0x1000000000000002) sendto$inet6(r1, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5}, 0x9}, 0x1c) 12:38:15 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x101000, 0x0) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000080)=0x2, 0x4) r1 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000380)='/dev/capi20\x00', 0x0, 0x0) unshare(0x2000400) ioctl$CAPI_GET_PROFILE(r1, 0xc0404309, &(0x7f0000000000)=0x4) 12:38:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:15 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, 0x0) 12:38:15 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x141002, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000140)=""/148) unshare(0x20400) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0x40045108, &(0x7f00000000c0)) 12:38:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:15 executing program 4: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000351ff0)=@ipx={0x4, 0x0, 0x0, "a074edebb7e1"}, 0x80) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000e6a000/0x1000)=nil, 0x1000}, 0xfffffffffffffffd}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f00000b2000/0x3000)=nil, 0x3000}, 0x5}) syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x2) 12:38:15 executing program 2: r0 = gettid() r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x3f, 0x4000) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000040)={0x0, 0x9ba9, 0x4, [0x1000, 0x6, 0x3, 0x9]}, &(0x7f00000000c0)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000100)={r2, @in6={{0xa, 0x4e23, 0x80, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x80000001}}, [0x8001, 0x0, 0xb90, 0x80, 0x2, 0xb3d6, 0x7, 0x7fffffff, 0x5, 0x5, 0xffff, 0x6, 0x40, 0x3]}, &(0x7f0000000200)=0x100) r4 = syz_open_procfs(r0, &(0x7f0000000080)='net\x00') mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffc, 0x13, r4, 0x0) r5 = socket$inet_dccp(0x2, 0x6, 0x0) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) read(r6, &(0x7f0000000140)=""/11, 0xb) semtimedop(0x0, &(0x7f0000000180)=[{}], 0x1a9, &(0x7f0000000340)={0x0, 0x989680}) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000280)={r3, 0x80000000}, &(0x7f00000002c0)=0x8) syz_execute_func(&(0x7f0000000240)="3666440f9bf56664400f9f3241c3c4e2c9975842c4c3654c69000b3e0f11581010196f048fcdcd027d1eae34bc00000f2902") getsockopt$IPT_SO_GET_REVISION_TARGET(r5, 0x0, 0x43, 0x0, &(0x7f0000000440)) write$UHID_CREATE2(r1, &(0x7f0000000480)={0xb, 'syz1\x00', 'syz1\x00', 'syz1\x00', 0xe1, 0xf62, 0x5, 0x0, 0x8, 0xfffffffffffff2e1, "1416a0188b754549dffa8e112a180b239f5357b5b057d89fb6a338b1524799213090fc43dccf9b0138768d9bfa9865720a4dd2a50e42575a7df323b5d9c52e56e2bd729313c6325a6c4b4fb47fad23a0e5ffc9ef0cd662c1d255fb340de5451deb8164a9f27dda66d231846544a09dd4c408ff43cdf59df5b64ae7f8fa6a86eabc00ed7bafd7362d0b407464026f78c755772749bd6230bb166bfb75ac4aefa87d86794d80134a8e861d0e1da85ce3eec3055105199eec6a4999270196c4f4279b4697f76507201ea5a894b21494049d8853e4a17ace3a1f16dd6d18f659925482"}, 0x1f9) ioctl$EVIOCGBITSW(r4, 0x80404525, &(0x7f0000000300)=""/8) 12:38:15 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, 0x0) 12:38:15 executing program 4: r0 = syz_open_dev$vbi(&(0x7f0000000380)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000000)={0x0, @bt={0x6, 0x3, 0x1, 0x3, 0x1, 0x7, 0x7, 0xa3a, 0x80, 0x80, 0x5, 0x1, 0x80, 0xade, 0x4, 0x11}}) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000300)={0x0, 0x6, 0x4, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "63c30fdf"}, 0x0, 0x0, @offset, 0x4}) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000200)={0x7, 0x7ff, [{0x7f, 0x0, 0xc00000000}, {0x1, 0x0, 0x10000}, {0x100000001, 0x0, 0x8}, {0x4ac, 0x0, 0x5655}, {0x9}, {0x1, 0x0, 0x87e7}, {0xfffffffffffffffa, 0x0, 0x3}]}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x3ff, 0x1, 0x0, 0x7, [], [], [], 0x1ff, 0x7, 0x800, 0x9, "2a4866f1163f8a8f41772da1300ac340"}) 12:38:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:16 executing program 3: r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/userio\x00', 0x800, 0x0) readv(r0, &(0x7f00000002c0), 0x1) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x400, 0x0) setsockopt$inet6_buf(r1, 0x29, 0x32, &(0x7f0000000100)="a75db39dfaa05b3bdd835d9e7d2cd7f10efc71436b097ff679019b0e18eb00e822e41695c421043a025014a74ab9ed3c452b7dc1ae831eb318c9651a4a193c7ddce78c30634f7d8ba16439965008d76a446c6ba8788f75007275f869aa28704963cd99a238ae12b04e082d5c56edf23b4a21c041f866657d4ece45509afd417782219d04202c1255cae954b1c6b1df682de832c0bdfb2e0b0fdca90c0e388bf27ce074e264f2f73e5bb1a92fb9682184", 0xb0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0xd, 0x5, "8f44a2ec421fde798ad2472c3328b0b18222422855a6b2bfd774032eb8096fd5c20c918fb90c6a728e5e4d45575e83968085256647df8b445d59a4612c1c6669", "42577163a29a0b82d2da559bf816a5befb0854c731a50e89f23ffe9e51f59b82", [0x10001, 0x4]}) openat$cgroup_int(r1, &(0x7f00000001c0)='cpuset.mem_exclusive\x00', 0x2, 0x0) 12:38:16 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = socket$inet(0x10, 0x20000d, 0x3f) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)="240000002e0007041dfffd946fa2830020200a000a000000001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3eb7b6268e3966cf055d90f15a30000000000000000000000", 0x4c}], 0x1}, 0x0) 12:38:16 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, 0x0) 12:38:16 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0xffff, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000140)={@local}, &(0x7f0000000180)=0xc) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$getflags(r0, 0x401) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, &(0x7f00000001c0)={0xf5, 0x8, 0x3f, 0xba2c, 0x9055}) fcntl$addseals(r1, 0x409, 0x4) r3 = socket$kcm(0xa, 0x805, 0x0) sendmsg(r3, &(0x7f0000000680)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @remote, 0x3}, 0x80, &(0x7f00000008c0)=[{&(0x7f0000000800)="cf", 0x1}], 0x1}, 0x0) sendmsg(r3, &(0x7f00000005c0)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @remote, 0x5}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000200)='o', 0x1}], 0x1}, 0x0) close(r3) 12:38:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:16 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x440002, 0x0) ioctl$PPPIOCSMRRU(r1, 0x4004743b, &(0x7f0000000180)=0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r2 = socket(0x400000000010, 0x3, 0x0) write(r2, &(0x7f0000000000)="2400000018002551075c0165ff0ffc021c14000000100f0504e1000c0800160000000000bc0000008f3943793a5ea67658cb22d90000000000000059b97dc8f8b550e66a2bff77c4931da84157f7a733686a22fd8169f6b6b4f464e0c05df670d851f785ea2b85d32b3583d87124da3bb0b9e2cc000000dcce1fb4ac2cbd48c8378a3ad82a5b83c01295723da595c4831f65123819e204853d48a5a6bd525801d5cae983cf4544a9c4c396f36e85787a8efc32e0015c85ead2b748bc6a5fefc4e53543f9f65e3da31a110af1acb78ce510c7a70723741b34981d1b182deb7904", 0xe0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) ioctl$VHOST_GET_VRING_ENDIAN(r3, 0x4008af14, &(0x7f0000000040)={0x3, 0x9}) 12:38:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) 12:38:16 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x4) mq_getsetattr(r2, &(0x7f00000000c0)={0x3f, 0x3, 0x2, 0x0, 0x8, 0x3deb, 0x100000001, 0x7ff}, &(0x7f0000000100)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local}, 0xc) getsockopt$EBT_SO_GET_ENTRIES(r3, 0x0, 0x82, &(0x7f0000000340)={'filter\x00', 0x0, 0x0, 0x49, [], 0x0, &(0x7f0000000240), &(0x7f00000002c0)=""/73}, &(0x7f0000000000)=0x200003b8) close(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) dup3(r0, r1, 0x0) 12:38:16 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x5, 0x529, 0x8000000001}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x3, 0x2, 0x100000000, 0x8f, 0xc, r0, 0x8001}, 0x2c) bpf$MAP_CREATE(0x2, &(0x7f0000000080)={0x3, 0x0, 0x77fffb, 0x0, 0x820003, 0x0}, 0x2c) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r0, &(0x7f00000000c0)="ad", 0x0}, 0x18) 12:38:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:16 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) sendmmsg(r0, &(0x7f0000007e80)=[{{&(0x7f00000007c0)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1}}, 0x80, 0x0, 0x0, &(0x7f0000001980)=[{0x10}], 0x21e}}], 0x1, 0x0) 12:38:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) 12:38:16 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r1 = dup3(r0, r0, 0x80000) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000280)=0x0) ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000080)=r2) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x26}}}, 0x4, 0x6, 0x20, 0x0, 0x2}, &(0x7f0000000000)=0x98) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000440)={r3, @in={{0x2, 0x4e20, @local}}, 0x8, 0xa8cc, 0xfffffffffffffffb, 0x100000000, 0x2}, &(0x7f0000000100)=0x98) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000180)={0x14, 0x88, 0xfa00, {r4, 0x10, 0x0, @in={0x2, 0x0, @remote}}}, 0x90) 12:38:17 executing program 4: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x6287, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x1f, 0x81) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000100)=@req={0x5, 0x80000001, 0x1}, 0x7) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f00000000c0)={0x0, 0x4f565559, 0x280, 0x1e0}) getsockopt$inet_mreqsrc(r1, 0x0, 0x0, &(0x7f0000000080)={@empty, @multicast2, @loopback}, &(0x7f0000000140)=0xc) 12:38:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) 12:38:17 executing program 2: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write$FUSE_NOTIFY_DELETE(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="d99d493c"], 0x1) fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f00000000c0)=0x3) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f0000000080)={0xffff, 0x32314247, 0xfffffffffffffff9, 0x0, 0x3, @stepwise={{0x4ac9, 0x8}, {0x80, 0x100}, {0x6, 0x9}}}) openat$md(0xffffffffffffff9c, &(0x7f0000000100)='/dev/md0\x00', 0x40, 0x0) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000140)={0xf, @sliced={0x1ff, [0x5, 0x9, 0x3, 0x8, 0x7, 0x9, 0x58d, 0x8, 0x6, 0x6, 0x1f, 0xfffffffffffffff8, 0x3, 0x4, 0xa582, 0x7ff, 0x7e07, 0x8, 0x6, 0x5, 0x9, 0x9, 0x8, 0xffffffffffffffc0, 0x8000, 0x3, 0x6, 0x1000, 0x9, 0x100000001, 0x1, 0xffff, 0xfff, 0x0, 0x1, 0x7ff, 0x800, 0x1, 0xd5, 0x63d67498, 0x0, 0x1000, 0x5, 0x80000001, 0x5, 0x2, 0xff, 0x401], 0xfffffffffffffffd}}) writev(r1, &(0x7f00000000c0), 0xfffffffffffffe2) 12:38:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:17 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) prctl$PR_GET_FPEMU(0x9, &(0x7f00000000c0)) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x400200, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x400, 0x0) r2 = getpgid(0x0) write$cgroup_pid(r1, &(0x7f0000000040)=r2, 0x12) recvmmsg(r0, &(0x7f0000002d80), 0x400000000000368, 0x1a002, &(0x7f0000000180)={0x77359400}) sendmsg$nl_generic(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="14001900dc0000000000000000000000000000004b2df7e88fb001a7f0da25158b58076c625c75a412bffb545ea996085b68b6ac346a56007062efb4d198007a97bb35868118134842e94f4a5ae58e09eeee937eb05eadebfbd6f6488db2d968c929517bb5882883b28ddda6d9f3d87eb4b68ee4e8ed32588906ddc89b1ba1e7ea3b340fa5938a150cc97c11eb365592325b847ea5a715bb194c0c64c52a82dd39b79a1a0f8c73e3da4bff693c880bb30cc5f0f3bfb3f6ae3251c05c6d"], 0x14}}, 0x0) 12:38:17 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) wait4(r1, &(0x7f0000000080), 0x1, &(0x7f00000001c0)) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001100)=ANY=[@ANYBLOB="2c0e00001d00fbff00000000000000006b000000e789e3b5958cb5206c303dcbf6bb23b03ef599277519d86cfff83cb23d161ec73e1c1c2218985a67622601ecb739411e93f5f05469773ee4fe1e860922731efabfb414cba1659ea27266df8b3d4408b018448c0d8145c61a2e82c64dadb3bf6b57825e0e02b56526990d3a54fb228062a4bf0d0fbe322320886538138b1a81db682830ac7873d82aa25fb5a1c7b8f409d606c00265b9c359fa4abbee144fc51d5ab407f123c4860a667e568b70ec1bffc81f03204b72be7e5fbfd32148576f506f35e49b40ddd6089754cec84e742c9f0baa1238bae83d0255e523aadee8b3603cdd8ddfb1c77400c3233a7d7143f99b8c42567674b782ad32b8e0d582daa02a9824a6c8aaaf0b3f4d6734cc9f13d740e352b7b8751a1639e13ddb5f0e90ca04fe25d3ec4ddf2fc53c3e71f88125a9fcfadf225b3eeb4c6cedd8127468d01335fdb2f0753e4698342f7f7c678532b058bd8865485e4826c8568092a244e88a8c8c989b5dd2914517765c4ca8bb33fc90e4d535a07e571cf0335007239c8c3ac71a24a1fe104c051e658b5fc3b22ff233b322cc1660146abe1642008880fb7fc35bad22c2372633b196f16ff746eddf792ddf1eec677f1b831286011f02af542401a7be9c19af95c29449917c6a7b3a5c1b4211e6fc60a0a817f5560a53abc6f65598f767b0fc1c816f6a81b87f7f14e7f5f3b68a47552fa6588130694a8a437aa89c57eb04938e712586eb49ae0e48d469f46787b6f307c4fc9cfd635ec9c7616f533dea68ac34727b0dd43e37cb4b65bd5f8d93f3b26a57b5815b3a334207ccb7b5513f7add23ecd73d9ad623064cbb2bbb517d7bcdc797fae5802d1eed8298e2a13dfad5136992f9934b885e6898c88125c01076abfd4510b30f8abfd9fa3bac00f74d38d9be7e16343dbf5dddaacebd0b790b754e30033ceb958236d029b1e8c8ee6e7cfeb6dd25f6cd3ecc88ac9808e8baa308fe4161345c3e1dab065837fb8ced21a2cda5b5914ddafc418211f9e30eb77dcf3cd01d27cd5d1c97eb57a2854bee8a5ad48a4207cc961dc347b59dfc169a5c21735616cc2a599608459c6f9bfde4da4ecd5f9524af0da05665890b99acbda25dc212ee31f8a834a01e5eb7094d90a7648dfc9f18ca654bd88b68d30c818bf8d2a5ae89589fb7b326ea2b88434b3f3f5a67b22e7befffcc7d2dde930f0d2cc6f6fc8a56a5b8121db1c431e5dfd184fb2c860d14ff2fb22041f52d65eb9a5ab315eb4c4ad0d5f35919286d97ed55120ef0a6703a8482ab90b068d6f41ace5b35398446ab5729a9a6907113a880ae80b7520e836083b8531bb4e729e73a4d104db6a3c70c5db799122757143831a3458d344e16b7be8105fa50a7963d0c312c6c78bebdd906987076897c4a2c1d850dc8c9d45a35a987900f4c891f0bc551624e9ec593a08408541719430a114a1fd8d2835425ec073b22a083e8beca4ebae94c596a51721b25cf0f50ab898ab35849d651f385a738c27412b0db7b7af91b348c08053613946fd5b9f79f81be6b03e93cf4ef261ef4d95836323bd1217cf9d686948a0d0bafab594956c1a8873066f8305a856eb0dc9001c12cf9989ada47593bee344b09b1fc9311e908579db92884c25f495ec857a4132a24658e2af77be905c05afe25bbe0bcdfd3b7358daa6b0ed6125d701de8f200ccacdc2d3e63d12bfb8519a57d4604e6720937800c887747e5602036c0a0a840f77abf1f965df2b3bc393293276ace0bc4d44ae3433d047e6545373dd40e4357ce53334a073796908216fad897213f09c7e0763a07d3b3c0df4d54a2b8975147219fc5db12f905c3e0d1c4b65a494658cea6dc1fba573cdc8b19ff20e2bff622109262a46d996bd618132110ad7495df0cfd077d00c6e7a58e6192473edf2b8d9900ac3c7dd406600ab04a06f3494e6f617bceaa6c1e60d32454f42031babc4bafaee0cd4233ed0856f36c739fa885c5a2df8bb1a2e76aefbec9ead363d416486b9c52dc631e442157680ed3b6680f573a1550edd17636ba446c73887915baac3a0db24b449bd63104d29db315d5fb0fb191ddc20d10e8cd5882932da4acf8242767369d6ba6e32b5cd1ad6a069694025920e7570dec6f00a362a96d18a9165fbb2dab3ffd12993ab7e98be395fdb7e9e73f66dccbb6b74ee3919a5a5c50755abeae095e7455e40077821461006f30636f78b4fd0db63e93f72fe87c75db4e41a9763d1a2ceb84a8544ad7d8267a306cab8ddd8ec1f2a733a0ed6d57ba3404a42c951d12425229364354f433cc473442a6dd0bbe869dadd9e35fd6370d2e6ceef3493a99f92607ad2d8fa5673c5789cc9c5b376a819b7dc35a497814ab621d98757d5b06aabd1cf7f7c300fd67d3aad03f0a1d114866088015468f2dc890c0458a75e77169cb4cbd4fce7a7f38246e0403fcb5397baa94068b8a414e90a6d7bc3cab2a779c546923bb8ccd9cdea13f0a0e30bfd356942aa58aa63076c2aba9bf27beae124e88d574c1fe61ce29f866f532726239ea68206f4d145aa9cc87fd8496c46da5409de1b3d4fc3617a16136e763f52f15e7ec9cca6197b8d502a9af27de2e984b5bff69fbcc2ac20fe743e61315f3598057316ae9ee8c88abe66ad1ffbfdfd8e5c658832a4a9ac60579f93ecb84a2d024e6f612088398f6acca1e8f56e16bb81eb78c608eaaa816308054873a95d068f5f0350293c72caf882632799a5ffeffa504ec7195d67c5a2588414129967cfb5bcc9263ab588a0b3edd936044d1ec469be54ec61230604c827616ff21c15920548fca9f711243efab39f5701eb2e3c9f86d68b3eafaf8fee0f6156b7a9cc75ccc5f074328eda65f3171f5e9aaa6610c22f29ab5810d997ae6ded103e4d578ac808885431ae13587dae4e4a5a102e4bda7d4c09a2542ebc8707ec797af1574867ab5286a39356729dbc499865e4f9a929bbcca17f99b0f01be6b96ab0947c586a637ca000d5e7597dab8fda2a241c0335692f16b22d3796f1da99e54b93f26bba49b7da766bbe4f52255ee53fd7a8e004579caf6898b97faf61cfa82fecf9669c5d4f61f58bd92258b0bcf9530b0d2ea95e074de57de9e04d602579e25283d8dc197ab20118344d3145a8de56ebfb38f3eadf6c8a6ff4cbdd88611d50621dcaacd389228aa7207985ab1e304f36bfcf2197b9777cc00b7aa2b03c3c10c79ea4e4b93ea2c0d34720da94214ade0f7f7ce078a7bfe3bebeda4c7041cc528b5c3725488fa1bcbc89dc742769f168d59bce9154bd54292e95bb4bfff52e8a99db81e385168c726af833958175683d35a40ec22ce1e4c26c60304087c04a4958e0e6ee830e66fa2a0cb85c4691556d3c7f6d8d42f0d3fc10bbf44c1d31ff2d514a4f91dbfb261b9372d223ba4a723eb7daccbfb417d317b62f1fc96848cd5b7f2aaa4e73116945821446cfca0cc21602d67e1c4c53ef1ec8280a20ccff2e2ab24095242c64b5dcce46649eb41d4565e04002253191ad56aab49494c0d98586a118fd77534c0ff4b3ff5f988f61568b772dafb62599921d253883719af381d9ac4d3f1e24f7e2b3ff8b040d15d7d5e210b788f5337048002898f9795eb843e435df3539b99ed2756c5f72b815a64609615fc5f58a34f0d4c2c141f3e5976c1d8e6791179e0eb4654d6d807eeb46f709b8c67b08ca10553c11fad64306d83d020463acd263575fe65af4af69b306083e5687d3c1ab264956df92b4b73766059722821f6939a28a578c0f5bad24bcede59d7a4a4ff9ea1023c56395f03268024acb767e28ccdc1300aeb2452854560b1491030672302d7924bd56926b30e198fc54c50621a5b5a0a7294236b585fe533326e30465383f28a958d9585c0a4bed1c081914fa16c9f3a6195d3f811d4513f2b4a8ae339ec15837813374ddba0d05979f1de65791343e84469cd6cae69d2572dd609ddfd864228fca2875e983a26ff571503475da3f223d0f2fdf6ec320091629426a383cfb293306b8173bfc998ebcbfa8053c56fd0215e6a2cd4d9938c1158b7460c80030ab1767cea85dbb24377cd1288342c57a6441b64c8176abe97c7284e322772ed3991c48e640e68efb95b9fb1301a035d2904acfa52e83589c2359c04117caa52997b8e215dadd80b9d37a5808727dd57b5f7860fb0794b26f59f71d37d6ae69549c5d4a07932c06e754721ecb0fcede76cece91f9c5ffe873d26cf87570fa6db2e79fd47a9c865761e9795eca55e688e289aad810a4150bce63c023ce4824c38f02c1019887d9df90667d4836bcf4f358ce2a5d9409f2fa0650e4a65745e0885e335caf08ed7bff0301db4faba6f26e9c8177f5aa78780ec5441d4c2c14c91aab18a7c3a038dce6266c191aed31c9d0cc5c7fbe7dd5b6f2223310c9e4e088ade1e093ef82e00c5bce20b3c97b0f74c52608710978863152eea47f7d09c17ccc2422b835ec1bb6a055885ee7e142953f3489ef25ba3616dc0930968ebde453a41b6a0c584e1ccf9af6aad7cf1dae984990709ec29aec55e65ada28b679f348c0ec538c8a6ab6886975008e6aba1a39f5c94ae741f96156320f15bb09f28cbaf517cd9e5146b10d65ee1af4ef07deaa9cf81a63af3017c133454786f3990a5fc0a9164f0e6e00e67d1e193f3691e714f0e69fb17346b0dc3fdab4f7704ea8ed127c8d8b70efff3ad48302a5b9bc78eb9639055caee5ce737a424628be5400df219745da414df672c3fbd14c3651263b831e512204f3315611fa1920b1c910c08b28f3eda3335b9fb3f7b9d22ea04c71ccec663730c64dd6a971310e24574ae7e8f7b5d2a97f5219d3c2e425dfb18fabbbee5131e8055aeee6b96ba19152298f90587780973ce632a05ab5e04e83ea3b40a62150af259ba6086c0c265c3fe5bec8e4a7d86d6ae8978a1dc7ab5149bcb8c3252e09c90be15261e5f785619d21391d9ed583dd92dfe051d7c900de0b92c28d85529d438fca19998947eb45f6d283d434b10c798a1da87b16bfaf8f6616efcb2021774a1602c345d71526671d4040799d33d9b91672b7b3945cd3c2701d7763e14b1f8546efd7bea6f00b1b3aa6e6ae8dc8d27255084dfd77e7702e52283f1c29e7b7be42728b59ccf4383be9e1ffd2235b672748fee8ae3c3eb76843862fd0fadc84a7b6f4064f9c6fe6d062349afbd00ec1cfff3319c7e41a1993d6f8f797bb3000000000000"], 0xe2c}}, 0x0) syz_genetlink_get_family_id$net_dm(&(0x7f0000000000)='NET_DM\x00') 12:38:17 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, 0x0) 12:38:17 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key(&(0x7f0000000180)='id_legacy\x00', &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$link(0x8, r1, r2) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f0000000100), 0x12) syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x80000000007, 0x84200) r5 = socket$inet6(0xa, 0x803, 0x3) clock_gettime(0x7, &(0x7f0000000000)) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x7ff800094, 0x0, 0x4, 0x1}, {0x6}]}, 0x10) [ 247.354844] netlink: 3608 bytes leftover after parsing attributes in process `syz-executor.3'. [ 247.413204] netlink: 3608 bytes leftover after parsing attributes in process `syz-executor.3'. 12:38:17 executing program 2: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0xff08}, 0xfffffd63) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={r1}, 0xc) 12:38:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:17 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, 0x0) 12:38:17 executing program 3: rt_sigprocmask(0x5, &(0x7f0000000040)={0x810000002}, 0x0, 0xfffffe00) r0 = memfd_create(&(0x7f0000000080)='posix_acl_accessposix_acl_access\x00', 0x7) ftruncate(r0, 0x100000000040001) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x208000, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000000c0)={0x0, 0x3, 0xa, [0x1, 0x93, 0x9, 0xa045, 0x10f, 0xbfbe, 0x4, 0x3f, 0x7fffffff, 0x4]}, &(0x7f0000000100)=0x1c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={r2, @in={{0x2, 0x4e20, @multicast1}}, 0x6, 0x8, 0x8001, 0x4, 0xb9}, 0x98) 12:38:17 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, 0x0) 12:38:17 executing program 2: unshare(0x2000400) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0x2c0401, 0x0) ioctl$UI_GET_VERSION(r0, 0x8004552d, &(0x7f0000000200)) preadv(r0, &(0x7f00000001c0), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000000)={0x80000001, 0x5, 0x4, 0x0, 0x0, [], [], [], 0x6, 0x9}) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000140)={0x2, 0x0, 0x0, 0x80000000}) ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f00000001c0)={0x6, r1, 0x2, 0x9}) 12:38:17 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x8010000000000084) fsetxattr$security_capability(r0, &(0x7f0000000040)='security.capability\x00', &(0x7f0000000080)=@v2={0x2000000, [{0xfffffffffffffff9, 0xfffffffffffffffc}, {0x800, 0x4}]}, 0x14, 0x3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c) close(r0) 12:38:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000000000000"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:18 executing program 2: r0 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0xffffffff, 0x20000) openat(r0, &(0x7f0000000180)='./file0\x00', 0x101082, 0x40) r1 = socket$inet6(0x10, 0x3, 0x0) modify_ldt$write(0x1, &(0x7f00000001c0)={0x600000000000000, 0x20101000, 0x0, 0x4, 0x3, 0x100000000, 0x1ff, 0x0, 0x4, 0x6036169c}, 0x10) sendmsg(r1, &(0x7f0000002fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="5500000018007f4812fe01b2a4a280930a06000000a84306910000000b00140035000c00060000001900154003000000000000dc1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4faba7d4", 0x55}], 0x1}, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000000c0)=0x8) 12:38:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0) 12:38:18 executing program 3: r0 = socket$packet(0x11, 0x4, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000380), 0x4) getsockopt$packet_buf(r0, 0x107, 0x12, &(0x7f0000651000)=""/240, &(0x7f00000004c0)=0x1c7) r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x2, 0x0) ioctl$SCSI_IOCTL_SYNC(r1, 0x4) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4000, 0x0) ioctl$SG_SET_KEEP_ORPHAN(r2, 0x2287, &(0x7f0000000140)=0x3) 12:38:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 248.340420] netlink: 'syz-executor.2': attribute type 20 has an invalid length. [ 248.348250] netlink: 'syz-executor.2': attribute type 21 has an invalid length. [ 248.356438] netlink: 13 bytes leftover after parsing attributes in process `syz-executor.2'. 12:38:18 executing program 4: clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffff9c, 0xc058565d, &(0x7f00000000c0)={0x7, 0x2, 0x4, 0x20800, {r0, r1/1000+10000}, {0x6, 0x8, 0x8, 0x4, 0x100, 0x45b9105a, "9227b4f4"}, 0x0, 0x3, @fd=0xffffffffffffffff, 0x4}) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000140)={0x0, 0x0, 0x5, 0x0, [], [{0x0, 0x5, 0x8, 0x7f, 0x9, 0x200}, {0x8, 0x3, 0x4, 0x100000000, 0x6e0, 0xffff}], [[], [], [], [], []]}) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000800)=0xc68) r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x0) gettid() getpgid(0xffffffffffffffff) getpgid(0xffffffffffffffff) r4 = getpgrp(0xffffffffffffffff) r5 = getpgrp(r4) getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000540)={{{@in6=@loopback, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@dev}}, &(0x7f0000000640)=0xe8) lstat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$unix(r3, &(0x7f00000007c0)={&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000400)="0e4d379b292197b85e74d106fd91b1497b009a4c18608065e54968760d1af57d20f443d73b1935863e3419b339bcecc6bc1568b0799dbf32e7835b867e733efe723f52552dba5e9737ce43fc482d49524f9534ba1d5e3674b13d12b4d9caa728ac376109cdb2c0a96ad1f4cd00df519c442eb716e2ed9e93ff48d759be64bc998beccc8049283a27b8313fafe0d87c21c6b048402c92af7decf68ca697f94bd15ed8471f9f715e7821cc55713f3e3bf826d757eb08c55de1d1f8b0634465ecfb912802857f", 0xc5}], 0x1, &(0x7f0000000740)=[@rights={0x18, 0x1, 0x1, [r2]}, @rights={0x18, 0x1, 0x1, [r3, r3]}, @cred={0x20, 0x1, 0x2, r5, r6, r7}], 0x50, 0x80}, 0x0) ioctl$PPPIOCSMRU(r3, 0x40047452, &(0x7f0000000340)=0x1000) mmap(&(0x7f0000000000/0xf50000)=nil, 0xf50000, 0x1, 0x32, 0xffffffffffffffff, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000000040)=0xffffffff) ioctl$int_in(r3, 0x800000c0045002, &(0x7f0000006000)) 12:38:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0) 12:38:18 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$DRM_IOCTL_AUTH_MAGIC(r2, 0x40046411, &(0x7f0000000040)=0x200) sendmmsg$alg(r1, &(0x7f0000000240)=[{0x0, 0x0, &(0x7f0000000200), 0xe7, &(0x7f0000000100)=[@op={0x18}], 0x18}], 0x1, 0x0) [ 248.490717] netlink: 'syz-executor.2': attribute type 20 has an invalid length. [ 248.498393] netlink: 'syz-executor.2': attribute type 21 has an invalid length. [ 248.506075] netlink: 13 bytes leftover after parsing attributes in process `syz-executor.2'. 12:38:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:38:18 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$DRM_IOCTL_AUTH_MAGIC(r2, 0x40046411, &(0x7f0000000040)=0x200) sendmmsg$alg(r1, &(0x7f0000000240)=[{0x0, 0x0, &(0x7f0000000200), 0xe7, &(0x7f0000000100)=[@op={0x18}], 0x18}], 0x1, 0x0) 12:38:18 executing program 2: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x3) socket$inet6_udp(0xa, 0x2, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="2321202e4e66696c6530205b73797374656d0ac30eee5b11affeca3f20cfe90e2ee0124aa301225662ce606730262e2e3853a5e578bfeb3798af2a1206b7b189797be90606e300928e345bb3bd27ebce268a16912bd96b76df43c8355e8f9c5a057a4cbb0f2ca9b174b0733129690db494eb239298"], 0x13) close(r0) execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f00000000c0)) setitimer(0x2, &(0x7f0000000000)={{0x77359400}, {0x0, 0x2710}}, 0x0) 12:38:18 executing program 4: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) write$sndseq(r0, &(0x7f0000000140)=[{0x81, 0x6, 0x0, 0x1, @time={0x77359400}, {}, {}, @raw8={"959546592b83c98a10d789af"}}], 0x30) 12:38:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0) 12:38:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 12:38:19 executing program 3: syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x2a, &(0x7f0000000240)={@link_local, @remote, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @broadcast}, @udp={0x0, 0x0, 0x8}}}}}, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000001c0), 0xffffffffffffff16) 12:38:19 executing program 1 (fault-call:2 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) 12:38:19 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070") r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x8040, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000009, 0x53, r1, 0x80000000) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) 12:38:19 executing program 4: mmap(&(0x7f0000011000/0x4000)=nil, 0x4000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0xb, 0x0, &(0x7f0000013000)) r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0xffffffff, 0x40040) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)={0x2, 0x0, [{0x8000001f, 0xfff, 0x6, 0x361, 0x80000001}, {0x40000000, 0x1, 0x1, 0x5, 0x101}]}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000040)={@dev={0xfe, 0x80, [], 0xb}, r2}, 0x14) 12:38:19 executing program 0 (fault-call:6 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:19 executing program 1: r0 = socket$nl_generic(0xa, 0x3, 0x10) setsockopt$netlink_NETLINK_RX_RING(r0, 0x29, 0x22, &(0x7f0000000040)={0xc9, 0x20000, 0x200000000040, 0xf36}, 0x10) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0xc07fc, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e21, 0x8, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x7}}}, &(0x7f0000000180)=0x84) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f00000001c0)={r4, 0x8}, 0x8) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240)='TIPCv2\x00') poll(&(0x7f0000000400)=[{r0, 0x40}, {r3, 0x40}, {r0, 0x1}, {r2, 0x400}, {r3, 0x4218}], 0x5, 0xfffffffffffffff9) sendmsg$TIPC_NL_NAME_TABLE_GET(r3, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x820}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)=ANY=[@ANYBLOB="f2d3126b", @ANYRES16=r5, @ANYBLOB="000026bd7000fbdbdf25100000002400090008000100ff030000080002000200000008000100ff7f00000800010064030000480007000c000300ffffffff000000000c00030008000000000000000c00040067000000000000000c000300080000000000000008000100020000000c00040005000000000000000c0009000800010000000000380001003400020008000200810000000800040009000000080001000f000000080002000300000008000200ff7f0000080002001b650000"], 0x3}, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, 0x0) 12:38:19 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x20) ioctl$void(r1, 0xc0045c79) fcntl$notify(r1, 0x402, 0x8000001e) r2 = getpgid(0xffffffffffffffff) r3 = getpid() ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x7, 0x5, 0x6}) setpgid(r2, r3) exit(0x4) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000040)={0x9, 0x4, 0x4, 0x300000, {0x0, 0x2710}, {0x3, 0x8, 0x7fff, 0x2, 0x1000, 0x6, "40c646ff"}, 0x1, 0x3, @planes=&(0x7f0000000000)={0x8001, 0xb96, @userptr=0x7, 0x10001}, 0x4}) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000280)={0xc5, {{0xa, 0x4e24, 0x10000, @ipv4={[], [], @broadcast}, 0x4}}}, 0x88) fchown(r1, 0x0, 0x0) [ 249.584865] FAULT_INJECTION: forcing a failure. [ 249.584865] name failslab, interval 1, probability 0, space 0, times 1 [ 249.596312] CPU: 1 PID: 10883 Comm: syz-executor.0 Not tainted 5.0.0-rc1+ #9 [ 249.603535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.612923] Call Trace: [ 249.615583] dump_stack+0x173/0x1d0 [ 249.619267] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 249.624516] should_fail+0xa19/0xb20 [ 249.628300] __should_failslab+0x278/0x2a0 [ 249.632596] should_failslab+0x29/0x70 [ 249.636546] kmem_cache_alloc+0xff/0xb60 [ 249.640655] ? __get_user_pages_fast+0x2da/0x380 [ 249.645465] ? mmu_topup_memory_caches+0x119/0x920 [ 249.650467] mmu_topup_memory_caches+0x119/0x920 [ 249.655291] ? kvm_arch_vcpu_ioctl_run+0x7a91/0x11300 [ 249.660538] kvm_mmu_load+0xb3/0x34e0 [ 249.664398] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 249.669659] kvm_arch_vcpu_ioctl_run+0x7a91/0x11300 [ 249.674820] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 249.680073] ? kmsan_get_shadow_origin_ptr+0x60/0x440 12:38:19 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0xc201}) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x2) write$P9_RFSYNC(r1, &(0x7f00000000c0)={0x7, 0x33, 0x1}, 0x7) ioctl$TUNSETPERSIST(r0, 0x800454df, 0x709000) 12:38:19 executing program 2: r0 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f00009b1ffc)) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x80000, 0x0) ioctl$SG_GET_REQUEST_TABLE(r2, 0x2286, &(0x7f0000000340)) clock_nanosleep(0x0, 0x0, &(0x7f00000001c0)={0x0, r1+30000000}, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) tkill(r0, 0x16) [ 249.685313] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 249.690810] ? kstrtoull+0x76e/0x7e0 [ 249.694585] ? __msan_poison_alloca+0x1f0/0x2a0 [ 249.699313] ? put_pid+0x4a/0x260 [ 249.702814] ? kvm_vcpu_ioctl+0x1d11/0x1d20 [ 249.707200] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 249.712443] kvm_vcpu_ioctl+0xfe9/0x1d20 [ 249.716564] ? kvm_vm_release+0x90/0x90 [ 249.720589] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 249.725828] ? kvm_vm_release+0x90/0x90 [ 249.729851] do_vfs_ioctl+0xebd/0x2bf0 [ 249.733801] ? security_file_ioctl+0x92/0x200 [ 249.738352] __se_sys_ioctl+0x1da/0x270 [ 249.742388] __x64_sys_ioctl+0x4a/0x70 [ 249.746320] do_syscall_64+0xbc/0xf0 [ 249.750093] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 249.755323] RIP: 0033:0x457e29 [ 249.758567] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 249.777511] RSP: 002b:00007f430c7efc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 249.782596] Unknown ioctl 8838 [ 249.785264] RAX: ffffffffffffffda RBX: 00007f430c7efc90 RCX: 0000000000457e29 [ 249.785288] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 249.785310] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 249.785335] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f430c7f06d4 [ 249.785357] R13: 00000000004c0d62 R14: 00000000004d2b18 R15: 0000000000000006 12:38:19 executing program 0 (fault-call:6 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:20 executing program 4: write$vnet(0xffffffffffffffff, &(0x7f00000002c0)={0x1, {&(0x7f00000003c0)=""/125, 0x7d, 0x0, 0x0, 0x1000000003}}, 0x68) r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x3, 0x2) recvfrom$unix(r0, &(0x7f00000000c0)=""/170, 0xaa, 0x1, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e24}, 0x6e) r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x202, 0x101000) ioctl$KVM_SET_CPUID(r1, 0xc00c5512, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000135580808f2002184b5eec064a77ddf38d98bdda786403"]) set_tid_address(&(0x7f00000004c0)) socket$bt_hidp(0x1f, 0x3, 0x6) lstat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000340), &(0x7f0000000380)=0x0, &(0x7f0000000440)) ioctl$BLKIOMIN(r0, 0x1278, &(0x7f0000000480)) recvmsg$kcm(r1, &(0x7f0000000740)={&(0x7f0000000500)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000580)=""/253, 0xfd}], 0x1, &(0x7f00000006c0)=""/91, 0x5b}, 0x40) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000780)={0x1, 0x9d9}, 0x2) fchown(r0, r2, r3) [ 249.973903] FAULT_INJECTION: forcing a failure. [ 249.973903] name failslab, interval 1, probability 0, space 0, times 0 [ 249.985488] CPU: 1 PID: 10899 Comm: syz-executor.0 Not tainted 5.0.0-rc1+ #9 [ 249.992715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.002098] Call Trace: [ 250.004755] dump_stack+0x173/0x1d0 [ 250.008448] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.013693] should_fail+0xa19/0xb20 [ 250.017479] __should_failslab+0x278/0x2a0 [ 250.021775] should_failslab+0x29/0x70 [ 250.025722] kmem_cache_alloc+0xff/0xb60 [ 250.029836] ? __get_user_pages_fast+0x2da/0x380 [ 250.034651] ? mmu_topup_memory_caches+0x119/0x920 [ 250.039654] mmu_topup_memory_caches+0x119/0x920 [ 250.044481] kvm_mmu_load+0xb3/0x34e0 [ 250.048344] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.053603] kvm_arch_vcpu_ioctl_run+0x7a91/0x11300 [ 250.058767] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.064024] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.069270] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 250.074770] ? kstrtoull+0x76e/0x7e0 [ 250.078543] ? __msan_poison_alloca+0x1f0/0x2a0 [ 250.083271] ? put_pid+0x4a/0x260 [ 250.086776] ? kvm_vcpu_ioctl+0x1d11/0x1d20 [ 250.091148] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.096401] kvm_vcpu_ioctl+0xfe9/0x1d20 [ 250.100529] ? kvm_vm_release+0x90/0x90 [ 250.104554] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.109794] ? kvm_vm_release+0x90/0x90 [ 250.113820] do_vfs_ioctl+0xebd/0x2bf0 [ 250.117888] ? security_file_ioctl+0x92/0x200 [ 250.122451] __se_sys_ioctl+0x1da/0x270 [ 250.126491] __x64_sys_ioctl+0x4a/0x70 [ 250.130432] do_syscall_64+0xbc/0xf0 [ 250.134225] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 250.139456] RIP: 0033:0x457e29 [ 250.142696] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 250.161632] RSP: 002b:00007f430c7efc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 12:38:20 executing program 4: r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r0, 0xc0305616, &(0x7f00000000c0)) [ 250.169390] RAX: ffffffffffffffda RBX: 00007f430c7efc90 RCX: 0000000000457e29 [ 250.176689] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 250.183999] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 250.191657] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f430c7f06d4 [ 250.198959] R13: 00000000004c0d62 R14: 00000000004d2b18 R15: 0000000000000006 12:38:20 executing program 0 (fault-call:6 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:20 executing program 4: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000080)=@add_del={0x2, &(0x7f0000000040)='veth0_to_team\x00'}) setsockopt(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000001000), 0xc5) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000000)=@req={0x0, 0x40}, 0x10) 12:38:20 executing program 1: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x1) ioctl$BLKTRACESTART(r0, 0x1274, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) [ 250.515668] FAULT_INJECTION: forcing a failure. [ 250.515668] name failslab, interval 1, probability 0, space 0, times 0 [ 250.527179] CPU: 1 PID: 10912 Comm: syz-executor.0 Not tainted 5.0.0-rc1+ #9 [ 250.534401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.543781] Call Trace: [ 250.546446] dump_stack+0x173/0x1d0 [ 250.549734] Unknown ioctl 8838 [ 250.550133] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.558510] should_fail+0xa19/0xb20 [ 250.562294] __should_failslab+0x278/0x2a0 [ 250.566585] should_failslab+0x29/0x70 [ 250.570528] kmem_cache_alloc+0xff/0xb60 [ 250.574636] ? __get_user_pages_fast+0x2da/0x380 [ 250.579449] ? mmu_topup_memory_caches+0x119/0x920 [ 250.584449] mmu_topup_memory_caches+0x119/0x920 [ 250.589265] kvm_mmu_load+0xb3/0x34e0 [ 250.593129] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.598393] kvm_arch_vcpu_ioctl_run+0x7a91/0x11300 [ 250.603543] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 250.608950] ? update_load_avg+0x11b5/0x1a90 12:38:20 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x400001, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000240)={0x43, 0x2, 0x3}, 0x10) syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0xffffffffffffffff, 0x80) r1 = perf_event_open$cgroup(&(0x7f0000000100)={0x3, 0x70, 0x1, 0x14, 0x0, 0x4, 0x0, 0x66, 0x20000, 0x1, 0x3, 0x5, 0x0, 0x7, 0x0, 0x3, 0x2, 0x7ff, 0x4, 0x80000000, 0x728, 0xffffffffffff8001, 0x8, 0x7, 0x7fff, 0x9, 0x9, 0xfffffffffffffe01, 0xfffffffffffffff7, 0x4, 0x3f, 0x80, 0x7fff, 0xfffffffffffffff7, 0x9, 0x7, 0x8, 0x2, 0x0, 0x1, 0x0, @perf_bp={&(0x7f00000000c0), 0xa}, 0x4000, 0x6, 0x7, 0x2, 0xffffffffffffffc1, 0x2}, 0xffffffffffffff9c, 0xb, 0xffffffffffffff9c, 0xd) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x800) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0x82100, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f00000001c0)={0x6}, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$P9_RREMOVE(r0, &(0x7f0000000280)={0x7, 0x7b, 0x2}, 0x7) getsockopt$inet6_opts(r2, 0x29, 0x36, &(0x7f00000002c0)=""/126, &(0x7f0000000340)=0x7e) ioctl$SNDRV_CTL_IOCTL_PVERSION(r3, 0xc008551c, 0x0) r5 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x4000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r5, 0xc0086420, &(0x7f0000000080)) [ 250.613424] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.618662] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 250.624154] ? kstrtoull+0x76e/0x7e0 [ 250.627936] ? __msan_poison_alloca+0x1f0/0x2a0 [ 250.633360] ? put_pid+0x4a/0x260 [ 250.636859] ? kvm_vcpu_ioctl+0x1d11/0x1d20 [ 250.641247] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.646487] kvm_vcpu_ioctl+0xfe9/0x1d20 [ 250.650611] ? kvm_vm_release+0x90/0x90 [ 250.654636] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 250.659871] ? kvm_vm_release+0x90/0x90 12:38:20 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x100, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) write$cgroup_pid(r1, &(0x7f00000000c0)=r2, 0x12) openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x20002, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070") r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000002480)='/dev/mISDNtimer\x00', 0x0, 0x0) ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000400)=0x32) close(r3) [ 250.663901] do_vfs_ioctl+0xebd/0x2bf0 [ 250.667851] ? security_file_ioctl+0x92/0x200 [ 250.672403] __se_sys_ioctl+0x1da/0x270 [ 250.676437] __x64_sys_ioctl+0x4a/0x70 [ 250.680368] do_syscall_64+0xbc/0xf0 [ 250.684136] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 250.689373] RIP: 0033:0x457e29 [ 250.692616] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 12:38:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x20) ioctl$void(r1, 0xc0045c79) fcntl$notify(r1, 0x402, 0x8000001e) r2 = getpgid(0xffffffffffffffff) r3 = getpid() ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x7, 0x5, 0x6}) setpgid(r2, r3) exit(0x4) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000040)={0x9, 0x4, 0x4, 0x300000, {0x0, 0x2710}, {0x3, 0x8, 0x7fff, 0x2, 0x1000, 0x6, "40c646ff"}, 0x1, 0x3, @planes=&(0x7f0000000000)={0x8001, 0xb96, @userptr=0x7, 0x10001}, 0x4}) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000280)={0xc5, {{0xa, 0x4e24, 0x10000, @ipv4={[], [], @broadcast}, 0x4}}}, 0x88) fchown(r1, 0x0, 0x0) [ 250.711551] RSP: 002b:00007f430c7efc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.719305] RAX: ffffffffffffffda RBX: 00007f430c7efc90 RCX: 0000000000457e29 [ 250.726618] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 250.733924] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 250.741233] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f430c7f06d4 [ 250.748534] R13: 00000000004c0d62 R14: 00000000004d2b18 R15: 0000000000000006 12:38:20 executing program 0 (fault-call:6 fault-nth:3): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:20 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) r1 = dup(r0) setrlimit(0x7, &(0x7f0000000000)) accept4$unix(r1, 0x0, 0x0, 0x0) ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000040)={0xbd, 0x4, 0x1, 0x400, 0xc, 0x7}) [ 251.020813] FAULT_INJECTION: forcing a failure. [ 251.020813] name failslab, interval 1, probability 0, space 0, times 0 [ 251.032376] CPU: 1 PID: 10937 Comm: syz-executor.0 Not tainted 5.0.0-rc1+ #9 [ 251.039603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.048993] Call Trace: [ 251.051641] dump_stack+0x173/0x1d0 [ 251.055330] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 251.060574] should_fail+0xa19/0xb20 [ 251.064354] __should_failslab+0x278/0x2a0 12:38:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) openat$vnet(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vhost-net\x00', 0x2, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0x9, 0x0) execveat(r1, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)=[&(0x7f00000001c0)='&\x00', &(0x7f0000000200)='/dev/kvm\x00', &(0x7f0000000240)='^ppp1wlan0{[md5sum]*],\x00', &(0x7f0000000280)='md5sum*em0!,bdev[Csystemppp1\x00', &(0x7f00000002c0)='/dev/kvm\x00'], &(0x7f0000000400)=[&(0x7f0000000340)='\x00', &(0x7f0000000380)='/dev/kvm\x00', &(0x7f00000003c0)='\x00'], 0x1000) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f00000000c0)=""/72) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, 0x0) r3 = dup2(r0, r2) ioctl$sock_inet_SIOCGIFADDR(r3, 0x8915, &(0x7f0000000040)={'rose0\x00', {0x2, 0x4e21, @local}}) setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000000)=0x202, 0x4) [ 251.068651] should_failslab+0x29/0x70 [ 251.072601] kmem_cache_alloc+0xff/0xb60 [ 251.076711] ? __get_user_pages_fast+0x2da/0x380 [ 251.081519] ? mmu_topup_memory_caches+0x119/0x920 [ 251.086525] mmu_topup_memory_caches+0x119/0x920 [ 251.091344] kvm_mmu_load+0xb3/0x34e0 [ 251.095216] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 251.100478] kvm_arch_vcpu_ioctl_run+0x7a91/0x11300 [ 251.105637] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 251.110886] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 251.116130] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 251.121639] ? kstrtoull+0x76e/0x7e0 [ 251.125420] ? __msan_poison_alloca+0x1f0/0x2a0 [ 251.130148] ? put_pid+0x4a/0x260 [ 251.133659] ? kvm_vcpu_ioctl+0x1d11/0x1d20 [ 251.138036] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 251.143283] kvm_vcpu_ioctl+0xfe9/0x1d20 [ 251.147410] ? kvm_vm_release+0x90/0x90 [ 251.151431] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 251.156667] ? kvm_vm_release+0x90/0x90 [ 251.160694] do_vfs_ioctl+0xebd/0x2bf0 [ 251.164647] ? security_file_ioctl+0x92/0x200 [ 251.169212] __se_sys_ioctl+0x1da/0x270 [ 251.173251] __x64_sys_ioctl+0x4a/0x70 [ 251.177195] do_syscall_64+0xbc/0xf0 [ 251.180974] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 251.186209] RIP: 0033:0x457e29 [ 251.189448] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 251.208386] RSP: 002b:00007f430c7efc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 12:38:21 executing program 4: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x2, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) sched_setattr(0x0, &(0x7f0000000080)={0x1000000000000002, 0x1, 0x0, 0x10001, 0x1f, 0x0, 0x4000000000, 0x3ff}, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x1, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000000)={0x1000, 0x2}) ioctl(r1, 0xffffffffffffffb9, &(0x7f0000000080)) [ 251.216142] RAX: ffffffffffffffda RBX: 00007f430c7efc90 RCX: 0000000000457e29 [ 251.223458] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 251.230760] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 251.238062] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f430c7f06d4 [ 251.245371] R13: 00000000004c0d62 R14: 00000000004d2b18 R15: 0000000000000006 12:38:21 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}}, 0x0, 0x2, 0x0, "8b63e98a6e9a990ccccaa0722f7b17adbfb251c09e5993d319d88199f6923e646c1d3eaad49bc3c0a86bd1683c51ec36b5d2dab5a220e04e0b20637e2b5a8dd3403bbe1ccf681d083e2307d3f5597b00"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000440)={@in6={{0xa, 0x0, 0x0, @local}}, 0x0, 0x0, 0x0, "521353f37dcd64c12799efb9dbad200b6cf433289feda8725ba79dbc26d16f9663b3df59d7b9d07abd8ae0918551393a71edeeba68925770399de3c38f23825d021cc14f2ea21c5dd607e8a85d8c9cfd"}, 0xd8) r1 = dup3(r0, r0, 0x80000) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000000)={0x3, 0xe000000000000000}) 12:38:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) prctl$PR_SET_FPEMU(0xa, 0x3) r2 = semget$private(0x0, 0x3, 0x0) semop(r2, &(0x7f0000000000)=[{0x1, 0xc6}, {0x0, 0x9, 0x1000}, {0x7, 0x55a}, {0x1, 0x1f, 0x1000}, {0x0, 0x5, 0x1000}], 0x5) 12:38:21 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4004ae86, 0x0) 12:38:21 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000000080)=[{{&(0x7f0000000800)=@nl=@unspec, 0x80, &(0x7f0000000d00), 0x0, &(0x7f0000000d80)=""/246, 0x18}}], 0xa, 0x2, 0x0) sendmsg$unix(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) 12:38:21 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000000)=0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10031, r0, 0x0) getsockopt$bt_hci(r0, 0x65, 0x0, 0x0, 0x0) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000040)) 12:38:21 executing program 3: r0 = socket$inet6(0xa, 0x5, 0x0) r1 = shmget$private(0x0, 0x1000, 0x10, &(0x7f0000fff000/0x1000)=nil) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x2000) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000222000)=0x9, 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4}}}, 0x90) 12:38:21 executing program 0 (fault-call:6 fault-nth:4): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:21 executing program 2: r0 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f00000002c0)={'syz'}, &(0x7f0000000480)="2206297b6895b66147b3c7218a9169a85ea0bdc9e1587a57d422b5ae5c135342e33089754c8107c3cd3923dd4a71c2ff0f6e7b6b4816122d2550689eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000000000000000b4ec24c53d3d661ff5ff70e4880617bac218cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe273f4772539844a12876dc0217de9b895c949bc32336eb852064e0791b63d541f79", 0xc0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000001c0)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000000)="a5", 0x1, 0xffffffffffffffff) r2 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x7ff, 0x4000) ioctl$sock_SIOCADDDLCI(r2, 0x8980, &(0x7f00000000c0)={'team_slave_1\x00', 0x2730}) keyctl$dh_compute(0x17, &(0x7f0000000440)={r1, r0, r1}, &(0x7f0000000240)=""/92, 0x5c, &(0x7f0000000140)={&(0x7f0000000100)={'crc32\x00'}, &(0x7f0000000200)="23c9e3", 0x3}) getsockopt$XDP_MMAP_OFFSETS(r2, 0x11b, 0x1, &(0x7f0000000300), &(0x7f0000000380)=0x60) 12:38:21 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000003640)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000100)='t\bnu\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x00', 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000040)='9', 0x1}], 0x1, 0x881806) write(r0, &(0x7f0000000080)="cd81b784e89ead63dfe20e7679754c23635a56726c31c1f2829313dc7315ae39b939265f58ae49e8f6a6ff5fa07039eddc557bf0f8f8fb9d85956d7637ec2101aacc2193ae37b20af8260a", 0x4b) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) r2 = syz_open_dev$loop(0x0, 0x0, 0x24180) read(r2, &(0x7f0000000200)=""/30, 0xfffffe80) [ 251.933939] FAULT_INJECTION: forcing a failure. [ 251.933939] name failslab, interval 1, probability 0, space 0, times 0 [ 251.945516] CPU: 0 PID: 10976 Comm: syz-executor.0 Not tainted 5.0.0-rc1+ #9 [ 251.952742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.962123] Call Trace: [ 251.964784] dump_stack+0x173/0x1d0 [ 251.968475] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 251.973720] should_fail+0xa19/0xb20 [ 251.977494] __should_failslab+0x278/0x2a0 [ 251.981772] should_failslab+0x29/0x70 [ 251.985720] kmem_cache_alloc+0xff/0xb60 [ 251.989833] ? __get_user_pages_fast+0x2da/0x380 [ 251.994654] ? mmu_topup_memory_caches+0x119/0x920 [ 251.999665] mmu_topup_memory_caches+0x119/0x920 [ 252.004494] kvm_mmu_load+0xb3/0x34e0 [ 252.008350] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 252.013612] kvm_arch_vcpu_ioctl_run+0x7a91/0x11300 [ 252.018768] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 252.024019] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 252.029264] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 252.034767] ? kstrtoull+0x76e/0x7e0 [ 252.038545] ? __msan_poison_alloca+0x1f0/0x2a0 [ 252.043278] ? put_pid+0x4a/0x260 [ 252.046782] ? kvm_vcpu_ioctl+0x1d11/0x1d20 [ 252.051157] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 252.056413] kvm_vcpu_ioctl+0xfe9/0x1d20 [ 252.060528] ? kvm_vm_release+0x90/0x90 [ 252.064548] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 252.069784] ? kvm_vm_release+0x90/0x90 [ 252.073813] do_vfs_ioctl+0xebd/0x2bf0 [ 252.077765] ? security_file_ioctl+0x92/0x200 [ 252.082322] __se_sys_ioctl+0x1da/0x270 [ 252.086357] __x64_sys_ioctl+0x4a/0x70 [ 252.090288] do_syscall_64+0xbc/0xf0 [ 252.094067] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 252.099292] RIP: 0033:0x457e29 [ 252.102536] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.121480] RSP: 002b:00007f430c7efc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 12:38:22 executing program 1: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x280, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000040)={0xffffffff, 0x81}) 12:38:22 executing program 3: r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x9c, r1, 0x0, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x74}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@empty}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x1}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x100000001}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x10000}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xd94}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@rand_addr="31f6026d8811a1ca56645f660aa4c4ac"}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40050}, 0x4000010) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000040)='hwsim0\x00') getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x9, &(0x7f0000000000), 0x10) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f0000000240)={0xa, &(0x7f0000000100)=[{0x0, 0x0, 0x0, @remote}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @link_local}, {0x0, 0x0, 0x0, @local}, {}, {0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @remote}]}) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) bind$isdn_base(r0, &(0x7f0000000080)={0x22, 0xfffffffffffffffe, 0x5}, 0x4) [ 252.129232] RAX: ffffffffffffffda RBX: 00007f430c7efc90 RCX: 0000000000457e29 [ 252.136794] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 252.144093] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 252.151399] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f430c7f06d4 [ 252.158704] R13: 00000000004c0d62 R14: 00000000004d2b18 R15: 0000000000000006 12:38:22 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x9, 0x40000) signalfd4(r0, &(0x7f0000000140)={0x1fffe040000000}, 0x4, 0x46a2ca758756c9d3) r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x7, 0x1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f00000004c0)={0x2000000000000161, &(0x7f0000000480)=[{0x0}, {}, {}]}) ioctl$DRM_IOCTL_DMA(r0, 0xc0406429, &(0x7f0000000380)={r3, 0x1, &(0x7f0000000280)=[0x80000000], &(0x7f00000002c0)=[0x29, 0x6df], 0x6, 0x4, 0xfffffffffffffff8, &(0x7f0000000300)=[0x7ff, 0xd8, 0xffffffffffffffff, 0x0], &(0x7f0000000340)=[0x100000000, 0x6, 0xff, 0x5, 0x4, 0x3, 0x9, 0x3, 0x4, 0x6]}) arch_prctl$ARCH_SET_GS(0x1001, 0x2) ioctl(r2, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") ioctl$TCGETS(r1, 0x5401, &(0x7f00000001c0)) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x513002, 0x0) ioctl$UI_SET_SNDBIT(r1, 0x4004556a, 0x7) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000180)={r2, r0}) ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000500)="91bd2a9681e044d2afd93d8ff5f83f5411c0e62a56ec2030427b264c5de3188f837821ee978a99ad42ca249bec46cddeb85b58a698233593b599cbea29111cfe5e5e6de16122e1a1ff549b36b862332aa50906e6240b3aa1b8a3a7371104b39ff15bdfcf49262501e0b4b70f306239a275f9a4a35ed3aeabeafa94fd3bb88719b949b956718c8825cc19d008b20398d7b2e4a0fc542702c684904fb5e25cc7606e80857a69444abff2cec820e9f2dff8737494ecc411b23410e0244d83487840b25c6583dc797aaf9273ee467cc89eb686f5b30cc2ac27b14ff18ac28c36740c43af7a515dd5f9ed539464bbaee5794d5f45fa02e1ed1bef17673d2b54dee663") write$P9_RXATTRCREATE(r5, &(0x7f0000000080)={0x7, 0x21, 0x1}, 0x7) getsockopt$inet6_int(r4, 0x29, 0x35, &(0x7f0000b67000), &(0x7f00007d0000)=0x4) 12:38:22 executing program 0 (fault-call:6 fault-nth:5): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:22 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4000000000000024, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x15, 0x0, 0xfffffffffffffe33) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r1) close(r0) 12:38:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x400000, 0x0) ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f0000000040)='ifb0\x00') openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x2, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000180)={{{@in6=@remote, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@initdev}}, &(0x7f0000000280)=0xe8) stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000380)={{{@in=@multicast2, @in6=@dev={0xfe, 0x80, [], 0x12}, 0x4e22, 0x0, 0x4e21, 0xffffffff, 0x2, 0x20, 0x20, 0x7e, r3, r4}, {0x3, 0x8, 0x4, 0xffffffffffff0000, 0x7, 0x4, 0x5, 0xfff}, {0x4, 0xf9, 0x9, 0x3}, 0x5, 0x6e6bb2, 0x3, 0x1, 0x3}, {{@in6=@mcast2, 0x4d4, 0xff}, 0xa, @in6=@rand_addr="69e84e33c9c75dd81d1f158d6a734998", 0x34ff, 0x3, 0x2, 0x8001, 0x5, 0x47544ecc, 0x6}}, 0xe8) setsockopt$inet_udp_int(r1, 0x11, 0x1, &(0x7f0000000000)=0x7f, 0x4) 12:38:22 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000003640)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000100)='t\bnu\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x00', 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000040)='9', 0x1}], 0x1, 0x881806) write(r0, &(0x7f0000000080)="cd81b784e89ead63dfe20e7679754c23635a56726c31c1f2829313dc7315ae39b939265f58ae49e8f6a6ff5fa07039eddc557bf0f8f8fb9d85956d7637ec2101aacc2193ae37b20af8260a", 0x4b) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) r2 = syz_open_dev$loop(0x0, 0x0, 0x24180) read(r2, &(0x7f0000000200)=""/30, 0xfffffe80) 12:38:22 executing program 2: capset(&(0x7f0000000200)={0x19980330}, &(0x7f00009b3000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001}) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x12b340, 0x0) umount2(0x0, 0x0) [ 252.948504] FAULT_INJECTION: forcing a failure. [ 252.948504] name failslab, interval 1, probability 0, space 0, times 0 [ 252.960019] CPU: 1 PID: 11019 Comm: syz-executor.0 Not tainted 5.0.0-rc1+ #9 [ 252.967240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.976621] Call Trace: [ 252.979277] dump_stack+0x173/0x1d0 [ 252.982973] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 252.988228] should_fail+0xa19/0xb20 [ 252.992014] __should_failslab+0x278/0x2a0 [ 252.996311] should_failslab+0x29/0x70 [ 253.000263] kmem_cache_alloc+0xff/0xb60 [ 253.004371] ? __get_user_pages_fast+0x2da/0x380 [ 253.009193] ? mmu_topup_memory_caches+0x119/0x920 [ 253.014208] mmu_topup_memory_caches+0x119/0x920 [ 253.019029] kvm_mmu_load+0xb3/0x34e0 [ 253.022885] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 253.028198] kvm_arch_vcpu_ioctl_run+0x7a91/0x11300 [ 253.033356] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 253.038598] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 253.043835] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 253.049333] ? kstrtoull+0x76e/0x7e0 [ 253.053112] ? __msan_poison_alloca+0x1f0/0x2a0 [ 253.057846] ? put_pid+0x4a/0x260 [ 253.061345] ? kvm_vcpu_ioctl+0x1d11/0x1d20 [ 253.065723] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 253.070963] kvm_vcpu_ioctl+0xfe9/0x1d20 [ 253.075208] ? kvm_vm_release+0x90/0x90 [ 253.079248] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 253.084484] ? kvm_vm_release+0x90/0x90 [ 253.088512] do_vfs_ioctl+0xebd/0x2bf0 [ 253.092466] ? security_file_ioctl+0x92/0x200 [ 253.097038] __se_sys_ioctl+0x1da/0x270 [ 253.101086] __x64_sys_ioctl+0x4a/0x70 [ 253.105031] do_syscall_64+0xbc/0xf0 [ 253.108811] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 253.114040] RIP: 0033:0x457e29 [ 253.117284] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.136219] RSP: 002b:00007f430c7efc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 12:38:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x6be) openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x0) 12:38:23 executing program 3: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) socket$vsock_stream(0x28, 0x1, 0x0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x301000, 0x0) ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f00000000c0)=0x8) poll(&(0x7f0000000000)=[{}], 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c85000)={0x40000004}) epoll_wait(r1, &(0x7f0000000040)=[{}], 0x1, 0x0) ioctl$VIDIOC_S_EDID(r2, 0xc0285629, 0x0) [ 253.143958] RAX: ffffffffffffffda RBX: 00007f430c7efc90 RCX: 0000000000457e29 [ 253.151245] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 253.158526] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 253.165809] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f430c7f06d4 [ 253.173885] R13: 00000000004c0d62 R14: 00000000004d2b18 R15: 0000000000000006 [ 253.182322] capability: warning: `syz-executor.2' uses 32-bit capabilities (legacy support in use) 12:38:23 executing program 2: open(&(0x7f0000f9aff8)='./file0\x00', 0x8000000000141046, 0x0) setxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='system.posix_acl_default\x00', &(0x7f0000000080)='vmnet0ppp0@', 0xb, 0x1) mount(&(0x7f0000ae2d7d), &(0x7f0000851000)='./file0\x00', &(0x7f0000a6f000)='nfs4\x00', 0x0, &(0x7f0000dedf2f)='v2') 12:38:23 executing program 3: set_mempolicy(0x3, &(0x7f0000000000)=0x3f, 0x7) modify_ldt$write2(0x11, &(0x7f0000000040), 0x10) r0 = semget$private(0x0, 0x3, 0x108) semctl$GETVAL(r0, 0x2, 0xc, &(0x7f0000000080)=""/4096) 12:38:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000000)={0x3, 0x0, [0x1b, 0xfffffffffffffffd], [0xc2]}) r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x4200, 0x0) write$cgroup_subtree(r3, &(0x7f00000000c0)={[{0x2f, 'pids'}, {0x2b, 'cpu'}, {0x2f, 'memory'}, {0x2d, 'memory'}]}, 0x1b) 12:38:23 executing program 1: socket$inet_dccp(0x2, 0x6, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) 12:38:23 executing program 0 (fault-call:6 fault-nth:6): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:23 executing program 2: r0 = socket(0x10, 0x3, 0x4) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x800, 0x0) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000016c0)=0x0) sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xa0000}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="28130000190000042bbd7000fcdbdf250200000014007400fe8000000000000000b40124000c006d00060000000000000008008e0000000000000000", @ANYRES32=r1, @ANYBLOB="5a87fd04e8b3b066c618cc1fd59afa5adbf55e356175b3d0b2e643632e46f3e2d29852c2f4795770efdb776cfb5a82e096c01089d93e498c91381ddf2dbb6dec442c427a6ac9abdbe3c1294ddc0e4ebcd1d9e144708258ce475487dadbe80cd2b2d5b85a7e7d2622f6d3b272e7b90a7b3cfcbf75ab610831c311171d3e50c7c74b14c0f7bdb933a4e76deea871cfa1f5ec75d4e18e92486fb20f544d8220bb1ffef2c0240f6d130ff99b72095043432629aa32cbad989b782f63ce3b53bcdf0ff3049bd4cdb279a710e82c5372edd65d8a9b82f53d7e4ac1fa570569427b418b536b3dc6eddc5acd0dac202815e5f87196aecaa5ef3e243208002300ffffffff68cc804d8f8fb05b932a72fd8c560e3a75c4b71a69983512630f177e1acb245d3b0c107cff4fa6e66a7005a79475ab98f2a2fbfc4a0f653d5e207e0a5fb8b2d1dbf80fadf5db56df2424b5efffb56fed2e005cd2054a1994a0d5053547c204194ec92e889a508c3f50328ae8ce1e850263717b96b1b008022526b36607bdff6bb1a30b75adc461203db708002c000e1e000008009500", @ANYRES32=r3, @ANYBLOB="0000500044000c007100ec070000000000002dfc7fd55630df30c3965a4c4b4b2f220a1f3f1983a835d8e6bc80447bf5b16d672226dc4616644f4f9c7c16128166d1be25810c006d0000000000000000000008002b0000000000f4107100d000090046e651a843b54e88f5e66a9f8be3d6d4228e8cca412589fb7d7174cf8f2ded35dddc280d689f657c88b9b5cad4285b37c7637f7b0953a6b81c8b25326042ac0121ed1380b8a7a279c4468a805ce6521257c23ae2416fb3449e249c2d261e8f4fa2ef3fcce9e8939fd7ba503a145e6ccdceb51749c5200e4fca5ff2b92c8be11c73005a6e86645b2b6fdb8efe6202888bf50a416d8f25619e04eda59fca1fd7f495755af544d05f10a522d66e4e764c1c5505a525ed95bbfd3e7657a260d4a3a727990bcbed578bee4cdf71006d400e811b4914b28ab0caa0f9793d7adca9b7a0b49ba046411fca11b5828291d68db2ce61e75dcf855662ef4f08ff52b142e059ebb71342c4af113ccba7c879118c41e767e814d5e0ed864452dc654d7ed21652d38ada644af2c25e1fde48c9074e2599beae9ff24c70cf346c5e6e9bd77bfd95d47804f4299ba231afe9936c92f2ba152d523a6c664287cb6b4b8f7078404441fa21842097334a2201756f73c7a42fcb9f588035cdf57e3b70307117e84ab81fca555611cf7841835b147c6dff3faaa0104d2a49f5ddf270de983a3cfd0c6793428c685c03585742d59584b9f79597ad00e5f0130328e61e496c20ef2f476d65f40b93151dbad6b1c973eca717a1490522f3b30b6389697fb919b70bd0af3879efa560382a1a5288e6fc900cee2a5056c97e754dc7908bd9b3714d219031dafd19910967efc46fe59884e0e50f32865b4e9c257a64ea8b57532ff618168da35368cdb9d2fb628753f905e1451b6c9fb062b56e3c74e0ad81327d32e03e57654bfc362e8d11c07e4ce053d2e98e540ce89b6a1c8af07f6dd8647a2f7abd3a357063b54820d605cd6aa1406e1efd42826acbf69ff69466c2781037524b9cd40dcf311be13aeb97c9a796a8f8d59664530cc58372e13701d883305c36698180f85243891170d4753ad9c2f1effc76df4ed646862b8cf8307f76d2253773f8c47e80409fbdab643d3d448a163bd507780d8d7443d5f208d7e66293e6e7ec028527ae604e638f9a62ec6b07450ec14d3d3e5eda8ea94edecae47260da920566e46f20b5d923972336df0225d0c652c6b51f6fb917d07fbf912444893fac79f1da1fdee63de805ecd755abc4933e773460a155dd189759cc74a00230a3bd81f9b60de6f2817f7ff2f6633e9e9076096ef025c7325906b3e373b0cd54dfa6842b6eaef7a0aeade03901bc397f2df44106ff229c58788b290e5d4a2047068decf0139555f4a55aeae957c5e15659005a9ac16dcb7dd10e2dabbbcc36050444cf5094f92784c9779b7cd933886cc3c9c85b3b9525a57df677b35b40a6255262683dbb2148f7cba6c2bf435380eb4199fe1827901dd8c1d48aa0e278ae75fc2e241fbf97d7e3ca55a46a495a41770f53e62cad2638fb8b98586d8dd2cb0441810bceb4d180ea43eaada7360cba07e5938a9bfe916f06a6ed26c00955286e45c0f59a341a137a4c2ded3a9643eeb775e6c31b3be042d19a494c8e55570ec47c9f0e266cd991fa3e51c2741efd87ffc1afacac4a0cd66468cf47107dd016afecb1063a48ee3f593bc1f5785259495235c5b5b6b2cafd94c62912cbc5590f6876460acfa9528a6a114b868b96b04426284ca85990c3f70a63e2ceca96d9f85e893a3fb1000d6902ac5e1fee2a07ac8ad8eed3245d7d9592a154681aeab298039c3d870391acf9daed9ecc7d81c5e1e693705faabf25ec3f97c13b2982bb64b83e8c35d225f6c139b9fcc0226a8a0e576dd1c48873cb5d5b55ab8ca643cc8b9ead78d46724ff69c10dfc6ccda76695bcf43ef7eb1c8a180716cfe3dd26acdee03e598c4e197ed20ec3525164fe4edf3faa1bc76ea7c18e57503e35c420f9d6d49e62e94942e940903529e3ae7bc15e53d23eec4c64cbb41fa48c308c58915e6191c616901b6ac1b088fff27def7ff5e7763e78bb59b8a75729bb81879c96e288feaeb690d690b03a7dcb15e920711da3a7ed7a6b71ff30a3026b17fa2c98e1e7e3aa465f6676b6788ae3d4c52dd57788d592a930d7c840c3086041929ff75b8b305d1a41d2551d433f818e69d72332c6f8de4486252d04716516ac29c7a20de8738061723f141a919981aa93ef6412bdb89827f73ff1749247e7a77beea090139b3c2259829b5027d3f02866dacb394f6775d410fd4aa4e6b785afc70e4d8ce71e5c7bb20c6582e3aed98f2631a7971f7a3c72b4de375793e34ef334dcacc3dc6dce3b86067fa559acf5a87e1f6270e527858f966f7ae5cc298d97708146c5a0d4de0ca01de5b6f70951346698139843f51b6214218b70689eafc0fcd217ee3aa76cd9acd66d32f38417f617ca8a4e586fc1caf17018624b83c95a6b412f369a43b513e74402f96ef4c5df36f7b397a2968f56906b3dda1e48d1f351954485633adccdf11e17217c85fed894ece84a9150e613cc0ccfe9e36c514d54c2e78ca80c03adedd8af9716bdeca242da0bc835351cd9f136361f7e73684b416ce7c39bf7f7492704a9f320f167d5d1829a2b69016f6180d6172df17b3b0b131873cfd58def7965bcf62592858402318df0341f587e063ad8f8a419a5ea0211e2955fd5acaf0f97ab9f70118fa3705dbeea0330ae3256ae5263dafb05399ceb4baa001e5efcedb495d83cf2c8955b3fd71602badeccc9292b36edccc6ec2e5b1277f4d79d81697b92f39934baef13be4ab25798556fda816e65c58332b9db1610a15eedba580a0cdbb1a997756778d52ca08309d82f0278b2f9219dfb245238c755142969ac2072fa2dee621e3a4fe2d18b2bfca2b39827a9c66e4a380685742bce70483f0776ea5dbd0a66af823b6dc5e08a3395876e1eec08529a82d4e6cedbbbf3ace07b7b4067ecafaa61482e7917e370982da02721f0446dfc8133fa75c9de255bc61bb133d5f45b6d730aa5e3364b39c7b3d1759e92c1688ba832aecad39ad8a7a0b9f0454ff38a3e9b507df176f452186ed3a74f891f32b8f8371e5efe4ffe9f6dd18bd849a28aaeec2d9f77b784fa6894330ceafe3abff477785c698d64fd2116597fd68ead1a9ba556135f02aa966e140f3648b2ea877d82ad23ef6a0d8fc56690f6e10014be7278da38fb798187867249ee7a87c07dd2250cd8f91bf24058e7e5d0205e68f02bef2f8aeb4c60990a44cbc141fd6b958c11de3722fac0c5d3687c606e94dcbaf2622e1d50ff7927e00a0af9e602bf088e2f09ed7d9dfc7bcde9a96fb320e676475f610bde81735d893c360be77e420af77c549ac4bd9c47ab75fa92463811c1f2fa59c7e65d146f7642dae8bd03bed8c8bfc05e67cac3f346ca61bf4d4e2ad725774a7589d69bd00dc47aab277c6f71fea6e692e9d939904a10b8fbacf87c40241fce09a1f82ab8ff0ece5162f0779306e9f740b8ea865a87570d98c9e023cc45797aa9e959c183559f1c9457cf33c6c086a867f5f46280421e23a6e1e823fb1721f20be2da6e3d3df7bd3f4844db0fc3ab14c684a6799fe5825ffd8452c4b34568804bb0101eac1f24b10efc564c35b7171e8a9d624037368cae46533597a0507c259d81d551581b4343fdcfd3595fecac3e452ef15d66e1391517d498ac577df6a8de1a1d200553fdeb2222ac4284726cb19ad334969cc6365ca906156ca52832cc376b4fe998ea5e0d213c0ca75cf9f980cef2b5ce5caf7db8c4457a0e24874afb2e244855f689cd387fab56a1c459fa5e185045c948b0893fba12142b19d246d560a9cd49d2bdeb37d9ebf06579c1571944d37f1e857e1bbf0126564be507108edb7704244d0e58cdac2b8a49af747728457c843268240f9062e34a5a716110039addea477bee16c5722f011bdcf44f3f510a31d80eab0e839589eacf89fbf14b8c7e09a0e233188f4afcbe12b92abdc4e9d9140e40c379a4889da971e8db0d2a7d8d47f8af4c45c2f7f93ebc1423fea014088e6417bfac3924fde392cbd7c7e539beaf78e4d92b278f9e95157f7c8acea1fa0d5e78ed39ce0c818a9d6d73a1f69ce734cda0e092f79ea672aaf9b70769ee312b15bc0166bf7bb618c799be2717d1cd6bdcae66b9779fc605829c54903878cb20c322e0323deba092cde924bb063c99c3a35384e7942638551f239627e0991d4614f447b87d7e12fdb258741b1e00a1e7ef95c758047d05e42e13a5c76ff6a53af76a186f171afa56616f26bfecb21b1854402c9ebab8df52bb581848a3ec73177a918ba611716bac413ffcc358e14a34ead81d795fe686017ed573f33204760464273a40b1582b208b5733a567ae439a9864dfe00dfb57d16f316e83752072f0c73bce6feca3df1d3ad435150982ee76cca10f7deb8168d9f35677ec8d69e0374e5e663829ace263485be7fcd67eb219b97d9d9f48ca62cdc05485912c94fe286c042c8fd84bd33e12fb76dca4eac3838430ff44638f4f1078b345fc6c45c22bd1bde87bd04b37735c0092fc6f5295ec261720cc555f98e2163f55d556d9712f5f6a8ae0909b3ca5fa4856625e4ce906dfff5354daba8bb959ab52f4e910b570439f13801c49f71309b65ea0f6933efa31803850eec3719c1bbb6984d73df7e56004c96c58cdcc0b6c8e9feea84cbabce9387dc380fc62d126039615072c6169ba68f3dc7b863cd1e685e601ceaa089b52728007eddde274cf00ce5beae3327503bc737043f146b242d142711d530aba6bb55194e21ca4faf92e23756714b4c68577b09313756c3863ef48c2780b73811a8277f583256bf41d7319ace5af92c0597cf64127e573d3b59b62b00fbadbf7d7b84aef86d289905235f916f0ad79279a44dc39696173e1dc507a2b362af53b0faae9100b6fe14df3d88b619e6a5ff3651450efd8d6ea35508ae14c713d0d3fd040fc817e360de69fb14fbf508f77fec3e06513d090d3525318d269c5b67c911eaa588a1fe34e7aaf5d469618c1b4021d12b3753c8f563e853f776fc171009a39e5eb5e939122eb2e02b57f87c693cfb131f0fb4192f914299a1eb516a81350fe82c1f85a806a6be58b4d55f874e5ff056ae19822e73344e3f5bfbb0e06fc86b52f5a2d282243020a5b1ae55e916a854cf65b62064dc9e639f5f27c56b1489e9ea2f110799976eb0ed6e27ac7ef10d7a854c3294dae45f64c5018805a294a2b24395c043d7fb6e305231fd8d082aaa332a628369366efc364884b0399de2346c9a9c1c8bbd23b6638533d08941662439976e312bcedd329a8dad461df5083197102b398ba3ba3aa8ad51c0de070657943fdd0d4cc527520e2158df4aa1413fc2fc325c9a21fa14b0698153faf88e24e4f072629d65757ab7b4259b6e9aeadda193ede08d4d4716c7dda15cd4933a16004c3c67cf9cf371c34856514cb71cd72ce0585cbb5cc4c53c07c8e07c6cb1957ef1102dd4151947321432c43e9366e16803ebbd05c93834f004d7a97f805ec5c8b7f9cb3fbf52db090a949c232184e54bdc9b9dc5f681fefe9d00bf9a8b81a0207927f6c96b66a5c70f4d7b124cf8a6249295cb006302214f61bac03648c9e4de797a99ff58331f9b547953d2bdb3c1558843a0a533760e9f288feb2174ea5a9bd793cd43d270a9e558016b51407977dc5116c673728e2f09cc186ba117210dd966844db7e2e0e5846ec852bc8bb673d328dec57a756e3c855dc2c7da1243bad400bfc8e2b15017d9c80c34c69a4c3f1f939173199b7a44a8306a3f72149a212ee692eb7debf09c2f75e26860a577272a1014444b207b6d7ce8444b6a3436f90523418565c881f9f6c92e554be425d3702489c22c190cb44d168da45059e398c2933b4f85fb2d1098e77bd3c09f9a0254176dd2f451de15cb34629d189c5e8ff85aec4fb6e597d4989088521a2bc081985c88ad9ed01214fe8be4acf2509cf90cd2bc17e973a74060ab6d6ba096013537d42c5d2c239863c54cf2df4ce9660880cb4e740581c1e9adee40455645fed444bae89b56eb412187438fadea524df40d2893aba157d1e2e41b542e1e35b9d3516f36c815b3512147c65c456ad725e99e35ac47fbd961a4750a1dfc65cc56a055702d4b860667b39d1d9895863cce85d68dd4bd31e6ce14c2557688348a4621315a202e8f282"], 0x1328}}, 0x80) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x337, &(0x7f0000000000)={&(0x7f0000000240)={0x1014, 0x19, 0x400000201}, 0x1014}}, 0x0) syz_open_dev$usbmon(&(0x7f0000001680)='/dev/usbmon#\x00', 0x80000000, 0x86400) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000001640)={0xf5, 0x442, 0xcbc, 0x40, 0x4, 0x1176585b, 0x1f, 0x0, 0x1, 0x5}) r4 = open(&(0x7f0000000200)='./file0\x00', 0x8600, 0x100) r5 = syz_open_dev$dmmidi(&(0x7f00000015c0)='/dev/dmmidi#\x00', 0x9, 0x20801) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000001600)={r5, 0x0, 0x5000}) 12:38:23 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x6, 0x7, 0x1000) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000001c0)='ip_vti0\x00', 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000200)={0x84, 0xffffffff, 0x8000, 0xa154, 0x4, 0x0, 0x3f, 0x0, 0x0}, &(0x7f0000000240)=0x20) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000280)={r2, 0x5}, 0x8) ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f00000000c0)={0x2000000000000127, &(0x7f0000000080)=[{}]}) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x3) r3 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x8, 0x101001) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000100)={0xffff, 0x7, 0x5c}) sendto$inet(r0, &(0x7f00000000c0), 0x30, 0x0, 0x0, 0x120) openat$dsp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x400, 0x0) 12:38:23 executing program 4: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x601) writev(r0, &(0x7f0000000000), 0x41) 12:38:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x10000000480000, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000000)={0x5, 0x3, 0x1, 0x2e95, 0x71c9, 0x6}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) sync_file_range(r1, 0x40, 0x80, 0x5) 12:38:24 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newroute={0x24, 0x18, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, [@RTA_SRC={0x8, 0x2, @multicast2}]}, 0x24}}, 0x0) r1 = socket$inet(0x2, 0x2, 0x100000001) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000100)=0xffffffff, 0x4) bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', 0x0, 0x8}, 0x10) [ 254.165893] FAULT_INJECTION: forcing a failure. [ 254.165893] name failslab, interval 1, probability 0, space 0, times 0 [ 254.177322] CPU: 0 PID: 11068 Comm: syz-executor.0 Not tainted 5.0.0-rc1+ #9 [ 254.184545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.194400] Call Trace: [ 254.197049] dump_stack+0x173/0x1d0 [ 254.200729] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 254.205964] should_fail+0xa19/0xb20 [ 254.209738] __should_failslab+0x278/0x2a0 [ 254.214028] should_failslab+0x29/0x70 [ 254.217975] kmem_cache_alloc+0xff/0xb60 [ 254.222082] ? __get_user_pages_fast+0x2da/0x380 [ 254.226887] ? mmu_topup_memory_caches+0x119/0x920 [ 254.231875] mmu_topup_memory_caches+0x119/0x920 [ 254.236686] kvm_mmu_load+0xb3/0x34e0 [ 254.240536] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 254.245794] kvm_arch_vcpu_ioctl_run+0x7a91/0x11300 [ 254.250956] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 254.256369] ? update_load_avg+0x11b5/0x1a90 [ 254.260836] ? kmsan_get_shadow_origin_ptr+0x60/0x440 12:38:24 executing program 3: clone(0x3302001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket(0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1c) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e20, @rand_addr=0x6}}, 0x1, 0x0, 0xbc08, 0x7, 0x7fffffff}, &(0x7f0000000440)=0x98) sendmsg$inet_sctp(r1, &(0x7f0000000500)={&(0x7f0000000080)=@in6={0xa, 0x4e21, 0x8, @mcast1, 0x80000000}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000000c0)="3af646fc3f45bed109b1b8824688628bff03b2897bd64474306e79ad6d0f5e9dc644b6856a9aaaf5e7b565fcb638b48c457705ef629fcf6016e73b11562115bb2143750e7c8887770da0bf9203e6797aff025bbe8780e8e5ccca298268eb99b31c724c240810469ab741f662cd35f680ce77f86f8f33be53959a8b3870ff6c31edb26ae6a120dc7954204729a019fc039d4beb5f792acafd8b5d200a20edf2edf0dec11945fedfba9187d1da", 0xac}, {&(0x7f0000000180)="46214131cda510bf47792c17adce41d39a28f88d461288488da083d7a87ddd9d7ae36d52741597f34136b6279788f0cab09504ab45d3caa1622992ccec40ffeed9eb3d1b985ffece3829f80bf5917ee25d91ea8f5cf34549430ff8ad82f8a81a0738d88e23a8bd01df53dd91b932dbda4f04ee6143d224bcf72d3d1266b20ac9332ac4e64148", 0x86}, {&(0x7f0000000240)="c068e6babc9f09715a4d477b96f2d4ff2569245f440600520f551776d05df61b18c072dcbc477eed8d6c75dc001fe45c678c1e970db07380bfa34bfe554c55b92abb22883ff4c736f706bc15507eb905e28332ce84c02ea2ec3aa22e719b12fd84f3bcc3c9981217baa6a6", 0x6b}, {&(0x7f00000002c0)="e68f3def7f1dc17e63234c528d9a1ede53d77df32f60e4c5207fc03f00e4921c2eb5930a547900361cd3420a7d35f16d77d27e8f474f8261dbd10d25dd1d526b27e930f707eee505ba", 0x49}], 0x4, &(0x7f0000000480)=[@sndrcv={0x30, 0x84, 0x1, {0x3f, 0x80000000, 0xd, 0x9, 0x81, 0x100000001, 0x3, 0x9c, r2}}, @dstaddrv6={0x20, 0x84, 0x8, @loopback}, @init={0x18, 0x84, 0x0, {0x4, 0x1, 0x8, 0x8f7f}}], 0x68, 0x8004}, 0x1) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x200000, 0x0) ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) write$P9_RLOCK(r3, &(0x7f0000000040)={0x8, 0x35, 0x2, 0x1}, 0x8) wait4(0x0, 0x0, 0x0, 0x0) [ 254.266079] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 254.271569] ? kstrtoull+0x76e/0x7e0 [ 254.275342] ? __msan_poison_alloca+0x1f0/0x2a0 [ 254.280068] ? put_pid+0x4a/0x260 [ 254.283559] ? kvm_vcpu_ioctl+0x1d11/0x1d20 [ 254.287925] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 254.293176] kvm_vcpu_ioctl+0xfe9/0x1d20 [ 254.297293] ? kvm_vm_release+0x90/0x90 [ 254.301310] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 254.306549] ? kvm_vm_release+0x90/0x90 [ 254.310580] do_vfs_ioctl+0xebd/0x2bf0 [ 254.314541] ? security_file_ioctl+0x92/0x200 [ 254.319100] __se_sys_ioctl+0x1da/0x270 [ 254.323132] __x64_sys_ioctl+0x4a/0x70 [ 254.327076] do_syscall_64+0xbc/0xf0 [ 254.330852] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 254.336076] RIP: 0033:0x457e29 [ 254.339317] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 254.358618] RSP: 002b:00007f430c7efc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 12:38:24 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_open_dev$vcsa(&(0x7f0000000140)='/dev/vcsa#\x00', 0x5, 0x8000) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x9, &(0x7f0000000080)=0x0) io_submit(r3, 0x30b, &(0x7f0000001700)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x10}]) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_PPC_GET_PVINFO(r2, 0x4080aea1, &(0x7f0000000000)=""/23) setsockopt$inet6_IPV6_ADDRFORM(r5, 0x29, 0x1, &(0x7f0000000040), 0x4) writev(r5, &(0x7f0000000300)=[{&(0x7f0000000280)='\'', 0x1}], 0x1) tee(r4, r2, 0x8, 0x0) [ 254.366370] RAX: ffffffffffffffda RBX: 00007f430c7efc90 RCX: 0000000000457e29 [ 254.373676] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 254.380977] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 254.388281] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f430c7f06d4 [ 254.395585] R13: 00000000004c0d62 R14: 00000000004d2b18 R15: 0000000000000006 12:38:24 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x800001000008912, &(0x7f0000000100)="0af51f023c123f3188a070") prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000fee000/0x12000)=nil, &(0x7f0000fee000/0x3000)=nil, &(0x7f0000000000)="38b2e68aea1d61d502e7591ad0aa6cce8d4bf31640c6aa675df6c546ac6d5907d24020498383815bd0e42418ec11c156c7611bfe15b0493bdea94c9d5e0f701b25f51c71cc16c1ffa026c19510ef0c80681698e7bd62a309218d28f942571c10297dc155532cadd07a5f3e9ccc20a9c20681d525c79291559b8cc98397890671879273956c055ebd34d5b85ff1d4a5b9560147bad7084945c6f283790ab4c634c13f3c1b37a88e59001a309e33508cf6d5938e98ece8dcd9b5291557164573eda721f8915d08db861483c2411e54df36e07e0bbb837f0966904bb04c4a2f54310820fdfa67312978770b6a8716b5ad6be56fa9db0abfe1b19cb16a2a291a", 0xfe, r0}, 0x68) syz_emit_ethernet(0x47, &(0x7f0000000140)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "ca819d", 0x11, 0xffffff84, 0x0, @dev, @local, {[], @icmpv6=@echo_request={0x80, 0x0, 0x0, 0x0, 0x0, "333ad7425b349d8b00"}}}}}}, 0x0) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vfio/vfio\x00', 0x100, 0x0) getsockopt$inet_dccp_buf(r1, 0x21, 0xe, &(0x7f00000003c0)=""/210, &(0x7f0000000380)=0xd2) 12:38:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, 0x0) 12:38:24 executing program 4: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x0, 0x0) ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f0000000040)={0x0, 0x0, 0x8001}) dup2(r1, r0) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x8}, 0x10) 12:38:24 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0xfffffffffffffffd, 0x40) ioctl$EVIOCGABS3F(r0, 0x8018457f, &(0x7f0000000040)=""/62) r1 = getpid() r2 = syz_open_procfs(r1, &(0x7f0000000080)='net/rpc\x00') ptrace$cont(0xf, r1, 0xfffffffffffffff7, 0xffff) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f00000000c0)) setpgid(r1, r1) fcntl$getownex(r2, 0x10, &(0x7f0000000100)={0x0, 0x0}) ptrace$setregs(0xf, r3, 0x3f, &(0x7f0000000140)="84588f199e0f90e3a37ffb64fc8f10ef1a9d27e0bc311af34336bf8eee6dd5d05eda39df32d9316b011f2d5b8dcdc13a3fb437cdf696dcd361ff293fe85b921bdb7e626d4358e7b30e9724c34851e40ad5d0b9c857f4a953d80043c3ab6b87f9ed481add695274ac2b7f34401f6475f3f9ea9ff0ab24e85795947c333ba18708ba4f45f97de3aa75b117f479ef2c83303914937e3128e22a1ed6c89ffecf04ed9c78f181ff648e43a67cb1a8dc7966f81626c87ba0d704f83875c240b6bca702c0d9f98f41b021d477109919df8edefc59f4e84dea310149b70cd046d52134da7e26a44b90db969b2e4cce0bef127965dc71b98d353e8b08e712af") r4 = perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x2, 0x7, 0x8, 0x7fffffff, 0x0, 0x4, 0x200, 0x2, 0x9, 0x1, 0xfff, 0x800, 0x2, 0x100000000, 0xc2, 0x5, 0x0, 0x2, 0x3, 0x9fb, 0x3, 0x3ff, 0x7, 0x92, 0x81, 0x7d4, 0x40, 0x5, 0x800, 0x3f, 0xffffffffffffff05, 0xfff, 0xbc, 0x200, 0x3, 0x401, 0x0, 0xffffffff, 0x2, @perf_config_ext={0xff, 0x8fa}, 0x41, 0x7fff, 0x4, 0x0, 0x8000, 0x100000000, 0x9}, r1, 0x3, r2, 0x8) epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r2) fchdir(r0) getsockopt$inet_dccp_int(r2, 0x21, 0x6, &(0x7f00000002c0), &(0x7f0000000300)=0x4) write$P9_RMKNOD(r2, &(0x7f0000000340)={0x14, 0x13, 0x1, {0x4, 0x2, 0x7}}, 0x14) fsetxattr$security_capability(r4, &(0x7f0000000380)='security.capability\x00', &(0x7f00000003c0)=@v1={0x1000000, [{0xd7, 0x9}]}, 0xc, 0x1) ioctl$EVIOCREVOKE(r0, 0x40044591, &(0x7f0000000400)=0x7fff) sched_setattr(r1, &(0x7f0000000440)={0x30, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x8}, 0x0) write$FUSE_NOTIFY_DELETE(0xffffffffffffffff, &(0x7f0000000480)={0x2e, 0x6, 0x0, {0x5, 0x2, 0x5, 0x0, '@em1.'}}, 0x2e) ioctl$SG_GET_LOW_DMA(r2, 0x227a, &(0x7f00000004c0)) setsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000500)={0x0, 0x3, 0x8, 0x40}, 0x8) r5 = syz_open_dev$adsp(&(0x7f0000000540)='/dev/adsp#\x00', 0x2, 0x1) splice(r2, &(0x7f0000000580)=0x2, r0, &(0x7f00000005c0), 0x11f, 0x9) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000600)={r5, 0x3, 0x5b, r5}) sched_getparam(r3, &(0x7f0000000640)) r6 = syz_open_dev$vcsa(&(0x7f0000000680)='/dev/vcsa#\x00', 0xffffffffffffffe0, 0x20000) ioctl$UI_BEGIN_FF_UPLOAD(r6, 0xc06855c8, &(0x7f0000000700)={0x5, 0xfff, {0x57, 0x4, 0x29, {0x7fffffff, 0xfffffffffffffa48}, {0xe, 0x9}, @period={0x5b, 0x6, 0x1, 0x6d2, 0x5, {0xa4, 0x80, 0x10001, 0x9}, 0x6, &(0x7f00000006c0)=[0x5, 0x7, 0x80, 0x600000, 0xe00000000, 0x9]}}, {0x56, 0xffffffffffffffff, 0x10000, {0x20, 0x2}, {0x9, 0x9}, @cond=[{0x4, 0x40, 0x3, 0x9, 0x15d, 0x4}, {0x100000001, 0x8, 0xffffffffffffffca, 0x5, 0x9, 0x100}]}}) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r5, 0x800c6613, &(0x7f0000000780)={0x0, @speck128, 0x1, "e8a50509ff63170c"}) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000800)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r5, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x401}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x54, r7, 0x300, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4c41}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DEST={0x28, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000940)={0x5, 0xffff, 0x6, 0x7, 0x1}, 0x14) 12:38:24 executing program 0 (fault-call:6 fault-nth:7): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1]}) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, [0x6]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:38:24 executing program 2: r0 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000240)="c109000000002f0000021fe4ac14140de0", 0x11}], 0x1}, 0x0) 12:38:24 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 12:38:25 executing program 1: r0 = dup(0xffffffffffffffff) ioctl$SG_IO(r0, 0x2285, &(0x7f0000002600)={0x53, 0xfffffffffffffffe, 0x1000, 0x391, @scatter={0x7, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000100)=""/174, 0xae}, {&(0x7f00000001c0)}, {&(0x7f0000000200)=""/220, 0xdc}, {&(0x7f0000000300)=""/83, 0x53}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/31, 0x1f}, {&(0x7f00000013c0)=""/200, 0xc8}]}, &(0x7f0000001540)="987657594c9660b386815e01a8baa8e2073a69a45c97cd747e2fd997fa74ee9b678b99624eade9fe220ceefd0c4f882d1bcbf0343f96f0836e69c4306b9b130b6cc02c569ebcfcdfc5376e5767e420b0d4ab87091f85fc20e65690d72e6fa97a8f1a129fd5c0916dd1f8b057baadfafc7c3912bf5032ddf54837573ac4dd70d56e4a9d7585632603f45c515ac59f39a025c6f9c3d0f0b83adf9018eac9819ab07cda473cbaf5c4cff4939eb9cb1314716ed2fbb06e26c16d5405715cadc8b4af7456a03f074f7b89f8dc77909971ca0d18559e28ffaa37a6234b26a95994adb3e268931c1537bdde4d70158bb0b203872dc7f803d01048dccd3e1905cd9107caf9507232a37143051542acd83356b2c79f0886628e6829e9e0c1184c15272365cc44713062ebc5ab941f9e664e88b579c975da2cf1d63a566c4e1a440383e59071ebd9d1551cc28bb24922a5cc16db3e7be3db0f21509d29c01cf21628b8965a79916ad001d21413497900fd418421b488b6461db22f6d4305cf70078118326c637e2a46da61f927e4bd10d256da311567a09ff90767cb162c1ece60880d92d5bf8bf032f5f6f52a13ead70cf86992cec778d7602d00e99b9433ef3473c5d88a1dd019fe39ba96ed227a9d9a2cbd55829817917ed9f497d6d11bd7795a07a633784b9a6ff41f7a9bb4828d3f5bbbddbf33c14a6bc1cf9de609bda22fcf25c6925002fb8a6da1e5ac12b721414d2e47c6c6b5121f4abba96db9eec30ede2dfec9e37b7fb9b73007127c2d66e6c8ce0292f7e78c42729ac8375a2334467300b3a894fee919cf4aac48481b8ee906f4f8c2e0b23e5b16cdabc8aa1c4cebd770fb74b5d23d27a6820423ab1f1d9bd0d19a9d95e336c768ce4793432210fa712f208940221995cb9c2e904ff3cc7c5609464e3853b26adccbe56891a8ee7b6d6ae59dd693f73eb50346904e9b763645a8be6781479510b8f117db81a3c2057ca1e322e8d918ad20bf6dbb93458aa9e16dc155c32f90693117afde2579b562789d92c4cc358d16e100f78c3323759c1994a8cbf9710f6a60ac595a2bcc6d56c0f56c599a7afd0461859e9179a7766d42e39634644bb369b12e0e3ab28414ce0901ddbc1c67f51a6ec644a149317e5c7fa93b171e82a47f64efd62b5da2d6c07b7681e4fa8a04a179307815a770afe4f87688e06f8c01b92a1727798762205b7b0dbef11353e5e2cc59d2c00a56f580428a389a7d3b35cc90cf6be4e5c36b32c3f33767e2061499b22d79dcb2e1895f8326a9e9ff1a4e0b6c05f39ade6a38cf003c9ab739122407869f5697b1b34dba9149a86181b2a3188e522d07ad40b19feedb0338f8eb1896e3cd05605481a003899d566cd92ff7cadd8e02728a044d0bc214da24d3ee756bcb2b3f939c354c0c3ca9b3fa646c2f957dad1624aa0183feaaac696757eaa4046055d76c4402d965bf53c333d272da2b044b2132c469dbe9331b6eb4057d49ed23471c30b4501e418b5e8376d4ade5ce0e059c15bd21abd86325dcb363b8f1989ede8a8badeae1317b5836b4a545f6c570171781d34a9f7e09be08d8e36a166f5a10c43931a8a36d8ac3d485a72672309e75c68baecd65d3ad41531c15fdf4edfc98e1e7114baa3401c5862e4f6e4887337a65d4ffe627fd5f36ce3de7e8341d56194e3bb66c543ec4f9ff7a6a786d3bd4316701b4fd9e252b8cbe5d34bfda499b9376d926cadc81708979981c2eb280652b604883657c1232a927968ef2c5c2660b1e52665780a4150863137885585236b093d03c8ab1b97622478a8e5caae599c43d64bf2138c9a76913eaafedfb5df67731580f07085506a276ac0dea20fbea7206b4784f13bd57f47032e395e77a04d32641aa6ab297de1e2350ac62c4c6ce0692d03832bec46c0cf1d52572235144f739b6581a40a227e7b2d02fa349574b0fa8912949b8e261a0f36d2396d4c89e694a76be4577ac6f6880f0ec9d40e0f6e21710bd2d2ae47ce958729eba7c58dcd3c33e8ae80b25ab82aa81b95310c2b8ac900c44aecb2074e7173ec9e9a25f357d93d69dd7c8cf4c82eb13ce4f5b3a94a6f17258a97ee1af64273c99698b6b1907775b9d92fd9f75a8f15b9e30c865aedf07132a0dc40039db9326b1dcfe31c759a6fdbc9e2781e1afbf9d259d8ddff28c4844838a4542031e83c93c31753938c6cbeaa570c127a5aaa20bd6c784de2afcd886dab00a92f35c0e4fdc04b5fd89ece591b9c55ad5d1321944215801b2a64366c276f676ee40921987bcdbf74274e52a3cd1bc316870d67349c0ca7783a71c637db93180fff6eb1a84420ace4ea36c426dfa0433ebfdd054f9ea6d84f80fba9affc6dd86020bf3de559ed16b4fe693f8d53168068e0a589cbb2b90521a37675e70286c1a877ee13750c6af1981dacf2e6357e42cd4df7cc0fba9e058fc6ff9b7c47e4044529220089239407ff9b05b32a03fbd7d2b2203803d398d568703faef89a747c6fe65fcd640cae7b8fbe013b306f9520b243707197b0ee6fa544a16955c6910dceb7ae02a291593d86211598efc4222af71cfc17cb788167b10ccaea0f2b581f231b11e42be3a8848e9098b455ceb57c23c3c1af39c42a1c61c08a83f4be8396970dd344592c979ab37633914a34d27b0ec11881ca7e467c19106b149e95e0a86d8d284c02336bb286dfbd9747385c18786a26c97276e6305b8c1aa21babd0dc28be06e02388fd2e889cb35fc4469797464212e448ab762983a5578633107ef2d739afb2ec22d4ee29712701db68b690f416f30b166f310076590826057ad0fc68e75d3eae3927ea8f666ba707509f6edb4ba1311f4307a2175dbc76cf0cd6aa1f9147a761ff7b6e6335bc6397a71b36d7181107d8f94dbaa70a87020f8b4c5727f0b4e46e265b0452fd2ddec333332e0296e65f4f97870cd6d0902cce6a6c0035fd5f7fe152013829417440a3d84b32168daa27ae1ef03edf6c9109e6f6ab057fb18cf41a47940d28e75aea5fcea0fbb4a209dd16b3057599dc4ab7d972d926ab40b945158d959a0f957d29cef5a1f312b82749096eaba9a536ad45f4f238f537be3b1bb742b24608fa5a63bda7f18e293befab2239190858ecd32f8723be068b5f73ab60066afa40c1f80b535ee39589d490d44ee8da5d289b376eed6e80b68052c89b4f470c15faad1d2f05a5ce1fac45fcaccd5501676b8b100b937538ff9f8a89968afc69bc90808d49c9e58d4f8ac52b135a2af49d01d9bb93762e68c3bec53b861443fae5c843fd6d477dde09a52fccc49efc3bdadb52989a16b737885734976f82d39f86a7dc93ba30ca323ec2663563437a3779b858f06cdb2854bb28764b1e345c8a7ffcd097d1798c175d48e03314b508a73941da40b0b0f0cc7fb352b4bc6e7fe08b96af752a7c0badd043a75874bda6f55696da8f8c452714d51e34ac433ca1f32a4a4deaf304aa6e6cc9096d64efe15f2406937e5f22414e988c0c8048c7c9d3cc8e8c7e1d5469aeccc793d13e29a672740abbe696a143f74112b210a317baab512ce6227e9739870920b72c4b12357767a2055f38dad681e6ddb3361025ca7399f42eead4523b0c7f41a26ec2420125fd61f816c05a48e854792a7817463f091e0e28eb870c3cbf6cdaa1c041f54544613ec079f2e8286a46f0f25e6afdb6d6cb4146f9affab61602d40865a6b28a85a6e4645352b7176451d01a0d9752cee89abf74cc9803f65f2bd3498e14177207317a73e2976cb5d34f5e0dd4914b001d0a366fb903e3f42edf0699b1f443f58cb76c26dc3394e81be3cd932749d6ceef2e981b2b235490693b52b85c4a522ce0d296eb57d1e9bfafde1e45fd77bc73ee880b618dde1dc34d033a95d9a6fbdd4f6d98c93457803d905a0d80d8f6cbbf30820987d5b58c434719f939fb1a11b3644087da2c2760d02ebeb76bc2e38dd47b70520c791ce0cc54ab22cd5e68593ec2cc76c74e7208103187ceb54dded8bd0b76cf59f37a1f3dee723909fec700208c31a93597c8f59cf34fbfa33d1f99016b3f1e4bff8fa8b648168cedaf2bb00f2e424661429d1523a5a59d5d9ef0a32c47162771ae2d484456ef170b3d67b2475bea746b1842b67cca0de10edf92680267cf7577e13a153acf886f1ac2739d86eae85cdf09dfbb2b7c76039e0944d7d38c2493ffe10cfdd716de4a03066ab40e48a7779888064ba94b91a19dd690a6ecacddb32ebcc16e010cf8ce516ab27063bd20525c123ededa330055ff423816ec58d61d0df3a0533e0dd40165f596adb115d76c99042aeca128554e958d37cc14edbe8e72cd30d1cf3ce7c814d0b2c4ecf88213d05b9b5e2f64e0a7a30626223d0b4148e4d4a2dbb6dd091bafe377755b310622b5f094be068ef12459ad1681ab81b917dbb42f027c9613f6dbfe5f4500791d446d84ca662a9d25d9c30dc4e6339912613135a4c811a2e747fc2fe0f1c929a91e4e32087620a8c0099f2283a6cb556a135ff2247f75d9a4bfb140c4e7ac63969fef6ac9627f71c07abd85c03a64423c3f467ef485d13e507e7944cbcf5d8a6088e752a8145228f6f8579a59299c98f81c44209c0caad52edb3fb1ee12ae1e2741a5c6197741406af692e2a5c28d6de3901b500622fdb9499a17f3863da393c50ce93188986f11db7728afdc658cdfbde287bc68bb55dc8b1daaefef54ace77499d654b6e081ad5b3dc58c8d26a36503e391be696eab22af76714a01f361aaa41a8d3c64e06c00da89f4a6bf26b5dd4a9e087b8ce7f520783b2f73cec9e5fc198343f324ff313b5d7fc9cf8c23c080db19bd7a6596cac5cfe3282b6703b9001fe9bfa34db509a961ac95caf89dfd3fe90301b841365492d1da086622a4230d0eafab28e7b162b59947ecc0d9d652eb81d28f6f137faa960eae19d945df58b6989d81e394282b76cbae1d69e7f81673b1d22714aafc7b31400225bf5ca085870d532486e708c6b8c62daac219e07a7d939f22dfdb5446c9af75b906802cad75bac2a9eb1b21af63bcd7a35cdb69b9c837c4fde63f5faf4d6bde7d9363daae3457466a8e080206e78e28e43b86cc018aaaa35697b2b7fd7a6bac98780ce0e3d3c75005d08d43a1ab889ec8b960ee5c47b7a20e3d9f92ee3002308f8b44604c8d49d3a223582e005a6f1db8574fd3b7a48a9c5074d4f43c18f362408c84792c4294ab7558d884fbab7d62f95e4d941f0a48f4be627ef49212b511900d4043cf03629ef3967657c545c73b871ee7de25ec24ea63da2b545786bc75464c15ea4f703fef6749d53e1cc06fc1bbeecf79787b17c9d326bbb5cb12cec7ddfe5bb111cf81f0042f8acb954b3aef24a9562805ffaa6d4559066ce26b68777e7fb9c654010d7309fc325ad607346d0b7940e47ee9a501419e60ec5fffd2261c7f2c38f42a512f17a60a8188a635b378d6bd00739650ab76f69aa2d725b2bdead24e34ea28cc4079601ef3f858610e9f4e3a9a5ed773e2b00c037afceb45a0825ef70482115490e396c5feb4c9a73ae05be0d14ffa7fc1800aeeadfa9b7819fd97bbfcbb3c3e50e1075556a18756b8feddb327de20363669dec783b79b21febcfb51bf3eb314d6312342db056cacb9c84f33f62109916b0a707e7b783d70e6af45e8ddda4f7f68ed98d95c8fb4f68634c27fd66b1a99fd69cce09ff3dcb397ed12f278798854d76d20ebc55f3cbf5492d69c48f0fac293b85565ef6e77154355575d892514af55862d0a69227bb3553848460cb1d5e39ce21d7becf0d4a55e464158999", &(0x7f0000002540)=""/115, 0x1, 0x4, 0x3, &(0x7f00000025c0)}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) futex(&(0x7f0000000000)=0x2, 0x9, 0x1, &(0x7f0000000040)={0x77359400}, &(0x7f00000000c0)=0x1, 0x1) sendto$unix(r0, &(0x7f0000002680)="7428780f985226e0f515b9d436d8ff4c2b8b27dc7ff2054c455cda7de2a151f6ae810199a1dcddb3da2eeb9c2f90d5db8b0dcb9d6527712e6753c10a814ce44368f15a730ea5f880ce59578b46c458463bd7765ef94f8a3c", 0x58, 0x4000, &(0x7f0000002700)=@file={0x1, './file0\x00'}, 0x6e) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, 0x0) [ 254.920763] ================================================================== [ 254.928181] BUG: KMSAN: uninit-value in _raw_spin_lock_bh+0xea/0x130 [ 254.934673] CPU: 0 PID: 11099 Comm: syz-executor.2 Not tainted 5.0.0-rc1+ #9 [ 254.941873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.951308] Call Trace: [ 254.953914] dump_stack+0x173/0x1d0 [ 254.957559] kmsan_report+0x12e/0x2a0 [ 254.961378] __msan_warning+0x82/0xf0 [ 254.965209] _raw_spin_lock_bh+0xea/0x130 [ 254.969375] inet_frag_find+0x1223/0x24a0 [ 254.973527] ? ip4_obj_hashfn+0x430/0x430 [ 254.977679] ? ip_expire+0xbd0/0xbd0 [ 254.981379] ? ip4_key_hashfn+0x420/0x420 [ 254.985514] ? ip_expire+0xbd0/0xbd0 [ 254.989213] ? ip4_key_hashfn+0x420/0x420 [ 254.993348] ? ip_expire+0xbd0/0xbd0 [ 254.997161] ? ip4_key_hashfn+0x420/0x420 [ 255.001305] ? ip4_obj_hashfn+0x430/0x430 [ 255.005445] ip_defrag+0x47c/0x6310 [ 255.009070] ? __x64_sys_sendmsg+0x4a/0x70 [ 255.013307] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.018671] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 255.023853] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 255.029218] ipv4_conntrack_defrag+0x673/0x7d0 [ 255.033796] ? defrag4_net_exit+0xe0/0xe0 [ 255.037928] nf_hook_slow+0x176/0x3d0 [ 255.041722] __ip_local_out+0x6dc/0x800 [ 255.045688] ? __ip_local_out+0x800/0x800 [ 255.049824] ip_local_out+0xa4/0x1d0 [ 255.053532] iptunnel_xmit+0x8a7/0xde0 [ 255.057419] ip_tunnel_xmit+0x35b9/0x3980 [ 255.061577] ipgre_xmit+0x1098/0x11c0 [ 255.065375] ? ipgre_close+0x230/0x230 [ 255.069272] dev_hard_start_xmit+0x604/0xc40 [ 255.073687] __dev_queue_xmit+0x2e48/0x3b80 [ 255.078024] dev_queue_xmit+0x4b/0x60 [ 255.081811] ? __netdev_pick_tx+0x1260/0x1260 [ 255.086300] packet_sendmsg+0x79bb/0x9760 [ 255.090446] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 255.095885] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 255.101135] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 255.106543] ___sys_sendmsg+0xdb9/0x11b0 [ 255.110612] ? compat_packet_setsockopt+0x360/0x360 [ 255.115622] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 255.120804] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 255.126172] ? __fget_light+0x6e1/0x750 [ 255.130155] __se_sys_sendmsg+0x305/0x460 [ 255.134311] __x64_sys_sendmsg+0x4a/0x70 [ 255.138358] do_syscall_64+0xbc/0xf0 [ 255.142061] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.147345] RIP: 0033:0x457e29 [ 255.150529] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 255.169421] RSP: 002b:00007f061c11cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 255.177117] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29 [ 255.184372] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 255.191799] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 255.199054] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f061c11d6d4 [ 255.206312] R13: 00000000004c53f7 R14: 00000000004d9208 R15: 00000000ffffffff [ 255.213586] [ 255.215193] Uninit was created at: [ 255.218710] No stack [ 255.221012] ================================================================== [ 255.228450] Disabling lock debugging due to kernel taint [ 255.233889] Kernel panic - not syncing: panic_on_warn set ... [ 255.239766] CPU: 0 PID: 11099 Comm: syz-executor.2 Tainted: G B 5.0.0-rc1+ #9 [ 255.248331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.257672] Call Trace: [ 255.260264] dump_stack+0x173/0x1d0 [ 255.263886] panic+0x3d1/0xb01 [ 255.267099] kmsan_report+0x293/0x2a0 [ 255.270909] __msan_warning+0x82/0xf0 [ 255.274704] _raw_spin_lock_bh+0xea/0x130 [ 255.278845] inet_frag_find+0x1223/0x24a0 [ 255.282988] ? ip4_obj_hashfn+0x430/0x430 [ 255.287158] ? ip_expire+0xbd0/0xbd0 [ 255.290868] ? ip4_key_hashfn+0x420/0x420 [ 255.295002] ? ip_expire+0xbd0/0xbd0 [ 255.298703] ? ip4_key_hashfn+0x420/0x420 [ 255.302841] ? ip_expire+0xbd0/0xbd0 [ 255.306540] ? ip4_key_hashfn+0x420/0x420 [ 255.310675] ? ip4_obj_hashfn+0x430/0x430 [ 255.314811] ip_defrag+0x47c/0x6310 [ 255.318431] ? __x64_sys_sendmsg+0x4a/0x70 [ 255.322654] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.328025] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 255.333200] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 255.338569] ipv4_conntrack_defrag+0x673/0x7d0 [ 255.343142] ? defrag4_net_exit+0xe0/0xe0 [ 255.347301] nf_hook_slow+0x176/0x3d0 [ 255.351106] __ip_local_out+0x6dc/0x800 [ 255.355075] ? __ip_local_out+0x800/0x800 [ 255.359248] ip_local_out+0xa4/0x1d0 [ 255.362958] iptunnel_xmit+0x8a7/0xde0 [ 255.366865] ip_tunnel_xmit+0x35b9/0x3980 [ 255.371023] ipgre_xmit+0x1098/0x11c0 [ 255.374818] ? ipgre_close+0x230/0x230 [ 255.378697] dev_hard_start_xmit+0x604/0xc40 [ 255.383114] __dev_queue_xmit+0x2e48/0x3b80 [ 255.387447] dev_queue_xmit+0x4b/0x60 [ 255.391238] ? __netdev_pick_tx+0x1260/0x1260 [ 255.395728] packet_sendmsg+0x79bb/0x9760 [ 255.399888] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 255.405335] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 255.410608] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 255.415992] ___sys_sendmsg+0xdb9/0x11b0 [ 255.420057] ? compat_packet_setsockopt+0x360/0x360 [ 255.425071] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 255.430253] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 255.435607] ? __fget_light+0x6e1/0x750 [ 255.439579] __se_sys_sendmsg+0x305/0x460 [ 255.443735] __x64_sys_sendmsg+0x4a/0x70 [ 255.447787] do_syscall_64+0xbc/0xf0 [ 255.451498] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 255.456762] RIP: 0033:0x457e29 [ 255.459945] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 255.478834] RSP: 002b:00007f061c11cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 255.486529] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29 [ 255.493785] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 255.501043] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 255.508329] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f061c11d6d4 [ 255.515585] R13: 00000000004c53f7 R14: 00000000004d9208 R15: 00000000ffffffff [ 255.524030] Kernel Offset: disabled [ 255.527652] Rebooting in 86400 seconds..