Warning: Permanently added '10.128.0.9' (ECDSA) to the list of known hosts. 2019/02/20 12:25:13 fuzzer started 2019/02/20 12:25:16 dialing manager at 10.128.0.26:33245 2019/02/20 12:25:16 syscalls: 1 2019/02/20 12:25:16 code coverage: enabled 2019/02/20 12:25:16 comparison tracing: enabled 2019/02/20 12:25:16 extra coverage: extra coverage is not supported by the kernel 2019/02/20 12:25:16 setuid sandbox: enabled 2019/02/20 12:25:16 namespace sandbox: enabled 2019/02/20 12:25:16 Android sandbox: /sys/fs/selinux/policy does not exist 2019/02/20 12:25:16 fault injection: enabled 2019/02/20 12:25:16 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/02/20 12:25:16 net packet injection: enabled 2019/02/20 12:25:16 net device setup: enabled 12:27:52 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000140)=""/11, 0xdd) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) clone(0x3502001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = dup(r0) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, 0x0) [ 209.686239][ T7782] IPVS: ftp: loaded support on port[0] = 21 12:27:52 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="8500000007000000ffff0000000000009500000100000000"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) [ 209.793838][ T7782] chnl_net:caif_netlink_parms(): no params data found [ 209.883772][ T7782] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.891399][ T7782] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.899696][ T7782] device bridge_slave_0 entered promiscuous mode [ 209.923611][ T7782] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.930734][ T7782] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.952261][ T7782] device bridge_slave_1 entered promiscuous mode [ 209.978226][ T7782] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 209.990136][ T7782] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 210.005036][ T7785] IPVS: ftp: loaded support on port[0] = 21 12:27:53 executing program 2: r0 = memfd_create(&(0x7f0000000100)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3\\\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0) write(r0, &(0x7f0000000040)="0600", 0x2) write$FUSE_NOTIFY_STORE(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="40000000000025000400000005007c000000000000"], 0x15) sendfile(r0, r0, &(0x7f0000001000), 0xffff) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0), 0x10) [ 210.037116][ T7782] team0: Port device team_slave_0 added [ 210.053698][ T7782] team0: Port device team_slave_1 added [ 210.144727][ T7782] device hsr_slave_0 entered promiscuous mode 12:27:53 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) timerfd_create(0x4, 0x0) [ 210.201607][ T7782] device hsr_slave_1 entered promiscuous mode [ 210.286272][ T7787] IPVS: ftp: loaded support on port[0] = 21 [ 210.314148][ T7782] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.321395][ T7782] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.329223][ T7782] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.336352][ T7782] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.450863][ T7790] IPVS: ftp: loaded support on port[0] = 21 [ 210.476329][ T7785] chnl_net:caif_netlink_parms(): no params data found [ 210.533791][ T7782] 8021q: adding VLAN 0 to HW filter on device bond0 12:27:53 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="390000001300037469004c0000000000ab0080e72a000000460025d70300001419000a0010000000000003f500000002000087ce54b3c532da", 0x39}], 0x1) [ 210.595278][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 210.619689][ T22] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.640004][ T22] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.652691][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 210.684117][ T7782] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.691019][ T7785] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.698401][ T7785] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.709061][ T7785] device bridge_slave_0 entered promiscuous mode [ 210.719302][ T7785] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.728500][ T7785] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.729376][ T7794] IPVS: ftp: loaded support on port[0] = 21 [ 210.746183][ T7785] device bridge_slave_1 entered promiscuous mode [ 210.830106][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 210.839236][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.846344][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.856324][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 210.864969][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.872062][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state 12:27:54 executing program 5: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x158, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000180)) [ 210.906583][ T7785] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 210.915513][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 210.924685][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 210.934792][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 210.945948][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 210.955341][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 210.964125][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 210.989067][ T7782] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 211.000277][ T7782] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 211.019788][ T7785] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 211.029652][ T7787] chnl_net:caif_netlink_parms(): no params data found [ 211.047556][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 211.056110][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 211.064513][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 211.072950][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 211.081146][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 211.100133][ T7797] IPVS: ftp: loaded support on port[0] = 21 [ 211.131109][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 211.143797][ T7785] team0: Port device team_slave_0 added [ 211.182342][ T7782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 211.193953][ T7785] team0: Port device team_slave_1 added [ 211.227614][ T7787] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.235265][ T7787] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.243071][ T7787] device bridge_slave_0 entered promiscuous mode [ 211.250569][ T7787] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.257753][ T7787] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.265771][ T7787] device bridge_slave_1 entered promiscuous mode [ 211.283404][ T7790] chnl_net:caif_netlink_parms(): no params data found [ 211.345383][ T7787] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 211.423323][ T7785] device hsr_slave_0 entered promiscuous mode [ 211.461983][ T7785] device hsr_slave_1 entered promiscuous mode [ 211.503099][ T7787] bond0: Enslaving bond_slave_1 as an active interface with an up link 12:27:54 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132109) connect$unix(r1, &(0x7f0000000200)=@abs, 0x6e) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000300)="660f71e50064ff0941c3c4e2c997584266420fe2e33e0f1110c442019dcc8ed31919") connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) connect$unix(r1, 0x0, 0x0) [ 211.594656][ T7787] team0: Port device team_slave_0 added [ 211.603629][ T7790] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.611400][ T7790] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.622953][ T7790] device bridge_slave_0 entered promiscuous mode [ 211.675334][ T7787] team0: Port device team_slave_1 added [ 211.690280][ T7790] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.700162][ T7790] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.715541][ T7790] device bridge_slave_1 entered promiscuous mode 12:27:54 executing program 0: setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) ioctl$TCSETS(r0, 0x5402, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) shutdown(r1, 0x400000000000001) [ 211.814456][ T7787] device hsr_slave_0 entered promiscuous mode [ 211.871752][ T7787] device hsr_slave_1 entered promiscuous mode [ 211.899575][ C0] hrtimer: interrupt took 27162 ns [ 211.899878][ T7794] chnl_net:caif_netlink_parms(): no params data found 12:27:55 executing program 0: setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) ioctl$TCSETS(r0, 0x5402, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) shutdown(r1, 0x400000000000001) [ 211.919822][ T7790] bond0: Enslaving bond_slave_0 as an active interface with an up link 12:27:55 executing program 0: setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) ioctl$TCSETS(r0, 0x5402, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) shutdown(r1, 0x400000000000001) 12:27:55 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000180)='./file0\x00', 0x0) lseek(r1, 0x0, 0x0) [ 212.027851][ T7790] bond0: Enslaving bond_slave_1 as an active interface with an up link 12:27:55 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r1 = dup(0xffffffffffffffff) write$P9_RREAD(0xffffffffffffffff, 0x0, 0x0) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0xfffffffffffffffd) capget(&(0x7f0000000100), 0x0) setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0) fsetxattr$security_ima(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) mount$9p_xen(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x40a4) setsockopt$IP_VS_SO_SET_EDIT(r1, 0x0, 0x483, 0x0, 0x21d) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) syz_open_procfs$namespace(0x0, 0x0) tkill(r2, 0x1000000000016) [ 212.137496][ T7797] chnl_net:caif_netlink_parms(): no params data found 12:27:55 executing program 0: ioctl$EVIOCGVERSION(0xffffffffffffffff, 0x80044501, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 212.194681][ T7790] team0: Port device team_slave_0 added [ 212.205436][ T7785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.260954][ T2987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 212.293220][ T2987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 212.303644][ T7785] 8021q: adding VLAN 0 to HW filter on device team0 [ 212.312058][ T7790] team0: Port device team_slave_1 added [ 212.329274][ T7794] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.337738][ T7794] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.347932][ T7794] device bridge_slave_0 entered promiscuous mode [ 212.387379][ T7787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.405025][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 212.414355][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 212.423669][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.430733][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.438547][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 212.447495][ T7797] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.454671][ T7797] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.462839][ T7797] device bridge_slave_0 entered promiscuous mode [ 212.470073][ T7794] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.480262][ T7794] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.488161][ T7794] device bridge_slave_1 entered promiscuous mode [ 212.534392][ T7790] device hsr_slave_0 entered promiscuous mode [ 212.571857][ T7790] device hsr_slave_1 entered promiscuous mode [ 212.614482][ T7797] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.622751][ T7797] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.630389][ T7797] device bridge_slave_1 entered promiscuous mode [ 212.648526][ T7794] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 212.660650][ T7794] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 212.670447][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 212.679323][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 212.687849][ T7791] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.694911][ T7791] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.703261][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 212.710842][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 212.730428][ T7787] 8021q: adding VLAN 0 to HW filter on device team0 [ 212.752618][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 212.761001][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 212.770399][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 212.779086][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 212.789646][ T7797] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 212.808667][ T7794] team0: Port device team_slave_0 added [ 212.816914][ T7794] team0: Port device team_slave_1 added [ 212.823946][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 212.832761][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 212.841391][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 212.849632][ T7791] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.856718][ T7791] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.865117][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 212.873674][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 212.882232][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 212.892139][ T7797] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 212.974724][ T7794] device hsr_slave_0 entered promiscuous mode [ 213.031676][ T7794] device hsr_slave_1 entered promiscuous mode [ 213.072504][ T7797] team0: Port device team_slave_0 added [ 213.079884][ T7797] team0: Port device team_slave_1 added [ 213.088641][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 213.097159][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 213.116743][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 213.126744][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 213.135006][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 213.143841][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 213.152190][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.159222][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.167899][ T7785] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 213.234365][ T7797] device hsr_slave_0 entered promiscuous mode [ 213.292528][ T7797] device hsr_slave_1 entered promiscuous mode [ 213.371108][ T7785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 213.379011][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 213.388714][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 213.397458][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 213.406328][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 213.414886][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 213.423514][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 213.454537][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 213.462822][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 213.470958][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 213.480053][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 213.488268][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 213.499631][ T7787] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 12:27:56 executing program 1: socket$inet(0x2, 0x0, 0x6) ioctl$EVIOCGVERSION(0xffffffffffffffff, 0x80044501, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 213.586712][ T7790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.616094][ T7790] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.643399][ T7787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 213.652718][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 213.666960][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 213.687096][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 213.700186][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 213.709133][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.716231][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.725220][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 213.752032][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 213.764323][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 213.792047][ T7791] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.799142][ T7791] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.815807][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 213.824661][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 213.838832][ T7797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.860742][ T7794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.899466][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 213.910560][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 213.936045][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 213.954255][ T3480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 213.980074][ T7797] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.002466][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 214.011880][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 214.026450][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 214.040133][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 12:27:57 executing program 2: [ 214.079643][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 214.091116][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 214.104066][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 214.114556][ T7790] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 214.145076][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 214.162040][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 214.170401][ T7791] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.177524][ T7791] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.193445][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 214.205489][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 214.213874][ T7791] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.220905][ T7791] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.228651][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 214.247854][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 214.255690][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 214.266538][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 214.287044][ T7794] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.295473][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 214.304580][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 214.313033][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 214.321288][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 214.329606][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 214.338257][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 214.363049][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 214.377475][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 214.386096][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 214.400360][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 214.408671][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 214.420047][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 214.428818][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.435922][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.443953][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 214.452544][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 214.460730][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.467804][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.482483][ T7790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 214.490258][ T7797] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 214.501700][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 214.509589][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 214.518343][ T7791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 214.574022][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 214.590912][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 12:27:57 executing program 3: [ 214.616820][ T7797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 214.625437][ T2987] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 214.640556][ T2987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 214.670372][ T2987] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 214.678958][ T2987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 214.687953][ T2987] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 214.696086][ T2987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 214.704214][ T2987] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 214.714530][ T7794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 214.740634][ T7794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 214.839921][ T7872] netlink: 'syz-executor.4': attribute type 10 has an invalid length. 12:27:58 executing program 4: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000d65000)={0x0}, 0x0) 12:27:58 executing program 0: ioctl$EVIOCGVERSION(0xffffffffffffffff, 0x80044501, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 12:27:58 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0af51f023c123f3188a070") getsockopt(r0, 0x1, 0x2, &(0x7f0000001180)=""/98, &(0x7f0000001200)=0x62) 12:27:58 executing program 2: 12:27:58 executing program 3: 12:27:58 executing program 5: [ 215.073707][ T7872] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 215.100530][ T7872] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 215.108974][ T7872] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). 12:27:58 executing program 3: 12:27:58 executing program 5: 12:27:58 executing program 2: 12:27:58 executing program 1: 12:27:58 executing program 5: 12:27:58 executing program 2: 12:27:58 executing program 4: 12:27:58 executing program 3: 12:27:58 executing program 0: 12:27:58 executing program 1: 12:27:58 executing program 2: 12:27:58 executing program 5: 12:27:58 executing program 1: timerfd_create(0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13c}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 12:27:58 executing program 3: 12:27:58 executing program 4: 12:27:58 executing program 5: 12:27:58 executing program 0: 12:27:58 executing program 4: 12:27:58 executing program 3: seccomp(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffffffffffffc}]}) accept$alg(0xffffffffffffffff, 0x0, 0x0) 12:27:58 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semget(0x3, 0x0, 0x0) 12:27:58 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_MCE_KILL(0x21, 0x1, 0x0) 12:27:59 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) 12:27:59 executing program 0: 12:27:59 executing program 4: 12:27:59 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000002c0)={&(0x7f0000000040), 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x80) [ 215.912681][ T7933] BUG: assuming atomic context at kernel/seccomp.c:271 12:27:59 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getegid() [ 215.974660][ T7933] in_atomic(): 0, irqs_disabled(): 0, pid: 7933, name: syz-executor.3 [ 216.006980][ T7933] no locks held by syz-executor.3/7933. [ 216.026223][ T7933] CPU: 0 PID: 7933 Comm: syz-executor.3 Not tainted 5.0.0-rc7-next-20190220 #39 [ 216.035260][ T7933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 216.045308][ T7933] Call Trace: [ 216.048605][ T7933] dump_stack+0x172/0x1f0 [ 216.048636][ T7933] __cant_sleep.cold+0xa3/0xbb [ 216.048653][ T7933] __seccomp_filter+0x12b/0x12b0 [ 216.048670][ T7933] ? seccomp_notify_release+0x280/0x280 [ 216.048685][ T7933] ? kasan_check_write+0x14/0x20 [ 216.048701][ T7933] ? _raw_spin_unlock_irq+0x28/0x90 [ 216.048712][ T7933] ? do_seccomp+0xa5a/0x2250 [ 216.057892][ T7933] ? _raw_spin_unlock_irq+0x28/0x90 [ 216.057911][ T7933] ? lockdep_hardirqs_on+0x418/0x5d0 [ 216.057934][ T7933] ? trace_hardirqs_on+0x67/0x230 [ 216.098601][ T7933] ? kasan_check_read+0x11/0x20 [ 216.103471][ T7933] ? _raw_spin_unlock_irq+0x5e/0x90 [ 216.108675][ T7933] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 216.114916][ T7933] ? do_seccomp+0x389/0x2250 [ 216.119516][ T7933] __secure_computing+0x101/0x360 12:27:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000000c0)) [ 216.122509][ T7953] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 216.124552][ T7933] syscall_trace_enter+0x5bf/0xe10 [ 216.124575][ T7933] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 216.124605][ T7933] ? lockdep_hardirqs_on+0x418/0x5d0 [ 216.156368][ T7933] ? trace_hardirqs_on+0x67/0x230 [ 216.161430][ T7933] do_syscall_64+0x479/0x610 [ 216.166036][ T7933] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 216.171925][ T7933] RIP: 0033:0x45ac8a [ 216.175818][ T7933] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 216.195453][ T7933] RSP: 002b:00007fd464624c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 216.203862][ T7933] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a [ 216.211828][ T7933] RDX: 000000000001b33d RSI: 00007fd464624c60 RDI: 0000000000000001 12:27:59 executing program 0: creat(&(0x7f0000000380)='./control\x00', 0x0) chmod(&(0x7f00000000c0)='./control\x00', 0x9c32f69e6caa24eb) lstat(&(0x7f0000000000)='./control\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) chown(&(0x7f0000000080)='./control\x00', 0x0, r0) 12:27:59 executing program 2: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhci\x00', 0x0) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:27:59 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semget(0x0, 0x0, 0x0) [ 216.219792][ T7933] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 216.227759][ T7933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.235725][ T7933] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff [ 216.351641][ T26] audit: type=1326 audit(1550665679.479:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7932 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 12:27:59 executing program 3: seccomp(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{}]}) 12:27:59 executing program 2: seccomp(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffffffffffffc}]}) getpgid(0xffffffffffffffff) 12:27:59 executing program 1: seccomp(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffffffffffffc}]}) open(&(0x7f0000000000)='./bus\x00', 0x141046, 0x0) utimes(&(0x7f0000000040)='./bus\x00', 0x0) 12:27:59 executing program 0: semget(0x3, 0x7, 0x0) 12:27:59 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_THP_DISABLE(0x29, 0x0) 12:27:59 executing program 4: request_key(&(0x7f0000000280)='logon\x00', &(0x7f00000002c0)={'syz'}, 0x0, 0xfffffffffffffffc) [ 216.650829][ T26] audit: type=1326 audit(1550665679.769:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7932 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 [ 216.731640][ T26] audit: type=1326 audit(1550665679.859:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7974 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 12:27:59 executing program 0: syz_emit_ethernet(0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="aaa2aaaaaaaaaaaaaaaaaabb86dd60b4090000303aff80000000000000000000ffffe0000002ff020000000000000000000000000001870090780009040060b680fa0000000000000000000000000303ffffffffffff00000000000000000000ffffac14ffbb"], 0x0) 12:27:59 executing program 4: r0 = open(&(0x7f0000000040)='./bus\x00', 0x1000000000141042, 0x0) r1 = creat(&(0x7f0000000240)='./file1\x00', 0x0) creat(0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1}) 12:27:59 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) fsetxattr$trusted_overlay_opaque(r0, 0x0, 0x0, 0x0, 0x0) [ 216.817080][ T26] audit: type=1326 audit(1550665679.939:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7975 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 12:28:00 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) fchmod(r0, 0x0) 12:28:00 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) membarrier(0x0, 0x0) 12:28:00 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ffc000/0x1000)=nil) 12:28:00 executing program 4: seccomp(0x1, 0x0, 0x0) futimesat(0xffffffffffffffff, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)) [ 217.531391][ T7987] BUG: assuming atomic context at kernel/seccomp.c:271 [ 217.538294][ T7987] in_atomic(): 0, irqs_disabled(): 0, pid: 7987, name: syz-executor.2 [ 217.547123][ T26] audit: type=1326 audit(1550665680.679:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7975 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 [ 217.569568][ T7987] no locks held by syz-executor.2/7987. [ 217.575459][ T7987] CPU: 0 PID: 7987 Comm: syz-executor.2 Tainted: G W 5.0.0-rc7-next-20190220 #39 [ 217.585864][ T7987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 217.596116][ T7987] Call Trace: [ 217.599402][ T7987] dump_stack+0x172/0x1f0 [ 217.603731][ T7987] __cant_sleep.cold+0xa3/0xbb [ 217.608479][ T7987] __seccomp_filter+0x12b/0x12b0 [ 217.613424][ T7987] ? seccomp_notify_release+0x280/0x280 [ 217.618973][ T7987] ? kasan_check_write+0x14/0x20 [ 217.623893][ T7987] ? _raw_spin_unlock_irq+0x28/0x90 [ 217.629085][ T7987] ? do_seccomp+0xa5a/0x2250 [ 217.633664][ T7987] ? _raw_spin_unlock_irq+0x28/0x90 [ 217.638863][ T7987] ? lockdep_hardirqs_on+0x418/0x5d0 [ 217.644145][ T7987] ? trace_hardirqs_on+0x67/0x230 [ 217.649152][ T7987] ? kasan_check_read+0x11/0x20 [ 217.653999][ T7987] ? _raw_spin_unlock_irq+0x5e/0x90 [ 217.659222][ T7987] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 217.665454][ T7987] ? do_seccomp+0x389/0x2250 [ 217.670040][ T7987] __secure_computing+0x101/0x360 [ 217.675069][ T7987] syscall_trace_enter+0x5bf/0xe10 [ 217.680177][ T7987] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 217.686403][ T7987] ? lockdep_hardirqs_on+0x418/0x5d0 [ 217.691695][ T7987] ? trace_hardirqs_on+0x67/0x230 [ 217.696723][ T7987] do_syscall_64+0x479/0x610 [ 217.701387][ T7987] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 217.707287][ T7987] RIP: 0033:0x45ac8a [ 217.711165][ T7987] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 217.730761][ T7987] RSP: 002b:00007fca6ca18c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 217.739157][ T7987] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a [ 217.747123][ T7987] RDX: 0000000000006371 RSI: 00007fca6ca18c60 RDI: 0000000000000001 [ 217.755080][ T7987] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 217.763040][ T7987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.770989][ T7987] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff 12:28:00 executing program 2: msgctl$IPC_SET(0x0, 0x1, &(0x7f00000014c0)) msgsnd(0x0, &(0x7f00000007c0)=ANY=[@ANYRESDEC], 0x1, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000440)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x645}) [ 217.782262][ T26] audit: type=1326 audit(1550665680.909:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7974 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 12:28:00 executing program 1: seccomp(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffffffffffffc}]}) recvmsg(0xffffffffffffffff, 0x0, 0x0) 12:28:00 executing program 5: msgctl$IPC_SET(0x0, 0x1, &(0x7f00000014c0)) msgsnd(0x0, &(0x7f00000007c0)=ANY=[@ANYRESDEC], 0x1, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000440)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x645}) 12:28:00 executing program 3: futex(0x0, 0x90, 0x0, 0x0, 0x0, 0x0) 12:28:00 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) 12:28:00 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:01 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:01 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) 12:28:01 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil) 12:28:01 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ppoll(&(0x7f0000000040)=[{r0, 0x4}, {r0, 0x4001}, {r0}], 0x3, 0x0, 0x0, 0x0) 12:28:01 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) [ 217.925441][ T26] audit: type=1326 audit(1550665681.049:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8036 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 12:28:01 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:01 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) [ 218.712815][ T8044] BUG: assuming atomic context at kernel/seccomp.c:271 [ 218.719738][ T8044] in_atomic(): 0, irqs_disabled(): 0, pid: 8044, name: syz-executor.1 [ 218.728745][ T8044] no locks held by syz-executor.1/8044. [ 218.734448][ T8044] CPU: 0 PID: 8044 Comm: syz-executor.1 Tainted: G W 5.0.0-rc7-next-20190220 #39 [ 218.744971][ T8044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 218.755003][ T8044] Call Trace: [ 218.758279][ T8044] dump_stack+0x172/0x1f0 [ 218.762695][ T8044] __cant_sleep.cold+0xa3/0xbb [ 218.767459][ T8044] __seccomp_filter+0x12b/0x12b0 [ 218.772398][ T8044] ? seccomp_notify_release+0x280/0x280 [ 218.777954][ T8044] ? kasan_check_write+0x14/0x20 [ 218.782885][ T8044] ? _raw_spin_unlock_irq+0x28/0x90 [ 218.788071][ T8044] ? do_seccomp+0xa5a/0x2250 [ 218.792649][ T8044] ? _raw_spin_unlock_irq+0x28/0x90 [ 218.797841][ T8044] ? lockdep_hardirqs_on+0x418/0x5d0 [ 218.803117][ T8044] ? trace_hardirqs_on+0x67/0x230 [ 218.808144][ T8044] ? kasan_check_read+0x11/0x20 [ 218.812995][ T8044] ? _raw_spin_unlock_irq+0x5e/0x90 [ 218.818187][ T8044] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 218.824435][ T8044] ? do_seccomp+0x389/0x2250 [ 218.829023][ T8044] __secure_computing+0x101/0x360 [ 218.834040][ T8044] syscall_trace_enter+0x5bf/0xe10 [ 218.839231][ T8044] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 218.845460][ T8044] ? lockdep_hardirqs_on+0x418/0x5d0 [ 218.850738][ T8044] ? trace_hardirqs_on+0x67/0x230 [ 218.855793][ T8044] do_syscall_64+0x479/0x610 [ 218.860373][ T8044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 218.866243][ T8044] RIP: 0033:0x45ac8a [ 218.870206][ T8044] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 218.889787][ T8044] RSP: 002b:00007f0c38d71c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 218.898176][ T8044] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a 12:28:02 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgget$private(0x0, 0x0) 12:28:02 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x8000000000000004) writev(r0, &(0x7f00007af000)=[{&(0x7f0000000080)="480000001400190a20ffff7f0000000002113b850e1de0974881000000fe58a2bc4a03049164643e89000200de213ee23ffbf510040041feff5aff2b000000000000070000000000", 0x48}], 0x1) 12:28:02 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semget$private(0x0, 0x1, 0x120) chroot(&(0x7f0000000000)='./file0\x00') semget(0x1, 0x3, 0x12) semget$private(0x0, 0x3, 0x24c) r1 = semget(0x3, 0x1, 0x200) semctl$GETPID(r1, 0x0, 0xb, 0x0) 12:28:02 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semget$private(0x0, 0x0, 0x0) 12:28:02 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:02 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) [ 218.906124][ T8044] RDX: 00000000000067f9 RSI: 00007f0c38d71c60 RDI: 0000000000000001 [ 218.914079][ T8044] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 218.922053][ T8044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 218.930018][ T8044] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff [ 218.940034][ T26] audit: type=1326 audit(1550665682.059:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8036 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 12:28:02 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x8000000003) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:02 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:02 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:02 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$int_in(r1, 0x400008b2b, &(0x7f0000000040)) 12:28:02 executing program 5: seccomp(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffffffffffffc}]}) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141046, 0x0) fchmod(r0, 0x0) 12:28:02 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000280)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x1000)=nil, 0x0}, 0x68) 12:28:02 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:02 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:02 executing program 1: seccomp(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffffffffffffc}]}) eventfd(0x0) [ 219.211389][ T26] audit: type=1326 audit(1550665682.329:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8107 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 12:28:02 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x8000000003) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:02 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) [ 219.316292][ T26] audit: type=1326 audit(1550665682.439:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8121 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45ac8a code=0xffff0000 12:28:02 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:02 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:02 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:02 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x8000000003) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:02 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) [ 220.009869][ T8119] BUG: assuming atomic context at kernel/seccomp.c:271 [ 220.016897][ T8119] in_atomic(): 0, irqs_disabled(): 0, pid: 8119, name: syz-executor.5 [ 220.026569][ T8119] no locks held by syz-executor.5/8119. [ 220.032417][ T8119] CPU: 1 PID: 8119 Comm: syz-executor.5 Tainted: G W 5.0.0-rc7-next-20190220 #39 [ 220.042824][ T8119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 220.052856][ T8119] Call Trace: [ 220.056133][ T8119] dump_stack+0x172/0x1f0 [ 220.060456][ T8119] __cant_sleep.cold+0xa3/0xbb [ 220.065204][ T8119] __seccomp_filter+0x12b/0x12b0 [ 220.070133][ T8119] ? seccomp_notify_release+0x280/0x280 [ 220.075665][ T8119] ? kasan_check_write+0x14/0x20 [ 220.080588][ T8119] ? _raw_spin_unlock_irq+0x28/0x90 [ 220.085806][ T8119] ? do_seccomp+0xa5a/0x2250 [ 220.090376][ T8119] ? _raw_spin_unlock_irq+0x28/0x90 [ 220.095557][ T8119] ? lockdep_hardirqs_on+0x418/0x5d0 [ 220.100836][ T8119] ? trace_hardirqs_on+0x67/0x230 [ 220.105855][ T8119] ? kasan_check_read+0x11/0x20 [ 220.110695][ T8119] ? _raw_spin_unlock_irq+0x5e/0x90 [ 220.115886][ T8119] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 220.122118][ T8119] ? do_seccomp+0x389/0x2250 [ 220.126796][ T8119] __secure_computing+0x101/0x360 [ 220.131821][ T8119] syscall_trace_enter+0x5bf/0xe10 [ 220.136939][ T8119] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 220.143185][ T8119] ? lockdep_hardirqs_on+0x418/0x5d0 [ 220.148469][ T8119] ? trace_hardirqs_on+0x67/0x230 [ 220.153496][ T8119] do_syscall_64+0x479/0x610 [ 220.158088][ T8119] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 220.164069][ T8119] RIP: 0033:0x45ac8a [ 220.167963][ T8119] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 220.187566][ T8119] RSP: 002b:00007f0073c54c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 220.195974][ T8119] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a 12:28:03 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x8000000003) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:03 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:03 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:03 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:03 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 12:28:03 executing program 1: seccomp(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xfffffffffffffffc}]}) setreuid(0x0, 0x0) [ 220.203947][ T8119] RDX: 000000000000609b RSI: 00007f0073c54c60 RDI: 0000000000000001 [ 220.211911][ T8119] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 220.219883][ T8119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 220.227852][ T8119] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff 12:28:03 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:03 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:03 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:03 executing program 3: vmsplice(0xffffffffffffffff, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:03 executing program 5: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) request_key(&(0x7f0000000280)='logon\x00', &(0x7f00000002c0)={'syz'}, 0x0, 0xfffffffffffffffc) 12:28:03 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:03 executing program 3: vmsplice(0xffffffffffffffff, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:03 executing program 5: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/dsp\x00', 0x0, 0x0) readv(r0, &(0x7f0000000280)=[{&(0x7f0000001400)=""/4096, 0x1000}], 0x1) read(r0, &(0x7f0000000480)=""/166, 0xa6) syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x208000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4040}, 0x20000000) readv(r0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/76, 0x4c}, {&(0x7f0000002400)=""/4096, 0x1000}], 0x2) ioctl$int_in(r0, 0x80000000005000, 0x0) 12:28:03 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:03 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:03 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) [ 221.125820][ T8172] BUG: assuming atomic context at kernel/seccomp.c:271 [ 221.132804][ T8172] in_atomic(): 0, irqs_disabled(): 0, pid: 8172, name: syz-executor.1 [ 221.140952][ T8172] no locks held by syz-executor.1/8172. [ 221.147295][ T8172] CPU: 1 PID: 8172 Comm: syz-executor.1 Tainted: G W 5.0.0-rc7-next-20190220 #39 [ 221.157699][ T8172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 221.167734][ T8172] Call Trace: [ 221.171020][ T8172] dump_stack+0x172/0x1f0 [ 221.175394][ T8172] __cant_sleep.cold+0xa3/0xbb [ 221.180154][ T8172] __seccomp_filter+0x12b/0x12b0 [ 221.185076][ T8172] ? seccomp_notify_release+0x280/0x280 [ 221.190671][ T8172] ? kasan_check_write+0x14/0x20 [ 221.195591][ T8172] ? _raw_spin_unlock_irq+0x28/0x90 [ 221.200768][ T8172] ? do_seccomp+0xa5a/0x2250 [ 221.205338][ T8172] ? _raw_spin_unlock_irq+0x28/0x90 [ 221.210531][ T8172] ? lockdep_hardirqs_on+0x418/0x5d0 [ 221.215821][ T8172] ? trace_hardirqs_on+0x67/0x230 [ 221.220876][ T8172] ? kasan_check_read+0x11/0x20 [ 221.225718][ T8172] ? _raw_spin_unlock_irq+0x5e/0x90 [ 221.230909][ T8172] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 221.237130][ T8172] ? do_seccomp+0x389/0x2250 [ 221.241715][ T8172] __secure_computing+0x101/0x360 [ 221.246736][ T8172] syscall_trace_enter+0x5bf/0xe10 [ 221.251833][ T8172] ? trace_event_raw_event_sys_exit+0x290/0x290 [ 221.258055][ T8172] ? lockdep_hardirqs_on+0x418/0x5d0 [ 221.263324][ T8172] ? trace_hardirqs_on+0x67/0x230 [ 221.268330][ T8172] do_syscall_64+0x479/0x610 [ 221.272908][ T8172] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 221.278800][ T8172] RIP: 0033:0x45ac8a [ 221.282676][ T8172] Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df ba 5f 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7 [ 221.302257][ T8172] RSP: 002b:00007f0c38d71c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4 [ 221.310656][ T8172] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac8a [ 221.318606][ T8172] RDX: 0000000000007858 RSI: 00007f0c38d71c60 RDI: 0000000000000001 12:28:04 executing program 1: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x18}, 0xc) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) r1 = socket$kcm(0xa, 0x40122000000003, 0x11) setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000001c0), 0x4) sendmsg$kcm(r1, &(0x7f0000003840)={&(0x7f0000000040)=@un=@abs={0xfc000000, 0x0, 0x500}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000100)="f4001100002b2c25e994efd1000000000009110000000000003a00000000f68ab928abffb7a8d4f32ebdbed828847bbaeb", 0x31}], 0x1}, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280)='/dev/net/tun\x00', 0x80402, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0}, 0x20) unlink(&(0x7f0000000200)='./file0\x00') setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0) ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x6}, 0x48) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={0xffffffffffffffff, 0x0}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, &(0x7f0000000380)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;<\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xc6\x0f\xd7\x14\x0f\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4N') 12:28:04 executing program 3: vmsplice(0xffffffffffffffff, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:04 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:04 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:04 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) [ 221.326565][ T8172] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 221.334520][ T8172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.342487][ T8172] R13: 00000000004c4cd5 R14: 00000000004d8890 R15: 00000000ffffffff 12:28:04 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, 0x0, 0x8000000003) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:04 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:04 executing program 2: ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) 12:28:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000100)={0x79, 0x0, [0x212]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001940)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd957e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c341a35eb0f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114380b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2dee1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093f04000000663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c46600"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, 0x0) 12:28:04 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:04 executing program 2: ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) 12:28:04 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, 0x0, 0x8000000003) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:04 executing program 1: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x18}, 0xc) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) r1 = socket$kcm(0xa, 0x40122000000003, 0x11) setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000001c0), 0x4) sendmsg$kcm(r1, &(0x7f0000003840)={&(0x7f0000000040)=@un=@abs={0xfc000000, 0x0, 0x500}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000100)="f4001100002b2c25e994efd1000000000009110000000000003a00000000f68ab928abffb7a8d4f32ebdbed828847bbaeb", 0x31}], 0x1}, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280)='/dev/net/tun\x00', 0x80402, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0}, 0x20) unlink(&(0x7f0000000200)='./file0\x00') setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0) ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x6}, 0x48) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={0xffffffffffffffff, 0x0}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, &(0x7f0000000380)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;<\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xc6\x0f\xd7\x14\x0f\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4N') 12:28:04 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:04 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:04 executing program 2: ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) 12:28:04 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, 0x0, 0x8000000003) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:04 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:05 executing program 2: r0 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:05 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:05 executing program 5: ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x40046109, 0x0) r0 = syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x2) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000280), 0x0) r1 = gettid() memfd_create(&(0x7f0000000100)='!-\x00', 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000940)='/dev/snapshot\x00', 0x20601, 0x0) r3 = socket$inet(0x2, 0x0, 0x0) fcntl$getownex(r3, 0x10, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) kcmp(r1, r1, 0x0, r2, r2) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0xfed3, 0xfa00, {0x3, &(0x7f0000000000), 0x0, 0x82}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000240)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0xf658}}, 0x10) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffc) close(r2) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000)) ioctl$NBD_SET_SIZE(r0, 0xab02, 0x0) 12:28:05 executing program 1: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x18}, 0xc) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) r1 = socket$kcm(0xa, 0x40122000000003, 0x11) setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000001c0), 0x4) sendmsg$kcm(r1, &(0x7f0000003840)={&(0x7f0000000040)=@un=@abs={0xfc000000, 0x0, 0x500}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000100)="f4001100002b2c25e994efd1000000000009110000000000003a00000000f68ab928abffb7a8d4f32ebdbed828847bbaeb", 0x31}], 0x1}, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280)='/dev/net/tun\x00', 0x80402, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0}, 0x20) unlink(&(0x7f0000000200)='./file0\x00') setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0) ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x6}, 0x48) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={0xffffffffffffffff, 0x0}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, &(0x7f0000000380)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;<\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xc6\x0f\xd7\x14\x0f\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4N') 12:28:05 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x0) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:05 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:05 executing program 2: r0 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:05 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:05 executing program 4: setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 12:28:05 executing program 2: r0 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:05 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:05 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x0) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:05 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:05 executing program 4: setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) [ 222.269654][ T8282] Unrecognized hibernate image header format! [ 222.372987][ T8282] PM: Image mismatch: architecture specific data 12:28:05 executing program 1: setsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, 0x0, 0x0) gettid() memfd_create(0x0, 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000940)='/dev/snapshot\x00', 0x20601, 0x0) r1 = socket$inet(0x2, 0x0, 0x0) fcntl$getownex(r1, 0x10, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, 0x0}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, &(0x7f0000000240)={0x4, 0x8}, 0x10) close(0xffffffffffffffff) ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000000)) ioctl$NBD_SET_SIZE(0xffffffffffffffff, 0xab02, 0x0) 12:28:05 executing program 5: ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x40046109, 0x0) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000240), 0x4) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000002c0)) gettid() memfd_create(&(0x7f0000000100)='!-\x00', 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000940)='/dev/snapshot\x00', 0x20601, 0x0) r1 = socket$inet(0x2, 0x0, 0x0) fcntl$getownex(r1, 0x10, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0xfed3, 0xfa00, {0x3}}, 0x20) ioctl$NBD_SET_SIZE(0xffffffffffffffff, 0xab02, 0x0) 12:28:05 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:05 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x0) vmsplice(r0, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:05 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:05 executing program 4: setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 12:28:05 executing program 3: openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x8000000003) vmsplice(0xffffffffffffffff, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:05 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:05 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:05 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:05 executing program 3: openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x8000000003) vmsplice(0xffffffffffffffff, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:05 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) [ 222.704255][ T8359] Unrecognized hibernate image header format! [ 222.728265][ T8359] PM: Image mismatch: architecture specific data 12:28:06 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f0000000240)='\x00\x00\x00\x80\x00\x00\x80\x00\x00') 12:28:06 executing program 5: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0) 12:28:06 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:06 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:06 executing program 3: openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x8000000003) vmsplice(0xffffffffffffffff, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0) 12:28:06 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:06 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000000)=""/189) 12:28:06 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x8000000003) vmsplice(r0, 0x0, 0x0, 0x0) 12:28:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x6) 12:28:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5413, &(0x7f0000000080)) 12:28:06 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:06 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:06 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, 0x0) 12:28:06 executing program 3: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r0, 0x770a, 0x0) 12:28:06 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x541b, &(0x7f0000000080)) 12:28:06 executing program 5: ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x40046109, 0x0) r0 = syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x2) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000280), &(0x7f00000002c0)=0x8) gettid() memfd_create(&(0x7f0000000100)='!-\x00', 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000940)='/dev/snapshot\x00', 0x20601, 0x0) r2 = socket$inet(0x2, 0x0, 0x0) fcntl$getownex(r2, 0x10, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0x82}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000240)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0xf658}}, 0x10) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffc) close(r1) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000000)) ioctl$NBD_SET_SIZE(r0, 0xab02, 0x80001) 12:28:06 executing program 3: socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000005ed0050bfa30000000000000703000031feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000002c460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], 0x0}, 0x48) 12:28:06 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:06 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, 0x0) 12:28:06 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:06 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:06 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) semctl$IPC_INFO(0x0, 0x0, 0x3, 0x0) 12:28:06 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 12:28:06 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:06 executing program 3: openat$ashmem(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ashmem\x00', 0x4003, 0x0) 12:28:06 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:06 executing program 0: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r0, 0x81007702, &(0x7f0000000240)='\x00\x00\x00\x80\x00\x00\x80\x00\x00') [ 223.763167][ T8469] FAT-fs (loop1): bogus number of reserved sectors 12:28:07 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000100)={0x79, 0x0, [0x212]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000001940)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd957e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c341a35eb0f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114380b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2dee1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093f04000000663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c46600"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12:28:07 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="39000000130003746900000000000000ab0080e72a000000460025d70300001419000a0010000000000003f500000002000087ce54b3c532da", 0x39}], 0x1) 12:28:07 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) [ 223.846545][ T8469] FAT-fs (loop1): Can't find a valid FAT filesystem [ 223.921123][ T8491] FAT-fs (loop1): bogus number of reserved sectors [ 223.962539][ T8496] netlink: 'syz-executor.5': attribute type 10 has an invalid length. [ 223.971062][ T8491] FAT-fs (loop1): Can't find a valid FAT filesystem 12:28:07 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000140)='./file0\x00'}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x4005}) r2 = socket$kcm(0x29, 0x5, 0x0) ioctl$TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000000080)=0x81) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000500)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(r1, &(0x7f00000000c0)={[{0x0, 'c\x86\xdd'}]}, 0xfdef) 12:28:07 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) 12:28:07 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x0, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:07 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x12, 0x0, 0x8c) sendmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000002d40), 0x2bc}}, {{0x0, 0x0, &(0x7f0000000040), 0x361, &(0x7f0000000140)}}], 0x40007aa, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bc070") 12:28:07 executing program 3: socketpair$unix(0x1, 0x400000000000005, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = epoll_create1(0x0) flock(r1, 0x2) r2 = epoll_create1(0x0) flock(r2, 0x1) r3 = gettid() dup2(r1, r2) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) tkill(r3, 0x1000000000016) 12:28:07 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) 12:28:07 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) 12:28:07 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) 12:28:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000000)="3100000013000900696806007a000010ab008048010000004600010700000014060003c02564b9a3000000000000000000", 0x31}], 0x1) 12:28:08 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x0, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) [ 224.903647][ T8496] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 224.920898][ T8525] device nr0 entered promiscuous mode [ 224.929151][ T8543] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.2'. [ 224.958954][ T8545] netlink: 'syz-executor.5': attribute type 10 has an invalid length. [ 224.971747][ T8545] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). 12:28:08 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x100000000005, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) 12:28:08 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0xe) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) [ 225.141867][ T8559] input: syz1 as /devices/virtual/input/input5 [ 225.185857][ T8562] input: syz1 as /devices/virtual/input/input6 12:28:08 executing program 0: creat(&(0x7f0000000000)='./file0\x00', 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mount(&(0x7f00000000c0)=@loop={'/dev/loop'}, 0x0, &(0x7f0000000140)='reiserfs\x00', 0x400, 0x0) 12:28:08 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000002c0)='veno\x00', 0xfd71) sendto$inet(r1, 0x0, 0x0, 0x1000000020000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) 12:28:08 executing program 3: socketpair$unix(0x1, 0x400000000000005, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = epoll_create1(0x0) flock(r1, 0x2) r2 = epoll_create1(0x0) flock(r2, 0x1) r3 = gettid() dup2(r1, r2) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) tkill(r3, 0x1000000000016) 12:28:08 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x0, 0x0, 0xfd3a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:08 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x100000000005, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) 12:28:08 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f00000000c0)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f00000001c0)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00'}, 0x4, 0x0, 0x7, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) 12:28:08 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) 12:28:08 executing program 1: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x4000fff, 0x0) ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285628, &(0x7f0000000040)={0x3, 0x0, 0x1, [], &(0x7f0000000140)}) [ 225.469550][ T8577] input: syz1 as /devices/virtual/input/input7 [ 225.476894][ T8575] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 12:28:08 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x100000000005, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") ioctl$UI_DEV_DESTROY(r0, 0x5502) 12:28:08 executing program 0: accept$alg(0xffffffffffffffff, 0x0, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_open_dev$vbi(&(0x7f0000000400)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) memfd_create(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x802, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'team0\x00\x10\x00'}) syz_open_dev$usb(0x0, 0x0, 0xa1d532ba56b436e1) sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10020008c10}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) 12:28:08 executing program 2: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r2 = openat$sequencer2(0xffffffffffffff9c, 0x0, 0x80000, 0x0) mkdirat(r2, 0x0, 0x0) chown(&(0x7f00000001c0)='./file0\x00', r1, 0x0) mount$bpf(0x0, 0x0, 0x0, 0x20040, 0x0) getsockopt$sock_buf(r2, 0x1, 0x3f, &(0x7f0000000880)=""/35, &(0x7f0000000940)=0x23) lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000580)={{}, {}, [], {0x4, 0x7}, [], {0x10, 0x2}, {0x20, 0x1}}, 0x24, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') link(0x0, &(0x7f0000000280)='./file0/file1\x00') sendmsg$FOU_CMD_ADD(0xffffffffffffffff, 0x0, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0) clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000008c0), 0xffffffffffffffff) openat$dir(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x2, 0x42) 12:28:08 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x100000000005, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) 12:28:08 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCLINUX6(0xffffffffffffffff, 0x541c, &(0x7f0000000100)={0x6, 0x8001}) recvmmsg(0xffffffffffffffff, &(0x7f0000002fc0)=[{{&(0x7f0000000300)=@llc, 0x80, 0x0, 0x0, &(0x7f0000000580)=""/42, 0x2a}, 0x10001}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)=""/191, 0xbf}}, {{&(0x7f0000000d40)=@un=@abs, 0x80, 0x0, 0x0, &(0x7f0000002280)=""/73, 0x49}, 0x4}, {{&(0x7f0000002300)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, &(0x7f00000023c0)=[{&(0x7f0000002380)}], 0x1}, 0x5}, {{&(0x7f0000002400)=@ipx, 0x80, &(0x7f0000002580)=[{&(0x7f0000002480)=""/154, 0x9a}], 0x1, &(0x7f00000025c0)=""/117, 0x75}, 0xc5f}, {{&(0x7f0000002640)=@generic, 0x80, &(0x7f0000002800)=[{&(0x7f00000026c0)=""/54, 0x36}, {&(0x7f0000002700)=""/225, 0xe1}], 0x2, &(0x7f0000002840)=""/14, 0xe}, 0x200}, {{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000002880)=""/225, 0xe1}, {&(0x7f0000002980)=""/86, 0x56}, {&(0x7f0000002b00)=""/69, 0x45}], 0x3, &(0x7f0000002c40)=""/200, 0xc8}, 0x1a92}], 0x7, 0x9ec7b2c0c35842f0, &(0x7f0000003200)) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/tcp6\x00') ioctl$GIO_FONT(r0, 0x4b60, 0x0) preadv(r0, &(0x7f00000017c0), 0x3ea, 0x0) 12:28:08 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0) [ 225.746014][ T8598] input: syz1 as /devices/virtual/input/input8 [ 225.775252][ T8601] input: syz1 as /devices/virtual/input/input9 12:28:09 executing program 2: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r2 = openat$sequencer2(0xffffffffffffff9c, 0x0, 0x80000, 0x0) mkdirat(r2, 0x0, 0x0) chown(&(0x7f00000001c0)='./file0\x00', r1, 0x0) mount$bpf(0x0, 0x0, 0x0, 0x20040, 0x0) getsockopt$sock_buf(r2, 0x1, 0x3f, &(0x7f0000000880)=""/35, &(0x7f0000000940)=0x23) lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000580)={{}, {}, [], {0x4, 0x7}, [], {0x10, 0x2}, {0x20, 0x1}}, 0x24, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') link(0x0, &(0x7f0000000280)='./file0/file1\x00') sendmsg$FOU_CMD_ADD(0xffffffffffffffff, 0x0, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0) clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000008c0), 0xffffffffffffffff) openat$dir(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x2, 0x42) 12:28:09 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x100000000005, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) 12:28:09 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0xfd3a) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf32(r0, 0x0, 0x0)