[   11.197852] random: sshd: uninitialized urandom read (32 bytes read)
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   28.674747] random: sshd: uninitialized urandom read (32 bytes read)
[   29.191753] audit: type=1400 audit(1568671254.583:6): avc:  denied  { map } for  pid=1770 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   29.234550] random: sshd: uninitialized urandom read (32 bytes read)
[   29.793398] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.48' (ECDSA) to the list of known hosts.
[   35.376925] random: sshd: uninitialized urandom read (32 bytes read)
2019/09/16 22:01:00 fuzzer started
[   35.470482] audit: type=1400 audit(1568671260.863:7): avc:  denied  { map } for  pid=1785 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   36.205758] random: cc1: uninitialized urandom read (8 bytes read)
2019/09/16 22:01:02 dialing manager at 10.128.0.26:45495
2019/09/16 22:01:02 syscalls: 1347
2019/09/16 22:01:02 code coverage: enabled
2019/09/16 22:01:02 comparison tracing: ioctl(KCOV_TRACE_CMP) failed: invalid argument
2019/09/16 22:01:02 extra coverage: extra coverage is not supported by the kernel
2019/09/16 22:01:02 setuid sandbox: enabled
2019/09/16 22:01:02 namespace sandbox: enabled
2019/09/16 22:01:02 Android sandbox: /sys/fs/selinux/policy does not exist
2019/09/16 22:01:02 fault injection: CONFIG_FAULT_INJECTION is not enabled
2019/09/16 22:01:02 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/09/16 22:01:02 net packet injection: enabled
2019/09/16 22:01:02 net device setup: enabled
[   38.508875] random: crng init done
22:02:03 executing program 5:
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@broadcast, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "e30600", 0x18, 0x40000000003a, 0x43ff, @ipv4={[], [], @broadcast}, @local, {[], @icmpv6=@mld={0x87, 0x0, 0x0, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffff0a000000}}}}}}}, 0x0)

22:02:03 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000180)="11dca5055e0bcfe47bf070")
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x669, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000002940)='\'\xc4\'\v\xec\xe4\t\xc5r\x12-\x90\xda\x9a\x94\x02\xec\xea\x10\x90\x03\xcb\xf8\x1b6\xa5t\xd6\xd3\x93\xd3\xdf\x85P\x19G7Q\v\xdcHv\x03Qa\xf3\xd4\xfc(\x83\xfb\xf8C\xf6\x8a$\xb1\x90\xeb\'~\xa0\xd8\xc8\xe8\x94#\xcd\xd5Kp\xbf\xc0\x8d7\x1b?A(\xe8^\x9c\xff\x0f\x1ck\xbc\x95\x05\xcd\x17\xf7\x15o\xd4\xdc4\x84uw\xa6w\x0f\xea`1\xec\xb4\x04\xd5\r\x8d\xde\x1f]\x15\xe5\xe8\xd00\xe5\x8d\x9c\x9ec+\x02\x1d\xffa5\x94\xab\xddNe\xfe\x8c\xc4q\xbb#f\xc1\xb9\x81W\xa4$)!\v\x9b\xa7\b\x91\xe5\xeb\x88\x1c\x0f\xb2.Tr\xe4\x99\x9e\x03\xb4\xd2\xf9KW\xce\xd1cC\xd5\xcf\x97\xa9\xeab\xda\xd6:\xa91q\xf7\xc5\xc0C\xd1\'\x89\xee\x84T:\x88x\xe2\x83\xf2r\xf4&t@\x9e\xa4qf\xdf\xf4\xb5\x01\\a\x85\xd3\xe0\xb7\n\xe7\xed\x84Q\xd7s\xcd4B\xcbQ\xa4\x9f[\x99\xdfJ%\xa8\xfc\xe3`\xc1JA\xc9\xbc\xd4~}\xce\xe8\xfejH\x8fb\xdd\xbcJ\vk\'\xe7Q\xfd\xaaA`\xb5\xa1\xe4\xf8\x9eG\xcfb\xe8@\x04\xe1\xf8\xacU)(S\xed\xffA\xfaqt\xb6-\x9b5\xf6\x1e\x13$e\n\xc7\x9b\xb0X\xb6\xd4\t\x99^^\xc2>J\x16\xd0\x8c\xecy*\xa0\a\xe9Ar\xa6\xb4n9j\xe5\xba\x8a\n\xce2\xcf_\x1b.t)\x8d09A[-\xf6\xe7\xe8\x1f\x92>\xb8\xd4>-\xacY\x9e\x88\x96\xa7\xfa\xdaoL\xa6\xec\xe8\xd5\xbfaf\xd7\xfc\x03\x91w)\xcd\x1f\xbe\xc9R\xcfz\x03\xec\br\x83\x8bM-\xf8X\xfd\"\xb4RV\x7f\xda\xd3\xd4h\x1c\xdb\xbe\xa4U\xec\xcd\'\xbc\xd22\x85{,\xe6-,6\x9d\x85\xb4fL\b\x98\xe9@\xee\xc2.\xb3\xd6w\x10\x94\xb5%D\xe8\r\xfe\x98G\x82\fx,\xa2J\x12\x03ec\xd5e-\x1f6\xe7\xb6\xd9\xcf0J\xed\xb7\x9b\xfd\xfc\x00EQ\x1f\x00D\xc95\xdeG +\x1bp\xf4\t\x94\x87\xf1ZbO\xa6\xe9\f`u\xda\xb3\x1d\xf9\x94\x80\xc1\x17\xde(_\xa7\xe7\x11\x9a\xac\x8c\xb1\xd71\xc5\xe9\xd3n\xc2\xa4\x98P\x9aF\xc2\x93\xad@\xa9h\x96\x1b]2\x88\xf3\xd8\xc798\x8c\x9f\xd4W4\xf1}\aD\xa0\xd8\xda\xf4\x1bEx(t|\xf4Y\xfaJ\xc2GS\xc9R\xb5\xda\xa8\x9b\xaa\x01\xe2~\xd8f.#\x94\xbf\x85z\xbf\xa0x62L\x1f\x91\xd2\x1e%\x88\x1f\f\xabb\x8ds\x93\x9e\xed\xd2\xdb\x02\x0e\xcf\xf5\xaf\xc8>+\x03e\xb7\xba\xb9}\xca\xfc\xe8\xed\x9b\xa2\x9ey\bMv\x8f\x8a8\xfd;\x9a5J\xee\x9a\xae\x83>$\x8a6\x05P\x8c\x05\xb8\r\xcf\xdd\x15/\xa9\xa1\xd4\x87{\xc9I4\xe3 i\xa4\xc5\xe5l\x03?\xfdM&\xc0a9}h\x8ef\x10!\xf0\x99\x80\xb72\xcc\x06\'+\xf0\xa1\a\xeeSGH\x12\x068S7s\xd3\xdaT\"\xa9jk\xed\xa2IyM\xa3&t\xfeA\xa9\"\xb4\xec\xdex\x00\x80`p\x91\x84\xbfK\xb6\x00\xa7\xa2\x06\xce\xc8X\x7f\xd1@\xf1\xcf\xdf\xae\xdb\r\xf6h\xdf\xc6+\xac\r\x9f\xc2D\xdf\xd6\xde`\xa4\xd1=\x1b\x8d\xf4\xbe#\tH\x06;a(`\xdcw\x1dc_\v\x046j\xf9`\r\xc0\a\x8d\x12:l\xc7j3E\xd7\xcaX\x97\xad\x93\xea\x99\xca\xd7m\xb8\x1e1\xb6Nz\"U/\x0eP\b=\x01W\xcd\xf1x\x85\xf4&\xe7\xf9W\x06\xa4\xf8&\xbc\xf4\xd0\xd2\xd1W\xee\x9a\xdd\xdbu\x0e\x9aV\xe2\xc5\x84`Bu\x12\xa8/=\x17\xc4F\x11\xdfm-)\xd9hc\xba\xb7\x91\xd9\x11\x9a,\x19\xf4]\xa7Y@B\x1f')
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x35c1412875eec207, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000b00)='mem\x00\x01y7SwaS.\x06ur\x89\xc9B\xab\xe3\xfarent\x00\xaa\x1a\xfd\xae\v\xbf\xd8d\xbb\xaf9Q\xde\xfb\x1fY\xfb\x8do\xd1\x16\xce(\x82\xf1\xbf{5Z\x13\x15\x14\xd7\xb8\xce\xf20\x1e\xc0\xc2\xed<?\xc7\xb6s\xca\xff\x96\x9a}+Q\xd2\xd9{\xca\x86Vw\xde\xb3\x86\x91\xfd\xb5p\xdb$ j\xfb\xf8\xedw\xf4\x161a.\xc7\n\xe0X?\xc4\xf4BW\x01\x1f-\xcc\x01\xd0W\xc8\xf09\fV\x1b|A)\xb8\xda#NP\x1c\x9d\x93#V\x9f\"Kgn{\x96\xaa\xbd0\x8ef\x9d\xb88CP(}w\x8c\xbb\xdc%\ax \x10\xd1\n(\xa8=\xf54\xa9\xcb\xe9\x97T\xcf\xcf\x87t\x81\xfa\xaa\xf30\x8b\xb7\xea\xfc^\xb6\x95\x87E\x11\x89\x7f\xa0m\xd3&\tHvtD\x83\\6\xe0t\xa8\xdd\xa3\xa4\xd2\xb9\xb9{+\x1d\xa3\xd5Z;]*2\x99Os\bVW5\xe6\xe7\xdb\x95\x8d\xffY\xe0s\x7f\x9eK,\xae\xaeX\x15M@\xdd\x04`\xea\x03\xf7\x7f:\xc8HU3\xabX}\xa7S8s\xdb_\xc5\x9c\xc9Rw\x90G\xf3J\x9c\x8f\x91\xa1\xd6\x055?m\xed\x94\x9c\xb7(\x0f\xd3\xbc\xba\xc6T\xdd\x15\xf7+*Z3\x8e_Z\xa3k\xe4R\x1e\xc8\vYV\x8a\x8d\xad\x8cI\x88\fM\x19JX\x1f\xffe#|\x06\xfa86\xcb\x93\xea\xab\xcc\x864fC*I\x7fM\t7\x94}\x06\x1d\xc3\x9co-\xdd\xa6\x1b\xa8_\x1fBl\xc4:\xae\xfe4\x9e\xa9T\x91\xd9w\x05\xf8{\xd6@', 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)

22:02:03 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000180)="11dca5055e0bcfe47bf070")
mmap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x669, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000002940)='\'\xc4\'\v\xec\xe4\t\xc5r\x12-\x90\xda\x9a\x94\x02\xec\xea\x10\x90\x03\xcb\xf8\x1b6\xa5t\xd6\xd3\x93\xd3\xdf\x85P\x19G7Q\v\xdcHv\x03Qa\xf3\xd4\xfc(\x83\xfb\xf8C\xf6\x8a$\xb1\x90\xeb\'~\xa0\xd8\xc8\xe8\x94#\xcd\xd5Kp\xbf\xc0\x8d7\x1b?A(\xe8^\x9c\xff\x0f\x1ck\xbc\x95\x05\xcd\x17\xf7\x15o\xd4\xdc4\x84uw\xa6w\x0f\xea`1\xec\xb4\x04\xd5\r\x8d\xde\x1f]\x15\xe5\xe8\xd00\xe5\x8d\x9c\x9ec+\x02\x1d\xffa5\x94\xab\xddNe\xfe\x8c\xc4q\xbb#f\xc1\xb9\x81W\xa4$)!\v\x9b\xa7\b\x91\xe5\xeb\x88\x1c\x0f\xb2.Tr\xe4\x99\x9e\x03\xb4\xd2\xf9KW\xce\xd1cC\xd5\xcf\x97\xa9\xeab\xda\xd6:\xa91q\xf7\xc5\xc0C\xd1\'\x89\xee\x84T:\x88x\xe2\x83\xf2r\xf4&t@\x9e\xa4qf\xdf\xf4\xb5\x01\\a\x85\xd3\xe0\xb7\n\xe7\xed\x84Q\xd7s\xcd4B\xcbQ\xa4\x9f[\x99\xdfJ%\xa8\xfc\xe3`\xc1JA\xc9\xbc\xd4~}\xce\xe8\xfejH\x8fb\xdd\xbcJ\vk\'\xe7Q\xfd\xaaA`\xb5\xa1\xe4\xf8\x9eG\xcfb\xe8@\x04\xe1\xf8\xacU)(S\xed\xffA\xfaqt\xb6-\x9b5\xf6\x1e\x13$e\n\xc7\x9b\xb0X\xb6\xd4\t\x99^^\xc2>J\x16\xd0\x8c\xecy*\xa0\a\xe9Ar\xa6\xb4n9j\xe5\xba\x8a\n\xce2\xcf_\x1b.t)\x8d09A[-\xf6\xe7\xe8\x1f\x92>\xb8\xd4>-\xacY\x9e\x88\x96\xa7\xfa\xdaoL\xa6\xec\xe8\xd5\xbfaf\xd7\xfc\x03\x91w)\xcd\x1f\xbe\xc9R\xcfz\x03\xec\br\x83\x8bM-\xf8X\xfd\"\xb4RV\x7f\xda\xd3\xd4h\x1c\xdb\xbe\xa4U\xec\xcd\'\xbc\xd22\x85{,\xe6-,6\x9d\x85\xb4fL\b\x98\xe9@\xee\xc2.\xb3\xd6w\x10\x94\xb5%D\xe8\r\xfe\x98G\x82\fx,\xa2J\x12\x03ec\xd5e-\x1f6\xe7\xb6\xd9\xcf0J\xed\xb7\x9b\xfd\xfc\x00EQ\x1f\x00D\xc95\xdeG +\x1bp\xf4\t\x94\x87\xf1ZbO\xa6\xe9\f`u\xda\xb3\x1d\xf9\x94\x80\xc1\x17\xde(_\xa7\xe7\x11\x9a\xac\x8c\xb1\xd71\xc5\xe9\xd3n\xc2\xa4\x98P\x9aF\xc2\x93\xad@\xa9h\x96\x1b]2\x88\xf3\xd8\xc798\x8c\x9f\xd4W4\xf1}\aD\xa0\xd8\xda\xf4\x1bEx(t|\xf4Y\xfaJ\xc2GS\xc9R\xb5\xda\xa8\x9b\xaa\x01\xe2~\xd8f.#\x94\xbf\x85z\xbf\xa0x62L\x1f\x91\xd2\x1e%\x88\x1f\f\xabb\x8ds\x93\x9e\xed\xd2\xdb\x02\x0e\xcf\xf5\xaf\xc8>+\x03e\xb7\xba\xb9}\xca\xfc\xe8\xed\x9b\xa2\x9ey\bMv\x8f\x8a8\xfd;\x9a5J\xee\x9a\xae\x83>$\x8a6\x05P\x8c\x05\xb8\r\xcf\xdd\x15/\xa9\xa1\xd4\x87{\xc9I4\xe3 i\xa4\xc5\xe5l\x03?\xfdM&\xc0a9}h\x8ef\x10!\xf0\x99\x80\xb72\xcc\x06\'+\xf0\xa1\a\xeeSGH\x12\x068S7s\xd3\xdaT\"\xa9jk\xed\xa2IyM\xa3&t\xfeA\xa9\"\xb4\xec\xdex\x00\x80`p\x91\x84\xbfK\xb6\x00\xa7\xa2\x06\xce\xc8X\x7f\xd1@\xf1\xcf\xdf\xae\xdb\r\xf6h\xdf\xc6+\xac\r\x9f\xc2D\xdf\xd6\xde`\xa4\xd1=\x1b\x8d\xf4\xbe#\tH\x06;a(`\xdcw\x1dc_\v\x046j\xf9`\r\xc0\a\x8d\x12:l\xc7j3E\xd7\xcaX\x97\xad\x93\xea\x99\xca\xd7m\xb8\x1e1\xb6Nz\"U/\x0eP\b=\x01W\xcd\xf1x\x85\xf4&\xe7\xf9W\x06\xa4\xf8&\xbc\xf4\xd0\xd2\xd1W\xee\x9a\xdd\xdbu\x0e\x9aV\xe2\xc5\x84`Bu\x12\xa8/=\x17\xc4F\x11\xdfm-)\xd9hc\xba\xb7\x91\xd9\x11\x9a,\x19\xf4]\xa7Y@B\x1f')
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getegid()
sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)

22:02:03 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000180)="11dca5055e0bcfe47bf070")
accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x8000, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c)
sendto$inet6(r1, &(0x7f0000000d00)="e911ae3867dd39d67f1080296a5802411ea73c4d3e33ce5bcc0d183961d938b9619c848c7ebd2700e7c5830ad8dc74b6ceac60c5268300454ba6dd016996b7fcd0eb5d17157bf7d8cbf3e47d463b707d1b484495a1d695299d53baacf32e673e28dafdf5580c65c12137045c1179c54e5f8ab35e202f1bb04cf68d52f2b7259a90eaf0157af7236025eae7c29d4d2040f5c12e1619f9c0965bad1fd6175e734967d7ba6e25d06814bf09b6610545f16d74c24f5d74096dab8554ddc2355963fb192407527b7524e996ddaabe466c47201609f4fb4af56eb262d9e4d48cf0bd077497856b92f7e85c99fb708f580a0c95b4d945eedb59d210bb002dafac7545f194a3b7c1e49f51fc88e99d5cab4ea94849ac51537af16e57f595e0e53d4f17cc14c2f532a9d0eb55261779317d8db84ea0017c8fc7ad5155156600b06e52c0f2f1078d4d79c75378b848221ec98cd5e895f4a40ee82bf618e222ee6cb1ac82ada1010cf6140922f1c092e75bdfdcb9c5f8ee7ecf1741ed2dc2adb7ec06d00c9f4c1262d7708963186572bfa99688b6df6be8e1febb7cd4e62c6e20b5bae9ad979032cf4a1751844ae0e3e9b5bd160e581a6bdfa103e663c3dfcad4bf89403b1b3df1ac670f3bc26a42d6162bdba6d519f143b213a546b5b7e7bf9813b223239959876c0f6b254de1284c7dc1e8ae06f31dfa5a1d9190182f82af0dff4628ee246e42a35793b4c17a37f978cbf81d5fc5c174a4d9a7f2da80252b0897c16a29cc349000de7f196a4769c82147c3451ca0f75f137ad2b58b6c4cd10b9a22f4ca4a2450869b64d69f6451a0250718d1753e4b7240e56050638e60b28befc4b533bef9442c0cec220e7529624b59c4b3eea154de4f4b2ae265eefed9cc483418951a627d7afc8d3e41d5f345b790c97b86db4cacd7885a71cfaebf427429404d8586cac800f67ab2559fda10eb66f02b67c8dfd4c77120ad7b219d9b8fdde324543733186138ae69a884fbe427e6384f8e9ba5f150cd962aeb0f61d02809e300416603e2582d0ac9a7dba1cf813560d264185a879e86092cbca98f472294205cf86ecad86880edfaa4d73839101245389562e7bd9f1861005f47ce15bbad255c1879e9c9c61f4fccdb714ad3edcccc214d9dad38804c91377dcaa572bb112567bc6063a52f897f236a3e62f436e75b657e4fd27c5ec309e103332584b14deb77fd0e363d6efe7d6b4a97a7fe5b79030a0a4888a8dc8002634911f91b16388c05780a49d5ec66361bde0c41aade94573bf4f626e2896d78e3dafa5050ade987f7e1613db515351b7b6fd7e82e70ca37c1c87d9d1373d809c9ebcbdb7a439e3cb484f66fb99ce94d25b1e778799c976b31b2d02db645efdaad08c8c156f94251822079be9199dfac4ee4e014aadfb0d34ac1843b1f0d69f44b2ad2b5d88e769d8c78fddfaa2fb513d9aa7a6c6650bd84a20df99a538153d2549425ae53236ba21de4419754fa750abc9cdc6c660483c330f6e39c7327a2e4c84338f67021cff5189e0e855c3f746a8c919a5c358aea94d474bca78b9353f8c1c7c1d117b6b11e55dd4948efdc23847e85dddb185f3272178095d0a1673a320d6b2816c168a3e2cc2b510bcdc47c786176c4e3aea682845d10122d3ea0378b86a27971184a43e5f761fc0ef857c7b9ea24bf5ba1b33c493982d025f3e8d42e5fa77cc40a3ce6f4990d22425101142ce81936f6bedf319d1580cc2b874fb74ccaa0ae74b7ba728ab1e9439aa93d203b878491223225a80294f649ba0b1620aa754edb5bc6ff7f8ae43628756787d648c9129bf36253b013381c55e004ff66e82b3be229d50fd4b968c9f331e9e21cf9c4a461bbd93f33cc7245ee2497956178ec15c9e7350ddf2592b22c446ed740fd6c66c942222dcb5e3d3b332fe255ad3e43f5128756da6223cde58702df21f53bb661e022d277fd7f34108b6ea407550d4d44a52ca7f3d0904301cf99d92da8115b99b6fc048e35c43069d98a8c1a56b4f52b1c369ebfcce941000000", 0x5a1, 0x400c000, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000000000)="8650f77769735150c7eaaa9e", 0xc, 0x0, 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x0)

22:02:03 executing program 2:
r0 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
r1 = gettid()
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000003c0)='bpf\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="2c63536e7465d2f4894ed7ebd5b842aa0cf843ef787e3d73ed1c61666d5f752c726f6f74636f6e746578743d0b80c5bc8cb94a06a189f2abe9baad92710e63446e4f83b42ba914df0dfc0e8c50d902cca9a98af6082369df1f528d24b768327854bc03a8247ead78facadab7d6c0011a86fce129621eb651f2197891b7f2f9d3f9c07cdb5ffc0f812fdbdacccb74"])
ptrace(0x10, r1)
wait4(0x0, 0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000240))
getgroups(0x6, &(0x7f0000000780)=[0xffffffffffffffff, 0x0, 0xee01, 0xffffffffffffffff, 0x0, 0xee00])
getgid()
lstat(0x0, &(0x7f00000009c0))
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'team0\x00'})
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, 0x0, 0x0)

22:02:03 executing program 4:
clone(0x3000000a0160101, 0x0, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x333, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, &(0x7f0000000140)=ANY=[@ANYBLOB="b702000000000400bfa30000000000000703000000fe380d7a0af0fff8ffffff79a4f0ff00000000b7060000000000812d6405000000000025040400010000001704000001000a40b7040000000100006a0a00fe00000000850000001a000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)="7db98a90a6ac6f6e")

[   97.886770] audit: type=1400 audit(1568671323.273:8): avc:  denied  { map } for  pid=1785 comm="syz-fuzzer" path="/root/syzkaller-shm542053254" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   97.926289] audit: type=1400 audit(1568671323.283:9): avc:  denied  { map } for  pid=1836 comm="syz-executor.5" path="/sys/kernel/debug/kcov" dev="debugfs" ino=5044 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
22:02:05 executing program 5:
clone(0x7fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
r1 = gettid()
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x39)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r1, 0x0, 0x0)
wait4(r1, &(0x7f0000000000), 0x1000000, &(0x7f0000000240))
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="d3d2b93c929e00cd80"], 0x9}}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYRESHEX, @ANYRESHEX, @ANYBLOB="e6c55c669eb82eec510100019b3d7280437a7462010000000000000029a741efca44f937d0492482ba83"], 0x0, 0x4e}, 0x20)
tkill(r0, 0x3b)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

22:02:05 executing program 5:
setrlimit(0x40000000000008, &(0x7f0000000000))
capset(&(0x7f0000a31000)={0x19980330}, &(0x7f00009b3000))
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_netdev_private(r0, 0x89f0, &(0x7f0000000100)="a333298725ae575d6b9f0fc5405f2f")
ioctl$void(r0, 0xc0045878)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$KDSKBLED(r1, 0x4b65, 0x8000)
socket$inet_udp(0x2, 0x2, 0x0)

22:02:05 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x100000001)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x80000000000001}, {{@in6=@empty, 0x3, 0xff}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0x1}}, 0xe8)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0xffd8)

[  100.039964] capability: warning: `syz-executor.5' uses 32-bit capabilities (legacy support in use)
[  100.170361] hrtimer: interrupt took 24816 ns
22:02:05 executing program 5:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {0x0, 0xffffffd0}, {0x0, 0x199}, {&(0x7f0000000240)=ANY=[], 0x12a}], 0x100000000000021b, 0x0, 0xfffffffffffffedb}, 0x0)
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x1c, 0x4)
r1 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x31)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
sched_setparam(r1, &(0x7f0000000080)=0x1ff)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000140)="11dca5055e62cfe47bf070")
ptrace$cont(0x7, r1, 0x0, 0x0)

22:02:05 executing program 5:
clone(0x7fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000080)={0x0, 0x0, 0x0, {}, {}, @period={0x0, 0x0, 0x0, 0x0, 0x0, {}, 0x0, &(0x7f0000000040)}})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="d3d2cd80"], 0x4}}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYRESHEX, @ANYRES32], 0x0, 0x16}, 0x20)
tkill(r0, 0x3b)
openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=0xa7, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x5, 0x3}, 0x0, 0x0, &(0x7f0000000240)={0x5, 0x9, 0x6, 0x1}, &(0x7f0000000280)=0xb278, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=0x8}}, 0x10)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

22:02:05 executing program 5:

22:02:05 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r2, &(0x7f0000000040), 0x1c)
r3 = dup2(r2, r2)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x132224)
setsockopt$inet6_buf(r3, 0x29, 0x32, 0x0, 0x3da)
fcntl$setstatus(r3, 0x4, 0x42808)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000010}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x78, r4, 0xe7bca8fd8f549613, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffffffffffffff80}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bcsf0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0xffff}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}]}]}, 0x78}, 0x1, 0x0, 0x0, 0xc0}, 0x20000080)
ioctl$TCSETSF(r1, 0x5411, 0x0)

[  100.751131] audit: type=1400 audit(1568671326.143:10): avc:  denied  { create } for  pid=2687 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  100.811461] audit: type=1400 audit(1568671326.143:11): avc:  denied  { write } for  pid=2687 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  100.858365] audit: type=1400 audit(1568671326.143:12): avc:  denied  { read } for  pid=2687 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  101.773356] audit: type=1400 audit(1568671327.163:13): avc:  denied  { prog_load } for  pid=2786 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[  102.154920] SELinux:  unknown mount option
[  102.163400] SELinux:  unknown mount option
22:02:07 executing program 0:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00')
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="00002486c0ea28d633d9be1d8b4a617ec329070e98a377389903b978f55932f6ca9d1490a8f05eafc880b233386d79820c9d919e0eed8002bef3df9d3e12b3fbf2adb33dffc18b9c4b6e8a0d8c832f0d80be06e22afb965a398e18a582bd16561752de8c9045526bb227a803c48932293aed2ccd141a79918b5a50436d957704fc68fde560976348264be1255416dcb755d64f19d9c5f9938962119a9ced3d070522c62b87b8ec7c947988b9a85b0b14855154d4f090d3e3db0f25c1db681d717cb566469529bdf8bbdd485521d1fb78497e6256d186fd2f887fab5ffc4f22867a000000000000", @ANYRES16=r1, @ANYBLOB="000427bd7000fbdbdf25110000000800040001000000300003001400020053797a6b616c2efec26d23326c65723100000000000008000100010000000800040002000000080005007f00000134000200080007004d00000008000900080000000800040000000100080007002cf80000080002004e2200000800090007000000240002000800050002000000080007000002000008000e004e210000080002004e21000008000400df050000080005000080000050000200080002004e230000080009005f0edd2997b78a6765a300000000018000004e24000014000100e000000100000000000000000008000400ff0700e3859d2a7286eb0f580a05495b6351db000800"], 0x104}, 0x1, 0x0, 0x0, 0x2004c800}, 0x40000)
ioctl$RTC_AIE_ON(r0, 0x7001)

22:02:07 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000002180)=0x100, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000500)={'syz_tun\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000100)={0x11, 0x800, r2, 0x1, 0x0, 0x6, @local}, 0x14)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x100, 0x4)
sendto$inet6(r0, &(0x7f0000000000)="0204030073bb600000000000fff55b42d4b2eff5dd335c6ac855cfe757489ca44b0000001af8792dfbf56bf1", 0x2c, 0x0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r3, &(0x7f0000000040), 0x1c)
r4 = dup2(r3, r3)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000440), 0x132224)
setsockopt$inet6_buf(r4, 0x29, 0x32, 0x0, 0x3da)
fcntl$setstatus(r4, 0x4, 0x42808)
write$apparmor_exec(r4, &(0x7f0000000080)={'stack ', 'syz_tun\x00'}, 0xe)

22:02:07 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r0, &(0x7f0000000040), 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224)
setsockopt$inet6_buf(r1, 0x29, 0x32, 0x0, 0x3da)
fcntl$setstatus(r1, 0x4, 0x42808)
ioctl$EVIOCSABS3F(r1, 0x401845ff, &(0x7f0000000100)={0x7, 0xfffffffffffffffe, 0xfffffffffffffff9, 0x7fff, 0x44e, 0xc7})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000680)='sysfs\x00*\x86OK\xc0\v\xce\x1b\xdb cr\x13\xb1\xe8\x94\xd1 q_\x9d\xc1\x12[\x04,r&\xeb\x016\xd9bN\xa1\xd23t\xa6`\xfeZ\xc1sR/\xd3g\xad\"\xe8U0%\xa2\xe8\xbe\v\xc5QCy\xafr\x13\xd3+\x8d]\x06\xdc\x8f\xbf,\x84\x9e\xd9\xcd\xef\xc7K\x03\xdf\xa9\xcbZ\x90\xb2\x8bK$\xd7\x86,=f\xfc\xa51g\xd5BB5CZ=\xbbv\xbc}<B\xfc.\x9cia\x01\x00\x00\x00\x00\x00\x00\x00v\x83\xcf\xc1\xc4\xd2\xbfq\xc2U\xa3\x13Md\xcc?\xed\x8e\x97y\x8d\xeb\x861\xcb\xf7h,\x9f\xa2\xed\x03\x14e\xaa\x19\x1d\xf9\"\xf7d)|\xba\"\xa8I\x9d\x17\x7fI\xfb\xa9@\xf5[\xbc\x8br?\xd3t\xf1\xfe\xd7\x8c\x8a\xee\xc6\x81\x1d\x9bXyHs\x87\xd5e\x94\xa1L%\x88\'M\xe8O\xa2v\x100+?\xb5Ar\xa8\xc9\x10\xa0~|v\xeaFZ\xa6\x84\x02E\nN\xa7\xe0\xda\xa8\xea\xae&q\xce\xd53C;\x1c\xe0\xde]\xa6\x98\x8b\x80q\xb0\xaf\xa1\xc3\xab\xbf~o\r\xa7\x8aU\x85\x91\xe7\xe2\xedO}dR\x1e,\xb2Z\x13\xa7;h\xde\xc7(=zN?\xf1\x9f\x8fM\xcd\xdc\t\xff\xeb\xaf\xa7\x996\xa1\xc9\x19\xa4\x1e|\x8e\x9d\xf7\xca\x1b\x01\x1fb-\xd4\be\x87\xcb\xcf\a\x9eYz\xea\x97jX\xeaZ\xf6_-\x97\xfd\x14\x0e&\xd4\xd8|Dv\x91AYF\xe0\xe7\xfb\xb8\x0e\xa3\xb6', 0x0, 0x0)
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x10021, 0x0)

22:02:10 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000180)="11dca5055e0bcfe47bf070")
accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x8000, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c)
sendto$inet6(r1, &(0x7f0000000d00)="e911ae3867dd39d67f1080296a5802411ea73c4d3e33ce5bcc0d183961d938b9619c848c7ebd2700e7c5830ad8dc74b6ceac60c5268300454ba6dd016996b7fcd0eb5d17157bf7d8cbf3e47d463b707d1b484495a1d695299d53baacf32e673e28dafdf5580c65c12137045c1179c54e5f8ab35e202f1bb04cf68d52f2b7259a90eaf0157af7236025eae7c29d4d2040f5c12e1619f9c0965bad1fd6175e734967d7ba6e25d06814bf09b6610545f16d74c24f5d74096dab8554ddc2355963fb192407527b7524e996ddaabe466c47201609f4fb4af56eb262d9e4d48cf0bd077497856b92f7e85c99fb708f580a0c95b4d945eedb59d210bb002dafac7545f194a3b7c1e49f51fc88e99d5cab4ea94849ac51537af16e57f595e0e53d4f17cc14c2f532a9d0eb55261779317d8db84ea0017c8fc7ad5155156600b06e52c0f2f1078d4d79c75378b848221ec98cd5e895f4a40ee82bf618e222ee6cb1ac82ada1010cf6140922f1c092e75bdfdcb9c5f8ee7ecf1741ed2dc2adb7ec06d00c9f4c1262d7708963186572bfa99688b6df6be8e1febb7cd4e62c6e20b5bae9ad979032cf4a1751844ae0e3e9b5bd160e581a6bdfa103e663c3dfcad4bf89403b1b3df1ac670f3bc26a42d6162bdba6d519f143b213a546b5b7e7bf9813b223239959876c0f6b254de1284c7dc1e8ae06f31dfa5a1d9190182f82af0dff4628ee246e42a35793b4c17a37f978cbf81d5fc5c174a4d9a7f2da80252b0897c16a29cc349000de7f196a4769c82147c3451ca0f75f137ad2b58b6c4cd10b9a22f4ca4a2450869b64d69f6451a0250718d1753e4b7240e56050638e60b28befc4b533bef9442c0cec220e7529624b59c4b3eea154de4f4b2ae265eefed9cc483418951a627d7afc8d3e41d5f345b790c97b86db4cacd7885a71cfaebf427429404d8586cac800f67ab2559fda10eb66f02b67c8dfd4c77120ad7b219d9b8fdde324543733186138ae69a884fbe427e6384f8e9ba5f150cd962aeb0f61d02809e300416603e2582d0ac9a7dba1cf813560d264185a879e86092cbca98f472294205cf86ecad86880edfaa4d73839101245389562e7bd9f1861005f47ce15bbad255c1879e9c9c61f4fccdb714ad3edcccc214d9dad38804c91377dcaa572bb112567bc6063a52f897f236a3e62f436e75b657e4fd27c5ec309e103332584b14deb77fd0e363d6efe7d6b4a97a7fe5b79030a0a4888a8dc8002634911f91b16388c05780a49d5ec66361bde0c41aade94573bf4f626e2896d78e3dafa5050ade987f7e1613db515351b7b6fd7e82e70ca37c1c87d9d1373d809c9ebcbdb7a439e3cb484f66fb99ce94d25b1e778799c976b31b2d02db645efdaad08c8c156f94251822079be9199dfac4ee4e014aadfb0d34ac1843b1f0d69f44b2ad2b5d88e769d8c78fddfaa2fb513d9aa7a6c6650bd84a20df99a538153d2549425ae53236ba21de4419754fa750abc9cdc6c660483c330f6e39c7327a2e4c84338f67021cff5189e0e855c3f746a8c919a5c358aea94d474bca78b9353f8c1c7c1d117b6b11e55dd4948efdc23847e85dddb185f3272178095d0a1673a320d6b2816c168a3e2cc2b510bcdc47c786176c4e3aea682845d10122d3ea0378b86a27971184a43e5f761fc0ef857c7b9ea24bf5ba1b33c493982d025f3e8d42e5fa77cc40a3ce6f4990d22425101142ce81936f6bedf319d1580cc2b874fb74ccaa0ae74b7ba728ab1e9439aa93d203b878491223225a80294f649ba0b1620aa754edb5bc6ff7f8ae43628756787d648c9129bf36253b013381c55e004ff66e82b3be229d50fd4b968c9f331e9e21cf9c4a461bbd93f33cc7245ee2497956178ec15c9e7350ddf2592b22c446ed740fd6c66c942222dcb5e3d3b332fe255ad3e43f5128756da6223cde58702df21f53bb661e022d277fd7f34108b6ea407550d4d44a52ca7f3d0904301cf99d92da8115b99b6fc048e35c43069d98a8c1a56b4f52b1c369ebfcce941000000", 0x5a1, 0x400c000, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000000000)="8650f77769735150c7eaaa9e", 0xc, 0x0, 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x0)

22:02:10 executing program 4:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x20e03ec09aa8bf9e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000080)=[{0x80000006, 0x0, 0x0, 0x3}]}, 0x10)
dup(0xffffffffffffffff)
r1 = socket$inet6(0xa, 0x3, 0x1)
close(r1)
r2 = socket(0x100000000000011, 0x3, 0x0)
bind(r2, &(0x7f0000000000)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000200)='trusted.overlay.nlink\x00', &(0x7f0000000240)={'L+', 0xa28}, 0x28, 0x1)
setsockopt$IP_VS_SO_SET_EDITDEST(r3, 0x0, 0x489, &(0x7f0000000280)={{0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'wlc\x00', 0x0, 0x0, 0x200}, {@multicast1}}, 0x44)
ftruncate(r3, 0x87ffd)
sendfile(r1, r3, 0x0, 0x800000000024)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_netdev_private(r4, 0x89f0, &(0x7f0000000100)="a333298725ae575d6b9f0fc5405f2f")
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e21, @remote}, {0x2, 0x4e20, @empty}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x2, 0x0, 0x0, 0x0, 0x800, 0x0, 0x3, 0x1})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000640)='/dev/vga_arbiter\x00', 0x0, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
pipe(0x0)
setsockopt$sock_int(r5, 0x1, 0x20, &(0x7f0000000140), 0x4)
bind$inet6(r5, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x0, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
keyctl$clear(0x7, 0xfffffffffffffffe)
sendto$inet6(r5, 0x0, 0xfffffffffffffc7f, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r6 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0xfffffffffffffffd)
sendfile(r5, r6, &(0x7f00000000c0), 0x8000fffffffe)

22:02:10 executing program 2:
r0 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
r1 = gettid()
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000003c0)='bpf\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="2c63536e7465d2f4894ed7ebd5b842aa0cf843ef787e3d73ed1c61666d5f752c726f6f74636f6e746578743d0b80c5bc8cb94a06a189f2abe9baad92710e63446e4f83b42ba914df0dfc0e8c50d902cca9a98af6082369df1f528d24b768327854bc03a8247ead78facadab7d6c0011a86fce129621eb651f2197891b7f2f9d3f9c07cdb5ffc0f812fdbdacccb74"])
ptrace(0x10, r1)
wait4(0x0, 0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000240))
getgroups(0x6, &(0x7f0000000780)=[0xffffffffffffffff, 0x0, 0xee01, 0xffffffffffffffff, 0x0, 0xee00])
getgid()
lstat(0x0, &(0x7f00000009c0))
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'team0\x00'})
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, 0x0, 0x0)

22:02:10 executing program 0:
perf_event_open(&(0x7f0000000040)={0x1, 0xffffffffffffff2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x100000, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c)
sendmmsg(r0, &(0x7f0000000440), 0x400000000000211, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000005740)=[{{&(0x7f0000000100)=@nfc_llcp, 0x80, &(0x7f00000015c0)=[{&(0x7f0000000200)=""/110, 0x6e}, {0x0}], 0x2, &(0x7f0000001640)=""/231, 0xe7}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

22:02:10 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, &(0x7f0000000e40)=ANY=[], &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x70)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bpq0\x00'})
r0 = socket(0x0, 0x0, 0x0)
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0xfffffffffffffd5a)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2175, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sysinfo(&(0x7f0000000000)=""/50)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)='ip6tnl0\x00')
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendmmsg(r3, &(0x7f00000092c0), 0x4ff, 0x0)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22, 0x20, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x99a}, 0x1c)
prctl$PR_SET_MM(0x23, 0x3, &(0x7f00002d6000/0x1000)=nil)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000640)={{{@in6=@ipv4={[], [], @broadcast}, @in=@broadcast}}, {{@in6=@loopback}, 0x0, @in=@local}}, 0x0)
fstat(r0, &(0x7f0000000ac0))

22:02:10 executing program 5:
syz_open_dev$sndtimer(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080))
r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$P9_RSTATFS(0xffffffffffffffff, &(0x7f0000000340)={0x43, 0x9, 0x0, {0x0, 0x40, 0x0, 0x8000, 0x0, 0x7, 0x102}}, 0x43)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="00fb389763355ec18966d358049a4aafebd54939ae42f4b4f0ce363092b619c2c309a060111ba358466086d514bba43e88"], 0x1, 0x1)
socket$inet(0x10, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000100)=0xc)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000400)='hugetlb.2MB.failcnt\x00', 0x2, 0x0)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
inotify_add_watch(r0, &(0x7f0000000280)='./file0\x00', 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x27)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000080)=0xda9, 0x4)
sendto$inet(r1, &(0x7f00000012c0)="20268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a7511bf746bec66ba", 0x652b, 0xc, 0x0, 0x27)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0xb55)
poll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x2000}, {r1, 0x404}, {r2}, {0xffffffffffffffff, 0x100}], 0x4, 0xd3e)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
ftruncate(r3, 0x3)

22:02:10 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000180)="11dca5055e0bcfe47bf070")
accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x8000, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c)
sendto$inet6(r1, &(0x7f0000000d00)="e911ae3867dd39d67f1080296a5802411ea73c4d3e33ce5bcc0d183961d938b9619c848c7ebd2700e7c5830ad8dc74b6ceac60c5268300454ba6dd016996b7fcd0eb5d17157bf7d8cbf3e47d463b707d1b484495a1d695299d53baacf32e673e28dafdf5580c65c12137045c1179c54e5f8ab35e202f1bb04cf68d52f2b7259a90eaf0157af7236025eae7c29d4d2040f5c12e1619f9c0965bad1fd6175e734967d7ba6e25d06814bf09b6610545f16d74c24f5d74096dab8554ddc2355963fb192407527b7524e996ddaabe466c47201609f4fb4af56eb262d9e4d48cf0bd077497856b92f7e85c99fb708f580a0c95b4d945eedb59d210bb002dafac7545f194a3b7c1e49f51fc88e99d5cab4ea94849ac51537af16e57f595e0e53d4f17cc14c2f532a9d0eb55261779317d8db84ea0017c8fc7ad5155156600b06e52c0f2f1078d4d79c75378b848221ec98cd5e895f4a40ee82bf618e222ee6cb1ac82ada1010cf6140922f1c092e75bdfdcb9c5f8ee7ecf1741ed2dc2adb7ec06d00c9f4c1262d7708963186572bfa99688b6df6be8e1febb7cd4e62c6e20b5bae9ad979032cf4a1751844ae0e3e9b5bd160e581a6bdfa103e663c3dfcad4bf89403b1b3df1ac670f3bc26a42d6162bdba6d519f143b213a546b5b7e7bf9813b223239959876c0f6b254de1284c7dc1e8ae06f31dfa5a1d9190182f82af0dff4628ee246e42a35793b4c17a37f978cbf81d5fc5c174a4d9a7f2da80252b0897c16a29cc349000de7f196a4769c82147c3451ca0f75f137ad2b58b6c4cd10b9a22f4ca4a2450869b64d69f6451a0250718d1753e4b7240e56050638e60b28befc4b533bef9442c0cec220e7529624b59c4b3eea154de4f4b2ae265eefed9cc483418951a627d7afc8d3e41d5f345b790c97b86db4cacd7885a71cfaebf427429404d8586cac800f67ab2559fda10eb66f02b67c8dfd4c77120ad7b219d9b8fdde324543733186138ae69a884fbe427e6384f8e9ba5f150cd962aeb0f61d02809e300416603e2582d0ac9a7dba1cf813560d264185a879e86092cbca98f472294205cf86ecad86880edfaa4d73839101245389562e7bd9f1861005f47ce15bbad255c1879e9c9c61f4fccdb714ad3edcccc214d9dad38804c91377dcaa572bb112567bc6063a52f897f236a3e62f436e75b657e4fd27c5ec309e103332584b14deb77fd0e363d6efe7d6b4a97a7fe5b79030a0a4888a8dc8002634911f91b16388c05780a49d5ec66361bde0c41aade94573bf4f626e2896d78e3dafa5050ade987f7e1613db515351b7b6fd7e82e70ca37c1c87d9d1373d809c9ebcbdb7a439e3cb484f66fb99ce94d25b1e778799c976b31b2d02db645efdaad08c8c156f94251822079be9199dfac4ee4e014aadfb0d34ac1843b1f0d69f44b2ad2b5d88e769d8c78fddfaa2fb513d9aa7a6c6650bd84a20df99a538153d2549425ae53236ba21de4419754fa750abc9cdc6c660483c330f6e39c7327a2e4c84338f67021cff5189e0e855c3f746a8c919a5c358aea94d474bca78b9353f8c1c7c1d117b6b11e55dd4948efdc23847e85dddb185f3272178095d0a1673a320d6b2816c168a3e2cc2b510bcdc47c786176c4e3aea682845d10122d3ea0378b86a27971184a43e5f761fc0ef857c7b9ea24bf5ba1b33c493982d025f3e8d42e5fa77cc40a3ce6f4990d22425101142ce81936f6bedf319d1580cc2b874fb74ccaa0ae74b7ba728ab1e9439aa93d203b878491223225a80294f649ba0b1620aa754edb5bc6ff7f8ae43628756787d648c9129bf36253b013381c55e004ff66e82b3be229d50fd4b968c9f331e9e21cf9c4a461bbd93f33cc7245ee2497956178ec15c9e7350ddf2592b22c446ed740fd6c66c942222dcb5e3d3b332fe255ad3e43f5128756da6223cde58702df21f53bb661e022d277fd7f34108b6ea407550d4d44a52ca7f3d0904301cf99d92da8115b99b6fc048e35c43069d98a8c1a56b4f52b1c369ebfcce941000000", 0x5a1, 0x400c000, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000000000)="8650f77769735150c7eaaa9e", 0xc, 0x0, 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, 0x0, 0x0)

[  105.226729] SELinux:  unknown mount option
22:02:10 executing program 1:
r0 = gettid()
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x8000, 0x0)
r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000086c0)=[{{&(0x7f0000000440)=@generic, 0x80, &(0x7f0000001940)=[{&(0x7f00000004c0)=""/193, 0xc1}, {&(0x7f00000005c0)=""/17, 0x11}, {&(0x7f0000000700)=""/158, 0x9e}, {&(0x7f00000007c0)=""/54, 0x36}, {&(0x7f0000000800)=""/50, 0x32}, {&(0x7f0000000840)=""/166, 0xa6}, {&(0x7f0000000900)=""/11, 0xb}, {0x0}], 0x8, &(0x7f0000001a00)=""/73, 0x49}}, {{&(0x7f0000001a80)=@l2, 0x80, &(0x7f0000001dc0)=[{0x0}, {&(0x7f0000001c00)=""/11, 0xb}, {0x0}, {&(0x7f0000001c80)=""/177, 0xb1}, {&(0x7f0000001d40)=""/111, 0x6f}], 0x5, &(0x7f0000001e40)=""/44, 0x2c}, 0x6}, {{&(0x7f0000001e80)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, 0x80, &(0x7f0000003000)=[{&(0x7f0000001f00)=""/212, 0xd4}, {&(0x7f0000002000)=""/4096, 0x1000}], 0x2, &(0x7f0000003040)=""/130, 0x82}, 0xfffffffffffffffe}, {{&(0x7f0000003100)=@can={0x1d, <r3=>0x0}, 0x80, &(0x7f00000034c0)=[{0x0}, {&(0x7f0000003240)=""/85, 0x55}, {&(0x7f00000032c0)=""/218, 0xda}], 0x3}, 0x3ff}, {{&(0x7f0000003500)=@caif=@dgm, 0x80, &(0x7f0000003ac0)=[{&(0x7f0000003580)=""/84, 0x54}, {&(0x7f0000003600)=""/68, 0x44}, {&(0x7f0000003680)=""/187, 0xbb}, {0x0}, {&(0x7f0000003800)=""/63, 0x3f}, {&(0x7f00000038c0)=""/75, 0x4b}, {&(0x7f0000003940)=""/29, 0x1d}, {&(0x7f0000003980)=""/173, 0xad}], 0x8}, 0x4}, {{&(0x7f0000003c00)=@isdn, 0x80, &(0x7f0000007100)=[{&(0x7f0000003c80)=""/4096, 0x1000}, {0x0}, {0x0}, {&(0x7f0000005d40)=""/4096, 0x1000}, {&(0x7f0000006e40)=""/224, 0xe0}, {&(0x7f0000006f40)=""/216, 0xd8}, {&(0x7f0000007040)=""/171, 0xab}], 0x7}, 0x100000000}], 0x6, 0x40000002, &(0x7f00000088c0))
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000008900)={r3, 0x1, 0x6}, 0x10)
bind$packet(r1, &(0x7f0000000040)={0x11, 0x10, r3, 0x1, 0x1, 0x6, @local}, 0x14)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="f95a0f34"], 0x4}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140), 0xc}], 0x100000000000005a}}], 0x1, 0x0)
clone(0x20100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r4 = gettid()
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="7e499f5c5fd21dacb7b35ad2998aca50dedea299e5deb90bd622b9f4a177373afcbc3b5bf61816d9160b65cccc061c938047d9953b277929434509c7ecfe9659f8afccc983090dfe92f8ec65fcc8e262ebca23c7e811847e2477054fc0136e136f1c21122803ab2e3a7c209f2ad15cbf989a88b6f264c970c954c01b33dd9e31ea8a7dc73435827acff83babd2e943473102300841ecb2e78bd261b870452493a3426094b006c2694acba7374666ae1dd0b6e1bd8307f1220b4944f972b13c88dad7", @ANYBLOB="9f3388c5b87b558d8aedcbb605ebcfca9bb189d8f1e87738"], 0x0, 0xe1}, 0x20)
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4206, r4, 0x0, 0x0)
tkill(r0, 0x30)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

22:02:10 executing program 0:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x60)
write$cgroup_type(r0, &(0x7f0000000200)='threaded\b', 0x175d900f)
r1 = socket$inet6(0xa, 0x400200000001, 0x0)
r2 = dup(r1)
bind$inet6(r1, &(0x7f0000000600)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r3, &(0x7f0000000040), 0x1c)
r4 = dup2(r3, r3)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000440), 0x132224)
setsockopt$inet6_buf(r4, 0x29, 0x32, 0x0, 0x3da)
fcntl$setstatus(r4, 0x4, 0x42808)
ioctl$EVIOCGUNIQ(r4, 0x80404508, &(0x7f00000000c0)=""/127)
sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$inet_tcp_int(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f00000001c0), 0x4)
r5 = open(&(0x7f00000034c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r5, 0x0, 0x8000fffffffb)

[  105.292369] kasan: CONFIG_KASAN_INLINE enabled
[  105.316501] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  105.327361] general protection fault: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  105.334128] Modules linked in:
[  105.337317] CPU: 1 PID: 2862 Comm: syz-executor.4 Not tainted 4.14.144+ #0
[  105.344323] task: 0000000051ebc5bd task.stack: 0000000016f6728e
[  105.350382] RIP: 0010:do_tcp_sendpages+0x33c/0x1780
[  105.355386] RSP: 0018:ffff8881d45476a8 EFLAGS: 00010206
[  105.360745] RAX: 000000000000000f RBX: 0000000000000000 RCX: 0000000000001212
[  105.368007] RDX: ffffffff8252c8ea RSI: ffffc90002d1d000 RDI: 0000000000000078
[  105.375275] RBP: 0000000000005580 R08: 0000000000000001 R09: 0000000000000001
[  105.382535] R10: fffffbfff2c85ba5 R11: ffffffff9642dd2b R12: ffffea0006b0de80
[  105.389796] R13: dffffc0000000000 R14: ffff88819df81600 R15: 0000000000028000
[  105.397057] FS:  00007fad1c63e700(0000) GS:ffff8881dbb00000(0000) knlGS:0000000000000000
[  105.405272] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  105.411146] CR2: 000000000179a010 CR3: 00000001c9a20001 CR4: 00000000001606a0
[  105.418408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  105.425673] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  105.432934] Call Trace:
[  105.435520]  ? mem_cgroup_uncharge+0x140/0x140
[  105.440100]  ? sk_stream_alloc_skb+0x8a0/0x8a0
[  105.444680]  tcp_sendpage_locked+0x81/0x130
[  105.449000]  tcp_sendpage+0x3a/0x60
[  105.452618]  inet_sendpage+0x197/0x5d0
[  105.456497]  ? tcp_sendpage_locked+0x130/0x130
[  105.461072]  ? check_preemption_disabled+0x35/0x1f0
[  105.466085]  ? inet_getname+0x390/0x390
[  105.470053]  kernel_sendpage+0x84/0xd0
[  105.473943]  sock_sendpage+0x84/0xa0
[  105.477654]  pipe_to_sendpage+0x23d/0x300
[  105.481795]  ? kernel_sendpage+0xd0/0xd0
[  105.485853]  ? direct_splice_actor+0x160/0x160
[  105.490438]  ? splice_from_pipe_next.part.0+0x1e4/0x290
[  105.495796]  __splice_from_pipe+0x331/0x740
[  105.500115]  ? direct_splice_actor+0x160/0x160
[  105.504695]  ? direct_splice_actor+0x160/0x160
[  105.509276]  splice_from_pipe+0xd9/0x140
[  105.513344]  ? splice_shrink_spd+0xb0/0xb0
[  105.517575]  ? security_file_permission+0x88/0x1e0
[  105.522504]  ? splice_from_pipe+0x140/0x140
[  105.526821]  direct_splice_actor+0x118/0x160
[  105.531230]  splice_direct_to_actor+0x292/0x760
[  105.535895]  ? generic_pipe_buf_nosteal+0x10/0x10
[  105.540736]  ? do_splice_to+0x150/0x150
[  105.544702]  ? security_file_permission+0x88/0x1e0
[  105.549631]  do_splice_direct+0x177/0x240
[  105.553776]  ? splice_direct_to_actor+0x760/0x760
[  105.558613]  ? security_file_permission+0x88/0x1e0
[  105.563539]  do_sendfile+0x493/0xb20
[  105.567255]  ? do_compat_pwritev64+0x170/0x170
[  105.571834]  ? __might_fault+0x177/0x1b0
[  105.575891]  SyS_sendfile64+0xab/0x140
[  105.579775]  ? SyS_sendfile+0x150/0x150
[  105.583745]  ? key_put+0x1b/0x80
[  105.587107]  ? do_syscall_64+0x43/0x520
[  105.591077]  ? SyS_sendfile+0x150/0x150
[  105.595044]  do_syscall_64+0x19b/0x520
[  105.598937]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  105.604115] RIP: 0033:0x4598e9
[  105.607294] RSP: 002b:00007fad1c63dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  105.614993] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004598e9
[  105.622251] RDX: 00000000200000c0 RSI: 000000000000000a RDI: 0000000000000008
[  105.629508] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  105.636753] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007fad1c63e6d4
[  105.643998] R13: 00000000004c709e R14: 00000000004dc750 R15: 00000000ffffffff
22:02:11 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000080)="11dca50d5e0bcfe47bf07016cc2927bce4893b9a985cd187c05a0f9fbacff598fc2c4709a63e86b2df7e697fe22e523d")
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffffff)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
getgid()
sendmsg$unix(0xffffffffffffffff, 0x0, 0x20008000)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x8004002, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa)
truncate(&(0x7f0000000240)='./file0\x00', 0x90002)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000340)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
sendfile(r1, r1, 0x0, 0x8800000)
r2 = gettid()
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x4, 0x9, 0x81, r2})

[  105.651248] Code: 24 08 48 0f 44 d8 e8 24 4d de fe 48 85 ed 0f 84 7e 03 00 00 e8 16 4d de fe 48 8d 7b 78 8b ac 24 c8 00 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 28 84 c0 74 08 3c 03 0f 8e 15 11 00 00 2b 6b 78 85 
[  105.670329] RIP: do_tcp_sendpages+0x33c/0x1780 RSP: ffff8881d45476a8
[  105.680816] ---[ end trace 4d09cd56167f6d6b ]---
[  105.686703] Kernel panic - not syncing: Fatal exception
[  105.692694] Kernel Offset: 0x12c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[  105.703650] Rebooting in 86400 seconds..