[   72.602691][   T27] audit: type=1800 audit(1577634621.350:25): pid=9157 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   72.622541][   T27] audit: type=1800 audit(1577634621.350:26): pid=9157 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   72.672366][   T27] audit: type=1800 audit(1577634621.360:27): pid=9157 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   72.770499][ T9226] cat (9226) used greatest stack depth: 22784 bytes left
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.115' (ECDSA) to the list of known hosts.
2019/12/29 15:50:29 fuzzer started
2019/12/29 15:50:30 dialing manager at 10.128.0.26:43381
2019/12/29 15:50:30 syscalls: 2707
2019/12/29 15:50:30 code coverage: enabled
2019/12/29 15:50:30 comparison tracing: enabled
2019/12/29 15:50:30 extra coverage: enabled
2019/12/29 15:50:30 setuid sandbox: enabled
2019/12/29 15:50:30 namespace sandbox: enabled
2019/12/29 15:50:30 Android sandbox: /sys/fs/selinux/policy does not exist
2019/12/29 15:50:30 fault injection: enabled
2019/12/29 15:50:30 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/12/29 15:50:30 net packet injection: enabled
2019/12/29 15:50:30 net device setup: enabled
2019/12/29 15:50:30 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2019/12/29 15:50:30 devlink PCI setup: PCI device 0000:00:10.0 is not available
15:53:31 executing program 0:
recvmmsg(0xffffffffffffff9c, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000c40)=""/23, 0x17}], 0x1, 0x0, 0x0, 0x8}}], 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mkdir(&(0x7f0000000280)='./file0\x00', 0x800000000000000)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x40000802, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x4, 0xc)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x1f)
ioctl$UI_DEV_SETUP(r2, 0x5501, 0x0)
r3 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x2000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
keyctl$join(0x1, &(0x7f00000001c0)={'syz', 0x3})
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x3}, 0xffffffffffffff23)
setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
r5 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r5, 0x2402, 0x0)
r6 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r6, 0x2402, 0x0)
r7 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r7, 0x2402, 0x0)
r8 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r8, 0x2402, 0x0)
r9 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r9, 0x2402, 0x0)
r10 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r10, 0x2402, 0x0)
syz_emit_ethernet(0x7, &(0x7f0000002040)=ANY=[@ANYRESHEX=r6, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRES16=r8, @ANYPTR=&(0x7f00000006c0)=ANY=[@ANYRES16=r0], @ANYPTR=&(0x7f0000000700)=ANY=[@ANYPTR, @ANYPTR64, @ANYRESDEC, @ANYPTR, @ANYPTR, @ANYPTR64, @ANYRES64=r9, @ANYRES32, @ANYRESDEC=r2], @ANYPTR64=&(0x7f0000000780)=ANY=[@ANYRES16], @ANYRESHEX, @ANYRES16, @ANYPTR=&(0x7f00000007c0)=ANY=[@ANYRESHEX=0x0, @ANYRES16=r3, @ANYRES16=r2], @ANYRESDEC=r10, @ANYBLOB="36d3557831729a4f3d618c06d9b675b55cbbc7"], @ANYRESHEX=r1, @ANYRES16=r0, @ANYRESDEC, @ANYBLOB="b2406e50b4cfdf4b7b4fd22ef626e8b6296a0129af9cc32f781330c148bb57adb23b7b036c1fe599ef2ee637c08202600ecdda1765866839d955401181095bf15d802d50449cb1d37bafb46afda903caf28cbb510237bacfffc59abf8f41eebdb761b9af6bec6e89fc7429f1a27c6148cfea994d4368cacb88b778d7ba3c6710d39c2b4b9a654bcc5be0e072215e0448084ce8c4e001ea36ff9c16b9efea1da978b36780407182a0a49ccb1191fb859b91b0812ff1cc9d17a45c34da6b9a7095711b2b01201bfaaebe3036f43ce8b0917584d118023002a30bddfbcd6e675d4e8d0c7041a6fe938221eabad772712c93eedbc36e8bc477647902c039aff83aa65563e3db8c1385c146d402ec1d145912debe3576dd4fdd5ca1f80496bbd4d5d2ca6bceac3c8b2fcc6800e69f87c19d70421817253347c9247294716837033a47fa30b976f5ee0ca8b3c5d8980b4f8aa8342a3cb81a8b3abddcc15954abb51f7069b8260a73a00187a8515f0b14f0364004633af1918e5de7ca51b4b71162073e0504360d7b2a9f1736e50ff8a38d885e62c7f480ebc3e8a8087b93d52afc55c44b90353bedd18d75b268fd1aa655ac38675a4b927476192cf7a89ae19a7668953047f5b31e37ed2e6fabf027632c1bf82305325ec0a6ceb919815e69c8848c0f91a2c2b680ce569cd4c89b4b5575258ad56a1278a41c30fe2daed8eac0648234f6b3811ab3c0eab18c390df566cd85c775c8af83dbbdbd868ce0dc02af757fbb4fa3d43c28802861cb745b336306fc0f0a555025c62ac8fdc487956ea3c06030b1e862bf13fc4f522b810dec88edc41b9740fb4dab18d2cd5b2e0ae5512d743ce8a37af188f9d6b60daef04f7b946b49db6ae1d5a637d07a9bd813a8c66c9ee97c7f67a61177284d15b088753a13c3150be01c9b94e364786c76f79001ff7ee6de8f18391c9c976457bce6917e2dc7485006e23873a8a08d3a4d288c5c9413639a200ab77fe2ff15a0209a3d5efcbf377fc994391ce80376e5e782ab64ca3cee954f51ccc40c732999faf480c8cdcc945c7a67a3b76b045539ea828a35731f9d3d3cea53e926bcd59bf9c06ae5450013e578e373e751d78f0dc014798fd762f6e2a0cacf9ed56b7bb7c3d419ea5f07f53f20bbd76c2b24333fc642ca9bc154891b7b97f72359ace9e87f5f08e0d0544e0b7456ed838a60c854ebbabde4c294197e7b1b876130d919a15e1b27f9ab3f53fb1d195841665678ae1245ab24506736b4a9171d61d503387b81789b6a64dce10193a59aeeda9b9be18719c079745bbe45c4561189a18c173e450e02e08ca7b3101b4832c4565a7425b11191469d9e3000771156d8753048df9a593c7d93d517c6d4129c45dccaca6655d7ab9f653ac43cb6d71063bbff395cf5df2638ed289fb689cf3c8facb47ba52dcf1e7d1d91182591b5557445e0b6be360429e0e1ab86f889cf5fc90252b37d36da5ae14ddb315bda2b01aad57f463afee877a5abd086fc14ff8a766c8e84fd152d9d9d776f999802d63ca5c2c8f8fcda11973fc14c2af42ef43b135358d997c0691f6c63054a028d8f0aad6e3cec0262e1218a6a8909e12dfef7441fb665fa7d61ca9c79668ff6d05942d869c721ed0a46a9b12060728b05cfdd4829d3c8c010f01c5bca958dc96352b8963d2dc71cef73a2ad3d8ff3fe4112022a5c6ee846482a603055c98f578b0dd02c9b0d672315008c26b1e77a9be24cb78da8f0cb21f2421fa81b7c51972e7b23136d29e07beeca12bf637a45a458516bf3c8346caf5386e125b6d3062ecec2ebd927110c388cbe4d4c4466e21f07c929fd15d21b04e6c361bef34446a703414e42c918f3d417733956a0855bfaef1448e9ad4b652dbca94d41e29a65d54ee0c396ea96287ef296f56a6a0bcb13ffa58ea7aa1801e37f65460a5e5f8a66de81dd62d028f4d2582b4f656d76eac3e500765b85fd49ad16db70f8ec616ca9abfc9dccb09b6d29cf964b29a46fa5afb1a7c56efc9d06e72fd4e16b06aa7ced23fdf237f413bb471f19d0ecb019a0022050d643f70682b3d6ac586441560d6e19c9743203760f46626f240b70a8c5ad71e34e368214bc7969c124dd8de89b23b3ffae8d91e06b4d998dac8484fc7de43cc969feaf080b6795ae43861b21c00afb6adb0c80e072b1be56666dcd69e42277008742339b37bd491d04ebeb756659305da29e2d5db2b65d2340f4930a0b1ab99f862a0c947e48acc3139e9065c112d1ff7704e9e6a85a0de3e13a698250efa48a70704b663c554e101313fc83315dc95419d48860d638e7a84528b6e55813353d4be0b584a62aadb20c9d419ed1c4efe6ab4bdbcc3848958e811cc9735d80a836730a5b359983566c34c3993d07a786ed4d8836f599e1f8c613a2b7309faae15e114690ceab7cb13f8534f1fb1c2d912afe457fe308e494f737c2ee4a383b6d110e93e969708da82c0c9d72ff9f9506b3bbb8fea401c6bf1373453dff73a1f29047d86159a07c3db6e9771a12c6e137f560a72b7624fadb375c81160e1f021dfe94377a6827badb1e86bc375dc16f2f482d234f9abf4dbdd644b6d2651048a6e8eb4a8ef97fa4f87dcc5c70e4a23a96ddb2f454ed0f6c13be827619d60a1a643df340385596fbe0ee08980e70b11fb290649781579ec8149c5d5779dea33827f2522ea6a465bdfb4966386cfc8c5b55847f15f8a858bd9ee609ad229d99c1d837d0599741faf5f1e2d064b62e48ab616bcd5da184b38b194cd79ecf6451064c1595f7a038d819463fd1720241977d2cbfc0e26f84a103a700a4f3aadbbe012e08868443c9901fbf05f024235af4e4370bddbe2f57923f23f356b00c18af503dcc22b855058b309aa17e79f0baed969fe5c83ceb1da1bf950ea29a91ba15e6320e3857aead2afba7339c9dd8237d39cb913197ae8aaf892aff2af765fc0a32527d7eaf370b14280ee2b3d19e6e89c34854767c2af9461932a5025059eec8de0300db62fd5f55a51b56449e97dae105843f497320ab065452475cd602f29328203ad29733b814e8e6188748cde037d396c9907f8c585ac2e03c3df943781746fadbaf8caa76f00481b1859912e4af6ac0503bb9403f9c08d8d31d3ae6071eed36d1dc18c3ddda029c2c5fd32100c21a5b66e91e587770c0c18b6788575a55cdbb78a0756615af4eb5b49de6927ca0ade7d95461517b1126ae4021b99780db9d1aab1539f3c8dbe9ac57b7efee14bf353e8a5458aeefe684f6ad4435aa8f65cff5b02c580a979952fe1a429495ade8a7113153b83bb792bef3def58ae8105eeb4ad9251a011e1757b5369d9cf6049111e50e367d5338d1d43b8128f1d012107b54902cd7d6cb7584cf1c1c1c6320d000d463a707d9225a30dc77d85aacb6dcff041877c4db4766e273d9049334c362c2704d5d2232f205d2be2acf5aadde29debc82131f790cfd533fac99aedee5b2ae23add0037abae303c203279e701cfe13a7b490730ed63b7cf6e16b2baa9726d07d9a695d6f62a5ee9ef984d8b2c439e90cad958fc3bd346c0928c4d485e4b6aa513b8e981ebfd34d35be61c0832b3e79e5b832eba24b7103087ea4d8e8df2c3c08e708b6bda753f43584f686543f1a0c4ad382f59186092cc4c8204677410d918eb5929bdcac9a4153a30eed7054af16af97b59781ccd751c4e30218e5dcf496f628985472945e3b4b0be7aab4a554cfdd07c78c82df686c76b9fb19abbda9af611dcc18f5778a0a9372b6aed67807020e0cba55b4031d01637815b07e2aefa79035b0254f8ad090e29dd0698f3ef5b440effd942e471b14b472fb6ec936a2723233fe3e18c0252ff941fdf39ca7c4b6aeff0fcd63cf5fff5a07a2be7952228353f127b01f152b8dc452b76e1e3ebf470a50329d15834a8b07264251b9ea98cfb39d2d21e81e7f15a84722074d9d2bb08600c8380f0fc354febb5873a53396feca2071722b3e544ad625b88bdf06cc630de4ffcc9497a9f021955718861659767333f2da6c0147cab82b5177a1cc0ec80a2e2bf9b18bfb50f5f18aa06a110297f003f9071392f28592e59d9a99c0790f420b618b1c4d7d0b9302fbd5be74db92593260757b69645f1abaefa5a8118c9e608d75d7af8eca8925d5064c5cbf20183462c5f50d46c211e05903fdc1dd153a81b64fb24466e285c67f39c66d2150dbc3776c51cd001b5695dd64cc80dab2f6025f0bd5098e44f54b165d61136da798195506e9efbdff3b7733624f755551269ccab603f885f89e66c9e6ec3180002f946872648f1b5509b5d681ef2fe2c85551c7bca72ee671bec241f500edff4b4e5e570342f2f3128658265ac990a3473eb35b94804966bb4a2b4250632206d64afe77426f2e398548e9a66d0addbf00652408c3b598a06d51f37cffd65c5777600498c74ab885d9300f56b10dcba88ae74f22ef9c538495fa0437be8579c6fc82f74bc21e337041b38f8a884f14d9802666db27f1fc849628283a0166e7b5a21b54f329528449cf1d2d34c377a00bd5cfb0eaf946c1e49886f4e371e9d9b6740c62190ac146a3a22d91ae29ee6cc2f02de38a03ef30366c921091f6108a298a1414cf77004d9499d76702c434da1a70b5a5d4abbaec0dbf63b48ce3e07965fde25b4def058ec815da3b3632752a2735411f92fda1abab2f0a7bb1444a26d154fb895005d56753166a00bf3491a7b1b6f94d6e24671252f36d8efbe5d31bb2279a2fda0cb39674f4809de3b06fa1e14de19a301458f279c58c6e2bf827f4768fb303522aacd317b5159816844c748708fd60ccd1d7597cdad7eb68ca564162a75508c0951adba7ce6c20bcc29d8c46290a67f71756b6dc606348e7a20e666d50f45a58b693f3444f4e5479b2a333f67ead4a80ecdade7f9ac50eb7d42d88a2a2c5d3a9f10cd9b3692b6c927d0ba953c5b618c3a4270fc4ae35308c83e86247554a6043007f599595864dff369e2117c8eaa189a7268f171ebfad6e4e20f3fa32a4176acab801ae1e9fbcb889a4be8f9f7e98abff346b704ddc5975fda0977a02f8b88be3caa1c701c5e7e07dc525d9c8575a94250e64ab4962815d2148fe4f49cf4f54571424128e6aa0f04a5a286cd8c364e5dd04388e135a4983cfe2efa211e2490c95a47348837a63ef1b2809bccce07abff9589245d677578d16724cbfd66754640fc4cb6c0333fe45315afa88a05ab19c41df8197f1faae7120e5a462902882a96646903c244a0ab6f180ce66d374fc1d0d4e34609543cb53500efaaa56834612caa55fb7b0a91bc0c5a0d5138af1e8c24644916fae6d632a18f7d2a6d5bc01dbe2d89851783ec0b8dc97c1e36ebb268735fc03efbdbdc04e661e54c4321dddcbdc2b705e344bf370e5ee2cc8cae38e11b08b9d9a3513822ea1635a329c0197a36d45d70e9edf8a8364696287a8e582bb7b14000d591256def007efafeddd27d29572a3fd83b1644591fb626e04eea4fb0f4422e37542f784d1c3bf254e341054ea6bcc4e684f917cf9fa0924e4307446ad404fa352fe2ca83a42fa5eb75531809560aca9b0d6378c1fbe2303b824d579cb2116beda912ee3194d0c2222cf34bd50d75375188fdd5fe0c1c6f2442a58960159c055c9937602dde5f65d1ad7c726cae166e9762d5950a0c49602a7b65018ea24213a8f9b11e61706027c6892b27edc21eb5fdbce2a25c8a43dfcb13cb3193199b5f9b4c02562c7420511d8c814dc1b2840533e113772f19914d3717d9dcaa5baaa0a244203c89e6d91ce8e", @ANYPTR=&(0x7f0000000440)=ANY=[@ANYPTR64=&(0x7f0000000880)=ANY=[@ANYRESOCT, @ANYPTR64, @ANYBLOB="0da03f81c8a07444c8708228770440011ccc3b16bc6e3cff21045d8515c27eadd620c5a3bb31e5dc8ff331bc2bc2228ca6f348b49cd850ce552b23c138378fac95af4c08abae996badcb2bebcd07a28729d82a0588f1a39b1364a4357f280a8489947fcd9db292e13555a26be133eebdcf427a71b4ae79701a8998fdb11bcfde6090357ed51839c53a3717c678631bdcafbacf003e6f69d5b752662381686a5aaedb4ee2d63146acf6c4f94b52933c2e13cffe1ef4779a0c68e929e2ad5e5deef8a31543f7c8696fda978d562ec92611f0452a8ba653b6f4ef8a98148094a5aeb5d278b0f05eed133eb5c9332c5e2bba9d7077cf3dfed0c4dfc1d55d89857eccd241aa40c102cc6d80f7d302f3a6d7f6c32c605dfa189e8873b6b7bb85bdf9426561443bc9056ba5144401c8b3d798f697625083c5a43899b36e304686fc3b0c"], @ANYRESOCT]], 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="682d7fe48e4ee57d"], 0x0)
r11 = memfd_create(&(0x7f0000000100)='#\'%nodev\x00', 0x0)
r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0)
fchdir(r12)
r13 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
r14 = creat(&(0x7f0000000240)='./file1\x00', 0x0)
setxattr$security_capability(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)='security.capability\x00', &(0x7f0000000340)=@v1={0x1000000, [{0x259a, 0x7fff}]}, 0xc, 0x0)
fallocate(r14, 0x0, 0x0, 0x4005ef0)
fallocate(r12, 0xfffffffffffffffd, 0x2, 0x8001)
fallocate(r13, 0x0, 0x0, 0x8003)
write(r11, &(0x7f0000002000)='/', 0x1)
sendfile(r11, r11, &(0x7f0000000200), 0x87)
sendfile(r11, r11, &(0x7f0000000240), 0xfec)
fcntl$setsig(r4, 0xa, 0x26)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r11, 0x0)
mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0)

15:53:31 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
open(0x0, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, 0xffffffffffffffff)
fstat(r0, 0x0)
ioctl$SG_GET_ACCESS_COUNT(0xffffffffffffffff, 0x2289, 0x0)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$EVIOCGABS3F(0xffffffffffffffff, 0x8018457f, 0x0)

syzkaller login: [  263.223141][ T9323] IPVS: ftp: loaded support on port[0] = 21
[  263.442554][ T9323] chnl_net:caif_netlink_parms(): no params data found
[  263.463072][ T9326] IPVS: ftp: loaded support on port[0] = 21
15:53:32 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f00000009c0)='/dev/input/event#\x00', 0x0, 0x5)
write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8)
r1 = dup(r0)
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket$inet6(0xa, 0x0, 0x0)
ioctl$TIOCCBRK(r1, 0x5428)

[  263.541949][ T9323] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.569806][ T9323] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.589586][ T9323] device bridge_slave_0 entered promiscuous mode
[  263.604495][ T9323] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.613255][ T9323] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.621824][ T9323] device bridge_slave_1 entered promiscuous mode
[  263.656478][ T9323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.671497][ T9323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  263.706794][ T9323] team0: Port device team_slave_0 added
[  263.718298][ T9323] team0: Port device team_slave_1 added
15:53:32 executing program 3:
ptrace$getregset(0x4204, 0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=""/130, 0x82})
clone(0x28b84900, 0x0, 0x0, 0x0, &(0x7f0000000300))
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)="0272aae16e010f05dfd5d71cc8bab91d6d936cf44cd317b97f2a55de2da11f6e18b9d00ffc2ffadbfb9717eba42e7fe4c05cb583ea3eda7784d6295485da75d990180231f59ebe181b2c1efb0834ccb53d1cec4a6f2a239e64b7933129033faecb9e1ba890153d5a7b44e714cda28b4f3fcba183aa4829e8639470759738801af931737681657f6decd5d726312531bc25ba09f691da22dfa2773bad6958f651438f5aec2b0a627181f982be1b312614ee1fb7ead43f88c89ac6fef1ea610820076a16019cc346d8884480141ebb45dbcb6b59c73822fd33b7f22ff104ad68db421422335d97ce336d513503de9d4a62d3d7b29b2f969add4af8c0b339ff750804c0a0f91011c34854d5e076ed7592bc914d44eee8e0080e510b224edcb1aacefd47a6eb51627a52fac53eed4cc9a20246a637eb5e95ce9028da700daf4089a89ca94c84c37738754288f1aa22eaa4ba6cdda04b3b1fb846c64802809bd2a65a6f7919847b65956fb34a9ee698c8057c7ee6f33c20e4b96ebdca22a4dc6d1a61df20edd8205cc448ed6b846ff0b6c35a4963e48427c098a542f36a055d2161f74ad26a867740f64ed44aed19a4d5582b0a99f8c8a5781c91477302cf1e929bbec534eb4fc6b62b203bcc627913d817f57db502d57be3205727e2c6e47d2d201885eb6455273276e3a35a80d5aedbbac70a1b0a9173c797608479a7631eb8b63195efe23f354a7615900b191ed2e0053cebd06218df7fccf1717434a11c812057f083431a22cbacd089927d7c1509b0e94624b130b8aadd0af89eb4b6bfcc4cf67db95bd731892be3f1a2bf17917f4525f6e3463f331378f7ee7a872721ade7a62c16bf0e4c4a25971c9e64ca3a55ef13eddc6d6557931f149a0929cb87b8371e354ef6f06b1abfb506d5b6c7d35b51dabd94a4d816fbd3491e17c0094a659053724b94da23e5d9b4d260ef723929d79f14361ddab19bde5a05677c161ce38324c9264288dde2d398d52f87cf72a9e2db8a67b79598ef9f8fb5ac41fab294f21026f12c843afb510d2dff09f709aee946d38fe1f5304a11185bdf08e92ea42cfd576508359bd538195a0737c29445cda5504ddab67ebd1310dc8efc0380db010da701d2ffdc26575535f289535d625debc3494a7b3c20ff63c3b984812a7de5f2fd69580ec787de4a5c2ea293530a2f1fce30558b6dcb6776dcb256f817078849e597dd5651f65bcccccff1749cb46a79f37005a8ef555976a33eec417ce523ec5a94c8bfc8d2e61adad9f7759529bb7dc46d3954853aabe78f77e365075c04ee83091967504f7116d10fc2e3f3ef1ffc311397cffadb2ca0fcd4e18b44e08346192dba9840470b92a5a44d15df225f020abc62636c97509063f8d3633d8c0bc1fc783fd8f15d388dfa391c31b176ee3c730b765345d3a19300980566196ba633"})
syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "01fada02f9c404bcffbc90c62c00"})
recvmsg(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0xb3}, 0x0)

[  263.852223][ T9323] device hsr_slave_0 entered promiscuous mode
[  263.909262][ T9323] device hsr_slave_1 entered promiscuous mode
[  263.976193][ T9328] IPVS: ftp: loaded support on port[0] = 21
[  264.043153][ T9326] chnl_net:caif_netlink_parms(): no params data found
[  264.076655][ T9331] IPVS: ftp: loaded support on port[0] = 21
15:53:32 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={[{@fat=@dos1xfloppy='dos1xfloppy'}]})

[  264.155656][ T9323] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  264.233093][ T9326] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.242539][ T9326] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.261162][ T9326] device bridge_slave_0 entered promiscuous mode
[  264.293162][ T9323] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  264.364607][ T9323] netdevsim netdevsim0 netdevsim2: renamed from eth2
15:53:33 executing program 5:
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000))
clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={0x0, 0x989680}, &(0x7f00000000c0))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

[  264.422727][ T9326] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.434409][ T9326] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.445755][ T9326] device bridge_slave_1 entered promiscuous mode
[  264.474848][ T9323] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  264.565381][ T9334] IPVS: ftp: loaded support on port[0] = 21
[  264.571658][ T9326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.605125][ T9326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.629679][ T9337] IPVS: ftp: loaded support on port[0] = 21
[  264.674513][ T9326] team0: Port device team_slave_0 added
[  264.682929][ T9326] team0: Port device team_slave_1 added
[  264.725760][ T9328] chnl_net:caif_netlink_parms(): no params data found
[  264.831689][ T9328] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.839467][ T9328] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.847132][ T9328] device bridge_slave_0 entered promiscuous mode
[  264.861547][ T9328] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.868696][ T9328] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.876692][ T9328] device bridge_slave_1 entered promiscuous mode
[  264.895749][ T9331] chnl_net:caif_netlink_parms(): no params data found
[  264.970048][ T9326] device hsr_slave_0 entered promiscuous mode
[  265.018336][ T9326] device hsr_slave_1 entered promiscuous mode
[  265.058117][ T9326] debugfs: Directory 'hsr0' with parent '/' already present!
[  265.085700][ T9328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  265.138325][ T9328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  265.261714][ T9328] team0: Port device team_slave_0 added
[  265.283056][ T9331] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.290450][ T9331] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.298445][ T9331] device bridge_slave_0 entered promiscuous mode
[  265.331480][ T9328] team0: Port device team_slave_1 added
[  265.340697][ T9331] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.348649][ T9331] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.356400][ T9331] device bridge_slave_1 entered promiscuous mode
[  265.369756][ T9326] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  265.421625][ T9326] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  265.483960][ T9334] chnl_net:caif_netlink_parms(): no params data found
[  265.500299][ T9337] chnl_net:caif_netlink_parms(): no params data found
[  265.509983][ T9326] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  265.565054][ T9331] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  265.587350][ T9326] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  265.711292][ T9328] device hsr_slave_0 entered promiscuous mode
[  265.748454][ T9328] device hsr_slave_1 entered promiscuous mode
[  265.808111][ T9328] debugfs: Directory 'hsr0' with parent '/' already present!
[  265.825583][ T9331] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  265.880903][ T9323] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.916923][ T9331] team0: Port device team_slave_0 added
[  265.944966][ T9337] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.952339][ T9337] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.960205][ T9337] device bridge_slave_0 entered promiscuous mode
[  265.969268][ T9337] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.976358][ T9337] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.984746][ T9337] device bridge_slave_1 entered promiscuous mode
[  265.996937][ T9331] team0: Port device team_slave_1 added
[  266.003317][ T9328] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  266.060176][ T9334] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.067358][ T9334] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.075228][ T9334] device bridge_slave_0 entered promiscuous mode
[  266.085377][ T9334] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.092635][ T9334] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.100601][ T9334] device bridge_slave_1 entered promiscuous mode
[  266.124396][ T9337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.137582][ T9328] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  266.182615][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  266.191881][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  266.209411][ T9323] 8021q: adding VLAN 0 to HW filter on device team0
[  266.217539][ T9337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.239730][ T9328] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  266.360566][ T9331] device hsr_slave_0 entered promiscuous mode
[  266.398741][ T9331] device hsr_slave_1 entered promiscuous mode
[  266.447975][ T9331] debugfs: Directory 'hsr0' with parent '/' already present!
[  266.460085][ T9328] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  266.523319][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  266.532054][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  266.544175][ T3021] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.551379][ T3021] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.559518][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  266.568545][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  266.576875][ T3021] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.583985][ T3021] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.591724][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  266.602142][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  266.611372][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  266.620255][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  266.630435][ T9334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.642069][ T9334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.658503][ T9337] team0: Port device team_slave_0 added
[  266.687399][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  266.696835][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  266.707282][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  266.716101][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  266.727240][ T9334] team0: Port device team_slave_0 added
[  266.735768][ T9337] team0: Port device team_slave_1 added
[  266.761457][ T9334] team0: Port device team_slave_1 added
[  266.782847][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  266.793473][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  266.811697][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  266.821695][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  266.844619][ T9331] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  266.900407][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  266.960214][ T9334] device hsr_slave_0 entered promiscuous mode
[  266.998290][ T9334] device hsr_slave_1 entered promiscuous mode
[  267.038124][ T9334] debugfs: Directory 'hsr0' with parent '/' already present!
[  267.063879][ T9331] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  267.114953][ T9331] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  267.212189][ T9337] device hsr_slave_0 entered promiscuous mode
[  267.278466][ T9337] device hsr_slave_1 entered promiscuous mode
[  267.328122][ T9337] debugfs: Directory 'hsr0' with parent '/' already present!
[  267.343061][ T9331] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  267.459492][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  267.466963][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  267.506647][ T9323] 8021q: adding VLAN 0 to HW filter on device batadv0
[  267.537479][ T9337] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  267.590217][ T9334] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  267.630819][ T9334] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  267.671809][ T9334] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  267.747499][ T9326] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.755317][ T9337] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  267.802786][ T9337] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  267.859227][ T9334] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  267.912901][ T9337] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  267.946211][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  267.957932][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  267.975899][ T9326] 8021q: adding VLAN 0 to HW filter on device team0
[  268.010834][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  268.020530][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.030045][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.037161][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.076970][ T9328] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.108835][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  268.140152][ T9328] 8021q: adding VLAN 0 to HW filter on device team0
[  268.152254][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  268.161140][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  268.170360][ T9336] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.177470][ T9336] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.192151][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  268.203187][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  268.217427][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  268.226740][ T9336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  268.254617][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  268.263619][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  268.276710][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  268.297718][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  268.306563][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  268.338314][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  268.346675][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  268.377488][ T9331] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.389333][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  268.400807][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.410351][ T3720] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.417535][ T3720] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.428269][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  268.437020][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  268.446379][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  268.461626][ T9326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
15:53:37 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0xc, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  268.510129][ T9331] 8021q: adding VLAN 0 to HW filter on device team0
[  268.531185][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  268.540397][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  268.550125][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.557201][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.566227][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  268.591544][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  268.600878][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  268.609642][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  268.630938][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  268.644635][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  268.654539][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  268.683268][ T9334] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.705751][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  268.715435][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.724242][ T3021] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.731364][ T3021] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.739870][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  268.749452][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  268.757802][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  268.766007][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  268.774465][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
15:53:37 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0xc, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  268.789654][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  268.804434][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  268.838345][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  268.847175][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  268.862628][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.869803][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.881818][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  268.894116][ T9334] 8021q: adding VLAN 0 to HW filter on device team0
[  268.919011][ T9337] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.930012][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  268.949000][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  268.957333][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  268.967458][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  268.975077][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  268.985267][ T9328] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
15:53:37 executing program 0:

[  269.000032][ T9326] 8021q: adding VLAN 0 to HW filter on device batadv0
[  269.017977][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  269.026726][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  269.036834][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  269.074255][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  269.109147][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
15:53:37 executing program 0:

[  269.118966][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  269.127833][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  269.144214][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  269.154850][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  269.163617][ T9333] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.170755][ T9333] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.174430][ T9337] 8021q: adding VLAN 0 to HW filter on device team0
[  269.197801][ T9331] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
15:53:38 executing program 0:

[  269.217306][ T9331] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  269.284824][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  269.309324][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
15:53:38 executing program 0:

[  269.335913][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
15:53:38 executing program 0:

[  269.394438][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  269.419845][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  269.429254][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  269.438709][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  269.447172][ T9333] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.454297][ T9333] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.504217][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  269.520471][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  269.539513][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
15:53:38 executing program 1:

[  269.558254][ T9333] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.565363][ T9333] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.579995][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  269.588998][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  269.597449][ T9333] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.604569][ T9333] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.619589][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  269.644089][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  269.673242][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  269.689483][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  269.699408][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  269.706865][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  269.714625][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  269.723837][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  269.740560][ T9331] 8021q: adding VLAN 0 to HW filter on device batadv0
[  269.757419][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  269.766928][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  269.774970][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  269.784045][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  269.792291][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  269.801254][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  269.809861][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  269.818570][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  269.826904][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  269.835670][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  269.844540][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  269.866657][ T9334] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  269.879427][ T9334] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  269.897274][ T9328] 8021q: adding VLAN 0 to HW filter on device batadv0
[  269.904963][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  269.913485][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  269.923051][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  269.931506][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  269.940314][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  269.957358][ T9337] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  269.970401][ T9337] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  269.988080][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  269.996543][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  270.014012][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  270.026130][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  270.053652][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  270.074721][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  270.085962][ T9333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  270.104948][ T9334] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.190592][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  270.209319][ T3021] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  270.224907][ T9337] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.627097][ T9404] FAT-fs (loop4): bogus number of reserved sectors
[  270.650418][ T9404] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  270.683094][ T9404] FAT-fs (loop4): Can't find a valid FAT filesystem
15:53:42 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001280)=ANY=[@ANYBLOB="340000001000010400"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000140012000c00010062726964676500000300020092ab29e6bc90313f5c14a8d5d4534e466f18e765b4fd8e0e0ffabd5f884b8215627962f7a4aab6691329692afb3fdcc3e7378871f430fe0e63a139f8432b7c88d952fec2b4b0543063914575e89dce08917ef4c83982304f91f231dc1ecf62c4bf0541ff2b5060b6a4d69b9403c96422fd8632e43e946636599dedd725bcd83c8971198e43a29e4b1c15388e01dee5bf7c4e128ff5b5c146c15db0684e76186c1d4209d8b4158f7b359d8efa69231277e09c47884e9fb0b010687409fc6fa73c91c9504b4460a91a865e0897f10dc1c1e0edc0d560f18478d67cc5cf8dbb0ee5003f6cc7185e99bc93bcb9eb76abba12076a8d076c853092edeb3f4224c4e770006630b3a7e43c7e4c90ce6a20fac946584d406aa1cc75103f746d1f026456e44c9a39c62eecdb8bb82ca275e24c5c9095cbc8a6701a2447f9f6e6e4a372717366f176f0e4df46e9e28ede8a00e2a8b3dc"], 0x34}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$sock_inet6_SIOCSIFADDR(r6, 0x8916, &(0x7f0000000080)={@ipv4={[], [], @multicast2}, 0x0, r4})

15:53:42 executing program 0:

15:53:42 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x1, 0x0)
socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, 0x0)
ioctl(r0, 0xffffffffc0c0583b, &(0x7f0000000100))

15:53:42 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:53:42 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:53:42 executing program 5:
ptrace$getregset(0x4204, 0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=""/130, 0x82})
clone(0x28b84900, 0x0, 0x0, 0x0, &(0x7f0000000300))
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)="0272aae16e010f05dfd5d71cc8bab91d6d936cf44cd317b97f2a55de2da11f6e18b9d00ffc2ffadbfb9717eba42e7fe4c05cb583ea3eda7784d6295485da75d990180231f59ebe181b2c1efb0834ccb53d1cec4a6f2a239e64b7933129033faecb9e1ba890153d5a7b44e714cda28b4f3fcba183aa4829e8639470759738801af931737681657f6decd5d726312531bc25ba09f691da22dfa2773bad6958f651438f5aec2b0a627181f982be1b312614ee1fb7ead43f88c89ac6fef1ea610820076a16019cc346d8884480141ebb45dbcb6b59c73822fd33b7f22ff104ad68db421422335d97ce336d513503de9d4a62d3d7b29b2f969add4af8c0b339ff750804c0a0f91011c34854d5e076ed7592bc914d44eee8e0080e510b224edcb1aacefd47a6eb51627a52fac53eed4cc9a20246a637eb5e95ce9028da700daf4089a89ca94c84c37738754288f1aa22eaa4ba6cdda04b3b1fb846c64802809bd2a65a6f7919847b65956fb34a9ee698c8057c7ee6f33c20e4b96ebdca22a4dc6d1a61df20edd8205cc448ed6b846ff0b6c35a4963e48427c098a542f36a055d2161f74ad26a867740f64ed44aed19a4d5582b0a99f8c8a5781c91477302cf1e929bbec534eb4fc6b62b203bcc627913d817f57db502d57be3205727e2c6e47d2d201885eb6455273276e3a35a80d5aedbbac70a1b0a9173c797608479a7631eb8b63195efe23f354a7615900b191ed2e0053cebd06218df7fccf1717434a11c812057f083431a22cbacd089927d7c1509b0e94624b130b8aadd0af89eb4b6bfcc4cf67db95bd731892be3f1a2bf17917f4525f6e3463f331378f7ee7a872721ade7a62c16bf0e4c4a25971c9e64ca3a55ef13eddc6d6557931f149a0929cb87b8371e354ef6f06b1abfb506d5b6c7d35b51dabd94a4d816fbd3491e17c0094a659053724b94da23e5d9b4d260ef723929d79f14361ddab19bde5a05677c161ce38324c9264288dde2d398d52f87cf72a9e2db8a67b79598ef9f8fb5ac41fab294f21026f12c843afb510d2dff09f709aee946d38fe1f5304a11185bdf08e92ea42cfd576508359bd538195a0737c29445cda5504ddab67ebd1310dc8efc0380db010da701d2ffdc26575535f289535d625debc3494a7b3c20ff63c3b984812a7de5f2fd69580ec787de4a5c2ea293530a2f1fce30558b6dcb6776dcb256f817078849e597dd5651f65bcccccff1749cb46a79f37005a8ef555976a33eec417ce523ec5a94c8bfc8d2e61adad9f7759529bb7dc46d3954853aabe78f77e365075c04ee83091967504f7116d10fc2e3f3ef1ffc311397cffadb2ca0fcd4e18b44e08346192dba9840470b92a5a44d15df225f020abc62636c97509063f8d3633d8c0bc1fc783fd8f15d388dfa391c31b176ee3c730b765345d3a19300980566196ba633"})
syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "f9c404bcffbc90c62c00"})
recvmsg(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0xb3}, 0x0)

15:53:42 executing program 0:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f00000000c0)={0x4401, 0x2, [0x1, 0x100000c5]})
r2 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r2, &(0x7f0000002e80)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
getpid()
sched_setscheduler(0x0, 0x5, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = openat$sequencer2(0xffffffffffffff9c, 0x0, 0x214400, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x32c08}, 0x0, 0xffffffffffffffff, r3, 0x0)
getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x8)
listen(r2, 0x2002)
r4 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r4, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
close(r2)
ioctl$int_in(r0, 0x0, &(0x7f0000000240))
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)=0x80)
r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045003, &(0x7f0000000040))

[  274.048799][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  274.053805][ T9429] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
15:53:42 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:53:42 executing program 5:
r0 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
ioctl$EVIOCGABS2F(0xffffffffffffffff, 0x8018456f, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$P9_RCLUNK(r1, 0x0, 0x0)
shutdown(r1, 0x0)

[  274.166276][ T9436] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  274.191162][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  274.268490][    C0] hrtimer: interrupt took 69867 ns
15:53:43 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
add_key$keyring(&(0x7f0000000980)='keyring\x00', &(0x7f00000007c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000940)='big_key\x00', 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd}, {0x108004, 0x0, 0x0, 0x0, 0x0, 0xff}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x80000]})
ioctl$SNDCTL_DSP_SETDUPLEX(0xffffffffffffffff, 0x5016, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x81)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
r5 = dup3(0xffffffffffffffff, r3, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0x8040ae9f, 0x0)
dup2(r5, r4)
sendmmsg$inet6(r5, &(0x7f0000002840)=[{{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)="63060c38d70f3ef125840ae0835a3bcaf8d3c7df2da53133dfefb1520d1ca8aa954c0ea2e875625988fcafe4f4046793a23d84df1f1ade1f101a5ca8d33ef6555a5fc4ebc918249bb17d0b28db29f47f082958fc7d", 0x55}, {&(0x7f0000000440)="0bb1cf4740320928f11c8ee76e2989942030232cb224bc60f33cdb27e14cba5df268f2e84b46d78d846d3457b5b0623642a8db41ff6720c055b3ac7653d693956c86035fb207ed5363b3067f9dc1ed6a0ea9b1f8c600134d31d8afd420b815f68b1ab23b36c4a47e1fd43698c2f061be996681e3a1911c81502ba37c7db246dec5b159fc80eb84054d0472d25d99b470f053f984be33b408f5484afe15284d289a9133a391898fd2f9d868384384446a88f6ad59e84a0c2a24bc05faea945350f1fdb9b60fe089234b173a1f8c454bdb436e3912b6352fec1b58a1e22f597176c4861b3a5504678eddbeb66f34b7a57d4c5f", 0xf2}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6, &(0x7f0000001b40)=[@dontfrag={{0x14}}, @dstopts={{0xc0, 0x29, 0x37, {0x58, 0x14, [], [@pad1, @generic={0x4, 0x11, "efe1618d1dced374cf225e6aa0a989d156"}, @generic={0x0, 0x8f, "906016fbf2e0e50ec7e5d4338eac1955e6a4fcc2f96fb0fe8ba9960cbd36fa59ef3bbd762f843fa14871c78984f5920ce2942390173291a4fd708440f9ae056d8bf0dc248db65a14d9806c660f5c420e91944c565d5d320e9ce8e82cd5061d7713e59cded2b0060929e5bca3302eb70a889c79f109a26afaae4419b6283037e887a9dd025087799842bb103ed2f1c9"}]}}}], 0xd8}}, {{0x0, 0x0, &(0x7f0000002100)=[{&(0x7f0000000780)}, {&(0x7f0000001c80)="72c8dbe76c0b8b36d3bd88380f2512dec77490d2d5620f98d4df1c4522d3e06c58614d1d5a50727cdefead1b5a9abc805407535fdce8999fa4ff0b807d4248de666fefbd7ae659b12ba6a4730ea99ea2f5088a5143151c62f8605d499cb0", 0x5e}, {0x0}, {0x0}, {0x0}, {&(0x7f0000002000)="6ac6739f63120e502302be8c8186f6e351b6337438f7ab07225752ce246425aa2d821e52e0c714f9754d96b7e671e2980c266566996b53a0bd06005c9d71f9714b1648906817d499c2beef0945ef945d12dd4dc7335ade63c1f4d222d3e77af2dfee83accc7ddce0a4d8245167859e7d5178b2a5e7cd9d386a6bfd431a3e40525b1b90afdd225debca69598b0bb10aebb764c6e5cbee40a5a566293a90ba763fbb7624a5bbb43571236b7ebed04311df5c7c75c97a16270370e66493e0119c935689d9efa6f2c29e74ae8d3c4cd31aeefa8ec4b8e8dd7d70", 0xd8}], 0x6, &(0x7f0000002180)=[@rthdr={{0x28, 0x29, 0x39, {0x8, 0x2, 0x0, 0x9, 0x0, [@empty]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x8}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x1000}}, @rthdr={{0x28, 0x29, 0x39, {0xdaabf1249b7f99a9, 0x2, 0x4, 0x9, 0x0, [@rand_addr="0113b20cbd27cca8990c3ec306451d8d"]}}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x2, 0x0, [], [@pad1, @ra]}}}, @tclass={{0x14}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x7}}], 0xd0}}, {{&(0x7f00000022c0)={0xa, 0x4e22, 0x1, @remote, 0x8}, 0x1c, &(0x7f00000025c0)=[{&(0x7f0000002380)}, {&(0x7f00000024c0)="1d829798bdf64a13b161c56ec15dbbe6390c79f4bc2e0678dbc811db13ca211b3ad3a0cbe70f637107ef769ba1a1b0da2765dd1aefaf5c44d71ff6efe49cb5fac862ee8f052dcb854c3b1cf4c28197a4f77c5e40063eb02a6b2cd100aaeda86fc2aa2cd9ac35405ece883c6b9affb550dfb9eb7b7ff116d8054147276b7db4c5940b5076bb415ef173b87dc833aac36a98d234a94ac84e7066e1a99f581b50b3d6c45f9f753cba7fb4b0c4cb9dd5df5a213b767d4e09c93e7cb58ca0459140ce2ffc9fa90fe7056d60c06c1b4b2e41ad97a1b1527362f96df77c4617e03460b3a841cd7cdfd715f405df2e172b22", 0xee}], 0x2, &(0x7f0000002600)=[@rthdrdstopts={{0x88, 0x29, 0x37, {0x33, 0xd, [], [@ra={0x5, 0x2, 0x7}, @generic={0x0, 0x60, "f29a2bf305f6025d523eefc9ade27086f3958ea0cd8e6abc3285772e7d9f6851facc5bbda31394a665b3fe504c98ee0ca92bbb61340cc08985cd05fd321fc11daa23380ab7b77d9f481527e261149706ffd1ce4533ff9982b7333786a6ac35e2"}, @ra]}}}, @dstopts={{0xa0, 0x29, 0x37, {0x0, 0x10, [], [@hao={0xc9, 0x10, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @generic={0x1, 0x1e, "8a6ac7a2c18fedb152beb469d967e91bd1cf4e443e70a0055afe0ead5654"}, @enc_lim={0x4, 0x1, 0x5}, @hao={0xc9, 0x10, @mcast1}, @hao={0xc9, 0x10, @mcast1}, @jumbo={0xc2, 0x4, 0x9}, @calipso={0x7, 0x20, {0x100, 0x6, 0x8, 0x7ff, [0x0, 0x37, 0x40]}}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0xff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x4}}, @flowinfo={{0x14, 0x29, 0xb, 0xffffffff}}, @dstopts={{0x28, 0x29, 0x37, {0x0, 0x2, [], [@padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x1}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x2c, 0x8, 0x1, 0x0, 0x0, [@mcast2, @empty, @loopback, @empty]}}}], 0x1f0}}], 0x3, 0x800)
syz_open_dev$dri(0x0, 0x0, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x101000, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, &(0x7f0000000000), 0x4)

15:53:43 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:53:43 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
r0 = getpid()
tkill(r0, 0x9)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0x5}, 0x10)
write(r1, &(0x7f0000000040)="240000001a005f0314f9f407160904001100000000020001000200000800040003000000", 0x24)

[  274.425329][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
15:53:43 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:53:43 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='\x00\x00\x00\x00\x00egy\xc5\x8e\xcb\x1c\xf8\x8f\xca;\xa3?\xad\xae\x0f\xb5\x97ao3\xab\xcdY\x9a\xe3\xe5\xe1\xf4\x87\xac\xad\x80\xa3P\x8c\xea\x9c\xc7\x00\xeb\xf4X#\xe34\x80O]\x87\xdd\x894\xdal;w\xf8\xf8\v?v\xf0\xb8\xda=|\xa4\xba\xbbiq!\xd8g\xb7I\x12\x80')
openat$cgroup_ro(r0, &(0x7f0000000b00)='mem\x00\x01y7SwaS.\x06ur\x89\xc9B\xab\xe3\xfarent\x00\xaa\x1a\xfd\xae\v\xbf\xd8d\xbb\xaf9Q\xde\xfb\x1fY\xfb\x8do\xd1\x16\xce(\x82\xf1\xbf{5Z\x13\x15\x14\xd7\xb8\xce\xf20\x1e\xc0\xc2\xed<?\xc7\xb6s\xca\xff\x96\x9a}+Q\xd2\xd9{\xca\x86Vw\xde\xb3\x86\x91\xfd\xb5p\xdb$ j\xfb\xf8\xedw\xf4\x161a.\xc7\n\xe0X?\xc4\xf4BW\x01\x1f-\xcc\x01\xd0W\xc8\xf09\fV\x1b|A)\xb8\xda#NP\x1c\x9d\x93#V\x9f\"Kgn{\x96\xaa\xbd0\x8ef\x9d\xb88CP(}w\x8c\xbb\xdc%\ax \x10\xd1\n(\xa8=\xf54\xa9\xcb\xe9\x97T\xcf\xcf\x87t\x81\xfa\xaa\xf30\x8b\xb7\xea\xfc^\xb6\x95\x87E\x11\x89\x7f\xa0m\xd3&\tHvtD\x83\\6\xe0t\xa8\xdd\xa3\xa4\xd2\xb9\xb9{+\x1d\xa3\xd5Z;]*2\x99Os\bVW5\xe6\xe7\xdb\x95\x8d\xffY\xe0s\x7f\x9eK,\xae\xaeX\x15M@\xdd\x04`\xea\x03\xf7\x7f:\xc8HU3\xabX}\xa7S8s\xdb_\xc5\x9c\xc9Rw\x90G\xf3J\x9c\x8f\x91\xa1\xd6\x055?m\xed\x94\x9c\xb7(\x0f\xd3\xbc\xba\xc6T\xdd\x15\xf7+*Z3\x8e_Z\xa3k\xe4R\x1e\xc8\vYV\x8a\x8d\xad\x8cI\x88\fM\x19JX\x1f\xffe#|\x06\xfa86\xcb\x93\xea\xab\xcc\x864fC*I\x7fM\t7\x94}\x06\x1d\xc3\x9co-\xdd\xa6\x1b\xa8_\x1fBl\xc4:\xae\xfe4\x9e\xa9T\x91\xd9w\x05\xf8{\xd6@', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$dV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/370)
lseek(r1, 0x203ffffd, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xf}, 0x20000357)
write$RDMA_USER_CM_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
mremap(&(0x7f0000433000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f000007f000/0x1000)=nil)

[  274.505028][ T9463] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
15:53:43 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f0000008c80)=[{{&(0x7f0000002380)=@pppol2tpin6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f0000008f40))

15:53:43 executing program 2:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0xf, 0x0, 0x0, [{}]}]}}, &(0x7f0000000300)=""/250, 0x32, 0xfa, 0x8}, 0x20)

[  274.793092][ T9479] BPF:[1] DATASEC (anon) 
15:53:43 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

[  274.828082][ T9479] BPF:size=0 vlen=1
[  274.833177][ T9479] BPF: 
[  274.836066][ T9479] BPF:size == 0
[  274.877993][ T9479] BPF:
[  274.877993][ T9479] 
15:53:43 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
add_key$keyring(&(0x7f0000000980)='keyring\x00', &(0x7f00000007c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000940)='big_key\x00', 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd}, {0x108004, 0x0, 0x0, 0x0, 0x0, 0xff}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x80000]})
ioctl$SNDCTL_DSP_SETDUPLEX(0xffffffffffffffff, 0x5016, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x81)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"})
r5 = dup3(0xffffffffffffffff, r3, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0x8040ae9f, 0x0)
dup2(r5, r4)
sendmmsg$inet6(r5, &(0x7f0000002840)=[{{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)="63060c38d70f3ef125840ae0835a3bcaf8d3c7df2da53133dfefb1520d1ca8aa954c0ea2e875625988fcafe4f4046793a23d84df1f1ade1f101a5ca8d33ef6555a5fc4ebc918249bb17d0b28db29f47f082958fc7d", 0x55}, {&(0x7f0000000440)="0bb1cf4740320928f11c8ee76e2989942030232cb224bc60f33cdb27e14cba5df268f2e84b46d78d846d3457b5b0623642a8db41ff6720c055b3ac7653d693956c86035fb207ed5363b3067f9dc1ed6a0ea9b1f8c600134d31d8afd420b815f68b1ab23b36c4a47e1fd43698c2f061be996681e3a1911c81502ba37c7db246dec5b159fc80eb84054d0472d25d99b470f053f984be33b408f5484afe15284d289a9133a391898fd2f9d868384384446a88f6ad59e84a0c2a24bc05faea945350f1fdb9b60fe089234b173a1f8c454bdb436e3912b6352fec1b58a1e22f597176c4861b3a5504678eddbeb66f34b7a57d4c5f", 0xf2}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6, &(0x7f0000001b40)=[@dontfrag={{0x14}}, @dstopts={{0xc0, 0x29, 0x37, {0x58, 0x14, [], [@pad1, @generic={0x4, 0x11, "efe1618d1dced374cf225e6aa0a989d156"}, @generic={0x0, 0x8f, "906016fbf2e0e50ec7e5d4338eac1955e6a4fcc2f96fb0fe8ba9960cbd36fa59ef3bbd762f843fa14871c78984f5920ce2942390173291a4fd708440f9ae056d8bf0dc248db65a14d9806c660f5c420e91944c565d5d320e9ce8e82cd5061d7713e59cded2b0060929e5bca3302eb70a889c79f109a26afaae4419b6283037e887a9dd025087799842bb103ed2f1c9"}]}}}], 0xd8}}, {{0x0, 0x0, &(0x7f0000002100)=[{&(0x7f0000000780)}, {&(0x7f0000001c80)="72c8dbe76c0b8b36d3bd88380f2512dec77490d2d5620f98d4df1c4522d3e06c58614d1d5a50727cdefead1b5a9abc805407535fdce8999fa4ff0b807d4248de666fefbd7ae659b12ba6a4730ea99ea2f5088a5143151c62f8605d499cb0", 0x5e}, {0x0}, {0x0}, {0x0}, {&(0x7f0000002000)="6ac6739f63120e502302be8c8186f6e351b6337438f7ab07225752ce246425aa2d821e52e0c714f9754d96b7e671e2980c266566996b53a0bd06005c9d71f9714b1648906817d499c2beef0945ef945d12dd4dc7335ade63c1f4d222d3e77af2dfee83accc7ddce0a4d8245167859e7d5178b2a5e7cd9d386a6bfd431a3e40525b1b90afdd225debca69598b0bb10aebb764c6e5cbee40a5a566293a90ba763fbb7624a5bbb43571236b7ebed04311df5c7c75c97a16270370e66493e0119c935689d9efa6f2c29e74ae8d3c4cd31aeefa8ec4b8e8dd7d70", 0xd8}], 0x6, &(0x7f0000002180)=[@rthdr={{0x28, 0x29, 0x39, {0x8, 0x2, 0x0, 0x9, 0x0, [@empty]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x8}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x1000}}, @rthdr={{0x28, 0x29, 0x39, {0xdaabf1249b7f99a9, 0x2, 0x4, 0x9, 0x0, [@rand_addr="0113b20cbd27cca8990c3ec306451d8d"]}}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x2, 0x0, [], [@pad1, @ra]}}}, @tclass={{0x14}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x7}}], 0xd0}}, {{&(0x7f00000022c0)={0xa, 0x4e22, 0x1, @remote, 0x8}, 0x1c, &(0x7f00000025c0)=[{&(0x7f0000002380)}, {&(0x7f00000024c0)="1d829798bdf64a13b161c56ec15dbbe6390c79f4bc2e0678dbc811db13ca211b3ad3a0cbe70f637107ef769ba1a1b0da2765dd1aefaf5c44d71ff6efe49cb5fac862ee8f052dcb854c3b1cf4c28197a4f77c5e40063eb02a6b2cd100aaeda86fc2aa2cd9ac35405ece883c6b9affb550dfb9eb7b7ff116d8054147276b7db4c5940b5076bb415ef173b87dc833aac36a98d234a94ac84e7066e1a99f581b50b3d6c45f9f753cba7fb4b0c4cb9dd5df5a213b767d4e09c93e7cb58ca0459140ce2ffc9fa90fe7056d60c06c1b4b2e41ad97a1b1527362f96df77c4617e03460b3a841cd7cdfd715f405df2e172b22", 0xee}], 0x2, &(0x7f0000002600)=[@rthdrdstopts={{0x88, 0x29, 0x37, {0x33, 0xd, [], [@ra={0x5, 0x2, 0x7}, @generic={0x0, 0x60, "f29a2bf305f6025d523eefc9ade27086f3958ea0cd8e6abc3285772e7d9f6851facc5bbda31394a665b3fe504c98ee0ca92bbb61340cc08985cd05fd321fc11daa23380ab7b77d9f481527e261149706ffd1ce4533ff9982b7333786a6ac35e2"}, @ra]}}}, @dstopts={{0xa0, 0x29, 0x37, {0x0, 0x10, [], [@hao={0xc9, 0x10, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @generic={0x1, 0x1e, "8a6ac7a2c18fedb152beb469d967e91bd1cf4e443e70a0055afe0ead5654"}, @enc_lim={0x4, 0x1, 0x5}, @hao={0xc9, 0x10, @mcast1}, @hao={0xc9, 0x10, @mcast1}, @jumbo={0xc2, 0x4, 0x9}, @calipso={0x7, 0x20, {0x100, 0x6, 0x8, 0x7ff, [0x0, 0x37, 0x40]}}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0xff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x4}}, @flowinfo={{0x14, 0x29, 0xb, 0xffffffff}}, @dstopts={{0x28, 0x29, 0x37, {0x0, 0x2, [], [@padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x1}, @enc_lim={0x4, 0x1, 0x7f}]}}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x2c, 0x8, 0x1, 0x0, 0x0, [@mcast2, @empty, @loopback, @empty]}}}], 0x1f0}}], 0x3, 0x800)
syz_open_dev$dri(0x0, 0x0, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x101000, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, &(0x7f0000000000), 0x4)

15:53:43 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:43 executing program 2:
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
creat(&(0x7f0000000040)='./bus/file0\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
link(&(0x7f00000000c0)='./bus/file0\x00', &(0x7f0000000200)='./bus/file1\x00')
lsetxattr$system_posix_acl(&(0x7f00000001c0)='./bus/file0\x00', &(0x7f00000002c0)='system.posix_acl_access\x00', &(0x7f0000000740)={{}, {}, [], {}, [{}]}, 0x2c, 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000400)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0'])
unlink(&(0x7f0000000140)='./bus/file0\x00')

15:53:43 executing program 0:
r0 = syz_open_dev$usbfs(&(0x7f0000001280)='/dev/bus/usb/00#/00#\x00', 0x200, 0x802)
ioctl$USBDEVFS_GETDRIVER(r0, 0x41045508, &(0x7f0000000140)={0x0, "5b6901389c0ecb8064c66506373a27ac7c30529fb7291d69bfb5c7a50d670a858b67e715889a38657afdc1e8b48d5ed99bea714c5a86598636c1806e987bb6e87f54112eddc42dc44ad10bde93b7970d2b7ecc0dcdcbbdfc7c1d847408a35854ea0687efabab3c65f73d042aa5fe1520cb33c85cdbc3b2d62634678e8210a6c6469e5b6118690a570863c53e409c73dd6e2c2126ba2880c701ce1e1a613d0a6ea29211a12a0c8916e534ae65d2689ef9b0c89b3ce9fb62d4a589556f3a1f1c83e116ae899f083f49c1e0bb04a01641dcbbb096ec3b1a6c0dac80eec85da67f6ed43305c23a49cf12f47c957c3b60d4adcc78345def1ea8bdb8a8ea7a322d52c9"})

15:53:43 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

[  275.021234][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
15:53:44 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:53:44 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
add_key$keyring(&(0x7f0000000180)='keyring\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000080)='keyring\x00', 0x0, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0xfe41)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0)='tls\x00', 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_256={{0x303}, "fe83038335d25338", "e40621467d98643f3c259bccdd4c8cb809432a388a90aa7d19da66b1008cf9cf", "29e140b1", "69da2fc71746a2f5"}, 0x38)
recvmmsg(r0, &(0x7f0000004bc0)=[{{&(0x7f0000004940)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000004a80), 0x59, &(0x7f0000004ac0)=""/197, 0x495}}], 0x4000000000001d0, 0x0, &(0x7f0000004dc0)={0x77359400})
shutdown(r0, 0x0)

15:53:44 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
listen(0xffffffffffffffff, 0x0)

15:53:44 executing program 1:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl(r0, 0xffffffffc0c0583b, &(0x7f0000000100))

[  275.453802][ T9511] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  275.493425][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
15:53:44 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:44 executing program 2:
r0 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x203, 0x1)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000000)={0xa0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0})

15:53:44 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
close(0xffffffffffffffff)

15:53:44 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
listen(0xffffffffffffffff, 0x0)

15:53:44 executing program 0:
ptrace$getregset(0x4204, 0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=""/130, 0x82})
clone(0x28b84900, 0x0, 0x0, 0x0, &(0x7f0000000300))
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)="0272aae16e010f05dfd5d71cc8bab91d6d936cf44cd317b97f2a55de2da11f6e18b9d00ffc2ffadbfb9717eba42e7fe4c05cb583ea3eda7784d6295485da75d990180231f59ebe181b2c1efb0834ccb53d1cec4a6f2a239e64b7933129033faecb9e1ba890153d5a7b44e714cda28b4f3fcba183aa4829e8639470759738801af931737681657f6decd5d726312531bc25ba09f691da22dfa2773bad6958f651438f5aec2b0a627181f982be1b312614ee1fb7ead43f88c89ac6fef1ea610820076a16019cc346d8884480141ebb45dbcb6b59c73822fd33b7f22ff104ad68db421422335d97ce336d513503de9d4a62d3d7b29b2f969add4af8c0b339ff750804c0a0f91011c34854d5e076ed7592bc914d44eee8e0080e510b224edcb1aacefd47a6eb51627a52fac53eed4cc9a20246a637eb5e95ce9028da700daf4089a89ca94c84c37738754288f1aa22eaa4ba6cdda04b3b1fb846c64802809bd2a65a6f7919847b65956fb34a9ee698c8057c7ee6f33c20e4b96ebdca22a4dc6d1a61df20edd8205cc448ed6b846ff0b6c35a4963e48427c098a542f36a055d2161f74ad26a867740f64ed44aed19a4d5582b0a99f8c8a5781c91477302cf1e929bbec534eb4fc6b62b203bcc627913d817f57db502d57be3205727e2c6e47d2d201885eb6455273276e3a35a80d5aedbbac70a1b0a9173c797608479a7631eb8b63195efe23f354a7615900b191ed2e0053cebd06218df7fccf1717434a11c812057f083431a22cbacd089927d7c1509b0e94624b130b8aadd0af89eb4b6bfcc4cf67db95bd731892be3f1a2bf17917f4525f6e3463f331378f7ee7a872721ade7a62c16bf0e4c4a25971c9e64ca3a55ef13eddc6d6557931f149a0929cb87b8371e354ef6f06b1abfb506d5b6c7d35b51dabd94a4d816fbd3491e17c0094a659053724b94da23e5d9b4d260ef723929d79f14361ddab19bde5a05677c161ce38324c9264288dde2d398d52f87cf72a9e2db8a67b79598ef9f8fb5ac41fab294f21026f12c843afb510d2dff09f709aee946d38fe1f5304a11185bdf08e92ea42cfd576508359bd538195a0737c29445cda5504ddab67ebd1310dc8efc0380db010da701d2ffdc26575535f289535d625debc3494a7b3c20ff63c3b984812a7de5f2fd69580ec787de4a5c2ea293530a2f1fce30558b6dcb6776dcb256f817078849e597dd5651f65bcccccff1749cb46a79f37005a8ef555976a33eec417ce523ec5a94c8bfc8d2e61adad9f7759529bb7dc46d3954853aabe78f77e365075c04ee83091967504f7116d10fc2e3f3ef1ffc311397cffadb2ca0fcd4e18b44e08346192dba9840470b92a5a44d15df225f020abc62636c97509063f8d3633d8c0bc1fc783fd8f15d388dfa391c31b176ee3c730b765345d3a19300980566196ba633"})
syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "01fa7280f9c444bcffbc90c62c00"})
recvmsg(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0xb3}, 0x0)

15:53:44 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0x7e, &(0x7f0000000180)={@local, @random="c8b703909a83", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x223}, @dev={0xac, 0x14, 0x14, 0x22}}, @icmp=@parameter_prob={0xb, 0x0, 0x0, 0x0, 0x2c, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @empty, @empty=0xbb030000, {[@timestamp={0x44, 0x40, 0x0, 0x0, 0x0, [{}, {[@empty]}, {[@initdev={0xac, 0x1e, 0x0, 0x0}]}, {[@rand_addr]}, {}, {[@dev]}, {}, {[@broadcast]}, {[@broadcast]}]}]}}}}}}}, 0x0)

15:53:44 executing program 0:
fstat(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10)
sendto$inet(r2, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)

15:53:44 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
listen(0xffffffffffffffff, 0x0)

15:53:44 executing program 1:
r0 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(r0, 0x8004741b, &(0x7f0000000000)=0x5)
syz_open_pts(0xffffffffffffffff, 0x0)

15:53:44 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:44 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
close(0xffffffffffffffff)

15:53:44 executing program 2:
syz_open_procfs(0x0, &(0x7f00000002c0)='net/ip_tables_matches\x00c\x9e\x8f\xf1\x05\b\x1dA\x96\xa2\a\r+\xb7\xba\x93\xe1\x03\xa2]{\x9a\xbf\xd3\fm$\x15se\xa4~\xff\xe8\xf2\xc9\xf6\xa6\x13\x80f\x8c\xe6\xc1\xecA\x8dd\xf4\xee\x85\xefRh\xeb6\x99\x03\x8fo\xd3\xee\xab\xe4_n\x98S<A\xaa\x96[\x96\xcc\x1e;0k\xe2W!\xb4\x95\xe3\xe1\xc55\x9b\xea\xeeb\x0f`\x1dJ?h\xf1\xe61\xe0by0\xd0\xb2\x8c\x1d\x16\x91\xa5.{L\xfc')

15:53:44 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:53:44 executing program 0:

15:53:44 executing program 1:

15:53:45 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  276.340512][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
15:53:45 executing program 1:

15:53:45 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:53:45 executing program 0:

15:53:45 executing program 2:

15:53:45 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
close(0xffffffffffffffff)

15:53:45 executing program 1:

15:53:45 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:45 executing program 0:

15:53:45 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:53:45 executing program 2:

[  276.729612][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
15:53:45 executing program 0:

15:53:45 executing program 1:

15:53:45 executing program 2:

15:53:45 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:53:45 executing program 1:

15:53:45 executing program 3:
socket$inet6(0xa, 0x80003, 0x6b)
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

15:53:45 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  277.041582][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
15:53:45 executing program 1:

15:53:45 executing program 0:

15:53:45 executing program 2:

15:53:46 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:53:46 executing program 1:

15:53:46 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:46 executing program 0:

15:53:46 executing program 2:

15:53:46 executing program 3:
socket$inet6(0xa, 0x80003, 0x6b)
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

15:53:46 executing program 1:

15:53:46 executing program 2:

15:53:46 executing program 0:

15:53:46 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:46 executing program 3:
socket$inet6(0xa, 0x80003, 0x6b)
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

15:53:46 executing program 1:

15:53:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:53:46 executing program 2:

15:53:46 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:46 executing program 3:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

15:53:46 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:53:46 executing program 1:

15:53:47 executing program 2:

15:53:47 executing program 1:

15:53:47 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:47 executing program 3:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

15:53:47 executing program 2:

[  278.398613][ T9687] Bluetooth: hci0: sending frame failed (-49)
15:53:47 executing program 2:

[  280.449548][ T9333] Bluetooth: hci0: command 0x1003 tx timeout
[  280.456888][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  282.528113][ T3021] Bluetooth: hci0: command 0x1001 tx timeout
[  282.534930][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  284.607998][ T9333] Bluetooth: hci0: command 0x1009 tx timeout
15:53:57 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:53:57 executing program 1:

15:53:57 executing program 2:

15:53:57 executing program 3:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

15:53:57 executing program 5:
socket$inet6(0xa, 0x80003, 0x6b)
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:57 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:53:57 executing program 2:

15:53:57 executing program 1:

15:53:57 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:53:57 executing program 5:
socket$inet6(0xa, 0x80003, 0x6b)
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:53:57 executing program 2:

15:53:57 executing program 1:

[  291.007988][ T9333] Bluetooth: hci0: command 0x1003 tx timeout
[  291.014893][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  293.098019][ T9333] Bluetooth: hci0: command 0x1001 tx timeout
[  293.105159][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  295.168508][ T3021] Bluetooth: hci0: command 0x1009 tx timeout
15:54:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:07 executing program 2:

15:54:07 executing program 5:
socket$inet6(0xa, 0x80003, 0x6b)
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:07 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000005c0)={0xa, 0x4e22}, 0x19)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4), 0x1c)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f00000001c0)={0x0, 0x10000}, 0x8)
close(r1)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x200000, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0)
read$usbmon(r2, 0x0, 0x0)

15:54:07 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:07 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:07 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r2)
r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r3, &(0x7f0000000880)=ANY=[@ANYBLOB="3a258211f663a7724b"], 0x9)
sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe)

15:54:08 executing program 5:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:08 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:08 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:08 executing program 5:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:08 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

[  301.248079][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[  301.254979][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  303.328064][ T3021] Bluetooth: hci0: command 0x1001 tx timeout
[  303.334696][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  305.408012][   T12] Bluetooth: hci0: command 0x1009 tx timeout
15:54:18 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:18 executing program 5:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:18 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:18 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:18 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x1, 0x0)
socket$inet6(0xa, 0x0, 0x0)
ioctl(r0, 0xffffffff000089a2, 0x0)

15:54:18 executing program 2:
socket$inet(0xa, 0x801, 0x84)
connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
unshare(0x40600)
ioctl$TIOCSSERIAL(0xffffffffffffffff, 0x541e, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x7f})
getpgid(0x0)
ppoll(0x0, 0x0, &(0x7f0000000280), 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
finit_module(0xffffffffffffffff, &(0x7f0000000040)='/dev/loop-control\x00', 0x3)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="a8000000196400010000000000000000001c140000fe00000100000000040013000000000000000000001000"/147], 0x1}}, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000180)={'broute\x00'}, &(0x7f0000000200)=0x78)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0)
pipe2$9p(&(0x7f0000000100), 0x800)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f0000000140)={0xb, 0x100, 0x2, {0xfe1, 0x1ff, 0x0, 0x5}})
r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000000c0))
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000040)={0x1}, 0x8)
sendmmsg(r0, 0x0, 0x0, 0x24000000)
prctl$PR_GET_TIMERSLACK(0x1e)
r3 = socket$inet6(0xa, 0x3, 0x6)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_cache\x00')
sendfile(r3, r4, &(0x7f0000000240)=0x202, 0x4000000000dc)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r4, 0xc0a85322, &(0x7f0000000340))
listen(r0, 0x8)

15:54:18 executing program 5:
r0 = socket$inet6(0xa, 0x0, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:18 executing program 3:
socket$inet6(0xa, 0x80003, 0x6b)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

15:54:18 executing program 1:
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xffffffffffffff18, &(0x7f0000000100)=[{&(0x7f0000000000)="2f0000001c0005c5ffffff000d000000020000000b000000ec0091c913000180f0ffffeb", 0x1dd}], 0x1}, 0x0)
r0 = socket(0x11, 0x800000003, 0x0)
bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000300)=0x14)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="fc0000001c00071bab0925000900070007ab08000c000000f0007e93210001c000000000000000000000000000039915fa2c1ec28670e9889bb94b46fe0000000a0002", 0x43)
sendmmsg$alg(r1, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

[  309.710637][ T9846] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.1'.
15:54:18 executing program 3:
socket$inet6(0xa, 0x80003, 0x6b)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

[  309.753690][ T9846] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.1'.
15:54:18 executing program 5:
r0 = socket$inet6(0xa, 0x0, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  309.876967][ T9846] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.1'.
[  309.925884][ T9846] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.1'.
15:54:18 executing program 3:
socket$inet6(0xa, 0x80003, 0x6b)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

[  311.408086][   T17] Bluetooth: hci0: command 0x1003 tx timeout
[  311.414231][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  313.488069][   T17] Bluetooth: hci0: command 0x1001 tx timeout
[  313.495232][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  315.568057][   T17] Bluetooth: hci0: command 0x1009 tx timeout
15:54:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:28 executing program 2:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:28 executing program 1:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1a)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.stet\x00', 0x26e1, 0x0)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
memfd_create(&(0x7f00000000c0)='vboxnet0,\x00', 0x4)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161)
sendmsg$kcm(r2, &(0x7f0000000540)={&(0x7f0000000380)=@in={0x2, 0x4e23, @rand_addr=0x7fffffff}, 0x80, 0x0}, 0xfd00)
write$cgroup_subtree(r2, &(0x7f0000000280)={[{0x0, 'memory'}]}, 0xfdef)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$NS_GET_OWNER_UID(r0, 0xb704, &(0x7f0000000080)=<r3=>0x0)
mount$binder(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='binder\x00', 0x8, &(0x7f0000000300)={[{@max={'max', 0x3d, 0x1}}], [{@euid_lt={'euid<', r3}}, {@euid_eq={'euid', 0x3d, 0xee01}}, {@obj_user={'obj_user', 0x3d, 'memory'}}]})

15:54:28 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:28 executing program 5:
r0 = socket$inet6(0xa, 0x0, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:28 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x0, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:28 executing program 1:
accept$inet6(0xffffffffffffffff, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3)
fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000140)='trusted.overlay.redirect\x00', &(0x7f0000000180)='./file0\x00', 0x8, 0x6095feb4c6236666)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
r3 = dup(r2)
connect$tipc(r3, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r4 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x8)
r6 = open$dir(&(0x7f0000000380)='./file0\x00', 0x8000000000006000, 0x0)
write$9p(r5, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r5, r6, 0x0, 0x10000)
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, 0x0)

15:54:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:28 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x0, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:28 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:28 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f00000001c0)='./file0\x00', 0x1, 0x1, &(0x7f0000000040)=[{&(0x7f0000000200)="8da4363ac0ed02000a0000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4da9dab7c7897ddef112d04b2841df4916130360a323d9abe5c31672beccee6d5c68eb96f07dd849775918a672f4d190e6996d0b2587ce440ba405e4f9956303fc5e50859421a57844bfcb6ca3c15453733396317527f6d562027f9358e303cab231567458ff1f7a9bf87464a6a707beac6d289b3eeffe", 0xbe, 0x10000}], 0x0, 0x0)
syz_mount_image$xfs(&(0x7f0000000180)='xfs\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x8, &(0x7f0000002840)=[{&(0x7f0000000340)="8cc3fa572ae1587d163366f8e98c85125a0d8145331e5462331d22cd0fed6f3e76cc09bf4b23e998f35aa12d57536370c13a97372f6555719c7816e3365dce25792bff3875bafc2f281451a370ab8a0f5247d88530716ca18583a9c3d7394f53ef0e6898e04b7d36f270104c7444978a6827192c0567f7e18a63133ad89c095b91b6755cb556072bd53457f672357addd220c6e8ff9fdbb7fd8f28f6b8c59cb8bc7dbaf2a0963f8aae247fb20645602ea0d72dbf7350d8668e8e31096a30b03f57e2de8b690fefef0992faa538dd204898074f9b2dfdad", 0xd7}, {&(0x7f0000000440)="2518ae9c936fa5627353ce5a3274bf86b623fb6e68cc720383afb6cbc189f96e460491c08d7c748e99bbd498606ced34ba35e2d2c8472a7970747202cba2c4fbfee1a19aab8425f2fa8052647981ecb0e59e92a5248a2fa2428beea4efb7e64ad52d025076704d932ce4965b4ff0cfbc3320d329e1a1242d750c1171a9a4951e488459019093fd82ea87465fbf6790690ae91fe7a537dac410fb29c3d151efbc4c311e8dc7eaa5db88bf9bb35fa4a23b5a8b1767c207dacce50e1656c3dde4393e7d", 0xc2, 0x6}, {&(0x7f0000000540)="4a65cbd4436ea0d06bd905dfa6e7bf78ad036c9b4fb19e09849180104765bdb8bca5be763bebdb64309f08df5954e41d67a415cb6cfb167bf98498305563156b38ddacb62bfb45acb7456179d4e34e7ee83bf3409cbddfac47891533f69bf681a502c09f2676ac137ddc6b7e442d351decba393c127228bde42ff6d088874103326fc39883cfe4d07267d2cfaa20415d9292aa1f4318c9f80aa7413f32d1c00f41", 0xffffffffffffff86, 0x3}, {&(0x7f0000002c40)="b427e24de52aeccb57c884f165e91194c0e4ce800b837daa8c3f786a9330", 0x1e, 0x4}, {&(0x7f0000000640)="b251e51ea4692cce55ffa780b529a6f05bc35c0356caf029a5532d0d6bb5c4f750fb4c2437b29696027061d4b6169f37c2d6fb0d2368fa34886e4891c41df833688a9226ce0e8eac7dbef4c079429dbff164f66a1d13b81093492872ababad15ae5c9f4220b9f94ed8f437f6e6156495af5c10f39cfc0c3ea176f34d194b812ff53ecd68c705a26ef198fd6935ff53196a23d82c0cbaa547e21e0d4c1eb7d5a746745d103433c90a5627eb6b5fbbf7e7531c25277eb5df75f0927055ec7e92fd8635ea", 0xc3}, {&(0x7f0000000740)="fc7f0ffa42750c93952cedc51fdecaceedf379100db236556fc50d5b707ffc01d8af75b45fc174c4a89ff029f1de9aa3477693ad15ab85f3f11d8e0b1a2f8e2ffcd23d3d5f6cb5add138831dea187e3a9e3a26dab3d6929d4f4aa74582d7737b80305de226128a7ce0e28086a36652359134fd98b8c36438e30d7fcd0c9053d1f3a29254b1f5b65311d9858d761f1687a713a71e7a7883025f1f2def65a8cddf7a47ff729552f0361c3af57f5e9b8933804f5da81d3e61956a264a5fd9f177dff337c01c429f20968932349b49100ec203d66e14a53ad9e2d0dc99a80a57e5eca29fcd2ffe3a65ff3003ceaa6fb5e6bb588b733f14", 0xf5, 0x9}, {&(0x7f0000000840)="21da8b6b8bf5ee1cd4f513f16dc80911423663f3ad42e088ce25c38a7bd01f2d62dcbd76167709ad07a9a9b8fb7285ac81e72c107eb51bf4f98cf792b062d82c3c63075788766d63369ded882660e0268eea135ea263a50ce87fad134064e2a26103e27644467b660d8596a1dfe9322ed33cab9130a813abc751ff56d4a86771ec8c78e7f576037ea33c410fc42385e9603dab8473847dd91864479b71b542b15bcb1ebe085d3d4e0fd53ce005b5ea1e180bfbfbece5fdc46ae54d3d5b54ed8c16600ceb073666fde0df155ca38e8e45946260bf70b855b94faa29b3bc5740c348c6ce03837d190cd3979fcf4deeef51b99da00e5e4d4a7a44ad97054250bcc7f847aa1db23fa0d7d4c4a8db6521c64a88c2517fb8a5406f4cc934e05a34ceab7f34cf605ce24134a239499cb7888bc57445facbc3352ede544d1d06c82fa64fb7d80f177bde7013db4ca91db92f18b8a12cf577ad74f5ff61bcd2d8e681771b44d4e010deb25de781f412433f2d2a02802cd1cf6abd56891843da0666ec44a2aecf3e8441a55d736d3c15a7f5c4d258508730bf5e8923182a282f322c522ea018ef6ca756b1c2dc45cd1118d4f4d32dcad905bdf82e37f024a1728b2badfa6cf68b867c2c4ac723d7f4622e20dbdb90f369969e2005ce1ec14517f86a225b9ad5e7335361030d06af05fd3a8d42e4b6e25e4e76172a9c93855799feef7bdd55fa867d1a555ec0e0cd35e3b33f38d01a63827a2a6c10e7bd16365a1302b0809f3bffa245b679c2830e6d60bd128ed017bb8ef6d237caf6e76f7b1b19785030951c59319c6b90642d19ba4d4e0a96d915059d9467a3ef1d855fa7be2ee7f77a3a932d97816d9b91c9f575ae40a0ef92b951a8c78d52bf3b2c0d457f8e145e5a8cde3ea3e746736a5d33c1fcd578ec99c68adae0bc395d99560064cec50acef00ebc57dfb936cbec59b617b155930c79bc8b2c4e0f0bfcbdaa5cf3e0517db6963531ad50490373944476ba4252755ddbcea9a11db6243ff58f74d64b36d6874dc71c6b508c142384725b0254db1bef0cbcd7806ba7d8dfdc256af6a16ef0d0f33f81011c57d35479ab68c1389fb4da99f661f582690052222ac51b733f072cc5e67b706d8261d30dc89d2c93fda191f515019bbf13fe0c32122d38211c14535119dd8a91795051d7ca7e0f4a690868a2ea33bd678feab50ba8dab1bf8f9ec75ed15dafbb46a644c7f24a0883234fad4102fce4ac5026ad0bdd92295509756e9b12ed2109247094f3dd6556e23616a024ced1d90a661c7552bfab50c8c4041e3b509e99f25b9aaa7075a2aa8288f52286923ab2cf8c2e2bcb4e1688ef98d60a27be916b3d2cc268e43f9f6f36207fa7b91761027cbb075afdad8850c1a93eba008a9ee7265f5c81b262cb897d40faa9e09d4f4d2baf15373bae9b8a34812e498f25ac4428c2589abb22f37c0f7563c4febe1987be15850a459d4cdb4d634caf469081e771aeb4c776fa1f2749931be2bcb84f110e8d882ff1ce0eb424fd1ffd2bcbfc34ee20160b12e1172b72ae5ef80a33782c00a8a4ece45c22180d3ae4e6be9c71b0d7bdedab95d8debe64ffc76ee1c254d8da28578e02dd28a41b86d3d04c7c029e2963c9e931194af3e76897468556a0e4f341ef667b635881705a8747354128027675f780a26b7af89ed25bdd3441ed3201954bb82fd01d61d8697f6f5c19bfd2333c27bff4c1c3c4c9908769c3796659f98febfd95f1851efd4b7fd933975504eac32f72b7306e84263995d7808a657ea45fbcf5d7b3c79a4f880febb79cf52e06617a0191f1c64de0c78da8061a51fa5433bf15451815d4ce8c2cf9f92f6b6ad1c1891a4fbb588f2dc2c1287df0319f9e95eda957ebd06a5e201b68aad924a09d22b00ca24cd0629040ec2bba034c68dbc6fff3317cd8b99a637f52388b359483d3fd1e974c1e5ab7c2147edc1f91f319d81010d65bf352fe6c2c8c555d32c15b3bfb65579f0abba1bd17c9e54e17c1b2276ffcfb5e526b0ffbbce95f63e1315e4492c631fa72a3ea78c32a3168fe9092602a02297d1c39883d99b9af92f1a979a8da12aa79d8a1852716c07159fe6b235aea329c87eb19cd3ffe227bb19a6f7d6923dfdafa48675514eba3a804715f6b06388131638137492a58d1281e2457da3e092d6b7a5d492244ab967df24ec5bb348d4650a77ab6e5b6d1b56698868e27169ca355e4874cf44d33e5105b32e825d81c86c8d80c1a396c7cc1b31bd858fefb17a00c23754eab58c9fb06fa27504fb25aecbb3dd705e3bf8a7c506647742b3461bb1524f8e72ffd277d115113f3aa09de42bbe4276bbe04715b0e5e0703a1ce9f860af5833ce5194fe945a46e404ee36bed3365532fb8c1bb4394e28305e2c83381dd1389c51a6ef4c61dd790e1da02307623531380ddce5f81c6a218d64d7f0bbfda083c81394fac7b7c036acbd1d137dcf0d21df42758f8633c74f828ceec431b4ce77ad281658584791b958eb06cd09f43337bb8c2dd5b21e4d107e7d46287dbedab5c1f0aa4088d12165126ed25f739fe88db35b2a2b308af3dc58202e3f48107136c44466d20952fcdf27f1e12133194da0284977327667d65601cab544ad3b6375d3253ce43fc4c18997cb7bbf1ee53d3bdc4d6ba448098fc292db1cab4ecdd818ab7cd71679196a2619ca8ea49a6d42af8c7735bf621ad7dbbe4b533242dfe1474552e802dee4b40fea6998f77f771db60e15c0182fac36a450c63fff00d3a04c8e46fa5ec7546e04b5fcce2bb64feb6cc24289ac12c52526c13b4d820c8c241aeca42f24c3ca0589632ae5e90e21bce5a3aee65dc01d9aec4c507cc368f7bfa8ebfb13f22deb15435aa503ee93e7a9f538ace3e4fe5e85b4df3d24233019ab6d7663185078d89e3619947ff64b1590ae5e45da35eb81f04bfcbcfc737a1b2d72a605dc8632561aea9e8dcec159009f32c3a83458f9b47c93c70e942f2ee2cdd4258998317cf6beec5cb23e4d67c37376ea65caca06c1b716f73bbc1e95c69b11ce0098251c273e7c1e4623e10049358376f6e9f26ce291d3188b2458d9f8a5b77ec14a641077cdf65e1bcd1b9ec060a2eadc1aa42e0092498fda1b030831ae7290c3a26fc88f5eaba94bfbeebab4a110aaca4fa213ddc8e5576932d9dd089f79dfb214f17d37e6546161d921adcadeaad6dcfb34d5a9aa75c37004ee49bd89e0b40533e4e22a647ee13a973b96af4cf2946806d82b6c0345a187283bfc75104646ef9c2046cbd783c28f603b85755ad36b5349006cd30a2b9af1953bf3fb9958c1e34091fdabb8acf909d06a32774d0cb51b9552ba0995ad678d51f08627884c5ae9f08c909b7dd58edddb9e23522a8950435f4a4fba173d6992daac0c3279357784b653ab3826d975d99b2fae7e545e6cf82bd8a00ff3869c3c756c01818009d7edc8e34559c1b9d4f9bc677227a8de00f603b0dbe6cddfb113507a57023633c827c05a78ef8a3a04fb8929f8457d8ac00c77ea695841e176b5e74aac92cd5c9d71d0b8bb8e03d2afe61ddd371fb81be11571771c5503949fb4a41c018f12140dbedfca2999b994df5c678455676387f6841d539118ceb5452129980f36ebcb398ec6de2c8970c9326fa2ee8be7d1e288c08baef56bf2a8cf10017cb7b98037879a781cda626c6d5680daa36da0d14cf7a83100af8888050d75dd3951f21038f7d91dc33ddf4cf0427b6be5e8301cc0e94ecefeeb16404d12b3010ba7cebf90ec7893d822edf030d1e99925c19cd0c77b41ca91d5ab741396625d054adbf0fa64498e6e2ebafa92146b0dde7ca0b443a20c36c2a7c1fd98b86928db5a3ffbce57992770b79ad32a91ef60c83dca8910a992f1c71c3ff68175c11a2ee093574b8b58218401a7d45027aaa6e793e226445377644dab4d511c5dd43ee7c5ecd726ed3b8981eeea4b51b06cc032dc62320cf01862fddacbd3396efa6f7fc603ea045ba8e3e5d2efb467f1310fe44cb05786957930dabbf56ed83265498ff71b61b1949dc208d6dbb0540a9841bf378664671472cf4dc674e82fed5b6f2450e78185522b9d233b0407794f94a163d8aee4b4a0feb1392f4114ee777ab7685b087653a0856f05bab2aa12dc72ee9670f2922ae42588f0bb3d098b2267258d116af5a2aabbe3c83d8e487d2d66dc8f8c97d8b61609ac4867c458621f666b840604ed1f2da298d76e15978c6683f74c3d74b95c01b6e3673acec83ccd7c9b6cfaa6fff0a55fe6ad0f43197c5b00f0b89d44e1b433b720d194052e709cad06b87913ebfe221c6ab9a77d0726160a4ba11f6ebad81ce0fc5578bcba0c7510d7174512a5fa34b072ebed64f5e834e81467b5438eaa10c3834d4e24c13b2dd88bac771a1ce5087631ec58bfc81ece403280afaf3742c71614de5dea605008beb4533e59aa6225e44ce8d77009c78c54efc49bb46f88096f8f2e4bf9b95c9a793cb0aac47a2e4367dcddb2a01a475e2a5933503ceb0f242c345461bd5b6922ddffa650013a19b55c325363179a501c0d0a832df2a7ed4aebcc8340c59355f2faa03e81acc0d09f23ccea17a4b4aadd8b5c43c412c5d65dec9173edbe62aa3f779f9f0afd0595d4a58f06552aff9a1656925d09db7e7b427fe1cc487356bfeeb8164b949e3f560dc2155f8c8e9732db9a7b73592d578dfa58ef027ba505cf8f3ee595e10b2d12713461a3e05bd74bfbd5d914e1ce234f8d26879f2be3e67ba94f0704fb0c8f19f2425794e51284f8d5c4c01f8ead5e605c6cb3ed39b9dc25e30d28086d76c6248e5097f3b8a93c10bcd8e180b560569a8a98e227a4aaa968b1ebc4b5d875c8cb20fd55620df051aa9daa5d8970f25b0fa7743288d321884cbca7aa405eb1ee8f9ce6351b2022016601749d373cb4784e9c84aa08d84b4787bb7b316b6aaf87fa18e80ef787583ed2faa46e78dd665161df405cfc2b2c933c1584e3b74c3a76666bccf25c3697c14f2d2e0e1091ad17f9cb5da63a435eb622013bd3b3b7ff7e292726382f4a90f08416cb47a2d36d44455faa0a7d13e4e0b6a9472e7178464c853093205d2813217c53768b130a9a673ed954ab9c72b898a4c88742c3cbe1ced89f73c386d23550418caa07a449ecc0c2c12313ebaa13831195dc8d39237a9b708cc7266b5a30dff2202eae4767285ee3157aa610b072b5b12193e026a35b6a8b4b0d74cf8caa92ee50c64379f9571fd98eb43a9386cf3b7f831946d4938de75375e9508b389b30468cef2849ff95f4b595a1b482f590721a14b5c7db80d7269e22e96d8178e202c3dcab4fdd1fca37916998065ae140a4d94c2755093d579494c9ac2e1fac4573f1567ec843e437399a929011640981f0f42d1cc45e11cbc6dd560da10951edbec23f1bbef1a66fecc914f3b988e4ede6e37ec6f9c94fa44dd3691c841221d88fce32059ae2944e2caa71c2071e0b8abd60e3e315861000303bd4586b00b77242befb5ae44caf4a5d114881301c0a38e54ef9a2e59c328932ce84e672907a41566eac115fe6668b0895d96bc992006ff06f3115b49f42943ac027771e967c97cea1870ab8d1e4d6aaf7b1d29ca0a363263c2d67db4e767871121be6592fa61bc801445328d571e1ee43b039d68a4514b12343b4e795c0c5ca83063da57d3c31b13ee306468d3be761a1371501123c225ab4bfa1511842e895688ebf0a044b42fb3273a9a0d60b88573c08fc24f1312482309900cf26f5c2b6d680c7ab41860af7f268ba43f1129a1a6351f006895499657", 0x1000, 0x3}, {&(0x7f0000001840)="9f5a123eb40d123b0e187dd3fd73f91061d13c618bf4ec514a54325bce71d1aa48867641e4da5ccc9ea8ee1f3b7333809fb897a92ae6f6da453eacf1e9c4c1d63844780a08aacfabd0c0a3145b90986ce92788f6396856af80fa5ca82d83cb3103928f9c8e1a531dc43e5bc28cf29b9d30414d313915f053c8738c9ce74b3b3af3a6b85696ed603b4a2e6251c252b473b32352fc1f343292d5dedd18c5c501d626b0ad69530cb1506e151f1fc5ebe1fa8dffdac5e65efe1e2e2d2d32ce9d8a662bcaebbd49dcccf00ab8b031b4a7f62b2141cc95290d386b27e4bca7e4453e2ebdd2569876d8c717b0f1fc15abebcfa785c88455a90d208150ca82085d4c839284d4ccf718f6b576d32158d4d96e3e8cfc39da77edc8185fd0d08ece67d3ec425dfb931d5b4f4c2b67b141b69a11e56b5471878c827cfa6c0e6f743401582fa0550093a83f48c1e2fe36fa9c0b4fc28e67877f109956893de3bc303fa856d475a37befca1956f05293a0530bd2716595d920b3017c47c6292b0370b4238df69e5b76c8fd3cb1391b437d21d066dbf00c4f7cbab916397cb52ae45cbc15eae6e05b028b7c04c349997d96f4db7f2e758a33bd6d478a590cb7437f716814ef2e8dfc0471c42cafdae9369ed8ba511b0839e249f4b5c87f0e30b3e13664191c2e084de0a65e8f8ac9b9806c174aff03642269c06fbe3cc724da4ceb407571b74777d7e8a3db286c29336f802febdc1bc39ea6f525de1bda1b61c2ce366a5907f79414e82a7bbca1f8cb860a6b9b2e20586003edbee2316e976f35f7be3326f63d53d361ec3ca5e22b7a929914b4452af9d5d67400fc3d88df1986d53d6c371e3562e87ac6331dab92975660902eb3a1663547dfdc7bbf05a83ba7c6fc217da31cae1b4f6297dcd91464d11a22ab27570d9657f220f3e3338b7f5aef6f0b9528b22950c787c263e6e54d76cef9b84cad56cf07e4f9c4e45a73ca93d93f215e4a5f791cc359fc62dd76d1f69e42fd5baf8c5fcf4935aad91c03a25cc23bc0058d55fce09a9f8aa329ba585e1633f8b7cd8fe22ba0dcc693c21c9f975d85dd0f00d98bd2172ac2cbee1892ef6c0a066052b2d576b2ad893a278a57609db3fd886681ee6991b36ebae7cb261a72ffeb12503319d5e07d5388f40c1fb043b24fe16c4e1632598634bbf8854861310c6a1ff59ec21c58b6954ac5647c4515a27100c8bd7daaa36c18f2f3ffb33adfa916db75aa329cc3f1b3fc350a6268e42ff7019fe4c331dafd37cb0b310fede87d9633630f7120a3dce413d64523d4464e240356f76296eb9b5f3ba51689b5558c7a5a57b61ab0cfd72019ed24c80aa60ea10e2023fa4af7ae121bd5ad076be6e51293c4df3899cfc5d6432806a1d46653668b524ee7d59747725b133746207e93a29bf699a5789a53b6c420dfe53dbad248e29eaeebe5b71ce189dd5b99368c38050b848a0d483f5fb51bd7a65b1261d41ef58fdfaedae777d9391410c1f639570519909f64375d467ceec8177e0751d71907405880f97c3e0ddd52ad8d8cc78db152458fb8d7a218c3fbdfd2d233a2a67e22676c76aabf33df0273f9d4fd74007e8cc4666372cf8187f30e54c181714a031dd309be1ac63ead54f401916dd37f5d185affe7b0efbd2ea5627b6606ab1ca38d70b6e2d20cdf82c73f50d8bce8fa944efc2bced796e7d8e81bbe9d5ff2c2c39990ba9f947603f5ccac847a299ad5c14375566ada27736d18c31055ce680862b6af73fb88fc67a1af588dd8bcf7117abd98e8a5daf58b2aa6e79291368f8928cb4e20ea6cff5db79ca96d55b437731ef6396db6cfde7b013cfda7ef7376ae974f6bfda7d1a23bc19292a99cfa545f30ce81eeaff8109150f63cb76c8331f95d926f8d80fed7e8e9a5a92175943a498fe697238420d642d2d0faf145ea12a59cb12cd161d00264e3b11372c23e3ea807d0d43ce22958486e068dcb5971b17189e40eb3cff4263e3b6fbe346f34805d5c5350edde9f9819c7a16114b1d41f2360ca66703241372379262baadc9713153b992b32d23a89a229472bbc95ee5e59fb5d0b7ad57144afdacbe7cef97d08089d3844c25663852a002bd60eed5e5892d66128388745d75f3e7949d2fe3d4bfe3bc5c520939e65e07b77f57b621e0b1b15d0b5fa7e907555c6cfbc7047e7c20ae3808268d0b9432077a4c07277fbc3d8813f1934b8ae7ef197d6ea0412d65888415c2fa4977796787fea99347d034dbaea831c69c3473f82ed642d83d8eb17d395542c14051a518dac09848f5f3066832c2d9482083b3db8ccaf2b9327d12317b0213c3919a12fb780bb586f8523135d9e96b08316caa0328282174ec193c9b78b1a8472ea2d3aa22c04863c3cc00c99649dacd1e75bdda6f6194feea17961d076a6591f48d459fa1f58f9fdde7e3e9138a305a2dc916e68a49d4000ba0aefdde5bfc36feca5f2cca2e820a94f6ac70c26714203dd1ca1337ef42c687cc1ddb6ab316010e976030505a1f4afd9a95aef8cab7ba8f3a07ee7a7bac8cd384a199f6911fc83d215784e3de18d5acf3aa986a4743a21fd47bd39ec23293b9b12d1841cf695830ee021ec095be73fd37adeba3ef1cf2a2d93de3728d77872f07514c778826bc143b9d26a29d4f7bfb96874409ee3741680057809295677da4396a38579669b4b52e7b73ef4c9561a079d80ba671c1ee30abcddf1491265f569d983432b20855f7c265cf128be3a84d2f28c2649faa70470c2152448d626fcd1770a9b80fbc030f2bd9db076f00b94d8b31ffe82a277bbef4a393dab33cbbc3b1c2746620cdfe8cb35dadc6f31689a716b7c79c1f472936312e42e3b601c90decfc72360775e20a2763569d5e009de3d9be43e8012a1935120997c2c304cd047edbf9588b8de4ee37d43a72fd3775ebc97a314fc758bd2f416c4521925b086d7d84346bfe83790848372bd64c3321799f3a5a7e5442f1cc9e53f5f65532de57d1e791a80031263c9927459af1d52da90fb9029982d7dea52b90e9939e5453fa67c7258c0204c45d0c425efaeeac8efd6066f24c5929a53f9d0d84e15dece69f06026c11697c0b65aa0355ddbe346e3f8b7946dc7478949a7bba949555541126fe9c6217b760ead1fc24fc12dcd65852c38fa37c9157ec86b2f76695fa1843266fbcbcf1fbedc915d1f01b9f904a250e04e7ac5dd1290f6b36b675d5f8680292e3a22079446665dc09eb51133c19d5851ea692cc00c49457c801c2b8224ceaa589f6c5be5da31ea67aa1ab9d4252e2a4f867ef7388e5abae051e6e84570d33169ab7489d4c0e47878e7e2673a3acffff19ee469b801ec14ac26b6f0b2902baed877aa50d946541992cceb44015902078fd70e05c6fbac0504477a1c1478eb8b24a99bfa3b95b04fffcb074c7bc73f1479500217ccfb424a8d8dfd1112d7256401a78b8c1b5a16a8331bbde2a9fd1da1e3cf1a64b2e6c1ed4a38d85d35545537580d7f0df03209cc027926d21e4d15fb7ae3296405ef8c8fb297cc7918a4a7a91ccfbd739d6460d1b0226d6a33b5bc8bd0e6b632eb3ea2e74e3b104bcc5ef90c2a6392a5e562720c1d0f5c8f1b9a0a521bba616c013c4ad71fd6c2fde759be6ecf5b86e928803c3b031930921c8db9a75e779deefe5d962134a0e7c6eca0e16a4776cce004187725efbb2e5519ad0b459ce525357d4754488b5c161ec757caadcfb9c144e117228e8be1908bd0bb6f6949bdb62a627ad9a6392c4817754d2a4af44f6d97bda44a8f8247efaaef8bd6a722c8be9770c768a566c41d20712b4e16edbc96c1ff038bc7cdff4b62d444efbf58a74f71d14a77df8e737b2235d7e39bc05de99b68c5498b7fbe92887a882ee633e937183a6d1c5c85111260b8638cbc77ed3bea8552355d53d7877a64e1937db08cf4820637b85aa188718348011eadebf6a8cdc9abf4fd888398ec2e1341f1c4bed059ed6eab19c8c759b2e55dad793be1dcdce20fe96a996f98f0cb4ddfeaa6ca9250ffa749a76a7a828f34a1c020a32a47bcaddaeff340365ae1ca8ff1c2b9c13ca9f3940f2a9157188edc9ad63980bfecb97be4a415e7416d49e065af1c9838e682512a5d9e0ea70d13b09f65c708b5189b059465415054e51d3da4787ad07246a625185f2ae1682f341ac3bc4053965292585540e08c492b585b402a40b5d2264fc3eb1838ee83f0fdf300f3c73602f828b7266309ac7ab87c7c38df7272cf63af9615ca4ed2fadaa6006613538fcee472adebbd1c278d5e8d27f878050c7a0408e5c79cc3ea51e99a52894595253b1810dd1de0ec755f6b1b8066a3027c065b5bb48b993e3560e0cd41834a99ff43cbc18cf63bae92ee9a77fffb59285d6546e2cc6f9e9b0265e8b09472f6fcba643d30b45f78f9cad8e4b644f02c9107595c32fa4fc13d2e5181263fc49c1b254b67210b65a12d39eee63428e7ecf2f4e12beef5c6bbc4eba93e55a39ed47f781f220e038d6560b73e3a2aa16946c43fa5a416f99bb599e2381bd2bd1f0ec0f19c534bbe9c3e4fe50fbe49e22608592578ccd0d9ac9ecb3da267f3af26eef9f977170766e57aa41a7e0fc1b862693d84ec2d5ba391cc9d36f4912ec9a782d3c1df662054e1a44d95c1a4ca31d70d351c4e66553a159023e045adcfb8760f65c2a33c040c718f69c335b4bddf41499d3c74acea5a54fd6f5ff081a1f36401645f66a1c420fe1619fcc8e85b556f6a7e83365c062ea953c1bfa54e53da8cb7d115994fcc3402ccf27389e04c9128f0a689afe744676cb91a823c5b2db7639e1887af2726deef4c49c0c63eb03980b660daf6a55490b67f6af492a0cb91d56127d4d0be0dfdde305534839a0aa283887a490a6f21b54d35cfda3ace6ecb6189e9ee866251f1e88ef6d03c19e661aee1c7812d4646e0cec7cfa6fd9e9ae3b85f8818123247b47ec1850cabec47585f428632e0f96832c383884b2791bf611e2a72f29d8832ef08d21df21c11cfd24221534608858c39b30b85b6c4f6bf8dee1761cb6ee1beaa7af61d6d0b9d0910e3b6c437e9f2fff025a97dedb332a7bed2087f9f359c6410be5ea9e9186cfed9d2d77433c31638d9eb4ce913d76ee9c169c3fa4c67a909f1ecc57a4e1e33764b5392c44b1aa13593d1c5b7445c2332d6d7be15e2a1bfc46148582e79ee58dc945a661a1fe30bdbb2772d82aaa1947f34841ab5a4a6b7324bcc6512598f0aa0c6ebfdbe8d1bb38b7d9c7a33bb1c332f7c997f43df873a23812e47ffa8bff0135ff8f290434bb85ca0b226bd48526359aafdca0713e94f51ac82fb00bd8c31c682cfab546a4400270e7043ac2f4b008fe52cdebaa655eefdf597243bc786523228a7e2691797b481cea5a2b4550deecfefe00213f0995444297702f094740dd8e596483cd9973fba6a484633c0d4fe4d2fffdcb03c4ff159e46ac9c3fcfd75eb09280f8d6ccc9040f6dc5c959d7b4636a55ca5995499e36a197d39e1abb7a1a0c0cf9edf48b2bce41f8210a5c0fceeebed5ab85467881eaea6223b88ecf81a02732074fa898e8c1a195eb7b81ffa8f4b4096bec680c1a72bd9c9902a4a93fdeaef9e029dec00ace6db9e8d25b7a8e2e52c7ebc1358dce7e78d498feebc9b69c5576d3f08f2c6cca2903b48ca3c03eca877fd117a406b72974bedfce68487029dd9605ea4fdb83de0082cecf0935e57c39ce3f780252952fe063fc5772fc955a3126ea728c51576a44a2a67ff7696f51d94b291d0ef79e8a56a5c9c72f16ff4507ed0a8834036e03412f046a8ee", 0x1000, 0x3}], 0x1080, &(0x7f0000002c80)={[{@nolargeio='nolargeio'}, {@allocsize={'allocsize', 0x3d, [0x78, 0x0]}}, {@noikeep='noikeep'}, {@noikeep='noikeep'}, {@qnoenforce='qnoenforce'}, {@gquota='gquota'}, {@swidth={'swidth', 0x3d, 0xfff}}, {@mtpt='mtpt'}, {@sysvgroups='sysvgroups'}, {@dax='dax'}], [{@permit_directio='permit_directio'}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@mask={'mask', 0x3d, '^MAY_EXEC'}}, {@fsuuid={'fsuuid', 0x3d, {[0x35, 0x32, 0x6d, 0x39, 0x35, 0x65, 0x65, 0x37], 0x2d, [0x30, 0x68, 0x37, 0x65], 0x2d, [0x36, 0x949ab7b34236734f, 0x65, 0x66], 0x2d, [0x5d, 0x38, 0x5d, 0x39], 0x2d, [0x30, 0x35, 0x31, 0x39, 0x34, 0x64, 0xc, 0x36]}}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'rxrpc_s\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7dc1}}, {@smackfsdef={'smackfsdef', 0x3d, 'rxrpc_s\x00'}}]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = add_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
ioctl$sock_inet_udp_SIOCOUTQ(r1, 0x5411, &(0x7f0000002a40))
request_key(&(0x7f0000000080)='id_legacy\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000100)='btrfs\x00', r2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0xfffffffffffffffd)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
fstat(r4, &(0x7f0000002a80))
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

15:54:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

[  319.908404][ T9907] BTRFS: device fsid fff6f2a2-2997-48ae-b81e-1b00b10efd9a devid 0 transid 17428505638685104809 /dev/loop2 scanned by syz-executor.2 (9907)
[  319.936084][   T27] kauditd_printk_skb: 3 callbacks suppressed
[  319.936101][   T27] audit: type=1804 audit(1577634868.680:31): pid=9897 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897842866/syzkaller.Oqv5uX/26/file0/file0" dev="loop1" ino=23 res=1
[  320.033482][ T9897] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  320.042699][ T9897] FAT-fs (loop1): Filesystem has been set read-only
[  320.053159][ T9897] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
15:54:28 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x0, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

[  320.066391][   T27] audit: type=1800 audit(1577634868.680:32): pid=9897 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="loop1" ino=23 res=0
15:54:28 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:29 executing program 1:
accept$inet6(0xffffffffffffffff, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3)
fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000140)='trusted.overlay.redirect\x00', &(0x7f0000000180)='./file0\x00', 0x8, 0x6095feb4c6236666)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
r3 = dup(r2)
connect$tipc(r3, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r4 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x8)
r6 = open$dir(&(0x7f0000000380)='./file0\x00', 0x8000000000006000, 0x0)
write$9p(r5, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r5, r6, 0x0, 0x10000)
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, 0x0)

15:54:29 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:29 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:29 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, 0x0)
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:29 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:29 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:29 executing program 5:
socket$inet6(0xa, 0x80003, 0x6b)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:29 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, 0x0)
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

[  320.760061][ T9907] BTRFS: device fsid fff6f2a2-2997-48ae-b81e-1b00b10efd9a devid 0 transid 17428505638685104809 /dev/loop2 scanned by syz-executor.2 (9907)
[  320.777979][   T27] audit: type=1804 audit(1577634869.510:33): pid=9934 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897842866/syzkaller.Oqv5uX/27/file0/file0" dev="loop1" ino=24 res=1
[  320.962060][ T9934] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  320.970959][ T9934] FAT-fs (loop1): Filesystem has been set read-only
[  320.980728][ T9934] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 17)
[  321.037274][   T27] audit: type=1800 audit(1577634869.510:34): pid=9934 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="loop1" ino=24 res=0
15:54:29 executing program 2:
r0 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000140)={0x0, 0x6}, 0x8)
connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x20000, 0x0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000040)=0xa7, 0x4)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x3}, 0x8)

15:54:29 executing program 1:
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80200000000000, 0x7fff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = add_key(&(0x7f0000000040)='big_key\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000001c0)='g', 0x524, 0xfffffffffffffffb)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_PVERSION(r3, 0x80045500, &(0x7f0000019040))
r4 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x1, 0x2)
ioctl$VIDIOC_G_STD(r4, 0x80085617, &(0x7f00000000c0))
r5 = socket(0x42000000015, 0x5, 0x0)
getsockopt(r5, 0x114, 0x2710, &(0x7f0000000040)=""/102400, &(0x7f0000000000)=0x19000)
setsockopt$IP_VS_SO_SET_TIMEOUT(r5, 0x0, 0x48a, &(0x7f0000000100)={0x1000, 0x2, 0x8}, 0xc)
keyctl$revoke(0x3, r1)
keyctl$invalidate(0x15, r1)

15:54:29 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:29 executing program 5:
socket$inet6(0xa, 0x80003, 0x6b)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:29 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, 0x0)
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:30 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:30 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000040)={0xa925, 0x2b, 0x0, <r3=>0xffffffffffffffff})
r4 = dup(r3)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$CAPI_GET_MANUFACTURER(r6, 0xc0044306, &(0x7f00000000c0)=0xf102)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x9, 0x5f08df0dd47b4dd5, r4, 0x22000)

15:54:30 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0))
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:30 executing program 5:
socket$inet6(0xa, 0x80003, 0x6b)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:30 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x100000001)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, &(0x7f0000000180))

15:54:30 executing program 1:
r0 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
fcntl$setstatus(r1, 0x4, 0x6100)
ftruncate(r1, 0x8200)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000005f00)={'filter\x00', 0x4}, 0x68)
r3 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x2007fff)
r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x400, 0x0)
openat$cgroup_int(r4, &(0x7f0000000040)='cpuset.memory_migrate\x00', 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
fremovexattr(r6, &(0x7f0000000080)=@known='system.advise\x00')
recvmmsg(0xffffffffffffffff, &(0x7f0000009000)=[{{0x0, 0x0, &(0x7f0000004200)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x9)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r11}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x243, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="400000002400070500000000000080001d6b5cd1", @ANYRES32=r11, @ANYBLOB="00000000ffffffff0000000014000100706669666f5f686561645f64726f70000800020000000000"], 0x40}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0xffffffffffffff31, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000002800070510000b0000000087676a2100", @ANYRES32=r11, @ANYBLOB="00000000ffffffff000000001d000e001c00010000000000000000000000000000000000000000000000000004000200"], 0x48}}, 0x0)
clock_gettime(0x0, &(0x7f0000000100)={<r12=>0x0, <r13=>0x0})
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x1d, r11}, 0x10, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="04000000110c0000c699000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r12, @ANYRES64=r13/1000+30000, @ANYBLOB="030000800100000002000080050200b22532d496dd6fd9ca"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4000)

15:54:30 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4000000010000507000000000000000000000000c3c2607d004fa29e302caa76370c5750cbe05eff093f920e513d25e1e1d0be4cd007c15e25db51ae1c8669f3190b8d572b0132e9d60b3152386395c0e26339242561f0009a0e5adc37c0ef2be700aef82d07b6427105b60a9fdddcba00d528c56b701bcf8f5b6317e9bee1f3247aba1521495297a58e8a4b93c2ecd272b5e23a87ae3808f8288ee6cff502030883d20f6e70041a809e65298ab54e2e495f50c768dccd1d0e3ff6d83ade3087f6e5c6c872acd5ceff342b971edc25e5418c06950fbf9d4e75afeef619c7", @ANYRES32=0x0, @ANYBLOB="8dd7c1a3000000002000120008000100677265001400020008000700e000000108000600e0000001"], 0x40}, 0x1, 0x0, 0x0, 0x883}, 0x0)

15:54:30 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x0, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:30 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x100000001)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, &(0x7f0000000180))

15:54:30 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0))
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:30 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x0, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:30 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x100000001)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, &(0x7f0000000180))

[  321.751147][T10012] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  321.783581][T10016] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  321.843598][T10003] netlink: 'syz-executor.1': attribute type 14 has an invalid length.
15:54:31 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:31 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0))
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:31 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000440)=0x1, 0xffe6)
sendto$inet(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10032, 0xffffffffffffffff, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x40, 0x0)
mmap$usbmon(&(0x7f0000013000/0x3000)=nil, 0x3000, 0x2000005, 0x4000010, r3, 0x1000)
r4 = socket(0x2, 0x803, 0xff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r6, 0xc008551b, &(0x7f00000003c0)=ANY=[@ANYBLOB="ff0f00000400f9c5a4f09eedd1190604ba1ddab30000ffffff7f"])
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
fcntl$dupfd(r4, 0x0, r7)
openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x100, 0x0)
r8 = getpid()
sched_setscheduler(r8, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f0000000280)={0x5, 0x70, 0x1f, 0x8, 0x3, 0x5, 0x0, 0x4, 0x104800, 0x9, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f00000000c0), 0x2}, 0x2000, 0x6f8, 0xffff, 0x6, 0x0, 0x40000000, 0x6}, r8, 0xc, 0xffffffffffffffff, 0x3)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = dup2(r9, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200)
ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x9)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
r12 = dup2(r11, r11)
ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r12, 0xc0945662, &(0x7f00000001c0)={0x100, 0x0, [], {0x0, @reserved}})
prctl$PR_SET_ENDIAN(0x14, 0x1)
sendto$inet(r0, &(0x7f0000000140)="7c0d111317b1ff8ec8f29f81319ec5b10d0d000000efd9448dbef1ffb4e3a6af87131512da528f6235fe35d3053b5cb4877c1b89bbf83f6d749d5b00679601a3abdc204cf1ad797252bb0c7b43e3e9763221cb2c8d76f824f4bea338f53aa75703f465e50e434e2193900c39ab79d37cc0ce7a", 0x2fdf442dff3bb63, 0x401c005, 0x0, 0xffffffffffffff36)

15:54:31 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8955, &(0x7f0000000500)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @remote}, 0x0, {0x2, 0x0, @loopback}, 'lo\x00'})

15:54:31 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x0, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  322.344882][T10033] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
15:54:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:31 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0b")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:31 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, 0x0)
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:31 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000040)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000080)=0x20)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x10000)
r3 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000200)='/dev/nvram\x00', 0x400a03, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00')
sendmsg$TIPC_CMD_SET_LINK_PRI(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a80)=ANY=[@ANYBLOB="680000009501c55cc39b6d9729cb99385c986eddf94ff578ebf2", @ANYRES16=r6, @ANYBLOB="05000000000000000000010000000000000009410000000900180000000062726f6164636173742d6c696e6b00"/98], 0x68}}, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r4, &(0x7f00000013c0)={&(0x7f0000001300), 0xc, &(0x7f0000001380)={&(0x7f0000001340)={0x30, r6, 0x300, 0x70bd29, 0x25dfdbfb, {{}, {}, {0x14, 0x18, {0x3, @bearer=@udp='udp:syz2\x00'}}}, ["", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x2, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
r11 = dup2(r10, r10)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
ioctl$ION_IOC_ALLOC(r11, 0xc0184900, &(0x7f00000001c0)={0x81, 0x3c, 0x1, r3})
pread64(r9, &(0x7f0000001240)=""/177, 0xb1, 0x7)
read$FUSE(r7, &(0x7f0000000240), 0x2305e2b7)
write$FUSE_CREATE_OPEN(r7, &(0x7f0000000100)={0xa0, 0x0, 0x2, {{0x800000000007}, {0x0, 0x0, 0x1000000}}}, 0xa0)

15:54:31 executing program 2:
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
write(0xffffffffffffffff, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
write$binfmt_elf64(r3, &(0x7f0000001100)=ANY=[@ANYBLOB="7f454c46ca0109058c0800000000000002000300f8ffffff6e00000000000000400000000000000082010000000000000400000040003800020004000900020004000000200000000300000000000000030000000000000006000000000000007c00000000000000000100000000000004000000000000000400000007000000f8ffffffffffffff08000000000000005002000000000000ff01000000000000020000000000000097d60000000000009f8dc715e5dec76b799f260d7a14e249b993e07eff0e9d8145fabac267850d35bec40b5b60089d268989997ef8534f3556f5cdc1516e812e7e5baffbe727b5645203000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b91e2f2e98a520ba8e41c7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001500"/1277], 0x4f2)
setreuid(0x0, 0x0)
setreuid(0x0, 0x0)
socket(0x0, 0x0, 0x0)
stat(0x0, 0x0)
ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000080))
socket$packet(0x11, 0x0, 0x300)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f0000000000)=0x1)
r4 = syz_open_procfs(0x0, &(0x7f0000000380)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$nV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\xc6\x96Y\xf7\xd3`\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/376)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$apparmor_exec(r4, &(0x7f0000000880)=ANY=[@ANYBLOB="5c431b28300e06439b72749b9b3873c316b19b3c6d79ea550e335c4336696d9b42d231d2bedd456620a0a676f7e789ecbfc897b337f010cdd9afbbeccc549ee0ba7733c495dc8d33f8ec2fa45587026706a9adca9fd8dd6b9f575b0f63b1d479d4ca3d0cd0515bac62a366349e6c9087385b00d9041aa6a417a6a07a746c17ef1b55fb44ec88d4a026db957770fb015b8cc4f68929705263c10974d35711741fa46efd3a90247bdf1d829a88c738c067b9bebd31117d8d27152b050000000000000053e6129f0dedb8b6d2b8b70c5bd879c64fcf45b4e616f36d71bb0fa863741f541e8c9c54b86a79acccf642decbb67d809476d78ae6d6a0381da8ef8fcfec8c4781de0cb0c1f26e9c04a5409daa099e45ef450e84f1608b0d025a5c33e5f12c66642f3400a724bf056cb809d006ae0886246456924d25fd29306d365a05aea71b4d0870a6519b0f4a9733fe0512f3d43936f91a4d36b27cc505bce73167e43c26d2d867b6a255ae9a1746a57869e85fa852966499f65f45d08f3ca83430d684d017af5027dc7b089400592b184e5cc91f07f9581235b9d6bf1a345610a65571ce4eeba84db23fdafbb19d94134fabdec0748c2229057e0fb8f3f664beadee22aa9105cb39411a8d269e81cf9e5776546de7e13ce718fbb28abf6c8a8325ec94fd90ebb3a3a89090dbc258f438d1834575e563d7b77165abaeef2a9e95dea08934725b5cc43fb7cf6fdbbe52c5bcb334be7df76e2f347dbc2e74941c25cb93ea22416128d64658d808d1104e7be8bc29c81e36ff95a3f384f4a5e866c2401f3768b3d6ab9a03953e565cc4255494521b3dab972403aa84430e5744ee61f5b982eabd353a22f6662fa18f2538a81ecfb6a7e11b3194c147f9fcc7371c005d4c44eff14a67b961e7e26bc6f0267147404824118d3e649fdd5ab3e5c80473e645fb510f8213df50ccb391231d0404474d50c6df2375b2c391c42fe546cd1e6127f8ac2dc279b1d5df38ec3d02d2eafdbc9c5f9077cbbd97426723ee973dc70da4a35138efb84ac8610ef5a9808d388f6609a7c2899a1c4f714d02267702f099285d5d66af9f4aead729931d1429ac8301d52ad60e7758ca33b8d3ded271008f9c7818ab784303499273b4c5738faa26d2431496b3029a24e850c8cf8f28337ce217765ede02826719d5f69d599ceb4ef155383f234895447fa7b8aa3aaaa1694dbb1e35c2c3a90f6f7af7ff145da8af7ce0c7"], 0x2c1)

[  322.717790][T10059] CUSE: info not properly terminated
15:54:31 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:31 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, 0x0)
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:31 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0b")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:31 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@nat={'nat\x00', 0x19, 0x1, 0x238, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000010000000000000ecffffff000000000000000000000000000000000000000000ffffffff00000000000097650445011ca71630ec820000000400000000000000000000000000000000000000000000006053e1c9f1b10da1f4c6afe095ccade989da7600000000000000feffffff010000000300e3ffffff0000080069666230000000000000000000000000ec38d36da3befb7dbc730357802664756d6d79300000000000000000000069705f76746930000000000000000000697036746e8630000000000000000000aaaaaaaaaabb0000000000000180c2000000000000edffffffffef00000070010000a801000069700000000000000000000400000000000000000000000000000000000000002000000000f500007f000001ac141400000007143800000000841e000000000000000100000000007265616c6d0000000000000000000000fdffffffffffffff00000000000000001000000000000000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aa02009e5b84c700000000000000000052415445455354000000000000000000000000000000000000000000000000002000000000000000000000000000e8ffffffffffffff0000736e6174001000000000000000000000000000000000000000000000000000001000000000000000aaaa0000000000000000000000000000000000009a31f7ea408d3e86027e4da5a31fb61a00000000000000000000000000000000000000000004e695c965bff93c9e5078ce4ea98ce547f5966fcf291e8099e112997872412b2a818aecddfff251be063d0f340c1a35b4114a36ac4e92efb0f0bc413dd349f541d04807cc066114b43c3a78321149849b8180d7d08f3d1a7f50284941d4b49f8f725bfe7e4ca99cc4e0852fb2e22cc82fd624cd1912902ab70abc7c7cbdc300dd1467f33bf17752b9f6ede10d2f49e27be0a6ddd7fbc4f994b5e0d0ee27946b75fccfd141c93ee6ad00fa148362929dd3f3551e9e89697ecd9f8b881e81bb"]}, 0x3a7)

15:54:31 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r0, &(0x7f0000000180)={&(0x7f0000000080)={0xa, 0x4e22, 0x1000000080000, @local}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=[@rthdrdstopts={{0x140, 0x29, 0xb, {0x2c}}}], 0x18}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4)
write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000000)={0xc, 0x8, 0xfa00, {&(0x7f0000000300)}}, 0x10)

15:54:32 executing program 1:
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x800000, 0x0)
chdir(&(0x7f0000000380)='./file0\x00')
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000200)=0xffffffffffffffff, 0x12)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6(0xa, 0x80001, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = timerfd_create(0x0, 0x0)
timerfd_settime(r4, 0x0, &(0x7f0000000200)={{}, {0x0, 0x989680}}, 0x0)
read(r4, &(0x7f0000a16000)=""/71, 0x47)
prlimit64(0x0, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x20141042, 0x10)
close(0xffffffffffffffff)
write$UHID_INPUT(r5, &(0x7f0000001cc0), 0x1006)
sendfile(r5, r5, &(0x7f0000000240), 0x2008000fffffffe)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r5, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e22, @broadcast}], 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuacct.usage_sys\x00', 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x40001)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)

15:54:32 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, 0x0)
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:32 executing program 2:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfec8)
timer_create(0x0, 0x0, &(0x7f0000044000))
r3 = getpid()
sched_setscheduler(r3, 0x0, &(0x7f0000000380))
dup(0xffffffffffffffff)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000280))
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x40000000, &(0x7f0000000040), 0x0, 0x5}}, 0x2cb)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x227d, 0x0)
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000), 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00'}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000740), 0xc)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(r5, 0xc0205648, &(0x7f00000000c0)={0xe9129bd55575e39c, 0x10001, 0x9, <r9=>r8, 0x0, &(0x7f0000000080)={0x9b0909, 0x8e4d}})
ioctl$FS_IOC_SETFSLABEL(r9, 0x41009432, &(0x7f0000000100)="8bab1e39955850bfca00031b84729707c9e711f71a1c9e9d1d0ff87d218509e999d9971957ab68fccf32aeb3db8fa808c16c006b2802bedc737d2bfd76769ee758604cd0decb31538a1a42ec71d9fcb026211e95069c06bd00685d2215d7c6d28fa5d32712668c5b1d4a08d7d452545d062a458e89be891310b768623be1021c60c1540a1eed94efaaa442d8ead0f17ca071c149a19381a99bcea2a8404293ee2c24ee397628205d47034f71d65c94a426dfc69e311d5a62223bae874ea8c4292c318b64ca3d3a864ad0f94e1fca68e76ae7671b32385bfa127f43cf070fe2f10107a54dc196b5558af57303d297a00603eaab5630ccd0b9915cd2b56cbecc4d")
bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x10005, 0x0)

15:54:32 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0b")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:32 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0))
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:32 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe847")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:32 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0))
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:32 executing program 2:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x7fff, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000340))
r0 = open(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
fchdir(r0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000019140)='/dev/autofs\x00', 0x180, 0x0)
mmap$snddsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x200000c, 0x80010, r2, 0x7000)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = socket(0x42000000015, 0x5, 0x0)
getsockopt(r3, 0x114, 0x2710, &(0x7f0000000040)=""/102400, &(0x7f0000000000)=0x19000)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r5, 0xc0a85320, &(0x7f0000019080)={{0x98, 0x8}, 'port1\x00', 0x4, 0x2009, 0x7fffffff, 0x4, 0x2, 0xfffff5b6, 0x210, 0x0, 0x8f21067d9c58779c})
r6 = socket(0x42000000015, 0x5, 0x0)
getsockopt(r6, 0x114, 0x2710, &(0x7f0000000040)=""/102400, &(0x7f0000000000)=0x19000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r11}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x243, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="400000002400070500000000000080001d6b5cd1", @ANYRES32=r11, @ANYBLOB="00000000ffffffff0000000014000100706669666f5f686561645f64726f70000800020000000000"], 0x40}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0xffffffffffffff31, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000002800070510000b0000000087676a2100", @ANYRES32=r11, @ANYBLOB="00000000ffffffff000000001d000e001c00010000000000000000000000000000000000000000000000000004000200"], 0x48}}, 0x0)
connect$can_bcm(r6, &(0x7f0000019040)={0x1d, r11}, 0x10)
setsockopt$RDS_GET_MR(r3, 0x114, 0x2, &(0x7f00000000c0)={{&(0x7f0000000000)=""/10, 0xa}, &(0x7f0000000080), 0x2}, 0x20)
io_setup(0x83, &(0x7f00000003c0))
io_submit(0x0, 0x13d, &(0x7f0000000540))

15:54:32 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:32 executing program 1:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$EVIOCGMTSLOTS(r2, 0x8040450a, &(0x7f0000000580)=""/137)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
r3 = getpid()
tkill(r3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
write(r0, &(0x7f0000000300)="66bac86f8f379a1ffc3cb841c9dd7111398614a7b7fe2a101f0bec6ef6ad878449c237a63622884c56a54a965f0382596cce9869577c5d0b707e242032da37b84e1e35dc0e5754d21944828e89873bb9ce71b3b368725aaf74894961375c5826028f1ed31f92a0b86d6c882376712704b3cccc130644f1be4f2accb895f583d923db15a93998651af91c386009f9abc0ff46efc181f36e45767bde72c49ec2d83085d8e03504383392d63cbeb60126bc3415783d10b156643a77988ed851bf9ac745", 0xc2)
socket$bt_rfcomm(0x1f, 0x1, 0x3)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x80000, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x48, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x20, 0x12, @ip6gretap={{0x10, 0x1, 'ip6gretap\x00'}, {0xc, 0x2, [@gre_common_policy=[@IFLA_GRE_LINK={0x8, 0x1, r6}]]}}}]}, 0x48}}, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f00000000c0)={<r7=>0x0, 0xd8}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r5, 0x84, 0x1b, &(0x7f00000004c0)={r7, 0x82, "b28efe50cf2a3af75b405c2226caed412547025164df969dae14914f02e1cb6b5273c0c7b19f770c172505a3ce30d52537631bc871e070edfbab1cb851b1169e8734b07b50a7155b7eb14c13cdda999ca4ba13edd130c160600790e240af1937d44d8fc44aeedb8be8687abc915bc31b381227189a64d5d81314efdaa78473ce9cd7"}, &(0x7f0000000240)=0x8a)

15:54:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:33 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe847")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:33 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0))
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  324.367529][T10127] batman_adv: Cannot find parent device
15:54:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

[  324.564436][T10148] netlink: 'syz-executor.2': attribute type 14 has an invalid length.
[  324.601752][   T27] audit: type=1804 audit(1577634873.350:35): pid=10124 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir851074691/syzkaller.deuHGh/31/file0/file0" dev="loop2" ino=25 res=1
[  324.644062][T10142] netlink: 'syz-executor.2': attribute type 14 has an invalid length.
15:54:33 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe847")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:33 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0b")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  324.668589][T10124] netlink: 'syz-executor.2': attribute type 14 has an invalid length.
15:54:33 executing program 2:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x7fff, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000340))
r0 = open(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
fchdir(r0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000019140)='/dev/autofs\x00', 0x180, 0x0)
mmap$snddsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x200000c, 0x80010, r2, 0x7000)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = socket(0x42000000015, 0x5, 0x0)
getsockopt(r3, 0x114, 0x2710, &(0x7f0000000040)=""/102400, &(0x7f0000000000)=0x19000)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r5, 0xc0a85320, &(0x7f0000019080)={{0x98, 0x8}, 'port1\x00', 0x4, 0x2009, 0x7fffffff, 0x4, 0x2, 0xfffff5b6, 0x210, 0x0, 0x8f21067d9c58779c})
r6 = socket(0x42000000015, 0x5, 0x0)
getsockopt(r6, 0x114, 0x2710, &(0x7f0000000040)=""/102400, &(0x7f0000000000)=0x19000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r11}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x243, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="400000002400070500000000000080001d6b5cd1", @ANYRES32=r11, @ANYBLOB="00000000ffffffff0000000014000100706669666f5f686561645f64726f70000800020000000000"], 0x40}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0xffffffffffffff31, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000002800070510000b0000000087676a2100", @ANYRES32=r11, @ANYBLOB="00000000ffffffff000000001d000e001c00010000000000000000000000000000000000000000000000000004000200"], 0x48}}, 0x0)
connect$can_bcm(r6, &(0x7f0000019040)={0x1d, r11}, 0x10)
setsockopt$RDS_GET_MR(r3, 0x114, 0x2, &(0x7f00000000c0)={{&(0x7f0000000000)=""/10, 0xa}, &(0x7f0000000080), 0x2}, 0x20)
io_setup(0x83, &(0x7f00000003c0))
io_submit(0x0, 0x13d, &(0x7f0000000540))

[  324.829185][T10169] batman_adv: Cannot find parent device
15:54:33 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:33 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe84740")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:33 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0b")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:33 executing program 1:
syz_open_dev$amidi(0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002000f42d1a68009d651de919c70a2f000300000000000100"], 0x20}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$VIDIOC_QUERYBUF(r2, 0xc0585609, &(0x7f0000000000)={0x9b, 0x3, 0x4, 0x400, 0x20000000, {0x77359400}, {0x2, 0xd, 0x8, 0x1f, 0x5, 0x1, "2c353fdb"}, 0x2, 0x1, @fd, 0x400, 0x0, <r6=>r5})
ioctl$VIDIOC_ENUMAUDOUT(r6, 0xc0345642, &(0x7f0000000080)={0x6, "8ead8de95a1e40341085d21c5aed9194661a982501428f51acb52a3ebdd1c20a", 0x2, 0x3})

[  325.090014][T10174] netlink: 'syz-executor.2': attribute type 14 has an invalid length.
15:54:34 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0b")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:34 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe84740")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:34 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000003c0)=@raw={'rawG\x00', 0x2, 0x3, 0x218, 0x0, 0xd0, 0xd0, 0x0, 0xd0, 0x180, 0x180, 0x180, 0x180, 0x180, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@local}}}, {{@ip={@local, @remote, 0x0, 0x0, 'veth1_to_bond\x00', 'eql\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x278)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0xcde0a8a722c94419, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000200)={@initdev, <r2=>0x0}, &(0x7f0000000240)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000640)=@deltclass={0x8a4, 0x29, 0x10, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0xe, 0xf}, {0xfff1, 0x6}, {0xb, 0x8}}, [@tclass_kind_options=@c_mq={0x8, 0x1, 'mq\x00'}, @TCA_RATE={0x8, 0x5, {0x1f, 0x6}}, @TCA_RATE={0x8, 0x5, {0xff, 0x81}}, @tclass_kind_options=@c_htb={{0x8, 0x1, 'htb\x00'}, {0x860, 0x2, [@TCA_HTB_RATE64={0xc, 0x6, 0x7fffffff}, @TCA_HTB_CEIL64={0xc, 0x7, 0x6}, @TCA_HTB_PARMS={0x30, 0x1, {{0xc4, 0x2, 0x2, 0x3f, 0x0, 0xffffffc0}, {0xc8, 0x1, 0xc000, 0x1, 0x81, 0x7f}, 0x3, 0x9, 0x80000000, 0x4, 0x80000001}}, @TCA_HTB_CTAB={0x404, 0x3, [0x7f, 0x4, 0x0, 0x8, 0x800, 0x1, 0x1ff, 0x1, 0xfd71, 0xfff, 0x3, 0xffffffff, 0x1, 0x1000, 0x9, 0xfffffffa, 0x0, 0x0, 0x80000001, 0x145, 0xd2ad, 0x3, 0xfffffffc, 0x7, 0x8000, 0x60, 0x1b, 0x14, 0x8d, 0xfe4, 0x1, 0xf77, 0x14000, 0xfffffffd, 0x100, 0xa46, 0x6, 0x3f, 0x7, 0xffffffff, 0x1a, 0xe4e, 0x7, 0x80000000, 0x6, 0x38, 0x10001, 0x6, 0x4, 0x7fff, 0x80000000, 0xffff8000, 0x800, 0xfff, 0x7, 0x8, 0x7fffffff, 0x6, 0xff, 0x40, 0x2, 0x4, 0x1, 0x7, 0x5, 0x1f, 0x3, 0x5, 0x9, 0x5, 0x7, 0xa0000, 0x7fff, 0x8, 0x6580, 0x3ff, 0x752d, 0x9, 0x800, 0x8, 0x6, 0x8, 0x1ff, 0x8001, 0x9, 0xfffffff7, 0x7, 0xfff, 0x6, 0x4, 0x1, 0x9, 0xcd, 0x1, 0x534, 0x96, 0x100, 0x10001, 0x10000, 0x1000000, 0x2, 0x20, 0x6, 0x8, 0x3, 0x8, 0x8c5d, 0x200800, 0x2, 0x1, 0x5, 0x1, 0x400, 0x1ff, 0x9, 0x2, 0x2, 0x36d03335, 0x7, 0x27e1, 0x3, 0x8, 0x3, 0xea5, 0x2, 0x7, 0x7, 0x5, 0xff, 0x7, 0x800, 0x8, 0x4, 0x75af5b7a, 0xffffff96, 0x200, 0x2, 0xfffffffd, 0x3a8, 0x80000001, 0xffffffff, 0x7c00, 0x91da, 0xe78b, 0xffff7976, 0xffff, 0x5, 0x2, 0x3, 0xc2a8, 0x4, 0x3, 0x3f, 0x400, 0x7, 0x0, 0x2, 0x5, 0x7b3fc4ef, 0x8, 0x6, 0x1f, 0x2, 0x4, 0x6, 0x800, 0x80000001, 0x0, 0x6, 0x0, 0xfffffffc, 0x7, 0x1, 0x1, 0x400, 0xfff, 0x7f, 0x29, 0x0, 0x800, 0x2, 0xb, 0x9, 0x8, 0xffff, 0x8, 0x8, 0x9, 0x9, 0xbfe4, 0x55b5c320, 0x9, 0x2, 0x2, 0x8, 0x20, 0x7f, 0xff, 0x68642fbc, 0x4, 0x0, 0xc, 0xee6, 0x7, 0xab, 0x1, 0x2, 0x0, 0x7f, 0x7ff, 0x57, 0xaa, 0x7, 0x3, 0xffff, 0x0, 0x1, 0x800, 0x5, 0x0, 0x8, 0x200, 0x2, 0x0, 0x9, 0x0, 0x3, 0x8001, 0xff, 0x9, 0xffff, 0x0, 0x9, 0x3, 0x6ce1c2d9, 0x0, 0x80000000, 0x7fffffff, 0xa6bd, 0x9, 0xfffffffb, 0x6, 0x101, 0x100, 0x7, 0x800, 0x1ff, 0x80000000, 0x6, 0x200, 0x0, 0x1, 0xfffffff9, 0x5, 0x8, 0x4]}, @TCA_HTB_RTAB={0x404, 0x4, [0x9, 0xffff8000, 0xa, 0x6, 0x5, 0x9, 0x9, 0x6eb8, 0x768a, 0x1f, 0x3ff, 0x1, 0x8, 0x6a9, 0x80, 0x9, 0x1, 0x9, 0x3, 0x3f, 0x5604, 0xfffff034, 0x9, 0x5, 0x324, 0xbff4, 0x9, 0xfffffff9, 0x1, 0x1000, 0x4, 0x401, 0x4, 0x1, 0xb3, 0x7f, 0xffffffff, 0x26, 0xbab, 0x2, 0x401, 0x400, 0x7, 0x0, 0x80000001, 0x7, 0x8001, 0x0, 0x1, 0x1, 0xfffffffe, 0xfff, 0x0, 0x1, 0x80, 0x2, 0x8001, 0x2, 0x6, 0x2, 0x6, 0x4, 0x3, 0x2, 0xff, 0x9, 0x2, 0x8, 0x8, 0x5, 0x9118, 0x0, 0xffffffc0, 0x4, 0x5, 0x7, 0x7fffffff, 0x8283, 0x800, 0x0, 0x1, 0x0, 0x1000, 0x8001, 0xff, 0x1, 0x7, 0x0, 0x8000, 0x2, 0x6d59e09d, 0x80000000, 0x1, 0x5, 0x6, 0x8, 0x1, 0x1, 0x5, 0x401, 0x3f, 0x100, 0x3f, 0x70, 0x1, 0x7, 0x1ff, 0x4, 0x9, 0x81, 0xfffffffc, 0x5, 0x2, 0x4, 0x8001, 0xec6, 0x0, 0x7, 0x97, 0x0, 0x2, 0x7022, 0x2, 0x1, 0x2, 0x4b, 0x1, 0x3084, 0x7, 0x9, 0x101, 0x2, 0x6, 0xffffffff, 0x26, 0x6, 0x5b, 0x30d, 0x400, 0x3, 0x64, 0x9, 0x1, 0x7a, 0x8, 0x978, 0x1, 0xaf5f, 0x5b21, 0x9, 0x0, 0xbdd, 0x3, 0x7, 0x7, 0x2, 0x1, 0xfffffc00, 0x800, 0xff, 0x0, 0x1f, 0x1ff, 0xfffffff7, 0xb473, 0x5, 0x401, 0x80, 0xf8, 0xffffffff, 0x80000000, 0x9, 0x3, 0x62, 0x4, 0xa2, 0x7f, 0x101, 0x29a, 0x462, 0x1, 0x7fffffff, 0x1f, 0x2, 0x400, 0x7, 0x9, 0x3f, 0x5, 0x1, 0x1, 0x5, 0x8, 0x7f, 0x80000001, 0x647, 0xffffffff, 0x2, 0x2ad, 0x6, 0x401, 0x6, 0x3, 0x7fff, 0x3, 0x3, 0x0, 0x8001, 0x0, 0x88, 0x58, 0x80000000, 0x4, 0x8, 0x79c9fdc9, 0xbf, 0x0, 0x80000000, 0x80000001, 0x7468e8d8, 0x1, 0x1, 0xfffffff8, 0x1, 0x200, 0x9ae, 0x8, 0x2718, 0x0, 0x7fffffff, 0x4, 0x9, 0x8000, 0x400, 0x4, 0x2, 0x4, 0x6, 0x1, 0x4, 0x0, 0x7fff, 0x8, 0x67d, 0x81, 0x101, 0x1ff, 0x3, 0x4, 0xffff, 0x4, 0x8, 0x0, 0x3, 0x0, 0x6]}, @TCA_HTB_CEIL64={0xc}]}}]}, 0x8a4}, 0x1, 0x0, 0x0, 0x4000}, 0x1)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r5 = dup2(r4, r3)
close(r5)
r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000036c0), 0x12)
r7 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ftruncate(r7, 0x200006)
sendfile(r3, r7, 0x0, 0x8000fffffffe)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = dup2(r9, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
r12 = dup2(r11, r11)
ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200)
r13 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r13, 0xc0c0583b, &(0x7f00000004c0)={0x0, 0x252a, 0x925, 0x0, [], [{}, {0x801, 0x0, 0x80000001}]})
r14 = socket$inet6_sctp(0xa, 0x5, 0x84)
r15 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r15, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r16=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r14, 0x84, 0x83, &(0x7f0000000080)={r16}, 0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r13, 0x84, 0x6d, &(0x7f0000000580)={r16, 0xf5, "3c22d0e9892ec8805fa795ec9c68573ce3ef7d8676fa93df7000cdd22cf0e49a6c7fd6ec4dfe4b435f40240b372a214fbe9c5de03f877a95b06e1c7f11149bf1ffc0c4b06521cd531a41b4e138714de57642456c952063989dc6b8be35933f80bc2de2ea0124773a13975e93f72629c35ee77743d827a815a703ea9c77415d20f6ea29aff7134da04eea0edee790802d782fd5bb887037bc05167cc07b5b6055aa20dfc86322734836b176b16804da23abd99ee7220e9fc935c66887f54a63ce32d88f7b5686247aa9d53719aecda75f58fe6b321b541d58a67c65082f91a3776a6be1e2afa0d9826f37a2a4b890601b8adfdf79be"}, &(0x7f0000000480)=0xfd)
getsockopt$inet_sctp6_SCTP_STATUS(r12, 0x84, 0xe, &(0x7f0000000300)={<r17=>r16, 0xff, 0x84, 0x9, 0x6, 0x100, 0x0, 0xfffffff8, {0x0, @in6={{0xa, 0x4e22, 0x5, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x5}}, 0xef, 0x4, 0x5, 0x0, 0x4}}, &(0x7f0000000140)=0xb0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r10, 0x84, 0x7c, &(0x7f00000001c0)={r17, 0x800}, &(0x7f0000000f00)=0x8)
r18 = dup2(r8, r8)
ioctl$int_in(r8, 0xa831, &(0x7f0000000100))
ioctl$PERF_EVENT_IOC_ENABLE(r18, 0x8912, 0x400200)
getsockopt$inet_sctp_SCTP_EVENTS(r18, 0x84, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0xe)

15:54:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:34 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe847")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:34 executing program 1:
socketpair(0x5, 0xa, 0x4, &(0x7f0000000000))
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000040))
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0xffffffffffffff7c, &(0x7f00000bfff0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b800000019000100000006005b000000ff010000000000000000000000000001e000000100000000800000000000000000000000000000000a00600100000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000fbbccf810000000000000000fd85d16e79bad40ac3794899000000000000000000000000000000d94bfeadbfce0d4ed6f71b242b42000000ea0000000000000000000000000000000000000500000000000000000000000000000000000000e6010000000100000000002000c282bb7a41b713d737a06541a8705e2a6ff8d6a578b27eb84fe10888c4042f4f47872a7c642cefc107de0c785b63dac33507788a2b6850545c3fc122da2f95bee50d4542828e7fe0c8c1aae75abc95ac35f164654d699eaae543af2a4e400e1a258724"], 0xb8}}, 0x0)

[  325.796517][T10223] ucma_write: process 85 (syz-executor.2) changed security contexts after opening file descriptor, this is not allowed.
15:54:34 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:34 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe84740")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:34 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe847")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:34 executing program 1:
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)

15:54:34 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000240))
r0 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x0, 0x0)
write$P9_RLOCK(r0, &(0x7f0000000100)={0x1d}, 0x8)
r1 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, 0x0)
write$P9_RLOCK(r1, &(0x7f0000000100)={0x1d}, 0x8)
ioctl$GIO_FONTX(0xffffffffffffffff, 0x4b6b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={r1, 0x10, &(0x7f0000000380)={&(0x7f00000007c0)=""/4096, 0x1000, <r2=>0xffffffffffffffff}}, 0x10)
pipe(&(0x7f0000000680)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = getpid()
sched_setscheduler(r4, 0x5, &(0x7f0000000380))
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000006ffc)=0x400000000008, 0x26d)
r5 = getpgrp(0x0)
capget(&(0x7f0000000000)={0x0, r5}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000580))
pipe(0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000240)='system.posix_acl_access\x00', 0x0, 0x0, 0x1)
r6 = socket(0xa, 0x3, 0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00'})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff}}}, 0x20)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r8 = gettid()
waitid(0x83b895581628fca5, r8, &(0x7f0000000040), 0x2, &(0x7f0000000480))
sendmsg$key(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r7, @ANYRESDEC=r8]], 0xfffffffffffffe56}}, 0x0)
r9 = memfd_create(0x0, 0x0)
r10 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x9a0efa2b65aacb27)
r11 = dup2(r10, r9)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r11, 0xc08c5332, 0x0)
r12 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r12)
r13 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x40)
writev(r13, &(0x7f0000000000), 0x0)
kcmp(0x0, r8, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
ptrace$setopts(0x4206, 0x0, 0x0, 0x40)
r14 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r15=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x4, 0x2, 0x1, 0xffff}, &(0x7f00000005c0), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r12, r14, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r15}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00', r15}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r15}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r15}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000080)='/dev/autofs\x00', r15}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r5, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00', r15}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000740), 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='ppp1\x00', r15}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r4, r3, 0x0, 0x0, 0x0, r15}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r15}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000240)={r15}, 0xc)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340)={r15}, 0xc)
r16 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000480)={r15}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xb, 0xb, &(0x7f0000001800)=ANY=[@ANYBLOB="180000000200000000000000ffff000018000000000000000000000000008000180000006a00000000000000070000008500000000000000145a100001000000850000005b00000085100000fcffffff95f0ffffff0000002007c411a8d105c493ce3c255e2f709acdc768013fdd6c25038d4770b17cac06c7db1bbfc3d01112ad33c53bcc0eb3d6f95592d5e8e77eb7598836bdf81bbb00f297e36aa776f0754b0bd4f3c3986c2f1adc2f9b7dd9681d48d4495d2f70c0a31c2971ed285f82446e72b3091dee83f6ae986ab8aa10dd030a2fb9d87e91750e1a6dd1e8ebe4058116a4ec1dfc06aa47c70f71a2294afc5460a2632b9f93db61ce38416f10e413c97a"], &(0x7f0000000140)='GPL\x00', 0x0, 0x29, &(0x7f00000017c0)=""/41, 0x41000, 0x8, [], 0x0, 0x17, r0, 0x8, &(0x7f0000000300)={0x7}, 0x8, 0x10, 0x0, 0x0, r2, r16}, 0x78)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r17 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
syncfs(r17)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
ftruncate(0xffffffffffffffff, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f0000000180)=""/19, 0xffffffda)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb)
request_key(0x0, &(0x7f0000000740)={'syz', 0x1}, &(0x7f0000000780)='/\x83@;\x16\x17E1\xa4\x00', 0xfffffffffffffffd)

15:54:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:34 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f00000005c0)=0x14, 0x4)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x400800, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x40, 0x0, 0x0, 0xb7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8}, 0x0, 0xffffffffffffffff, r1, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r3 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, r2)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, 0x0)
keyctl$setperm(0x5, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000600)={<r4=>0x0, 0x8}, &(0x7f0000000640)=0x8)
sendmsg$inet_sctp(r1, &(0x7f0000000740)={&(0x7f0000000100)=@in={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000180)="618bd185150fe9192a66e60937276eebc51db0b07543f09ff6ca209c4bed14a0940d15093af167ecba26e0f4c1c58b6b7f8570686987a4abc641053860e0e8f75ebd9aeb70801ee214f4b430650ba32cbdf9eb17ba28602fc8ff5a633245d0b00327daf70301bd8a2cc9951aebb102eeef2ce75d672340d00c63338e5b9b14ed68413eb97d2a32b2901f2fed", 0x8c}, {&(0x7f0000000240)="0ce883e4dd12bffe979ddeb1f7cacfcdce21", 0x12}, {&(0x7f0000000280)="252e73422b6c7026e24fb1a50e330cdde0260d43c1161e4174653fbd0fb91cdaedeb5082", 0x24}, {&(0x7f00000002c0)="0c1a441ccbc50b0f6f89", 0xa}, {&(0x7f0000000300)="dd03c75bb7d86cce82a7e0f6d4b2efeadd53235e397089e84a5040469b6d34f3ed", 0x21}, {&(0x7f0000000340)}, {&(0x7f0000000380)="2364f048221e70aa99e2570b3f838c3e74a52e2649d9d719d45efdb0a9a7367c82bdacf530c30396b076d70d17b4344be341991dff3cfd8f97979fb6fb265ebeacc925f6187cad7d31e5826c00c929cebf16f8a0a5acf75959d2499ad2c60ad5b565673b179b7028f5cd4df3b3b7b67e464c440915d8e37ef389bcc44e83bcfbde6895444a3563e9d2774d9adb7ca3258b0bcda462258b7261195dcc44d898ee71bd356635703b1b62b8e865a6876d99386ae2efef014bf757d78efd81713f779ac315cefbe06635b861749a8da57c376eea85f3dd47330fb466a91dd4d8d27863c62d6f2a069e63da6706", 0xeb}, {&(0x7f0000000480)="7a810cb5bec56583c44dce537e574c5f75abf8a45c4a6e5958beb7f3cb5e1195aa6ff0be00f2cd24157a46530c517b152da69843dc565186974463414075676e0b5dafcface924fb6849d8bf7ddb0c55725a16e8f6ee1013b0d5344596f86738c9c5d4337890be323e2308def9f03cbdf5b62f4be87db6b5951083c0b953d1fa34f69bd21518b15b8c101fc0edea", 0x8e}], 0x8, &(0x7f0000000680)=[@sndrcv={0x30, 0x84, 0x1, {0x4e, 0x7, 0x404, 0x3, 0x1, 0x0, 0x6, 0xff, r4}}, @authinfo={0x18, 0x84, 0x6, {0x1}}, @dstaddrv4={0x18, 0x84, 0x7, @loopback}, @authinfo={0x18, 0x84, 0x6, {0x1}}, @dstaddrv6={0x20, 0x84, 0x8, @initdev={0xfe, 0x88, [], 0x8, 0x0}}, @dstaddrv4={0x18, 0x84, 0x7, @dev={0xac, 0x14, 0x14, 0xa}}], 0xb0, 0x4}, 0x20040940)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140), 0x0, 0x0, 0x0)

15:54:34 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe847")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:34 executing program 1:
mkdir(&(0x7f0000000040)='./file0\x00', 0x1b5)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000)='fuse\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="6664b1392a94679b80cd120d3d", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='trusted.overlay.upper\x00', 0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000380)=""/4096, 0x1000)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x243, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="400000002400070500000000000080001d6b5cd1", @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000014000100706669666f5f686561645f64726f70000800020000000000"], 0x40}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0xffffffffffffff31, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000002800070510000b0000000087676a2100", @ANYRES32=r7, @ANYBLOB="00000000ffffffff000000001d000e001c00010000000000000000000000000000000000000000000000000004000200"], 0x48}}, 0x0)
setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000080)={r7, 0x1, 0x6, @remote}, 0x10)
r8 = socket$inet6(0xa, 0x2, 0x0)
dup3(r8, r0, 0x0)

[  326.168518][    T7] Bluetooth: hci0: Frame reassembly failed (-84)
[  326.176232][T10245] Bluetooth: hci0: Frame reassembly failed (-84)
15:54:34 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:35 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe84740")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  326.447967][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  326.454042][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  326.477484][T10262] fuse: Unknown parameter 'fd±9*”g›€Í
'
[  326.555589][T10265] netlink: 'syz-executor.1': attribute type 14 has an invalid length.
[  326.592672][T10265] fuse: Unknown parameter 'fd±9*”g›€Í
'
[  326.611430][T10262] netlink: 'syz-executor.1': attribute type 14 has an invalid length.
[  326.621286][T10265] netlink: 'syz-executor.1': attribute type 14 has an invalid length.
15:54:35 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
socket$inet(0x2, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:35 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:54:35 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe84740")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:35 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_GET_LAPIC(r3, 0xc008aec1, &(0x7f0000000300)={"a5f3a8e522cf46deb684554f6b8fbd4f7e932a17ac9acaeb9096a574e4d1b2a2ffaf034fadb5c97f6d09d8f43cc468eb70bc49260b8e6f5950a3d7bfa7aa0819e8f3d5d0fb3746c70aa9ce8d40dd526bbcfd1c90d4974b42f377f30600000024a6c2a8db1a0f8a29c1dee67babba8f9390a98666b89cd947345b59805a4fbca8e0684d744ec1fa20c66db3310de6d104badd7099c803825dc83e68da34a72265d850df6478f793c6d0f16d2b7dc7e12257a4ae26f55cf7bd7402131ff00bb7799c9d04795c1c569ed3ebe035a97a220b3d48a8269e384e7b04b0cfe3149340bb7c391a0fd0a8460691a3f3e989496b9e974ea88521c3c2ba98f028bef99b66e42a21a7ab99710b504e50aa67865eb98a1159e4f039a40dc9f590cf7adb99d74605bc8ee25ae9fa579cab2060720a88091c9deda86d1c8d49dddfa695b6ed89e081483c0f64eaf7eca37042d7c669062c0dca5c16a95613270aff1de7cdfa56d1633889cc0d4a0823a83f6b780c1a83b78d44a55013c8b49b87e428fc408c0b4c516f883364fb1d5a808d6fc23da3c62c00ba45876d17ffca1d759dd84c77a0f73057c9b55e55fc5dde5a2c3c7f636986395f65ff09593e006362d1ffda76a1545549cd7f8261cefdfa8e5746d61081c181290af322b084ac79f8b9e17725145a3b038e67ce74c1c63d5ebd9d0fb94959d6d2384e2ef86f360ad6d5ba660ee4c02a8a73d15ad270ac3912d2d5616e6c6b549d0e13bd94024527010069d0f2b151205146434fb4fc01d3b01a177e9594c800000000b912377664671ff053886c3b71d75a57d0f0e51a80d90ddafb323cd6e46690246b0add0400000088b67ded5b7b79591a6627e93d3fb799e7d25e91fc45480a3b6e0cfa0b7356f534f77a235bacca080e3b8485fec1937297559030e30bf91a904c4deef32b7cc5b689474c95ba4197972887151b5bf20ce81b40ef93d80883da0417a438f869b66541425002e41af4929a02c4671bfeaa460fd2fbd4b0988a2862ca1b72494f52669d7d35f38f10dbf8dc8df44641fb3b3e3f637d346faab0cca7c4a02bb6565164e0abb684539a1a71869d1d5c0032cc78db11f7df1b962b4af6707426952f287334594da1fe18301efaddab6cc6a78ae4d4a28034ffcced1711a358601e0f3887b171c99f295160e0fb852ae1abeb7895f96b73c13bfb128cc6194bcb2e58892bb6335be195775b2cef7c2dc6e78e8882fc5f6992be73f1dfcd0e317581aaa596b8d32b6425696497b793b6683f808440f99973752ac9ce62dd68292885df71b12b48097f7b443991636d548c1f90745a5f000040ee3baf1f1b78d9dae3721153cb611615cee228c0e4a47076d0e9f9d094a8352dbd47358aa88f173f37525b236a5ce3fd8645bd4aa9e20b8cf52dc97eef38177df3f700"})

15:54:35 executing program 1:
eventfd(0x3)
r0 = io_uring_setup(0x0, 0x0)
splice(0xffffffffffffffff, 0x0, r0, &(0x7f00000000c0), 0x6, 0x30d75284e23cd566)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x80000, 0x0)
shutdown(r1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4}, 0x1c)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r5, 0x4020565b, &(0x7f0000000240)={0x8001009, 0x3})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz1\x00', 0x200002, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$VIDIOC_QUERYBUF(r3, 0xc0585609, &(0x7f0000000100)={0x5, 0x8, 0x4, 0x1, 0x7, {0x0, 0x7530}, {0x1, 0xc, 0x8, 0xea, 0x9a, 0x3f, "73879b6b"}, 0x7f, 0x0, @offset=0x8c, 0x400, 0x0, <r8=>r7})
ioctl$KVM_ARM_SET_DEVICE_ADDR(r8, 0x4010aeab, &(0x7f0000000180)={0xbd})
syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x3, 0x9402)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @loopback=0xac1414e0}]}, &(0x7f0000000080)=0x10)

15:54:35 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

[  328.207977][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[  328.215117][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  330.288137][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[  330.294937][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  332.378013][   T17] Bluetooth: hci0: command 0x1009 tx timeout
15:54:45 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x0, 0x0)
listen(r1, 0x0)

15:54:45 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe84740")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:45 executing program 2:
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x400000, 0x0, &(0x7f0000000080)='overlay\x00', 0x0, 0x0)
chdir(&(0x7f00000002c0)='./bus\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000540)=ANY=[], 0x133)
setxattr$security_ima(&(0x7f0000000000)='./bus\x00', &(0x7f00000000c0)='security.ima\x00', &(0x7f0000000100)=@ng={0x4, 0xc, "aa3a2c6528349146c7"}, 0xb, 0x1)
sendfile(r0, r0, &(0x7f00000001c0), 0xa198)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="0000fc00", @ANYRES32=<r2=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000140)={r2}, &(0x7f0000000000)=0x8)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
sendfile(r3, r3, 0x0, 0xa198)

15:54:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:45 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xe003f00, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0x30, 0x10, 0x801, 0x0, 0x8000000, {}, [@IFLA_AF_SPEC={0x8, 0x1a, [{0x4, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x400000000000000}, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x7fffffff)

15:54:45 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:45 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:45 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x0, 0x0)
listen(r1, 0x0)

[  336.893576][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  336.913125][T10312] Bluetooth: hci0: Frame reassembly failed (-84)
[  336.926067][  T489] Bluetooth: hci0: Frame reassembly failed (-84)
[  336.952644][  T489] Bluetooth: hci0: Frame reassembly failed (-84)
[  337.037069][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  337.061017][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
15:54:45 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:45 executing program 1:
syz_emit_ethernet(0x7e, &(0x7f0000000180)={@local, @random="c8b703909a83", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x223}, @dev={0xac, 0x14, 0x14, 0x22}}, @icmp=@parameter_prob={0xb, 0x0, 0x0, 0x0, 0x5c, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @empty, @empty=0xbb030000, {[@timestamp={0x44, 0x40, 0x0, 0x0, 0x0, [{}, {[@empty]}, {[@initdev={0xac, 0x1e, 0x0, 0x0}]}, {[@rand_addr]}, {}, {[@dev]}, {}, {[@broadcast]}, {[@broadcast]}]}]}}}}}}}, 0x0)

15:54:45 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x0, 0x0)
listen(r1, 0x0)

15:54:46 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:46 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=@filter={'filter\x00', 0xe, 0x4, 0x390, 0x108, 0x108, 0x1f0, 0x108, 0x1f0, 0x2c0, 0x2c0, 0x2c0, 0x2c0, 0x2c0, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@mcast1}}}, {{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], 'rose0\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xe8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "7eedfcb331f3ae839a733f3041901a8d235bd39675399e5719d27a532748"}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0)

15:54:46 executing program 2:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
unshare(0x40400)

15:54:46 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x0, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  338.928135][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[  338.935203][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  341.008101][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[  341.014736][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  343.088059][ T3021] Bluetooth: hci0: command 0x1009 tx timeout
15:54:55 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:54:55 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)

15:54:55 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f000012afe4)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, &(0x7f0000000040)='F', 0xfffffffffffffd69, 0x20000003, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
shutdown(r1, 0x0)

15:54:55 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x0, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:54:55 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x891d, 0x0)
r0 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f000000c280)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @multicast1}}}], 0x20}, 0x0)
recvmsg(r0, &(0x7f0000007500)={&(0x7f0000006f80)=@ll={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @local}, 0x80, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x2da8020000100000, 0x500001c)

15:54:55 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

[  347.086617][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  347.098756][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  347.141413][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  347.180405][  T489] Bluetooth: hci0: Frame reassembly failed (-84)
15:54:55 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:54:55 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x0, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  347.182023][T10362] Bluetooth: hci0: Frame reassembly failed (-84)
15:54:56 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)

15:54:56 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f000012afe4)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, &(0x7f0000000040)='F', 0xfffffffffffffd69, 0x20000003, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
shutdown(r1, 0x0)

15:54:56 executing program 2:
r0 = syz_open_dev$admmidi(&(0x7f0000000280)='/dev/admmidi#\x00', 0x0, 0x80)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000200)={'lo\x00@\x00', 0x1801})
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xff, 0x0, 0x0, 0x0, 0x0, 0xce2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe04, 0x0, @perf_bp={0x0}, 0x800, 0x1ff, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
msgget(0x2, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x8000002}, 0x1c)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
splice(r5, 0x0, r6, &(0x7f0000000640), 0x9, 0x5)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x5, 0x8001, 0x5, 0x100, 0x3}, &(0x7f0000000300)=0xfffffffffffffd9a)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f0000000340)=@assoc_value, 0x8)
r7 = getpgrp(0x0)
setpriority(0x0, r7, 0x8001)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000400)=<r8=>0x0)
r9 = syz_open_procfs(r8, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, 0x0)
sendfile(0xffffffffffffffff, r9, 0x0, 0x0)
sendto$inet6(r3, 0x0, 0xfff3, 0x20000001, &(0x7f0000000040)={0xa, 0x2}, 0x1c)
splice(r3, 0x0, r2, 0x0, 0x1000000000000003, 0xa)
sendto$packet(r3, &(0x7f0000000340), 0xfffffffffffffd4d, 0x57, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'})
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

15:54:56 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  347.379075][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  349.248077][ T3021] Bluetooth: hci0: command 0x1003 tx timeout
[  349.255084][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  351.328040][ T3021] Bluetooth: hci0: command 0x1001 tx timeout
[  351.334699][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  353.407987][   T12] Bluetooth: hci0: command 0x1009 tx timeout
15:55:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, &(0x7f0000000180))

15:55:06 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)

15:55:06 executing program 1:
ptrace$getregset(0x4204, 0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=""/130, 0x82})
clone(0x28b84900, 0x0, 0x0, 0x0, &(0x7f0000000300))
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)="0272aae16e010f05dfd5d71cc8bab91d6d936cf44cd317b97f2a55de2da11f6e18b9d00ffc2ffadbfb9717eba42e7fe4c05cb583ea3eda7784d6295485da75d990180231f59ebe181b2c1efb0834ccb53d1cec4a6f2a239e64b7933129033faecb9e1ba890153d5a7b44e714cda28b4f3fcba183aa4829e8639470759738801af931737681657f6decd5d726312531bc25ba09f691da22dfa2773bad6958f651438f5aec2b0a627181f982be1b312614ee1fb7ead43f88c89ac6fef1ea610820076a16019cc346d8884480141ebb45dbcb6b59c73822fd33b7f22ff104ad68db421422335d97ce336d513503de9d4a62d3d7b29b2f969add4af8c0b339ff750804c0a0f91011c34854d5e076ed7592bc914d44eee8e0080e510b224edcb1aacefd47a6eb51627a52fac53eed4cc9a20246a637eb5e95ce9028da700daf4089a89ca94c84c37738754288f1aa22eaa4ba6cdda04b3b1fb846c64802809bd2a65a6f7919847b65956fb34a9ee698c8057c7ee6f33c20e4b96ebdca22a4dc6d1a61df20edd8205cc448ed6b846ff0b6c35a4963e48427c098a542f36a055d2161f74ad26a867740f64ed44aed19a4d5582b0a99f8c8a5781c91477302cf1e929bbec534eb4fc6b62b203bcc627913d817f57db502d57be3205727e2c6e47d2d201885eb6455273276e3a35a80d5aedbbac70a1b0a9173c797608479a7631eb8b63195efe23f354a7615900b191ed2e0053cebd06218df7fccf1717434a11c812057f083431a22cbacd089927d7c1509b0e94624b130b8aadd0af89eb4b6bfcc4cf67db95bd731892be3f1a2bf17917f4525f6e3463f331378f7ee7a872721ade7a62c16bf0e4c4a25971c9e64ca3a55ef13eddc6d6557931f149a0929cb87b8371e354ef6f06b1abfb506d5b6c7d35b51dabd94a4d816fbd3491e17c0094a659053724b94da23e5d9b4d260ef723929d79f14361ddab19bde5a05677c161ce38324c9264288dde2d398d52f87cf72a9e2db8a67b79598ef9f8fb5ac41fab294f21026f12c843afb510d2dff09f709aee946d38fe1f5304a11185bdf08e92ea42cfd576508359bd538195a0737c29445cda5504ddab67ebd1310dc8efc0380db010da701d2ffdc26575535f289535d625debc3494a7b3c20ff63c3b984812a7de5f2fd69580ec787de4a5c2ea293530a2f1fce30558b6dcb6776dcb256f817078849e597dd5651f65bcccccff1749cb46a79f37005a8ef555976a33eec417ce523ec5a94c8bfc8d2e61adad9f7759529bb7dc46d3954853aabe78f77e365075c04ee83091967504f7116d10fc2e3f3ef1ffc311397cffadb2ca0fcd4e18b44e08346192dba9840470b92a5a44d15df225f020abc62636c97509063f8d3633d8c0bc1fc783fd8f15d388dfa391c31b176ee3c730b765345d3a19300980566196ba633"})
syz_open_dev$ttys(0xc, 0x2, 0x1)
write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x71, 0x0, {{}, 0x6}}, 0x18)
recvmsg(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0xb3}, 0x0)

15:55:06 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:06 executing program 2:
r0 = syz_open_dev$admmidi(&(0x7f0000000280)='/dev/admmidi#\x00', 0x0, 0x80)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000200)={'lo\x00@\x00', 0x1801})
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xff, 0x0, 0x0, 0x0, 0x0, 0xce2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe04, 0x0, @perf_bp={0x0}, 0x800, 0x1ff, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
msgget(0x2, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x8000002}, 0x1c)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
splice(r5, 0x0, r6, &(0x7f0000000640), 0x9, 0x5)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x5, 0x8001, 0x5, 0x100, 0x3}, &(0x7f0000000300)=0xfffffffffffffd9a)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f0000000340)=@assoc_value, 0x8)
r7 = getpgrp(0x0)
setpriority(0x0, r7, 0x8001)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000400)=<r8=>0x0)
r9 = syz_open_procfs(r8, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, 0x0)
sendfile(0xffffffffffffffff, r9, 0x0, 0x0)
sendto$inet6(r3, 0x0, 0xfff3, 0x20000001, &(0x7f0000000040)={0xa, 0x2}, 0x1c)
splice(r3, 0x0, r2, 0x0, 0x1000000000000003, 0xa)
sendto$packet(r3, &(0x7f0000000340), 0xfffffffffffffd4d, 0x57, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'})
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

15:55:06 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:55:06 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000000)="0f20e035020000000f22e047e110c483250d039a0f218966b830018ec8260f20d164440f3566baf80cb8f22e9a85ef66bafc0cec66b837010f00d848b8769df4fa555b20110f23d00f21f835200000040f23f8"}], 0x1, 0x0, 0x0, 0x15c)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffd7d, 0x0, 0x0, 0x231)
r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm_plock\x00', 0xc2a491555d2b40b3, 0x0)
ioctl$SNDRV_PCM_IOCTL_DROP(r3, 0x4143, 0x0)
r4 = perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10006, 0x80011, r4, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r5, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000600)='net/ip6_flowlabel\x00n\xc01\x14\x894X\xed\xc1\xc9\xd8\xdcK\r\x8d\xae\x98&@\xd0\xe6\xbbQ\xd7\xffYn\x1c\x92\xde\x0e\xaa1\x91\x98\xe9\x1f\nMCi|+\xcdw\xf0\x176Z\xf1`\xac\xf3;\xd6d2\xeb\xe5\f\x0e\x8b\xda\xf7\xfc9\xfe\xff4\xef\'\xa19q\x93\"\x7fG3\xc1E\xe6e6\xc6\xc2u\x11% \xe7+0\x97\x84;\\\xda\xc4\x80\xc3\xb18N\xbfY%\x05\xf8\x85\x89\xfc\xd2\xd7')
sendfile(r5, r6, &(0x7f0000000240)=0x202, 0x4000000000dc)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000300)=0x4)
fcntl$addseals(r4, 0x409, 0x18)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffef)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000600)='net/ip6_flowlabel\x00n\xc01\x14\x894X\xed\xc1\xc9\xd8\xdcK\r\x8d\xae\x98&@\xd0\xe6\xbbQ\xd7\xffYn\x1c\x92\xde\x0e\xaa1\x91\x98\xe9\x1f\nMCi|+\xcdw\xf0\x176Z\xf1`\xac\xf3;\xd6d2\xeb\xe5\f\x0e\x8b\xda\xf7\xfc9\xfe\xff4\xef\'\xa19q\x93\"\x7fG3\xc1E\xe6e6\xc6\xc2u\x11% \xe7+0\x97\x84;\\\xda\xc4\x80\xc3\xb18N\xbfY%\x05\xf8\x85\x89\xfc\xd2\xd7')
sendfile(0xffffffffffffffff, r7, &(0x7f0000000240)=0x202, 0x4000000000dc)
r8 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r8, 0x0, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000600)='net/ip6_flowlabel\x00n\xc01\x14\x894X\xed\xc1\xc9\xd8\xdcK\r\x8d\xae\x98&@\xd0\xe6\xbbQ\xd7\xffYn\x1c\x92\xde\x0e\xaa1\x91\x98\xe9\x1f\nMCi|+\xcdw\xf0\x176Z\xf1`\xac\xf3;\xd6d2\xeb\xe5\f\x0e\x8b\xda\xf7\xfc9\xfe\xff4\xef\'\xa19q\x93\"\x7fG3\xc1E\xe6e6\xc6\xc2u\x11% \xe7+0\x97\x84;\\\xda\xc4\x80\xc3\xb18N\xbfY%\x05\xf8\x85\x89\xfc\xd2\xd7')
sendfile(r8, r9, &(0x7f0000000240)=0x202, 0x4000000000dc)
r10 = dup(0xffffffffffffffff)
r11 = syz_open_procfs(0x0, &(0x7f0000000140)='maps\x00')
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f00000007c0)=ANY=[@ANYBLOB="450900000e7df6eff5a495592169ec2a10dd82c1a972b13e90c87a398669bb4f53ce6f6ab859bdedf3b7db8ea81c959dd0d3e791013b6c1c1bd5522f953f808e70dd325670ad08f293c9cb6ce325b77180b65f1e91b40bb39dd2aae620add4138eb4baf8f3df064b2943c8038a98520537836f6b", @ANYRES32=<r12=>0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000700)=0x6)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r11, 0x84, 0x73, &(0x7f0000000740)={r12, 0x8001, 0x0, 0x7, 0x429}, &(0x7f0000000780)=0x18)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r9, 0x84, 0x22, &(0x7f0000000340)={0x81, 0x6, 0x4, 0x7, r12}, 0x10)
ioctl$VIDIOC_G_EXT_CTRLS(r7, 0xc0205647, &(0x7f0000000200)={0x9a000c, 0xe316, 0x0, <r13=>0xffffffffffffffff, 0x0, &(0x7f0000000140)={0x390361, 0x9, [], @p_u8=&(0x7f0000000080)=0xff}})
getsockopt$TIPC_NODE_RECVQ_DEPTH(r13, 0x10f, 0x83, &(0x7f0000000240), &(0x7f0000000280)=0x4)

15:55:06 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:06 executing program 3:
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
creat(&(0x7f0000000040)='./bus/file0\x00', 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
link(&(0x7f00000000c0)='./bus/file0\x00', &(0x7f0000000200)='./bus/file1\x00')
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000400)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0'])
unlink(&(0x7f0000000140)='./bus/file0\x00')

15:55:06 executing program 2:
r0 = syz_open_dev$admmidi(&(0x7f0000000280)='/dev/admmidi#\x00', 0x0, 0x80)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000200)={'lo\x00@\x00', 0x1801})
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xff, 0x0, 0x0, 0x0, 0x0, 0xce2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe04, 0x0, @perf_bp={0x0}, 0x800, 0x1ff, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
msgget(0x2, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x8000002}, 0x1c)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
splice(r5, 0x0, r6, &(0x7f0000000640), 0x9, 0x5)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x5, 0x8001, 0x5, 0x100, 0x3}, &(0x7f0000000300)=0xfffffffffffffd9a)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f0000000340)=@assoc_value, 0x8)
r7 = getpgrp(0x0)
setpriority(0x0, r7, 0x8001)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000400)=<r8=>0x0)
r9 = syz_open_procfs(r8, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, 0x0)
sendfile(0xffffffffffffffff, r9, 0x0, 0x0)
sendto$inet6(r3, 0x0, 0xfff3, 0x20000001, &(0x7f0000000040)={0xa, 0x2}, 0x1c)
splice(r3, 0x0, r2, 0x0, 0x1000000000000003, 0xa)
sendto$packet(r3, &(0x7f0000000340), 0xfffffffffffffd4d, 0x57, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'})
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

15:55:06 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x0, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  357.748325][T10418] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
15:55:06 executing program 2:
r0 = syz_open_dev$admmidi(&(0x7f0000000280)='/dev/admmidi#\x00', 0x0, 0x80)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000200)={'lo\x00@\x00', 0x1801})
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xff, 0x0, 0x0, 0x0, 0x0, 0xce2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe04, 0x0, @perf_bp={0x0}, 0x800, 0x1ff, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
msgget(0x2, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x8000002}, 0x1c)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
splice(r5, 0x0, r6, &(0x7f0000000640), 0x9, 0x5)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x5, 0x8001, 0x5, 0x100, 0x3}, &(0x7f0000000300)=0xfffffffffffffd9a)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f0000000340)=@assoc_value, 0x8)
r7 = getpgrp(0x0)
setpriority(0x0, r7, 0x8001)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000400)=<r8=>0x0)
r9 = syz_open_procfs(r8, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, 0x0)
sendfile(0xffffffffffffffff, r9, 0x0, 0x0)
sendto$inet6(r3, 0x0, 0xfff3, 0x20000001, &(0x7f0000000040)={0xa, 0x2}, 0x1c)
splice(r3, 0x0, r2, 0x0, 0x1000000000000003, 0xa)
sendto$packet(r3, &(0x7f0000000340), 0xfffffffffffffd4d, 0x57, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'})
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

[  359.407970][   T17] Bluetooth: hci0: command 0x1003 tx timeout
[  359.414947][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  361.487988][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[  361.494875][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  363.568088][   T17] Bluetooth: hci0: command 0x1009 tx timeout
15:55:16 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x0, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:16 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
open(&(0x7f0000000200)='./bus\x00', 0x80, 0xe3)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r2 = dup2(r1, r0)
close(r2)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f00000036c0), 0x12)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'vlan0\x00', 0x1})
r4 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r4, 0x200006)
sendfile(r0, r4, 0x0, 0x8000fffffffe)
pipe(&(0x7f00000001c0))
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$TIOCGDEV(0xffffffffffffffff, 0x80045432, &(0x7f0000000100))

15:55:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, &(0x7f0000000180))

15:55:16 executing program 1:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10)
ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x5457, 0x0)
sendmmsg$inet(r0, &(0x7f00000037c0), 0x2, 0x0)
syz_open_procfs(0x0, 0x0)

15:55:16 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:55:16 executing program 2:
r0 = getpgrp(0x0)
prctl$PR_SET_PTRACER(0x59616d61, r0)
socketpair$unix(0x1, 0x40000000000001, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0)
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
shmctl$IPC_RMID(0x0, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000002fc0)=ANY=[@ANYBLOB="03"]})
r5 = dup(r4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, 0x0, 0x0)
r6 = gettid()
socketpair(0x10, 0x3, 0x39, &(0x7f0000000040)={<r7=>0xffffffffffffffff})
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000000080)=0x1, 0x4)
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4200, r6, 0x0, 0x76)
ptrace$cont(0x93223113b3a89357, r0, 0x69b5, 0x6)
tkill(r6, 0x200000000038)
ptrace$cont(0x18, r6, 0x0, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x20000000, 0x20000004, 0xf9})
ptrace$setregs(0xd, r6, 0x0, 0x0)
ptrace$cont(0x9, r6, 0x0, 0x0)

15:55:16 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x0, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:16 executing program 1 (fault-call:4 fault-nth:0):
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:55:16 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500"/20, @ANYRES32=r3, @ANYBLOB="00000e00ffffffff00000000080001006362710018040200040406000000000000000000000000000000000000000000000000000000000000000000000000000000000054490000000000000001d4d64300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e816e4a12d356b0f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000500060000000000000005000000"], 0x444}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000002800210400"/20, @ANYRES32=r6, @ANYBLOB="ac030080eb8600000075700000200002001c000700000001000000ff7f0000000011000500020004060000000000000009033fc1badb4d9e7c81fdacfd0c9b69735843de8b4c1ef779b8d8f7bf7afb33e23753792aafde2698ebe5f83bc5b1d2c16b6d0e583c75ba0a6d8da2ca131e39aeef0fcdc74614011561f8b4b5072f528488e272570d0898fbb59f770f16f2d6609a261e541459071b3ac443c90e65002c7bb10e55b939000000001908c219e6"], 0x50}}, 0x0)
r7 = syz_open_dev$vcsu(&(0x7f0000000140)='/dev/vcsu#\x00', 0x3, 0x81400)
connect$caif(r7, &(0x7f0000000280)=@dbg={0x25, 0x1, 0x8}, 0x18)
r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000000440)='/dev/zero\x00', 0x800, 0x0)
ioctl$PPPOEIOCSFWD(r8, 0x4008b100, &(0x7f0000000900)={0x18, 0x0, {0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 'vlan0\x00'}})

[  367.794278][T10461] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  367.803897][   T27] audit: type=1804 audit(1577634916.540:36): pid=10454 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir001578280/syzkaller.idzXQF/54/bus" dev="sda1" ino=16739 res=1
15:55:16 executing program 3:
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0105303, 0x0)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
r0 = accept4$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000300)=0x1a, 0x1000)
write$binfmt_script(r0, &(0x7f0000000780)=ANY=[], 0x0)
symlinkat(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$FBIO_WAITFORVSYNC(r2, 0x40044620, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x8002, 0x0)
writev(r3, &(0x7f0000001640)=[{0x0, 0x353}, {&(0x7f0000000380)="40e14974", 0xffffff1d}], 0x2)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f00000003c0)={<r4=>0x0, @in6={{0xa, 0x4e22, 0x0, @ipv4={[], [], @remote}, 0x7ff}}}, &(0x7f00000001c0)=0x84)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000480)={r4, 0x2, 0x1f, 0x40, 0x0, 0x7f}, 0x14)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x80000, 0x100)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x41, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x8010000000000084)
ioctl$TUNGETVNETHDRSZ(r5, 0x800454d7, &(0x7f0000000540))
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0xfffffffffffffffe)
bind$inet6(r6, &(0x7f0000000180)={0xa, 0x4e23}, 0x1c)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, &(0x7f0000000380)=0x9)
syz_open_dev$midi(0x0, 0x9e7e, 0x1201c2)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
listen(r6, 0x200000000002)
r7 = socket$inet6(0xa, 0x5, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x46)
bind$inet6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
socket$nl_crypto(0x10, 0x3, 0x15)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r7, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10)
setsockopt$bt_BT_FLUSHABLE(r5, 0x112, 0x8, &(0x7f0000000140), 0x4)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  367.841970][T10467] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
15:55:16 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:55:16 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, 0x0, &(0x7f0000000240))

15:55:16 executing program 2:
r0 = fsopen(&(0x7f00000001c0)='proc\x00', 0x0)
semget$private(0x0, 0x4, 0x0)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x8}, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(pcbc(des3_ede-generic),nhpoly1305)\x00'}, 0x58)
socket(0x10, 0x3, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
dup(r3)
openat$dlm_control(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm-control\x00', 0x500, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = dup2(r6, r6)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000540)='/dev/cachefiles\x00', 0x176080, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = dup2(r8, r8)
ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
r11 = dup2(r10, r10)
ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r13, 0xae60)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r16, 0xae60)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r17, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r17, 0xae80, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r17, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x67ab]})
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
dup2(r14, 0xffffffffffffffff)
r18 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='cpuacct.usage_user\x00', 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000380), 0x4)
r19 = getpid()
rt_tgsigqueueinfo(r19, r19, 0x16, &(0x7f0000000100))
ptrace(0x10, r19)
ptrace$pokeuser(0x6, r19, 0x388, 0xffffffffffffffff)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r18, 0x28}, 0x10)

15:55:16 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, 0x0, &(0x7f0000000240))

[  369.648005][ T3021] Bluetooth: hci0: command 0x1003 tx timeout
[  369.655207][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  371.728175][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[  371.735217][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  373.808051][ T3021] Bluetooth: hci0: command 0x1009 tx timeout
15:55:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, &(0x7f0000000180))

15:55:26 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)

15:55:26 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, 0x0, &(0x7f0000000240))

15:55:26 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r1 = accept(r0, 0x0, 0x0)
close(r1)

15:55:26 executing program 3:
r0 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000240)='X', 0x1, 0xfffffffffffffffe)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000980)={{{@in=@broadcast, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@initdev}, 0x0, @in=@initdev}}, &(0x7f0000000a80)=0xfffffe06)
syz_mount_image$btrfs(&(0x7f0000000340)='btrfs\x00', &(0x7f0000000540)='./file0\x00', 0xfff, 0x5, &(0x7f0000000900)=[{&(0x7f0000000600)="227fbd9b860c93652aee828d7b8d1768fba9ea91f16eadfc800fc3702d03cf1f062fb30ba1d8d50b319f022faa8e560e81ceef658ebdadc4707fa1b5dbb152e6771a9a9467ae143b54fbe2e98a8ce82519c166bdf5a0e7f0afa7749a6d3a1ae95e868bf856fb7d3ff5d53d2b677cf764ca415063af501ffa8420d81153b488f54b834eab2111b8c09edc19d817375bf319345c5e3adc379aa4da8c121ab2a74704b3fa6debe98c84cf63a32ec3e7439dec246f0ba2533d6697e7f3af2a6160a7bf247da9f6ea299628f224415627968f0aa3698120a70dc846902035a130448dde2b7d3dbbad15d0987a187fdf5625737857efde", 0xf4, 0xe2}, {&(0x7f0000000700)="156eecf1b4bbee04529ea89ce98ff41ec9bffd818b73fe3904fbf12f873b0b8102677e4b47edc3d58cd25ed2e78675449f25688d37718403316ea8c2f9a0c86253e43a525763961f78e7dfad944487cd10f29f4a2f1024f04ec2d5525fae4393767c575704040e947766af9dcd2d386bd360e64dba6cc7ec88cdbed814765d21d57f7269c01149eba1c4b2ad28644466626b88cc78743a17a96f6dd42b8726b5793bb9c719c93e7e204bc9226008b9f0370497550e842efd4baba3d5c500525ecbf8cb92919073073f91f7815189ff3ad8ca83446fba9b3cde57ff68c3a93acc21", 0xe1, 0x7ff}, {&(0x7f0000000580)="db34dfc044d11dd8378d6afafef4fdaf2e8d910bafaf9df30700936144ae97c4b22adb29e0cb", 0x26, 0x100}, {&(0x7f0000000800)="ad72bf0f0465529b4cb7597e1d9fddab6c2bceac8f5d463694b0b7dec34acc1ac05ddc57890fdb17d02ab2e917d88ea1d35eddb23cdd37a2", 0x38, 0x9}, {&(0x7f0000000840)="6b29ffe6fd4815ec1405141f08cb963084b4ecc4d4ec2ad1abde78004295f67d4273e7bf613d5a3b3bf3661601c50e9fc194fe5edb4321eb78e4004158269f06986634314edd40f6b949e3a2660cdbe92ce5c368b61511b29e9f547b2ed6bfde6511fb7197fa75f30b20621de006db2a7b8aa17912f167cf552fc20ce2f53fc326", 0x81, 0x20000000}], 0x1000, &(0x7f0000000ac0)={[{@compress_algo={'compress', 0x3d, 'zstd'}}, {@subvolid={'subvolid', 0x3d, 0x2}}, {@enospc_debug='enospc_debug'}], [{@subj_role={'subj_role', 0x3d, 'mime_type'}}, {@euid_eq={'euid', 0x3d, r2}}, {@smackfshat={'smackfshat', 0x3d, 'xcbc(anubis-generic)\x00'}}]})
r3 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r3, 0xc0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=0xf09e, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x6, 0x5}, 0x0, 0x0, &(0x7f00000000c0)={0x1, 0x8, 0x401, 0x4}, &(0x7f0000000100)=0x102000000, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=0x3f}}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r6, r6)
ioctl$sock_SIOCSIFBR(r6, 0x8941, &(0x7f0000000440)=@get={0x1, &(0x7f0000000380)=""/137, 0x400})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = dup2(r7, r7)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = dup2(r9, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200)
write$fb(r10, &(0x7f0000000d80)="bbc6e14f8329c0ebe114229a5f5d01010000000000008df88b870bcbd8bf7bd7455b34e2c57dfffbcd2b7f15f9311262d31d794976b78cbc40faf9d14ba96f266429392728f7fa1c7e354344b76a4d10bcad80f931d2c29fab0544388cee6697642c66fafd85763bcd580cfe0f9e2d1a2ebccb0a8ed429fd82f0cf300552d4d2b995236f7b8bce4e0a73226bc51d12cd7ed77e179fd41470ba932e62402373d5d386a56d410bb811112428617d22158941ee91835e49f2ea45a2f31a4102141cd8f7255d7694", 0x3f1)
r11 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r11, r11}, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={'xcbc(anubis-generic)\x00'}})

15:55:26 executing program 2:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x0, @ipv4={[0x0, 0x0, 0x0, 0xfec0000000000000], [], @local}, 0x3}, @in6={0xa, 0x4e21, 0x81, @mcast2, 0x3}], 0x38)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e22, @local}], 0x20)
prctl$PR_GET_ENDIAN(0x13, &(0x7f0000000080))

15:55:26 executing program 2:
mkdir(&(0x7f0000000b00)='./file0\x00', 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f0000000080)=0x80000001)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x200000000, 0x80000000000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f00000002c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

15:55:26 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x10)

15:55:26 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), 0x0)

15:55:26 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$dV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/370)
readv(r1, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/177, 0xfffffe1b}], 0x1)
write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xfffffffffffffd57}, 0xfdd7)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x88000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xac, r2, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x54, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xe79}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x9}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e24}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xfffffb75}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8a0}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x6}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x64}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffff}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x7, 0x5, 0x9}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3b}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0xc}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1ecd}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}]}, 0xac}, 0x1, 0x0, 0x0, 0x40040}, 0xc090)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$vcsu(&(0x7f0000000300)='/dev/vcsu#\x00', 0x1a4, 0x40000)

15:55:26 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x100000)

15:55:26 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), 0x0)

[  379.887995][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[  379.894761][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  381.968029][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[  381.974829][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  384.048023][ T3021] Bluetooth: hci0: command 0x1009 tx timeout
15:55:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, 0x0)

15:55:36 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000000)={0x1, 0xfe82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x7}, 0x4000, 0x80000001, 0x0, 0x9}, 0x0, 0xffffffffffffffff, r1, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBMODE(r2, 0x4b45, 0x0)
io_setup(0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000200)={0x0, 0x1000, "e8b51890bb68e99f698c044fb587a7342825e955a43095ef3bd8120e1dad096c4892c0c6c03c0d0ba0b296880e4d6fa6cc1f3fa9e68b6d2a869a14cf3044eaac1fbcffc8db662827449b02133253aa186eac87a6c40d97bcf2ea04a122ec6bc3313f468d8a2e94d7c3c91bc60c18511d3d09e56ba6b031e02f17806138e93a991a8332268019285b664023a3602ab5677435a7ed05ef3f95bba737fc61545f90ed50f91254ca42415b8ee5facb0732cb5ddbd9ef5af19e1c8a80e01c4692ec076f3fbc5038f2d01e6370a78e3f977dd89df09536232571dc87730d76e5aee0a0e73a327f8f1bbeff58ba2e5d36cee727ae1d5e54386cb385646528165f33b9dcd236d7dc1adf9d57125f8c5e249fd485c754736a627a52aaaa446458ae1607b77246fe5c5c385fc2d92d79f6dfd9470634e15161d53f0173a59517082b8d59b48e664f2b1937365baa1bbfcb58c6e0c7e9a4bc9907c49ac043f870bb3fa237b03fd147a29a370c0997a0f668a5cef3e4b62c42eec6926e2ffd7ce57f3fa02bdf879f5af9e709713db32cba3f78dd59cc576b95e63ba8231a96b51f60fc8d81174a3ecbb0e7e9d9e3154854b4d44e933274069d1a0ed332ec5c1dbe8a56b860d5bddd808afbc1861f314c00dc4995a3bbe4b85c75a757fada43077ad69f8e67865f9dbe573e470827ab59939b68ab14a56b6a5170c90931decb7ad4dccd375855932375a534d2de6075ed911b464e73f877e971b1e51bc0efaeb17d37c77f95b1dfa0ac67d585278c05a808fa0d48914e46306b6e1d2ef5bc5f924149dabf2ba4d254923bf617e77e77d527ad339d86df2ad8aa55d04bf8a220441021e592b5c87c01357702f163044d47472543e6d660d52827ecd22f2648e2a9ae1316ae3a3c7676f3022ad49d0fe29405f3cdaf46f7ffc74940845533f8d7c7fbea84638a78895734704d64cf68b698c952b3a6a5f0c4d2e490bd7ea5cccd19ea77a14012c572bb942849a2abf5b577e3cba3a7d69ddfa348273b2da1b537b1ad38c5832fbe3f16dedc8ecfb3611a67abda0155f5dbbb078bc4477eddc4cfe256f4f0c83c01f6657ca53b0b4a8c6db175a0e3ff03b5306c13cf97d3ef69e1550ad8ae3356e2373339a9a4b6392360553fbcce445733a175d7d08d4661ae00131eeda9ede9798979b0fa89dc2d4e778eef7717c1e6dac131a8caa8aa9d4ce4a0ec86e1ed7a581602b5c4356da20b02aca234c0b9177c1df06b97f2549b0e49b2a0f63c4a9e49a6d385832432f200755ba08ded5db46e1dc8d8c8412c4842a4fa9c31812663d45e4ef36278bbb0de13979353b0642a731d45f13b35e7241360275409f4ea56e4c10c747fc7ca883c6cc3818f459524c8f1b4aa5abab7d2a8729bf7236bce875d3d399c3031ac6a54e2f1f026161f4f8729d4fd1a85b2ea49173ac7a767826c401987b872ad2161f30d23972a4384fab108947f8b796df8a7a92c3ccb5844d5c092b1f70f901df220b5e131536e51ee3a9b93a9e1019e907c2bda2cdf4a35cab7d160cc1617966e0c0893ae8799bd9355e3dae97a03babbf9c84c6abdaf6f167afd36d6dd9d860b123a75bc33d454e5f14287b39adff55d50bc7fe36ab4566af71dc957401d19e0a1b751acad3ece99e57a1142a2b11aef5292b6a47a4d180187c2af04cee029abbf18cba7d0ce07068ead08a4c3ae715dd12223b878e6652ca77552bcf32c99ec715ba84d98f0cb4a2c0de8f847afed126be61ad7983e80d19b3ee4b7d52f58c6b43d788ec5d2b2c68625867a218565a5421cdddc7589a097d8de5d454a7e551ba0e2e08c7b4e0d723112fe1776f153ed2f0cf79a396a55496c6d9cbcc92e2463ad1e8cf7df732ee1b563dad8323c31d32ad2621af7d69d0f2e507a7037b0b400aae4d6b52d34401086be5c241495f55a3def5e889e4fd6bf89ba608024864e4628ab3dec4ebcb22447e611066eb08df0ec68444e6a662a371d257c3158511818bda6fc3bb2ae0b8a0c6cf599e5877ec8e1b4d63f559b2847225f2a0bcb7fdf6866e1822ebc3c34f2c2b86b7aac797d758f60045288bd49601c9062cdd931507c5f7dc4587932fee24997e1eaae47c8a83523fb9e89e28f14f100926c1d79a2ee87c686a8c4f5f2efee6416acf901779b6baed9a910ec368724d418e9f2dc3643b8d9af318dd9b414b51dd0997b32a3687bc737e98165a5f1343d877ede407a905af38e86e0ce8f1d3b2117f7778000cdd64916b063adfa8c1fef000b09dfa686b51cc2893016252539024d94f5ea9afe17e5ac7e1db0a1802a0d76ced236f7e868618789cb234987c71d3aecfa927ef5f054e70944929173b6f8dd20968ba3aea5cd9a97bcbc5465d2b0cf5d33f7e2954398d2db86e779c35b6c390cb17bf68bd074635dd8132e7d2bfd49a40f863ad830b24b3fdd2b53aef0f98f4817338490af051c3727dda23ba2a343fdadce8fa138df612e0cd09df50013ef2207c728696086d0a9dd577c758e0242351e3768f5813e6b01f6ddf77ab29e68e58d23ac37b43656a97817f2c4342c78dc9764390765dc922817f2065b8a07dac3c5151e15c42414cfd94db0d1ff1d36ce2ecc52e57775ca26c461a02b5c1fd9ec26d047b50a4ed7db82167480b2a56921906e84e9a393f83812d1aefe04964798134a053be0f77127cc2a22d2932824ecc0262426f55ffcc1f3206cb6f563da031a1ef52c147d4bc77c737446d691d0105cc85fcd8008e7926e5acc83b54c20060ee7f78d7a1a4e000fc6f80081b7914ea1a7d6337b2efd02acaed2b8378b7d6e2a5ecd62836e9e9afc8f509a9501fffdf9a42370f8f453869d5214bf601fd59c4fc6e74d47351b13dd185aa962f6add5aa86900a1d36c62645059e9ed4b90d0db4fd9fcfd6036c273e2ad0ba331d18155f0a983b97b889de67c1780e5497fa520ee8e099852a350c5a16d550f36cf2880b8ebd5338c0c39eb26861a1d192895347d0badaabfd1e8f1cb7508e8f73ccd2ed9d6cb264e4f8e8c8b89d9855ca8e5cfdc7b13dc353c48511c6e6641bd430c3cab6b3810317e1f38d721c56101aa6022c3ab67e1a83e5dd90833ea7d80d5a51841beccb752b2daf7576009436d79ddaef034f15ea429117a9937f068503e116f0a9e60e7227986bb0b047220ef786648598903e9503b8c825f63699d672787700a853bdb66b77e32c8d020793732296899c52c93e938b0f43f2b7e7702f7c0893315c2be51a10a1fb57dbb6169c025f50a012607e81939e3a7483c99c1d5d1d94eed5d0812143495291d9c0b4c2663049e49b4840b3f0b0bc0afc1bb29895a7209e891979e75842ddf80cd663e38ff95034f71dda0969a0f52eddf0a413c7a78bb0c63b1817ff146c1432022df8595af59ad520e9ba8d7100ba7dd2c5cea726c037cf1719557bdc781822716bf597f6d8e8cb77a518e7ba403e431b7446e8d4cf7f1f2df3e5aaaa3e30ae9ac7b1fa8022cbd1f71a4d07b0c5e9f7b2399ff82d4974ecf2a8e27ba4e95792839dcd9bf461f5e4c706e44e6596d383da4b32e4468aa9bf869d92c4abe991ad2cfdb1769296f5d4683b0232f457a1d4d99964837f5fe969d3d12525fa6a10756c3491368bf08abfd645341a2068f3575d6da7eaa30626d48e8f7c83404d0c2dbb55198b877b6151593f20bb3fd9a32b6ec2b4c05fd56d55933c943a8d02d1ca5d3a8734e46d07ebd14e94fa365a37a16ecc11b83980e03e1554a030aea694cdb2aab2217ca42b7f9c3f843e3d3f3cce6520460db8648ed56cd87299f53378c9d16abf20b60ea1d154414e62d6f24e6816dd5e7ea384953c043768b69923a2e015adfd9930a58959cb2b1174c7628ebf3e0d9484e81e8e7d35db1335cf6963824c7dc8fcf6f5fbb1af456d688c6acfbcad57cd9066aa1477e7dfe7d7dcd7b32a93f4f23510814128d90a836f542f273985395703faae82c14a9368b2a76a57350ab0363e7282affe5416633dce8de916fb7015a72734d69931fddea0cbd1af166554f40b703c976569914744a83684a6032dcd918c30cf1e07c4b703e8cddcaabee1e54a4afc28369327c8a37e80b9b83a8db790c716c932d1ec5f36f68d36eeb70bce7009d99341bd96e73f6a23295d69d007cfb66b7afb00be82ce91ce18fd82278677579d00d71620c82356ff30937b69ff67415498bb4a3b9a913fcefe24ccfa6c58cfd87bb3160da109acc70192842975a524e06bc571e22b26e1db9591ec3666ee7982f4ae66f069853589e636471b25efbc2ec412ca05c149e1a58d4028a3efc3684e768c1c00c6a2171b1bce9ed9dcc7048fa06e1bbfb42eae85ddc1013733d825c57f79dc979a197790610a6faaa96487e66fa1a636910727261f6db3c80c09081d189d9f154c43369e548a6198393a9519fb1d02fc56f32d3ae4b0a4b5a36028820537590af6ab5a8aa2b543226464aa3366fb08b94cc20e8ef526eccbc4428051d5a0780507809fe9e5945b5ff672772fae21d1391a288c7650e4b3835b8f4a17bcd43b217ac2a734fa86c036e8e64cc4f29413aa5a562527c98ece029de3d5483f6a0adf36d0ec776f6df0ddb3a5d8af169107b73d50b04094b33d364bf1494f600804f62068651ea9fab133441f5308586186d98a5eb8ae52b8a0073bdbfd5e0018531968973c2f0da41e86229347fe8a7ac485b65fc6b9fb307c9b730d6d8ee96c9a2d347c913d441ccf96bb1bf7b342b455efcc6983db12ae8738a6a05983981fe7139f1d72f7e2cdc5805972b41d94007c87ed291be9c8e87e54ce49bcd741d527866bab22547469eafbb89d0eab434fcbc2bc9e15b2c0ac667961d7e75931ba116bf61b50f7a4f1970273eb7757ea079e56a5d2514f004be84f6a66ae0f9418b3187ec35f111d54128114e8bf1a36c498f224628f83deb968a58132e275fa86bbdc4ed9d6dfdf031b869364f99e7b115769162c5d22652778bf4ebc7f6cf1d427eff6a773d99dfe834406015dc44b60c687c4b2377e1b2c2237aa9bbd53df6e814ffce05de942ce219f6e7c3096194b54edaaa7653a53d99e8adef16bc3b1a188658f6227c74c8059f24098edd8535a4ec554155726ce31533585359deb62a9a5be7402f36a115ac9ad2763cf1d956224a95d80c2ff370a71b444c1c12aaab1014329044436b866c25b1bd3d95c465d94dcb41a30001676a11dd4de628d251fe665dc342e77bc2f5710dee9be56fbd8f1a2721e41706558b9a30b7c0990f48a1deb9adc70a6d962e3218a007fa92c9714090cacfe43c2c109b5e13c6ac45190cf8f9d7fed313922dccc0a2b664970033f079f5c67cc06cccfe0c913b5cf3ff3165eeab51643b6c1866e31c5ec2d8dc20e4217831ec3be5181dfd450181998878140496ce63105db620a1ef660afe8f319dca52207267710d1be8343c57001232a8bbe961fd5a844b75230b6a08254b958c6b63fa2bc7b89b6a4e48ae84de158516f2eba3301207f659755d83df64ce8822f1c2db04622b261058825c1cf36e97c8c4099b0d0a4569093488bc04ca56e36b8a2f0bd4067350135688861c2c9e08bc9584557751ce50c5c39cc92a5427a0fb3cf5f0f41264467fdb1376c5675e3ec90c0e415243e2ad81216c09a9d9171110a14b6c6388f58b6b26b46d7c17f541d80b42f0072adacbdc253f0e7ae141d538b2db331addea09c3da4f1859803826e3622f0540cbd9dce42cb406aa0d6dd4abc303b04178e9f11f0d4dfd4804540db8c0577943c17d0d295c7936a4fde3179a6a3d9efc5eb6d81e4"}, &(0x7f0000000180)=0x1008)
ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000140)={0x15, 0x97, &(0x7f0000000080)="1cb3d4b92c6fe40627639b1af372ff72daae0b6403ab0679f2fa02a739073f9b26b91b647993128e696250137c63c10cd3fca2bf17a56f92be5011b414270af23a4edf3c582c5762e3c99508fae3e9a37f8cad7dd7ec3fd2e4194c20fc7f67aa1ac230a45bed58a3f180a5b10c66948114c17ffb2c4e10cfdc491cb9571f070925a3092f104fcf088600cec20824e3b6cfd11f8df2c665"})

15:55:36 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), 0x0)

15:55:36 executing program 2:
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0xfffffffffffffce8}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000580)='ip6_vti0\x00')
getpeername(r1, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @initdev}}, &(0x7f0000000180)=0x80)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000300)=@v1={0x0, @aes256, 0x859c8c76b55f391c, "89b469587ec92003"})
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x2000, 0x0)
ioctl$EVIOCGEFFECTS(r4, 0x80044584, &(0x7f0000000200)=""/222)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/nfsfs\x00')
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x100, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000180))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x223d1c9d3656c55d)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz0\x00', 0x200002, 0x0)
unshare(0x40000000)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000580)='ip6_vti0\x00')

15:55:36 executing program 1:
socket$inet6(0xa, 0x80003, 0x6b)
unshare(0x2a000400)
r0 = socket(0x42000000015, 0x5, 0x0)
getsockopt(r0, 0x114, 0x2710, &(0x7f0000000040)=""/102400, &(0x7f0000000000)=0x19000)
ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e5, &(0x7f0000000000)={0x1f, "1c41aacf70738d8c678d84a4d18b0b080a426331447e07b9f745df02a9b576e9043037a5858cf0f72b10d93c02abd07ef98c11c454b887b02103bfe8d1783e8fd2389921ba62b97e85d3de13de5d4fb6d56d16daf9b89987655a293885a23a2da8212d2acfdf307956e9444235ec1e39128864a28a86371b3bd40e985a09fc59"})
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x7)
openat$vcs(0xffffffffffffff9c, &(0x7f0000019040)='/dev/vcs\x00', 0x2000, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$SG_GET_RESERVED_SIZE(r3, 0x2272, &(0x7f0000019080))
listen(r1, 0x0)

15:55:36 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r1 = accept(r0, 0x0, 0x0)
close(r1)

15:55:36 executing program 3:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40, 0x0)
ioctl$SIOCX25GCALLUSERDATA(r0, 0x89e4, &(0x7f0000000080)={0x46, "81b9bbdb1a8bd62734a65d000000000000004e71ed2dd40500cab709c0c12842ce2786b0a417a6e0dfb06b25a6701b9192d7b8f44fe73984b5c3c9219bf0f18f61805501b99a8c491183e44c2f7f9e51b3000245a31d1f1431d29ae52f17e84eca92a0b67e0ccdfb832fc05c2be9dd36b08b209bacde000000ff00"})
modify_ldt$write2(0x11, &(0x7f0000000040)={0x1002, 0xffffffffffffffff}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

15:55:36 executing program 5 (fault-call:4 fault-nth:0):
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:37 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = socket(0x42000000015, 0x5, 0x0)
getsockopt(r1, 0x114, 0x2710, &(0x7f0000000040)=""/102400, &(0x7f0000000000)=0x19000)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x8, 0x2, 0x604, 0x400, 0x7f, 0x616f, 0x5, 0x2, r2}, 0x20)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r3, 0x0)

[  388.390403][T10556] IPVS: ftp: loaded support on port[0] = 21
15:55:37 executing program 1:
socket$inet6(0xa, 0x80003, 0x6b)
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)
r1 = getpid()
shmget$private(0x0, 0x3000, 0x31, &(0x7f0000ffd000/0x3000)=nil)
sched_setscheduler(r1, 0x5, &(0x7f0000000380))
tgkill(r1, 0xffffffffffffffff, 0x18)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f00000003c0)={'nat\x00', 0xc5, "0aa67e1a4b8dbd3a4919b3f6b7229ab659bd6370e52a1cd4aef5f6df87849ac581a040f7ed104b214c35048d19fb029736cf5f52ebb617d869da23511cf711ad76af8d77b0a6d78ac444f4783b669a43d8cf020bf9bf1aec0f07e8d0e7fc62a4c43af949f02d6470d616720a37bb870e17abe3a236133f43516569d89d481a404428677838790cf7f57cb845fe77792a4b3e3d26f99968c4b136a66fc43b45fb16e1f17aa45cc39cc461e70231636ae75bc26a2f7c9ba1e9cfbffab6661a198dd428020acb"}, &(0x7f0000000300)=0xe9)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000280)={0x0, 0x5, 0x4, 0x40000, 0x5, {0x77359400}, {0x4, 0x8, 0x7f, 0x20, 0x5, 0x98, "3915b4aa"}, 0x97, 0x2, @fd, 0x401, 0x0, <r3=>r2})
ioctl$PPPIOCSMRU(r3, 0x40047452, &(0x7f0000000180)=0x7d1)
ioctl$SCSI_IOCTL_START_UNIT(r0, 0x5)
r4 = syz_open_dev$vcsu(&(0x7f0000000000)='/dev/vcsu#\x00', 0xb171, 0x400)
write$vhost_msg(r4, &(0x7f0000000200)={0x1, {&(0x7f0000000040)=""/128, 0x80, &(0x7f00000000c0)=""/135, 0x3, 0x3}}, 0x48)

15:55:37 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:37 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
r0 = socket$kcm(0x10, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
write$P9_RVERSION(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="1500000065ffff01800000230039503230303075"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x26f)
r4 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0xc4, 0x1)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='9p\x00', 0xa64648106a13ce7d, &(0x7f0000000480)={'trans=fd,', {'rf5no', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_none='cache=none'}, {@privport='privport'}]}})
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOC_PR_CLEAR(r5, 0x401070cd, &(0x7f0000001300))
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000001740)={0x0, 0x0, 0x0}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000019c0)='/dev/sequencer\x00', 0x1, 0x0)
open(0x0, 0x141042, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(r5, &(0x7f0000001340)='cgroup.controllers\x00', 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x5220000}, 0xc, &(0x7f0000001600)={&(0x7f0000001440)=@newqdisc={0x70, 0x24, 0x0, 0x70bd27, 0x0, {0x0, 0x0, 0x0, 0x0, {0x5}, {0x4}, {0xa}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x2}, @qdisc_kind_options=@q_prio={{0xc, 0x1, 'prio\x00'}, {0x18, 0x2, {0x0, "b1129b50a8336a17a0c412ab477104bd"}}}, @TCA_RATE={0x8, 0x5, {0x1, 0x47}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x7d}, @qdisc_kind_options=@q_drr={0x8, 0x1, 'drr\x00'}, @TCA_RATE={0x8, 0x5, {0x0, 0x7}}]}, 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x4040)
socket(0x2000000000000010, 0x3, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x15b, 0x0}, 0x0)

[  389.108862][T10563] IPVS: ftp: loaded support on port[0] = 21
[  389.348148][  T489] tipc: TX() has been purged, node left!
[  390.128068][   T17] Bluetooth: hci0: command 0x1003 tx timeout
[  390.134230][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  392.208046][   T17] Bluetooth: hci0: command 0x1001 tx timeout
[  392.215357][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  392.978066][  T489] tipc: TX() has been purged, node left!
[  394.288040][   T17] Bluetooth: hci0: command 0x1009 tx timeout
15:55:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, 0x0)

15:55:46 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x102, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:46 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r1 = accept(r0, 0x0, 0x0)
close(r1)

15:55:46 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
exit_group(0xffffffffffffffff)
r2 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x0)
socket$isdn(0x22, 0x3, 0x24)
r3 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x2)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000140), &(0x7f0000000180)=0x4)
inotify_rm_watch(r2, r3)
ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f0000000000)={'erspan0\x00', 0x3ff})
listen(r1, 0x0)
socketpair(0x1, 0x1, 0x40, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
accept4(r4, 0x0, &(0x7f0000000100), 0x80000)

15:55:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000000080)={0x4580000000000000, 0x6000, 0x1f, 0xf, 0x15})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r8, 0x0)
r9 = getuid()
mount$9p_unix(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='9p\x00', 0x4, &(0x7f00000002c0)={'trans=unix,', {[{@posixacl='posixacl'}, {@cachetag={'cachetag', 0x3d, 'system('}}], [{@uid_gt={'uid>', r8}}, {@fowner_lt={'fowner<', 0xee01}}, {@smackfshat={'smackfshat', 0x3d, '/dev/kvm\x00'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@uid_gt={'uid>', r9}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@smackfshat={'smackfshat', 0x3d, '\\selfvmnet0:eth0#\'&vmnet0md5sumsystem'}}, {@context={'context', 0x3d, 'sysadm_u'}}]}})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f00000000c0)={0x6, 0x0, [{0xffff9ee5, 0x2, 0x0, 0x0, @msi={0x4, 0x5f63, 0x9, 0xffff4678}}, {0xd20d, 0x6, 0x0, 0x0, @sint={0xfff, 0xff60}}, {0x8001, 0x1, 0x0, 0x0, @sint={0x1, 0x4}}, {0x2, 0x642548e40e18b01e, 0x0, 0x0, @sint={0x6, 0x7}}, {0xffffffff, 0x2, 0x0, 0x0, @adapter={0x6, 0x9, 0x1, 0x9, 0x7}}, {0x1, 0x6, 0x0, 0x0, @sint={0x9, 0x80}}]})
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x15)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000000))

15:55:46 executing program 2:
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0xfffffffffffffce8}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000580)='ip6_vti0\x00')
getpeername(r1, &(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @initdev}}, &(0x7f0000000180)=0x80)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000300)=@v1={0x0, @aes256, 0x859c8c76b55f391c, "89b469587ec92003"})
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x2000, 0x0)
ioctl$EVIOCGEFFECTS(r4, 0x80044584, &(0x7f0000000200)=""/222)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/nfsfs\x00')
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x100, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000180))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x223d1c9d3656c55d)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz0\x00', 0x200002, 0x0)
unshare(0x40000000)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000580)='ip6_vti0\x00')

15:55:47 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x2, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:47 executing program 1:
r0 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x60)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$FICLONE(r0, 0x40049409, r2)
r3 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r3, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r4, 0x0)

[  398.438494][T10607] debugfs: Directory 'vcpu0' with parent '10607-7' already present!
[  398.501333][T10611] IPVS: ftp: loaded support on port[0] = 21
15:55:47 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x4, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000000080)={0x4580000000000000, 0x6000, 0x1f, 0xf, 0x15})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r8, 0x0)
r9 = getuid()
mount$9p_unix(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='9p\x00', 0x4, &(0x7f00000002c0)={'trans=unix,', {[{@posixacl='posixacl'}, {@cachetag={'cachetag', 0x3d, 'system('}}], [{@uid_gt={'uid>', r8}}, {@fowner_lt={'fowner<', 0xee01}}, {@smackfshat={'smackfshat', 0x3d, '/dev/kvm\x00'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@uid_gt={'uid>', r9}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@smackfshat={'smackfshat', 0x3d, '\\selfvmnet0:eth0#\'&vmnet0md5sumsystem'}}, {@context={'context', 0x3d, 'sysadm_u'}}]}})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f00000000c0)={0x6, 0x0, [{0xffff9ee5, 0x2, 0x0, 0x0, @msi={0x4, 0x5f63, 0x9, 0xffff4678}}, {0xd20d, 0x6, 0x0, 0x0, @sint={0xfff, 0xff60}}, {0x8001, 0x1, 0x0, 0x0, @sint={0x1, 0x4}}, {0x2, 0x642548e40e18b01e, 0x0, 0x0, @sint={0x6, 0x7}}, {0xffffffff, 0x2, 0x0, 0x0, @adapter={0x6, 0x9, 0x1, 0x9, 0x7}}, {0x1, 0x6, 0x0, 0x0, @sint={0x9, 0x80}}]})
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x15)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000000))

15:55:47 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
r1 = accept4$inet6(r0, &(0x7f0000000000), &(0x7f0000000040)=0x1c, 0x0)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x2638, @mcast2, 0x2}, 0x1c)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
fremovexattr(r4, &(0x7f00000000c0)=@known='com.apple.FinderInfo\x00')
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r5, 0x0)

15:55:47 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x5, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  399.157977][  T489] tipc: TX() has been purged, node left!
[  400.458171][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[  400.464306][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  402.528143][ T9333] Bluetooth: hci0: command 0x1001 tx timeout
[  402.534262][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  404.608190][   T17] Bluetooth: hci0: command 0x1009 tx timeout
15:55:57 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, 0x0)

15:55:57 executing program 2:
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
rt_sigprocmask(0x2, &(0x7f0000000040)={0x100000000008b0}, 0x0, 0x6)
rt_sigtimedwait(&(0x7f0000000300)={0xfffffffffffffffd}, 0x0, 0x0, 0x8)
acct(&(0x7f00000003c0)='./file0\x00')
socket$inet(0x2, 0x0, 0x0)
acct(&(0x7f0000000000)='./file0\x00')
fcntl$setlease(r0, 0x400, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r2, 0x117, 0x5, 0x0, 0x0)
syz_mount_image$minix(&(0x7f0000000280)='minix\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x6, &(0x7f0000000780)=[{&(0x7f0000000400)="22e01f3b014dec395cec0d0ccbb668419efebe67b5d4e30cb40f128c56d5aa0b64a0b4faddf52bc5a96699a7472e600ac988f8ed0dab65fa7266baeaf5236f44c93c27b2a483f2531020f4aa70206cf3addf741a96a64849ba2463fdb5efae929c4aea3c2c3ed00b6625b9ffcd051401e0a5fab97239e73d11496523cbf911a99d03ce9da1d533168d0cc80454dedb696e79c91359794ca06fb01bb068b946365ed2f597ba3899c16e8fc067f666a1db095721f626b9bbba52f27db720caae43998527e3b85d4ebff4a5bf68dd7c70f84c18931f914a1592083becf0da3cfcea4c5ae17ac7c8daf42740727bd2e3", 0xee, 0xfffffffffffffff8}, {&(0x7f0000000500)="fcf9edfc33f2d4a41ea20c1909a668dfe7350dce2e3cdcdd25e5e25d011b940832bb4aa8ce18f893f33f5961e36b6f73d51e83b8c34463c24c6667debf3eaf474da98eca69a6f0abee5413580dcade053d95759922cc3f7b54e7781cfe45211c501e04db71765e5a72904812a2c7da0354e5f343b41150c9b18acbd998e39b5d08cdd5b0ba9e52f99493131726e6a4c1105fdcbdbe1fda3e98f29d375ea0ead3df8842191c00183259fe5558dce503bf47ce7f9fad85bc559deb34c29cc623f5d65f6f06116512487cae38bc126ceb235426c328ebcb2549b3b93d07", 0xdc, 0xcb}, {&(0x7f0000000340)="a4c85bfa3bca3f90bc41f6bc0bd36fbf3a8107375a39ec18171c8f0787", 0x1d, 0x3}, {&(0x7f0000000600)="3806a2966e69393aad4d1ad9132863c756b35be0b7c1a63ea949095bb13bfb9c3e3f519bf99f90bbb4693c75f3bba966d04cf70c7b8fd288f338e65bd3f5900d9f", 0x41, 0x5}, {&(0x7f0000000380)="adaf7d8f3016f6695ececc", 0xb, 0x38}, {&(0x7f0000000680)="a5f8136976c7975800920e56ac0b11e83d2dc79c118e0779579bbe1008f406cf0be7fbd4162a7fd476d8c722b2336f5701ccb2045d1c0c0533910abb83c697a7b4424982622fc4ea0223dc27efa836c38d20852606dec972738b4c0802f2e39c62746ae83a351fffc804f4003c852805de6a26495d54337585a6d2616570284cb7c536f250bc0ba4048c73802f69cd7e7182a4c468b49352e9368d962cbbee1f27f4c73e962d2f83d34fb5517616bb811086b75c4b8f2898bc2825f48ca0cbd2f9ded6a661dcdb3f99140f66324e0972382dacf3e957d2702d44b523c4ef552c50", 0xe1, 0x401}], 0x40080, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x1000)
mount$9p_xen(&(0x7f0000000080)='syz\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x3002, &(0x7f0000000200)={'trans=xen,', {[], [{@dont_appraise='dont_appraise'}, {@audit='audit'}, {@euid_eq={'euid', 0x3d, r3}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@fsuuid={'fsuuid', 0x3d, {[0x0, 0x61, 0xa8, 0x6e, 0x65, 0x34, 0x38, 0x64], 0x2d, [0x64, 0x31, 0x36, 0x64], 0x2d, [0x38, 0x34, 0x34, 0x64], 0x2d, [0x65, 0x38, 0x65, 0x63], 0x2d, [0x31, 0x63, 0x0, 0x66, 0x63, 0x65, 0x39, 0x33]}}}]}})

15:55:57 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x6, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:57 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:55:57 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_FPEMU(0xa, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
watch_devices(r3, 0x4a, 0x0)
listen(r1, 0x0)

15:55:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000000080)={0x4580000000000000, 0x6000, 0x1f, 0xf, 0x15})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r8, 0x0)
r9 = getuid()
mount$9p_unix(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='9p\x00', 0x4, &(0x7f00000002c0)={'trans=unix,', {[{@posixacl='posixacl'}, {@cachetag={'cachetag', 0x3d, 'system('}}], [{@uid_gt={'uid>', r8}}, {@fowner_lt={'fowner<', 0xee01}}, {@smackfshat={'smackfshat', 0x3d, '/dev/kvm\x00'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@uid_gt={'uid>', r9}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@smackfshat={'smackfshat', 0x3d, '\\selfvmnet0:eth0#\'&vmnet0md5sumsystem'}}, {@context={'context', 0x3d, 'sysadm_u'}}]}})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f00000000c0)={0x6, 0x0, [{0xffff9ee5, 0x2, 0x0, 0x0, @msi={0x4, 0x5f63, 0x9, 0xffff4678}}, {0xd20d, 0x6, 0x0, 0x0, @sint={0xfff, 0xff60}}, {0x8001, 0x1, 0x0, 0x0, @sint={0x1, 0x4}}, {0x2, 0x642548e40e18b01e, 0x0, 0x0, @sint={0x6, 0x7}}, {0xffffffff, 0x2, 0x0, 0x0, @adapter={0x6, 0x9, 0x1, 0x9, 0x7}}, {0x1, 0x6, 0x0, 0x0, @sint={0x9, 0x80}}]})
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x15)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000000))

15:55:57 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x3, 0xc3)
listen(r1, 0x0)

15:55:57 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x7, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:55:57 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:55:57 executing program 2:

15:55:57 executing program 1:
socket$inet6(0xa, 0x80003, 0x6b)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = dup2(r6, r6)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = dup2(r8, r8)
ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$VIDIOC_QBUF(r7, 0xc058560f, &(0x7f00000000c0)={0x1, 0x0, 0x4, 0x100, 0x1, {}, {0x2, 0x1, 0x8f, 0x3, 0x8, 0x1, "b4d3f999"}, 0x2c, 0x2, @planes=&(0x7f0000000080)={0x9, 0xd9f, @fd=r9, 0x4}, 0x6, 0x0, <r11=>r10})
r12 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000000802, 0x0)
ioctl$TIOCSETD(r12, 0x5423, &(0x7f00000003c0)=0xd)
write(r12, &(0x7f0000000040)="e0", 0xfffffe00)
ioctl$TCFLSH(r12, 0x540b, 0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r11, 0xc4c85512, &(0x7f0000000440)={{0x6, 0x0, 0x4, 0x2, '\x00', 0x9}, 0x1, [0x4db, 0x5, 0x20, 0x9, 0x3, 0x100000000, 0xbb7, 0x9, 0x2, 0x0, 0xffffffffffff7fff, 0x55e, 0x0, 0x1, 0x80000000, 0x7f, 0x10001, 0x40, 0x2, 0x6, 0x1, 0x6, 0x7f, 0x7fffffff, 0x80000001, 0x94dd, 0x7, 0x3, 0x80000000, 0x10000, 0x8, 0x80000000, 0xffffffffffffff62, 0x1f, 0xfffffffffffffffa, 0x7, 0x5, 0x20, 0x8000, 0x1, 0x100, 0x200, 0xff, 0x7, 0x0, 0x4, 0x9, 0x1f, 0x8, 0x9dbd, 0x400, 0x100, 0xe7dc, 0x0, 0x0, 0xf14, 0x1000, 0x5, 0xffffffff, 0x1, 0x81, 0x101, 0x2, 0x3, 0x8, 0x6, 0x400, 0x0, 0x18745bbb, 0x8, 0x4, 0x8, 0x7, 0x69800, 0x4, 0x5, 0x6, 0x4, 0x1, 0x1, 0x80000000, 0x3f, 0x800005, 0x1f, 0xa8f, 0x9, 0x8, 0x6, 0x8, 0xfffffffffffffffc, 0x7ff, 0x0, 0x1, 0x9, 0x4, 0x638b, 0x8, 0x513, 0x400, 0x80, 0x5, 0x6, 0x2, 0x2, 0x9, 0x2, 0x7f, 0x1, 0xffffffff, 0x7, 0x8000000000000, 0xfffffffffffffff7, 0x5, 0x80000000, 0x86, 0x1c000000000, 0x1, 0x72ba6a6a, 0x4, 0x3, 0x100000001, 0x81, 0x6, 0x5, 0x8, 0xfff, 0x1, 0x2]})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r13 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r13, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4cb]})

15:55:57 executing program 2:

[  408.835273][T10661] debugfs: Directory 'vcpu0' with parent '10661-7' already present!
[  410.688076][ T3021] Bluetooth: hci0: command 0x1003 tx timeout
[  410.695385][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  412.768035][ T3021] Bluetooth: hci0: command 0x1001 tx timeout
[  412.774584][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  414.847992][ T9333] Bluetooth: hci0: command 0x1009 tx timeout
15:56:07 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:56:07 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x8, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:56:07 executing program 2:

15:56:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000000080)={0x4580000000000000, 0x6000, 0x1f, 0xf, 0x15})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r8, 0x0)
r9 = getuid()
mount$9p_unix(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='9p\x00', 0x4, &(0x7f00000002c0)={'trans=unix,', {[{@posixacl='posixacl'}, {@cachetag={'cachetag', 0x3d, 'system('}}], [{@uid_gt={'uid>', r8}}, {@fowner_lt={'fowner<', 0xee01}}, {@smackfshat={'smackfshat', 0x3d, '/dev/kvm\x00'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@uid_gt={'uid>', r9}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@smackfshat={'smackfshat', 0x3d, '\\selfvmnet0:eth0#\'&vmnet0md5sumsystem'}}, {@context={'context', 0x3d, 'sysadm_u'}}]}})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f00000000c0)={0x6, 0x0, [{0xffff9ee5, 0x2, 0x0, 0x0, @msi={0x4, 0x5f63, 0x9, 0xffff4678}}, {0xd20d, 0x6, 0x0, 0x0, @sint={0xfff, 0xff60}}, {0x8001, 0x1, 0x0, 0x0, @sint={0x1, 0x4}}, {0x2, 0x642548e40e18b01e, 0x0, 0x0, @sint={0x6, 0x7}}, {0xffffffff, 0x2, 0x0, 0x0, @adapter={0x6, 0x9, 0x1, 0x9, 0x7}}, {0x1, 0x6, 0x0, 0x0, @sint={0x9, 0x80}}]})
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x15)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000000))

15:56:07 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0xc2)
listen(r1, 0x0)

15:56:07 executing program 0:

15:56:07 executing program 2:

15:56:07 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:56:07 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x9, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:56:07 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x6b)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)=@can={0x1d, <r1=>0x0}, 0x80, &(0x7f00000002c0), 0x0, &(0x7f0000000300)=""/59, 0x3b}, 0x40000000)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @remote, @ipv4={[], [], @broadcast}, 0x863f, 0x2, 0xf800, 0x400, 0x3, 0xa0040180, r1})
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r2, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x101020, 0x0)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000040)=0x4, 0x4)

15:56:07 executing program 0:

15:56:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, 0x0)

15:56:07 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0xa, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:56:07 executing program 0 (fault-call:3 fault-nth:0):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:56:08 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x500, 0x0)
listen(r1, 0x7)

15:56:08 executing program 3:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
vmsplice(r1, &(0x7f0000001600)=[{&(0x7f0000000440)="62f56b8de134341d5bcfad84a07869dd", 0x10}], 0x1, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup(r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
splice(r0, 0x0, r3, 0x0, 0x1ea71, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
recvfrom$netrom(r3, &(0x7f0000001640)=""/4096, 0xfefc, 0x0, 0x0, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x5, &(0x7f0000000380))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={<r7=>r6, 0xffffffffffffffff, 0x0, 0x1e, &(0x7f0000000000)='/procnodevcpusetwlan0vmnet1:]\x00'}, 0x30)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)=<r8=>0x0)
tgkill(r7, r8, 0x20)

15:56:08 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0xc, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  419.384742][T10747] FAULT_INJECTION: forcing a failure.
[  419.384742][T10747] name failslab, interval 1, probability 0, space 0, times 1
[  419.488318][T10747] CPU: 0 PID: 10747 Comm: syz-executor.0 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  419.498384][T10747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  419.508531][T10747] Call Trace:
[  419.511922][T10747]  dump_stack+0x197/0x210
[  419.516352][T10747]  should_fail.cold+0xa/0x10
[  419.520996][T10747]  ? setup_fault_attr+0x220/0x220
[  419.526091][T10747]  ? ___might_sleep+0x163/0x2c0
[  419.531042][T10747]  __should_failslab+0x121/0x190
15:56:08 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={'veth1_to_hsr\x00', {0x2, 0x4e20, @local}})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x42000, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r5=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r5, 0x0)
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r7=>0x0, <r8=>0x0}, &(0x7f0000cab000)=0xc)
r9 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r9, 0x202002)
keyctl$chown(0x4, r9, r7, r8)
mount$fuseblk(&(0x7f0000000200)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x5017dd402e6f4fb3, &(0x7f0000000240)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {'user_id', 0x3d, r5}, 0x2c, {'group_id', 0x3d, r8}, 0x2c, {[{@allow_other='\xffr\x00\x00her\x00'}], [{@euid_gt={'euid>', r7}}, {@smackfshat={'smackfshat', 0x3d, '-,vboxnet0em0ppp0'}}]}})
r10 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200)
ioctl$TIOCNOTTY(r10, 0x5422)
listen(r1, 0x0)

[  419.536077][T10747]  should_failslab+0x9/0x14
[  419.540608][T10747]  __kmalloc+0x2e0/0x770
[  419.544933][T10747]  ? mark_held_locks+0xf0/0xf0
[  419.549716][T10747]  ? mark_lock+0xc2/0x1220
[  419.554210][T10747]  ? _parse_integer+0x190/0x190
[  419.559123][T10747]  ? tomoyo_realpath_from_path+0xc5/0x660
[  419.564948][T10747]  tomoyo_realpath_from_path+0xc5/0x660
[  419.570548][T10747]  ? tomoyo_path_number_perm+0x193/0x520
[  419.576222][T10747]  tomoyo_path_number_perm+0x1dd/0x520
[  419.581684][T10747]  ? tomoyo_path_number_perm+0x193/0x520
[  419.587324][T10747]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  419.593295][T10747]  ? __f_unlock_pos+0x19/0x20
[  419.598015][T10747]  ? __fget+0x37f/0x550
[  419.602206][T10747]  ? do_dup2+0x4f0/0x4f0
[  419.606631][T10747]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  419.612997][T10747]  ? fput_many+0x12c/0x1a0
[  419.617708][T10747]  tomoyo_file_ioctl+0x23/0x30
[  419.622560][T10747]  security_file_ioctl+0x77/0xc0
[  419.627526][T10747]  ksys_ioctl+0x56/0x180
[  419.631809][T10747]  __x64_sys_ioctl+0x73/0xb0
[  419.636483][T10747]  do_syscall_64+0xfa/0x790
[  419.641236][T10747]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  419.647172][T10747] RIP: 0033:0x45a919
[  419.651083][T10747] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  419.670726][T10747] RSP: 002b:00007f8e011fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  419.679156][T10747] RAX: ffffffffffffffda RBX: 00007f8e011fec90 RCX: 000000000045a919
15:56:08 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

[  419.687143][T10747] RDX: 0000000020000180 RSI: 0000000000005412 RDI: 0000000000000003
[  419.695304][T10747] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  419.703584][T10747] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e011ff6d4
[  419.711671][T10747] R13: 00000000004c5a54 R14: 00000000004dbd50 R15: 0000000000000004
[  419.724702][    T7] Bluetooth: Error in BCSP hdr checksum
[  419.726884][T10747] ERROR: Out of memory at tomoyo_realpath_from_path.
15:56:08 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000240)=0x1, 0xed)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6_vti0\x00', 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @initdev}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x9, 0x3f}, 0x14)
setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000011, &(0x7f0000000100), 0x4)
r4 = msgget$private(0x0, 0x100)
msgrcv(r4, &(0x7f0000000180)={0x0, ""/136}, 0x90, 0x0, 0x3800)
sendto(r0, &(0x7f0000000300)="d8", 0x1, 0x0, 0x0, 0x0)

15:56:08 executing program 1:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
getpgrp(r0)
r1 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r1, 0xfffffffffffffff8, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r2, 0x0)
ioctl$VIDIOC_DBG_S_REGISTER(0xffffffffffffffff, 0x4038564f, &(0x7f0000000000)={{0x2, @addr=0xffff}, 0x8, 0x9, 0x100})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup2(r3, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r4, 0x894b, &(0x7f0000000040))

15:56:08 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x19, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:56:08 executing program 3:
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="020a00401000000000000000000000000800120000000100000000000000000006051e7dabc56b523009000000000000e000000500000000060000000000020000000000000000f9ff0c20051d63da4f030001800000080002c70fee4394ffbbf000000000000000030005000000000002001d632b91c52001000000080000003835efd766e5ff690ed9a0fa26c5c50000004b0f1e397ab23b08ecca7703f82a53e8e30d4c91eb1f1bd69e6007a93fb65cc82f5cdaeb9ca3a7647e562f86cb382451f8f8005926ef97797d2fc2a2f4c15855213680ba36b205944da7b42f307d66bff312d8f7f0eb1ab4c1e4678aeb32a0"], 0x80}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="020900000200000000613ebf80395a6bf20aa73dc38e1875673422335d125f739d7de461f3d52ee905e9f4d0c4a9482ac0c6c608858cb5d0fff720cd52833214ad64421b590b719093ec676200b7f81b559bd6773650418735fd55248afa7ad9aea09e4d666fd0b87338282c809c2f3182ee2801064eafb87f565e420ef84c2b2e8bc328a778345f00c78e4292f9732d1f0af7f87fe42a1094b5ea0783a0d44a18a8d8186d808f10e8db2458d6d3a66497c6d4525226257cfb5daea35cc56c781dd8871f0a5ea808d58c52ebfc178ea22cdc6b338c0787a0d1de38c8a774732843eb517d9b4f3b58823c6266bffec1ac192a88a78a1a42f50573411a98fee12e5f944cc5ef4790605c7933b2b9c4a2bbfeee22a62b1326224d07a31b3a375e1e85e0f270d265849d37c18ad3"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=ANY=[@ANYBLOB="0207000002005262459ca23c8fe8bb74"], 0x10}}, 0x0)
r0 = socket(0x42000000015, 0x5, 0x0)
getsockopt(r0, 0x114, 0x2710, &(0x7f0000000040)=""/102400, &(0x7f0000000000)=0x19000)
read$alg(r0, &(0x7f0000000040)=""/103, 0x67)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
getsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000019040), &(0x7f0000019080)=0x4)
sendmmsg(r1, &(0x7f0000000180), 0x32bc45944b084a6, 0x0)

[  421.248096][   T17] Bluetooth: hci0: command 0x1003 tx timeout
[  421.255208][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  421.418052][ T9333] Bluetooth: hci1: command 0x1003 tx timeout
[  421.424298][ T9690] Bluetooth: hci1: sending frame failed (-49)
[  423.338174][ T9333] Bluetooth: hci0: command 0x1001 tx timeout
[  423.344910][ T9690] Bluetooth: hci0: sending frame failed (-49)
[  423.488024][   T17] Bluetooth: hci1: command 0x1001 tx timeout
[  423.494549][ T9690] Bluetooth: hci1: sending frame failed (-49)
[  425.408177][   T17] Bluetooth: hci0: command 0x1009 tx timeout
[  425.568008][ T9333] Bluetooth: hci1: command 0x1009 tx timeout
15:56:18 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
syz_open_dev$admmidi(0x0, 0x7, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000140)=ANY=[@ANYBLOB="d45caf480c9f1ce65414cf7495831a9a645fe819f0df16cabe6b6da8909657368f8463f1b21497d90a9ca799435dbedfef3edf1daa98d9105c381fa6ad4fea84124db745e18e540d8f4c6824e3deadfd049f9a0010d5092ed960fe79595cfa9258ac9b745179e5b39a2636370624d6af8262659b8174154056e6155b8f8e0e0d8ef35faa2368bccb6352b9b60f2b4e5e910f902ab83cd24e57f51b8ba4f74fc83cd6a1ce144fa87cf01d"])
close(r0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040), 0x0)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8)
sendfile(r0, r4, 0x0, 0x80001d00c0d0)

15:56:18 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00')
pread64(r1, 0x0, 0x0, 0x7)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000200)='/dev/nvram\x00', 0x400, 0x0)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r2, 0x6, 0x15, &(0x7f0000000240)=0x4, 0x4)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x80002, 0x0)
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055dce8920913ebbb2d14ac681cec0cfc3b6b4df607dc0a366062111f306df172a1929d9bb811c05a360a79244ed0a09ca121a9d83e9444c09669263f78eee40a6b3f7f3a3f9a29593b16dc43017aca74d80cd13d83e3d82f7bd586c08a7d8614b05111e21f9e0a43a84a3a6c9bbe8ed86fab"])
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
recvfrom$ax25(0xffffffffffffffff, &(0x7f0000000080)=""/165, 0xa5, 0x100, &(0x7f0000000140)={{0x3, @null}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
listen(r4, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000280)='/dev/snd/pcmC#D#c\x00', 0xffffffff, 0x10800)

15:56:18 executing program 0 (fault-call:3 fault-nth:1):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:56:18 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x20000204)

15:56:18 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:56:18 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000005c0)=@raw={'raw\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00~\x02\x00', 0x2, 0x3, 0x288, 0x0, 0x150, 0x150, 0x0, 0x0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64], 0x0, 0xe8, 0x150, 0x0, {}, [@common=@socket0={{0x20, 'socket\x00'}}, @common=@inet=@hashlimit1={{0x58, 'hashlimit\x00'}, {'gretap0\x00', {0x20, 0xc8f9, 0x0, 0x0, 0x0, 0x6, 0x5}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x65)
fcntl$addseals(r0, 0x409, 0xa)

[  429.681301][T10793] QAT: Invalid ioctl
[  429.705764][T10796] xt_CT: You must specify a L4 protocol and not use inversions on it
[  429.761404][T10800] FAULT_INJECTION: forcing a failure.
[  429.761404][T10800] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  429.775543][T10800] CPU: 1 PID: 10800 Comm: syz-executor.0 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  429.785453][T10800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  429.795879][T10800] Call Trace:
[  429.799195][T10800]  dump_stack+0x197/0x210
[  429.803554][T10800]  should_fail.cold+0xa/0x10
[  429.808170][T10800]  ? setup_fault_attr+0x220/0x220
[  429.813410][T10800]  ? __kasan_check_read+0x11/0x20
[  429.818453][T10800]  ? mark_lock+0xc2/0x1220
[  429.822945][T10800]  ? __kernel_text_address+0xd/0x40
[  429.828247][T10800]  should_fail_alloc_page+0x50/0x60
[  429.833471][T10800]  __alloc_pages_nodemask+0x1a1/0x910
[  429.839087][T10800]  ? __alloc_pages_slowpath+0x2900/0x2900
[  429.844829][T10800]  ? __kasan_check_read+0x11/0x20
[  429.849887][T10800]  ? setup_fault_attr+0x220/0x220
[  429.854939][T10800]  cache_grow_begin+0x90/0xc60
15:56:18 executing program 2:
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x220001, 0x0)
getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000019040)='trusted.overlay.redirect\x00', &(0x7f0000019080)='./file0\x00', 0x8, 0x3)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendmsg$nl_route(r1, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@RTM_GETNSID={0x2c, 0x5a, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@NETNSA_NSID={0x8}, @NETNSA_FD={0x8, 0x3, r3}, @NETNSA_PID={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x40)
r4 = socket(0x42000000015, 0x5, 0x0)
getsockopt(r4, 0x114, 0x2710, &(0x7f0000000040)=""/102400, &(0x7f0000000000)=0x19000)
setsockopt$inet6_tcp_TLS_TX(r4, 0x6, 0x1, &(0x7f0000000140)=@ccm_128={{0x304}, "6942ea5a4b66c050", "d14e063fe82b60a6b9bf00408061193d", "96a1b586", "6aa02ecc61c1b729"}, 0x28)

[  429.859720][T10800]  ? tomoyo_realpath_from_path+0xc5/0x660
[  429.865550][T10800]  ? trace_hardirqs_off+0x62/0x240
[  429.870723][T10800]  __kmalloc+0x6b2/0x770
[  429.875097][T10800]  ? mark_held_locks+0xf0/0xf0
[  429.880193][T10800]  ? mark_lock+0xc2/0x1220
[  429.884639][T10800]  ? tomoyo_realpath_from_path+0xc5/0x660
[  429.890739][T10800]  tomoyo_realpath_from_path+0xc5/0x660
[  429.896500][T10800]  ? tomoyo_path_number_perm+0x193/0x520
[  429.902165][T10800]  tomoyo_path_number_perm+0x1dd/0x520
[  429.902182][T10800]  ? tomoyo_path_number_perm+0x193/0x520
[  429.902202][T10800]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  429.902216][T10800]  ? __f_unlock_pos+0x19/0x20
[  429.902258][T10800]  ? __fget+0x37f/0x550
[  429.928465][T10800]  ? do_dup2+0x4f0/0x4f0
[  429.932740][T10800]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  429.939267][T10800]  ? fput_many+0x12c/0x1a0
[  429.944199][T10800]  tomoyo_file_ioctl+0x23/0x30
[  429.949716][T10800]  security_file_ioctl+0x77/0xc0
[  429.956017][T10800]  ksys_ioctl+0x56/0x180
15:56:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cachefiles\x00', 0x208000, 0x0)
r2 = open(&(0x7f0000000200)='./file0\x00', 0x1, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  429.962233][T10800]  __x64_sys_ioctl+0x73/0xb0
[  429.966997][T10800]  do_syscall_64+0xfa/0x790
[  429.971533][T10800]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  429.978817][T10800] RIP: 0033:0x45a919
[  429.982919][T10800] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  430.003148][T10800] RSP: 002b:00007f8e011fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
15:56:18 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @local, @multicast2}, 0xc)
ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000000080)={0x0, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x12}}, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x25}}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x8, 0x3ff})
r3 = dup(r1)
ioctl$KDFONTOP_GET(r3, 0x4b72, &(0x7f0000000040)={0x1, 0x1, 0x11, 0x1d, 0x1d5, &(0x7f00000003c0)})
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/mcfilter\x00')
preadv(r4, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)

15:56:18 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$FS_IOC_SETFSLABEL(r3, 0x41009432, &(0x7f0000000000)="1140418e98cdb586b6a4acce26649377e08e5eff9342c00f089c3a053846114d570a8813ac12e1f7d7f3b97b2092c640ec3d7a8513c094326a45c23992808c99a537d5e008a6dfc57b8bdd422918bf05b20bb508a5dcb31b245e3b39be3232ab9344380a9d24644f1acde1c8b4fda00e321ef2b2314645276c24b2978aa53fe68cae6ad7b4796287e381958ae2d45cfe60684e8f1b4396c064bf172b74f64530c94a6a33d1e40d151e0f4438f91c098554f46e784fc6f9f0309ee522a0c2cf32f57895b58c64cce4e564cc8f41f2ed9166f36917accedd95559a31940865c9dd28ea2b37bb68da0f33b493229692bdf97c8cc09e97f7d23b3b2d47bb50785ed3")

15:56:18 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r1, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0xc00, 0x100)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000040)={<r3=>0x0, 0x6}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f00000000c0)={r3, 0x1}, &(0x7f0000000100)=0x8)

[  430.011779][T10800] RAX: ffffffffffffffda RBX: 00007f8e011fec90 RCX: 000000000045a919
[  430.011789][T10800] RDX: 0000000020000180 RSI: 0000000000005412 RDI: 0000000000000003
[  430.011797][T10800] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  430.011804][T10800] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e011ff6d4
[  430.011812][T10800] R13: 00000000004c5a54 R14: 00000000004dbd50 R15: 0000000000000004
15:56:19 executing program 1:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r0, 0x0)

15:56:19 executing program 5:
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000), 0x2, 0x2}}, 0x20)

15:56:19 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x1ff, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000380))
syz_open_procfs$namespace(r1, &(0x7f0000000100)='ns/pid\x00')
clone3(&(0x7f00000004c0)={0x4000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), {0x11}, &(0x7f00000002c0)=""/235, 0xeb, &(0x7f00000003c0)=""/179, &(0x7f0000000480)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0x50)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r7 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="2f0f2f26312aae5c785dfc4531cbca", @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',\x00'])
lsetxattr$security_smack_transmute(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='security.SMACK64TRANSMUTE\x00', &(0x7f00000005c0)='TRUE', 0x4, 0x0)
getsockopt$bt_BT_FLUSHABLE(r7, 0x112, 0x8, &(0x7f0000000080)=0x100, &(0x7f00000000c0)=0x4)

[  431.808091][ T3021] Bluetooth: hci0: command 0x1003 tx timeout
[  431.815347][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  433.888060][   T12] Bluetooth: hci0: command 0x1001 tx timeout
[  433.894879][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  435.968002][ T3021] Bluetooth: hci0: command 0x1009 tx timeout
15:56:28 executing program 0 (fault-call:3 fault-nth:2):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:56:28 executing program 4:
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x1)
r1 = accept(0xffffffffffffffff, 0x0, 0x0)
close(r1)

15:56:28 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
r4 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r4, 0x202002)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000080)={{{@in=@local, @in=@empty}}, {{@in6=@empty}, 0x0, @in6=@dev}}, &(0x7f0000000200)=0xe8)
keyctl$chown(0x4, r4, r2, r3)
ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, r3)
ioctl(r0, 0x1000008914, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
ioctl(r0, 0xe1, &(0x7f0000000000)="98e48f34ddf9ea07cea710de1ae558998da9990949d4871a9e4386b73d8a487093b689df6c068254c1c9540886ada33dcc0ee9b2e230a5874703c86f7b9d2d9d1c690969f6cf71b28f2fbdc86887d48b4cf800")
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$FS_IOC_SETFSLABEL(r5, 0x41009432, &(0x7f0000000240)="0c964d84066c1935d3cd42d1fb2ad267987dfac7356b04f5e53119514446d90ade6fa6c0628d4342fb5d2d65bd5fecd19c4e6b8dd4b8d67c6550e3ad8a59b45a8fa34e59c3bc4ee628780e284d9cc02b71fb02d4df5a3724bd811b03f0b3870ae6dd5b6a6ca1ab5c3b7a50b0fe1d6484aabee31eba14f35dd53c7e70af362d28b2686b2710ff7f0f3e5f8dac451b687a97b98180323de41869e03221185e357b9e2ed2797cec21ae20e4a797075efcab42060e00f64fe5c99a2d31b7388714be1818935cb34eaf84e041de525f0cb586d677cfe6e9dbe480917baf18e2f240cda90ed7f3c8547c4a82e65c1e73b1b0c5e47a8a9f3638a07f276d9d1c655d2a89")
unshare(0x3a000400)
r6 = syz_init_net_socket$ax25(0x3, 0x3, 0xf0)
listen(r6, 0x0)

15:56:28 executing program 5:
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x23e095b8478e14b7, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x100)
ioctl$SIOCAX25DELUID(r0, 0x89e2, &(0x7f0000000100)={0x3, @default, r1})
r2 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r2, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCSIFBR(r3, 0x8941, &(0x7f0000000280)=@get={0x1, &(0x7f0000000140)=""/76, 0xc99})
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r4, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:56:28 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @local, @multicast2}, 0xc)
ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000000080)={0x0, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x12}}, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x25}}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x8, 0x3ff})
r3 = dup(r1)
ioctl$KDFONTOP_GET(r3, 0x4b72, &(0x7f0000000040)={0x1, 0x1, 0x11, 0x1d, 0x1d5, &(0x7f00000003c0)})
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/mcfilter\x00')
preadv(r4, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)

15:56:28 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b405000000000000611058000000000004000000000000009500000000000000f30a98ddf3cfafb0785b8e570d76cbeb4de7e3a7e97416b4e9b6bac2"], &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x16a, 0x10, &(0x7f0000000000), 0x3}, 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SOUND_MIXER_READ_STEREODEVS(r1, 0x80044dfb, &(0x7f0000000080))

15:56:28 executing program 4:
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x1)
r1 = accept(0xffffffffffffffff, 0x0, 0x0)
close(r1)

[  439.957191][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  439.969142][T10867] FAULT_INJECTION: forcing a failure.
[  439.969142][T10867] name failslab, interval 1, probability 0, space 0, times 0
[  439.988650][T10867] CPU: 1 PID: 10867 Comm: syz-executor.0 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  439.998923][T10867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  440.009016][T10867] Call Trace:
[  440.012334][T10867]  dump_stack+0x197/0x210
[  440.016698][T10867]  should_fail.cold+0xa/0x10
[  440.021419][T10867]  ? setup_fault_attr+0x220/0x220
[  440.026949][T10867]  ? ___might_sleep+0x163/0x2c0
[  440.031840][T10867]  __should_failslab+0x121/0x190
[  440.036813][T10867]  should_failslab+0x9/0x14
[  440.041344][T10867]  __kmalloc+0x2e0/0x770
[  440.045774][T10867]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  440.053290][T10867]  ? d_absolute_path+0x11b/0x170
[  440.058261][T10867]  ? __d_path+0x140/0x140
[  440.062617][T10867]  ? tomoyo_encode2.part.0+0xf5/0x400
[  440.068889][T10867]  tomoyo_encode2.part.0+0xf5/0x400
[  440.074395][T10867]  tomoyo_encode+0x2b/0x50
[  440.078932][T10867]  tomoyo_realpath_from_path+0x19c/0x660
[  440.084608][T10867]  tomoyo_path_number_perm+0x1dd/0x520
[  440.090228][T10867]  ? tomoyo_path_number_perm+0x193/0x520
[  440.090252][T10867]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  440.090267][T10867]  ? __f_unlock_pos+0x19/0x20
[  440.090315][T10867]  ? __fget+0x37f/0x550
[  440.090338][T10867]  ? do_dup2+0x4f0/0x4f0
[  440.102137][T10867]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  440.102158][T10867]  ? fput_many+0x12c/0x1a0
[  440.102179][T10867]  tomoyo_file_ioctl+0x23/0x30
[  440.102198][T10867]  security_file_ioctl+0x77/0xc0
[  440.102217][T10867]  ksys_ioctl+0x56/0x180
[  440.102235][T10867]  __x64_sys_ioctl+0x73/0xb0
[  440.102254][T10867]  do_syscall_64+0xfa/0x790
[  440.102273][T10867]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  440.102284][T10867] RIP: 0033:0x45a919
[  440.102301][T10867] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  440.102310][T10867] RSP: 002b:00007f8e011fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  440.102324][T10867] RAX: ffffffffffffffda RBX: 00007f8e011fec90 RCX: 000000000045a919
[  440.102333][T10867] RDX: 0000000020000180 RSI: 0000000000005412 RDI: 0000000000000003
15:56:28 executing program 2:
r0 = syz_open_dev$usbfs(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x77, 0x111a00)
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0xc0185500, &(0x7f0000000080)=0xc20)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r2, 0x40106614, &(0x7f0000000040))
fchmod(r0, 0x112)

15:56:28 executing program 4:
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x1)
r1 = accept(0xffffffffffffffff, 0x0, 0x0)
close(r1)

15:56:29 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x400000, 0x0)
ioctl$RNDZAPENTCNT(r1, 0x5204, &(0x7f0000000040)=0x5)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$TCSETAF(r3, 0x5408, &(0x7f0000000080)={0x0, 0xd40, 0xc1b6, 0x7, 0x12, "518664921a6e19af"})
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r4, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

[  440.102341][T10867] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  440.102349][T10867] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e011ff6d4
[  440.102356][T10867] R13: 00000000004c5a54 R14: 00000000004dbd50 R15: 0000000000000004
[  440.121800][T10867] ERROR: Out of memory at tomoyo_realpath_from_path.
15:56:29 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:56:29 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl(r1, 0x800001000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r2, 0x0)
r3 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x200)
r4 = openat$userio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/userio\x00', 0x4101, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000bf7000)={0x2, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
rt_sigsuspend(&(0x7f0000000080)={0x3f}, 0x8)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000200)=ANY=[@ANYBLOB="ff030000008676778c74d5e6760400000006000004000000000600000000000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00Wz\x00'/28, @ANYRES32=r3, @ANYBLOB="00000000ffffff7f00"/28, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00@\x00'/28, @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\t\x00'/28, @ANYRES32=r7, @ANYBLOB="000000000500"/28, @ANYRES32=r9, @ANYBLOB="000000000500"/28])

[  441.968061][   T12] Bluetooth: hci0: command 0x1003 tx timeout
[  441.975394][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  444.058034][   T17] Bluetooth: hci0: command 0x1001 tx timeout
[  444.067943][ T9687] Bluetooth: hci0: sending frame failed (-49)
[  446.128041][   T12] Bluetooth: hci0: command 0x1009 tx timeout
15:56:38 executing program 0 (fault-call:3 fault-nth:3):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x100000001)
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000180))

15:56:38 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0xfffffd9b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
syz_open_dev$dmmidi(0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x910)
getresuid(&(0x7f00000004c0), 0x0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000480)='9p\x00', 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYBLOB=',aname=/dev/dmmidi', @ANYRESDEC=0xee01, @ANYBLOB=',euid>', @ANYBLOB="2c6f626a00016f6c653d2f6465"])
r2 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0xff, 0x89cfef61c865aeba)
ioctl$TUNSETSNDBUF(r2, 0x400454d4, &(0x7f0000000140)=0x401)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x2, @remote, 0x6}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r0, r3, 0x0, 0x80001d00c0d0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000240)={0x0, 0x3c48}, 0x8)
lstat(0x0, 0x0)

15:56:38 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000005500)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$TIOCSTI(r1, 0x5412, 0x1)
ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4})
syz_open_pts(r0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v2={0x2, @aes128, 0x3, [], "9d684c0a74a69bec5b4b52e766ea16fb"})

15:56:38 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000080)=@req3={0x3f, 0x9, 0x17a, 0x4, 0x7, 0x3ff, 0x8000}, 0x1c)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm_plock\x00', 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f0000000280)=0x80000001)
r5 = dup2(r3, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00')
sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x70, r6, 0x1, 0x0, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fffffff}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3f}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r5, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r6, 0x20, 0x70bd28, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfffffff9}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
unshare(0x2a000400)
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r7, 0x101, 0x8, &(0x7f0000000040), &(0x7f0000000000)=0xe3)

15:56:38 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c0c4, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
close(r2)

15:56:38 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0x1)
listen(r1, 0xdb7)
ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f0000000000))

15:56:38 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0xca)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4)

15:56:39 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
r1 = syz_open_dev$audion(&(0x7f0000000140)='/dev/audio#\x00', 0x1, 0x404000)
write$snddsp(r1, &(0x7f0000000180)="6a6002f3c6e5f246d63570b0ac2e450fb8cc94f265e4128c", 0x18)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r2, 0x0)
r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvme-fabrics\x00', 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r5, 0xc0a85322, &(0x7f0000000080))
ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000040))

[  450.197782][T10927] FAULT_INJECTION: forcing a failure.
[  450.197782][T10927] name failslab, interval 1, probability 0, space 0, times 0
[  450.285287][T10927] CPU: 1 PID: 10927 Comm: syz-executor.0 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  450.295378][T10927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  450.305721][T10927] Call Trace:
[  450.309453][T10927]  dump_stack+0x197/0x210
[  450.313890][T10927]  should_fail.cold+0xa/0x10
[  450.318676][T10927]  ? setup_fault_attr+0x220/0x220
[  450.323723][T10927]  ? mark_held_locks+0xf0/0xf0
[  450.328748][T10927]  __should_failslab+0x121/0x190
[  450.334048][T10927]  should_failslab+0x9/0x14
[  450.338754][T10927]  kmem_cache_alloc_node+0x56/0x740
[  450.344186][T10927]  __alloc_skb+0xd5/0x5e0
[  450.348642][T10927]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  450.350266][   T27] audit: type=1800 audit(1577634999.030:37): pid=10930 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="sda1" ino=16753 res=0
[  450.354874][T10927]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  450.381114][T10927]  bcsp_recv+0x91f/0x1430
[  450.385712][T10927]  hci_uart_tty_receive+0x279/0x6d0
[  450.391079][T10927]  ? hci_uart_write_work+0x870/0x870
[  450.396852][T10927]  tty_ioctl+0x949/0x14f0
[  450.401207][T10927]  ? tty_vhangup+0x30/0x30
[  450.405756][T10927]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  450.412192][T10927]  ? do_vfs_ioctl+0x11b/0x1340
[  450.417094][T10927]  ? ioctl_file_clone+0x180/0x180
[  450.422241][T10927]  ? __fget+0x37f/0x550
[  450.422262][T10927]  ? do_dup2+0x4f0/0x4f0
[  450.422277][T10927]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  450.422293][T10927]  ? fput_many+0x12c/0x1a0
[  450.422312][T10927]  ? tomoyo_file_ioctl+0x23/0x30
[  450.422333][T10927]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  450.455699][T10927]  ? security_file_ioctl+0x8d/0xc0
[  450.461232][T10927]  ? tty_vhangup+0x30/0x30
[  450.465676][T10927]  ksys_ioctl+0x123/0x180
[  450.470035][T10927]  __x64_sys_ioctl+0x73/0xb0
[  450.474652][T10927]  do_syscall_64+0xfa/0x790
[  450.479191][T10927]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
15:56:39 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRESDEC=0x0, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x5}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000000014000104000000000000000002000000", @ANYRES32, @ANYBLOB="08000200ffffffbf"], 0x20}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000ad0014378134e20000000000000002000000", @ANYRES32, @ANYBLOB="0800020000000006"], 0x20}}, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
pwritev(r5, &(0x7f00000005c0)=[{&(0x7f0000000080)="cd9da9adbd355a7549c644ad6861f8a60f59759922ec603297", 0x19}, {&(0x7f00000002c0)="8d2fd71effdd3443ca617bf7a775b6aa4e1c52fc608bf82a061230096fc75ffb0ede1475230b176e5ef735e5db51838c66f037fd307a3b54e1e5e4e3b1bd7a62d1d4218aa64c3f6efead24479c57accdfd019d2131445db5e53335c823", 0x5d}, {&(0x7f0000000140)="9e1c3db0adeb8249bdec1d618eee4203f3dbd00d41daf38fe232b971051e4a1b1f775586b424ee4e8c99b0a2", 0x2c}, {&(0x7f0000000340)="829595c6ea47004eb68861e5783cdfe04509fb8ecb1097dde10baba3e6ca867a905ff302f3e9af93c59ff98c76a70b959a3f835c9e0818bc07a6ec75432e59290c56d5dbefd791d719fabdf82d9d9335f04e0354952e471882bebd0a96fb2a40b8b708af2dbd7c291aa22d7a20", 0x6d}, {&(0x7f00000003c0)="7577b0794b9c4079b348bafa12f79bff50e741bf4d615fde3ee9cfc5af34967f33d706c03e2d01d9c41d816d49a6909b7a139f2a795b603715b4c8777db534730ac064310bd8e9dea26acb7e80c585d8bca4718eddb4ffe5aa875b5ebef8177505f043dc6d7f957cc985784e8ffb", 0x6e}, {&(0x7f0000000440)="1a7b0aef79ba752504934a00b6b43b5cbde3fbd40ccb21c128afdeadb03c9d63f731623faa21427ab94ff08340b3e9346d68060a", 0x34}, {&(0x7f0000000480)="a873291c17a82c362f1d4dba3c412180931ec4dd5ade6fcb0b712d49e38c5f45b70a45bac471e7fd3eb29a6580c5bfbfa7ca983f6982356c1c9fb89f377453ef4e8c3bfa7c51b72db72637ecf144cfca76f0624b81ef90279b7c760c4b573b2c03ce33ff5db8da777eefcc38c50dd3f2106d9d4059ef0642ae570803e574300d09df404d8c847b5dd39957ea515dec67bbe033c3955016309bdffdb9f817050ef44b0e3dc143f9", 0xa7}, {&(0x7f0000000540)="b90b41644d83018fcafd15873be266eb7b8f8dbbe942b00c03530634aec2c42243403cf877c082dbb582bd565a9035132ef02dfa9128d41d397925523941a24cf4e12c4f482003a60c938f6a2a9f6e3818bb098cea904028de978cdaed81e6360b89374efe618cdca9f13f09", 0x6c}], 0x8, 0x9e9a)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x11, 0x100, 0x0, 0x0, {}, [@IFA_LOCAL={0x8, 0x2, @broadcast}]}, 0x20}}, 0x40)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r7, 0x8982, &(0x7f0000000200))
r8 = fcntl$dupfd(r6, 0x0, r6)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)

15:56:39 executing program 2:
r0 = syz_open_dev$audion(&(0x7f0000000040)='\t\x85\x00', 0x3f, 0xd056de02df5abae4)
ioctl$SIOCAX25DELUID(r0, 0x89e2, &(0x7f0000000080)={0x3, @null, 0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0xc)
writev(r1, &(0x7f000037d000)=[{&(0x7f0000000000)="1f00000002031900000007000000068100ed853b09000100010100ff3ffe58", 0x1f}], 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100)={r3, 0xffffffffffffffff, 0x0, 0x3}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x101})
r5 = inotify_init1(0x800)
close(r5)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000140)={'lo\x00\x03\xb1\x00\x00\x00\x00`\x00\xdd\x00\x00\x04\x00'})

[  450.485091][T10927] RIP: 0033:0x45a919
[  450.488997][T10927] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  450.508741][T10927] RSP: 002b:00007f8e011fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  450.517289][T10927] RAX: ffffffffffffffda RBX: 00007f8e011fec90 RCX: 000000000045a919
[  450.525978][T10927] RDX: 0000000020000180 RSI: 0000000000005412 RDI: 0000000000000003
15:56:39 executing program 3:
perf_event_open(&(0x7f00000003c0)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x100000, 0xffffffffffffffff, 0x0)
sync()

[  450.534665][T10927] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  450.543256][T10927] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e011ff6d4
[  450.551340][T10927] R13: 00000000004c5a54 R14: 00000000004dbd50 R15: 0000000000000004
[  450.566560][  T489] kasan: CONFIG_KASAN_INLINE enabled
[  450.572407][  T489] kasan: GPF could be caused by NULL-ptr deref or user memory access
15:56:39 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
unshare(0x2a000400)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xbd3892233041c2bd, 0x0)
ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000080)=&(0x7f0000000040))
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
listen(r2, 0x0)

[  450.595800][  T489] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  450.602786][  T489] CPU: 1 PID: 489 Comm: kworker/u4:6 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  450.612336][  T489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  450.622494][  T489] Workqueue: events_unbound flush_to_ldisc
[  450.628319][  T489] RIP: 0010:skb_put+0x35/0x1d0
[  450.629589][ T4111] kobject: 'loop2' (000000006ff0fc70): fill_kobj_path: path = '/devices/virtual/block/loop2'
[  450.633093][  T489] Code: 89 f5 41 54 49 89 fc 53 4d 8d b4 24 b8 00 00 00 48 83 ec 08 e8 5c 88 5d fb 4c 89 f2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 14 02 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 4c
[  450.633101][  T489] RSP: 0018:ffffc90002997b30 EFLAGS: 00010206
[  450.633112][  T489] RAX: dffffc0000000000 RBX: ffff8880a93f5800 RCX: ffffffff858bf64c
[  450.633119][  T489] RDX: 0000000000000017 RSI: ffffffff8617cd34 RDI: 0000000000000000
[  450.633134][  T489] RBP: ffffc90002997b60 R08: ffff8880a7c22600 R09: ffffed1014891404
[  450.658671][T10946] device lo entered promiscuous mode
[  450.663595][  T489] R10: ffffed1014891403 R11: ffff8880a448a01f R12: 0000000000000000
[  450.663603][  T489] R13: 0000000000000001 R14: 00000000000000b8 R15: 0000000000000000
[  450.663614][  T489] FS:  0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  450.663622][  T489] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  450.663629][  T489] CR2: 0000000002226e00 CR3: 00000000a7b6c000 CR4: 00000000001406e0
[  450.663646][  T489] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  450.680065][ T4111] kobject: 'loop5' (000000000c779ec3): kobject_uevent_env
[  450.685666][  T489] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  450.685672][  T489] Call Trace:
[  450.685693][  T489]  bcsp_recv+0xa06/0x1430
[  450.685717][  T489]  hci_uart_tty_receive+0x279/0x6d0
[  450.718490][ T4111] kobject: 'loop5' (000000000c779ec3): fill_kobj_path: path = '/devices/virtual/block/loop5'
[  450.727431][  T489]  ? hci_uart_write_work+0x870/0x870
[  450.727446][  T489]  tty_ldisc_receive_buf+0x15f/0x1c0
[  450.727462][  T489]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  450.727478][  T489]  tty_port_default_receive_buf+0x7d/0xb0
[  450.727491][  T489]  flush_to_ldisc+0x222/0x390
[  450.727514][  T489]  process_one_work+0x9af/0x1740
[  450.735746][ T4111] kobject: 'loop1' (00000000d28ed277): kobject_uevent_env
[  450.742231][  T489]  ? pwq_dec_nr_in_flight+0x320/0x320
[  450.742244][  T489]  ? lock_acquire+0x190/0x410
[  450.742263][  T489]  worker_thread+0x98/0xe40
[  450.742330][  T489]  kthread+0x361/0x430
[  450.742353][  T489]  ? process_one_work+0x1740/0x1740
[  450.751092][ T4111] kobject: 'loop1' (00000000d28ed277): fill_kobj_path: path = '/devices/virtual/block/loop1'
[  450.757944][  T489]  ? kthread_mod_delayed_work+0x1f0/0x1f0
[  450.757960][  T489]  ret_from_fork+0x24/0x30
[  450.757972][  T489] Modules linked in:
[  450.782781][  T489] ---[ end trace 8b64d1a0c38a649c ]---
[  450.789448][T10927] Bluetooth: Can't allocate mem for new packet
[  450.794745][  T489] RIP: 0010:skb_put+0x35/0x1d0
[  450.807965][T10946] device lo left promiscuous mode
[  450.814407][  T489] Code: 89 f5 41 54 49 89 fc 53 4d 8d b4 24 b8 00 00 00 48 83 ec 08 e8 5c 88 5d fb 4c 89 f2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 14 02 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 4c
[  450.856164][ T4111] kobject: 'loop3' (000000001960695e): kobject_uevent_env
[  450.866326][  T489] RSP: 0018:ffffc90002997b30 EFLAGS: 00010206
[  450.948940][  T489] RAX: dffffc0000000000 RBX: ffff8880a93f5800 RCX: ffffffff858bf64c
[  450.956952][  T489] RDX: 0000000000000017 RSI: ffffffff8617cd34 RDI: 0000000000000000
[  450.966206][ T4111] kobject: 'loop3' (000000001960695e): fill_kobj_path: path = '/devices/virtual/block/loop3'
[  450.968085][  T489] RBP: ffffc90002997b60 R08: ffff8880a7c22600 R09: ffffed1014891404
[  450.984758][  T489] R10: ffffed1014891403 R11: ffff8880a448a01f R12: 0000000000000000
[  450.993143][  T489] R13: 0000000000000001 R14: 00000000000000b8 R15: 0000000000000000
[  451.001440][  T489] FS:  0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  451.012828][ T4111] kobject: 'loop1' (00000000d28ed277): kobject_uevent_env
[  451.017573][  T489] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  451.026717][  T489] CR2: 0000001b32620000 CR3: 00000000a4bab000 CR4: 00000000001406e0
[  451.034938][  T489] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  451.043622][ T4111] kobject: 'loop1' (00000000d28ed277): fill_kobj_path: path = '/devices/virtual/block/loop1'
[  451.057274][ T4111] kobject: 'loop4' (000000005a4bac99): kobject_uevent_env
[  451.061029][  T489] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  451.067020][ T4111] kobject: 'loop4' (000000005a4bac99): fill_kobj_path: path = '/devices/virtual/block/loop4'
[  451.072855][  T489] Kernel panic - not syncing: Fatal exception
[  451.084758][ T4111] kobject: 'loop3' (000000001960695e): kobject_uevent_env
[  451.091052][  T489] Kernel Offset: disabled
[  451.102455][  T489] Rebooting in 86400 seconds..