ers. 00:32:02 executing program 2: perf_event_open(&(0x7f0000000d40)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x72}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000002fe0)={{&(0x7f0000909000/0x4000)=nil, 0x4000}, 0x1}) readv(r0, &(0x7f00000004c0)=[{&(0x7f0000000300)=""/115, 0x73}], 0x1) mremap(&(0x7f000090a000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) 00:32:02 executing program 5: 00:32:02 executing program 3: 00:32:03 executing program 2: 00:32:03 executing program 3: 00:32:03 executing program 5: 00:32:03 executing program 2: 00:32:03 executing program 1: unshare(0x20020000) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) mount(&(0x7f0000000380)=ANY=[], &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, &(0x7f0000000380)) poll(&(0x7f0000000400), 0x0, 0x400007f) rename(&(0x7f0000000300)='./file1\x00', &(0x7f0000000340)='./file0\x00') 00:32:03 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000010140)='./file0\x00', 0x130101, 0x1) 00:32:04 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f00000000c0)=0x400, 0x4) r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x1ff, 0x201) ioctl$KVM_GET_DEBUGREGS(r0, 0x8080aea1, &(0x7f0000000100)) ioctl$KVM_SET_CPUID(r1, 0x802c550a, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000000000000000000068800608bebdf07f000000000000000000000000dfc6d1736c7d7c7464e10bff1655367baa86e577b12dbb02258af489bc54584be866b7cf"]) syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x0, 0x2) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000240)) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in, @in=@multicast1}}, {{@in6=@remote}, 0x0, @in6}}, &(0x7f0000000380)=0xe8) lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)) 00:32:04 executing program 0: r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-simd\x00'}, 0x58) r2 = accept4(r1, 0x0, &(0x7f00000000c0)=0x141, 0x0) sendmsg$rds(r2, &(0x7f0000001f00)={&(0x7f00000003c0)={0x10, 0x0, @multicast2}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000500)=""/73, 0x49}, {&(0x7f0000000580)=""/11, 0xb}, {&(0x7f00000005c0)=""/30, 0x200005de}, {&(0x7f0000000600)=""/127, 0x7f}, {&(0x7f0000000680)=""/23, 0x17}], 0x5, &(0x7f0000001bc0)}, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f0000000200)='./file0\x00', 0x8, 0x2) socket$inet6_tcp(0xa, 0x1, 0x0) 00:32:04 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0xbcda34450b800b7a, 0x40000000000a132, 0xffffffffffffffff, 0x0) semctl$GETALL(0x0, 0x0, 0xd, &(0x7f00000002c0)=""/20) 00:32:04 executing program 5: r0 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000340)={'.yz'}, &(0x7f0000000c80)="da", 0x1, r0) 00:32:04 executing program 3: bpf$MAP_CREATE(0x200000000000000, &(0x7f0000000000)={0x12, 0x40000000004, 0x4, 0xf36, 0x0, 0xffffffffffffff9c, 0x0, [0xd, 0x3f000015]}, 0x2c) 00:32:04 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x4}, 0x1c) sendto$inet6(r0, &(0x7f00000000c0), 0x0, 0xfffffefffffffffe, &(0x7f0000f62fe4)={0xa, 0x0, 0x0, @ipv4={[], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}, 0x1c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet6_int(r0, 0x29, 0x10000000000018, &(0x7f0000534000), &(0x7f0000000040)=0x4) 00:32:04 executing program 5: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") r3 = memfd_create(&(0x7f0000000080)='dev ', 0x0) write(r3, &(0x7f0000000040)="16", 0x1) write$binfmt_aout(r2, &(0x7f0000000300), 0x20) sendfile(r1, r3, &(0x7f0000000000), 0xffff) 00:32:04 executing program 4: r0 = socket$nl_generic(0xa, 0x5, 0x84) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x0, 0x0) dup3(r0, r1, 0x0) 00:32:04 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$admmidi(&(0x7f00000003c0)='/dev/admmidi#\x00', 0x10001, 0x400040) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r2 = gettid() r3 = syz_open_dev$admmidi(&(0x7f0000000800)='/dev/admmidi#\x00', 0xfffffffffffffffa, 0x101000) perf_event_open(&(0x7f0000000780)={0x4, 0x70, 0xff, 0x75, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x100, 0x3, 0x6000000000000000, 0x3ff, 0x0, 0x6, 0x5, 0xc7d, 0x3, 0x6, 0x7, 0x2, 0x400, 0x1, 0x80, 0x1, 0x0, 0x10001, 0x3, 0x10, 0x2, 0xffffffffffff8000, 0x4, 0x3, 0x7, 0x53, 0x0, 0x10000, 0x2, @perf_config_ext={0x3f, 0x667b}, 0x2000, 0x9, 0x40, 0x5, 0x1, 0x10001}, r2, 0xe, r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='stat\x00') r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f77d1b2a35af9a56a08755efd8b01e307aa6dd0900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0453f0000783ee299a3f1634e4739de8ce3f8040076e68cfc33c8920959b49e968607eaa70aa52c03ee4d1c9beed78c1d4ee74324dd8aac1dcd7a9132b3d451030000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d00e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c049954372aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769d3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca776eb33990cae43499ef8740931b0e1da4841ef5a2506f84f70d9be484502609dbbab0cffa7576e8ce4c2e3519a460cae00000000000000"], &(0x7f0000000040)=0x1) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000240)={"626f6e645f736c6176655f30000e00", {0x2, 0x0, @rand_addr, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}}) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={"626f6e645f736c6176655f3000000002", {0x2, 0xaa00, @local, [0x8a02]}}) ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}}) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000980)=ANY=[@ANYBLOB="7e000000711d67284d42ba825336bf76e539de7c829a0fd4010ebafc62becf9f24e8921bf3736fdc84741007c5a0b264fe29a0945d078a73170bebc8eb1a449510a30b64373abc74d37583744abd1ad5a3754b5e51faa53622debdd4ab0f70847343e4ccad581de95049e8e986ebb1efa2a424de52fde4fbead03c6d7160c4ceeb3dc867db5b2d"], &(0x7f0000000900)=0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000940)={0x0, 0x3ff80000, 0x30}, 0xc) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x400080, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r1, 0x5) write$cgroup_int(r6, &(0x7f0000000080)=0x1, 0x12) pkey_alloc(0x0, 0xa) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r7 = syz_open_dev$vcsn(&(0x7f0000000400)='/dev/vcs#\x00', 0x5, 0x200000) recvfrom$packet(r7, &(0x7f0000000600)=""/79, 0x4f, 0x120, 0x0, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs\x00') preadv(r8, &(0x7f0000000680)=[{&(0x7f0000000280)=""/204, 0xcc}, {&(0x7f00000000c0)=""/170, 0xaa}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000013c0)=""/4096, 0x8f}, {&(0x7f0000000700)=""/77, 0x4d}], 0x5, 0x3) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000840)={0x2, 0x4e22, @local}, 0x10) 00:32:05 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x3, 0x0, 0x0, 0x0, @remote, @dev}, @icmp=@parameter_prob={0x8, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @dev}}}}}}, &(0x7f0000000100)) 00:32:05 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f0000000280)) ftruncate(r3, 0x2007fff) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000000)) fcntl$setstatus(r0, 0x4, 0x800) sendfile(r0, r3, &(0x7f0000d83ff8)=0x1800, 0x800000000024) creat(&(0x7f0000000200)='./bus\x00', 0x0) setxattr$security_selinux(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000140)='security.selinux\x00', &(0x7f0000000340)='system_u:object_r:semanage_exec_t:s0\x00', 0x25, 0x2) 00:32:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"626f6e643000000000f98b00"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:32:05 executing program 4: r0 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={"62726964676530000000008000", &(0x7f0000000100)=@ethtool_cmd={0x6, 0x0, 0x70f000}}) [ 327.238905] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 327.245885] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 00:32:05 executing program 3: r0 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x89a1, &(0x7f0000000000)={"62726964676530000000008000", &(0x7f0000000100)}) 00:32:05 executing program 5: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) 00:32:05 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") r2 = memfd_create(&(0x7f0000000080)='dev ', 0x0) write(r2, &(0x7f0000000040)="16", 0x1) sendfile(r1, r2, &(0x7f0000000000), 0xffff) 00:32:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000ac5000), 0x4) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") r2 = dup2(r1, r1) sendmsg$IPVS_CMD_GET_DEST(r2, &(0x7f0000000200)={&(0x7f00000000c0), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14}, 0x14}}, 0x0) close(r0) [ 327.845198] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 00:32:06 executing program 3: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x1ff, 0x201) ioctl$KVM_SET_CPUID(r0, 0x802c550a, &(0x7f0000000080)={0x2, 0x0, [{0x0, 0x8150068, 0x7ff0bdbe}]}) 00:32:06 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000540)=""/11, 0x485) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) syz_execute_func(&(0x7f0000000040)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") rt_sigtimedwait(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000000)={0x0, 0x1c9c380}, 0x8) ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x0) 00:32:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000003c0)) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) 00:32:07 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$admmidi(&(0x7f00000003c0)='/dev/admmidi#\x00', 0x10001, 0x400040) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r2 = gettid() r3 = syz_open_dev$admmidi(&(0x7f0000000800)='/dev/admmidi#\x00', 0xfffffffffffffffa, 0x101000) perf_event_open(&(0x7f0000000780)={0x4, 0x70, 0xff, 0x75, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x100, 0x3, 0x6000000000000000, 0x3ff, 0x0, 0x6, 0x5, 0xc7d, 0x3, 0x6, 0x7, 0x2, 0x400, 0x1, 0x80, 0x1, 0x0, 0x10001, 0x3, 0x10, 0x2, 0xffffffffffff8000, 0x4, 0x3, 0x7, 0x53, 0x0, 0x10000, 0x2, @perf_config_ext={0x3f, 0x667b}, 0x2000, 0x9, 0x40, 0x5, 0x1, 0x10001}, r2, 0xe, r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='stat\x00') r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f77d1b2a35af9a56a08755efd8b01e307aa6dd0900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0453f0000783ee299a3f1634e4739de8ce3f8040076e68cfc33c8920959b49e968607eaa70aa52c03ee4d1c9beed78c1d4ee74324dd8aac1dcd7a9132b3d451030000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d00e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c049954372aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769d3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca776eb33990cae43499ef8740931b0e1da4841ef5a2506f84f70d9be484502609dbbab0cffa7576e8ce4c2e3519a460cae00000000000000"], &(0x7f0000000040)=0x1) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000240)={"626f6e645f736c6176655f30000e00", {0x2, 0x0, @rand_addr, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}}) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={"626f6e645f736c6176655f3000000002", {0x2, 0xaa00, @local, [0x8a02]}}) ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}}) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000980)=ANY=[@ANYBLOB="7e000000711d67284d42ba825336bf76e539de7c829a0fd4010ebafc62becf9f24e8921bf3736fdc84741007c5a0b264fe29a0945d078a73170bebc8eb1a449510a30b64373abc74d37583744abd1ad5a3754b5e51faa53622debdd4ab0f70847343e4ccad581de95049e8e986ebb1efa2a424de52fde4fbead03c6d7160c4ceeb3dc867db5b2d"], &(0x7f0000000900)=0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000940)={0x0, 0x3ff80000, 0x30}, 0xc) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x400080, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r1, 0x5) write$cgroup_int(r6, &(0x7f0000000080)=0x1, 0x12) pkey_alloc(0x0, 0xa) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r7 = syz_open_dev$vcsn(&(0x7f0000000400)='/dev/vcs#\x00', 0x5, 0x200000) recvfrom$packet(r7, &(0x7f0000000600)=""/79, 0x4f, 0x120, 0x0, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs\x00') preadv(r8, &(0x7f0000000680)=[{&(0x7f0000000280)=""/204, 0xcc}, {&(0x7f00000000c0)=""/170, 0xaa}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000013c0)=""/4096, 0x8f}, {&(0x7f0000000700)=""/77, 0x4d}], 0x5, 0x3) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000840)={0x2, 0x4e22, @local}, 0x10) 00:32:07 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x1ff, 0x201) ioctl$KVM_SET_CPUID(r0, 0x802c550a, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000000000000000000068800608bebd"]) 00:32:07 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f0000000280)) ftruncate(r3, 0x2007fff) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000000)) fcntl$setstatus(r0, 0x4, 0x800) sendfile(r0, r3, &(0x7f0000d83ff8)=0x1800, 0x800000000024) creat(&(0x7f0000000200)='./bus\x00', 0x0) setxattr$security_selinux(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000140)='security.selinux\x00', &(0x7f0000000340)='system_u:object_r:semanage_exec_t:s0\x00', 0x25, 0x2) 00:32:07 executing program 4: clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) ioperm(0x0, 0x6, 0x0) clone(0x0, &(0x7f00009f4000), &(0x7f0000000040), &(0x7f0000000000), &(0x7f0000000080)) ioctl$SNDRV_TIMER_IOCTL_TREAD(0xffffffffffffffff, 0x40045402, &(0x7f00000000c0)) ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f0000000400)) ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000340)={0x0, @reserved}) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @mcast2}}}, &(0x7f00000001c0)=0x84) 00:32:07 executing program 3: creat(&(0x7f0000001580)='./file0\x00', 0x0) unlinkat(0xffffffffffffffff, &(0x7f00000015c0)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x10, 0x17) 00:32:07 executing program 5: mkdir(&(0x7f0000000180)='./control\x00', 0x0) mkdir(&(0x7f0000000880)='./file0\x00', 0x0) unlink(&(0x7f00000000c0)='./control/file0\x00') rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='./control/file0\x00') close(0xffffffffffffffff) 00:32:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x401}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x109100, 0x0) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17, 0x0, 0x0, 0x0, 0x5f}) 00:32:07 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000004900)=[{{&(0x7f0000001680)=@nfc, 0x80, &(0x7f0000001780)=[{&(0x7f0000001700)=""/91, 0x5b}], 0x1, &(0x7f00000017c0)=""/116, 0x74}}], 0x1, 0x0, &(0x7f0000004a40)) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_RM_CTX(0xffffffffffffffff, 0xc0086421, &(0x7f0000000140)={r0}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote={0xfe, 0x80, [], 0xffffffffffffffff}}, 0x20) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/anycast6\x00') preadv(r2, &(0x7f0000000140), 0x391, 0x0) ioctl$VIDIOC_S_MODULATOR(r2, 0x40445637, &(0x7f0000000240)={0x0, "3ec959e33e00000000154d48136c14b2c96f8d135005d881ce835dd3601d863c", 0x17, 0x0, 0x0, 0x1008, 0x5}) 00:32:07 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmdt(0x0) 00:32:07 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000004fc8)={&(0x7f0000016000), 0xc, &(0x7f000000b000)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001800210000000080000000001c140000fe8000010000000008000100000000007d852f656fe975d7385678c299993f8abe6f399ea23f5f8d832ae2ffaf5bbf4674ef3beedec24083cde8424099f3310dbd9ea43105d0df2f43be061805adbd"], 0x1}}, 0x0) 00:32:08 executing program 5: open(&(0x7f0000000040)='./file0\x00', 0x200, 0x0) dup(0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000180)='./file0\x00', 0x8) creat(&(0x7f0000000200)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x50) r1 = dup2(r0, 0xffffffffffffffff) fsync(r1) 00:32:08 executing program 3: [ 330.555480] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 00:32:08 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$admmidi(&(0x7f00000003c0)='/dev/admmidi#\x00', 0x10001, 0x400040) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r2 = gettid() r3 = syz_open_dev$admmidi(&(0x7f0000000800)='/dev/admmidi#\x00', 0xfffffffffffffffa, 0x101000) perf_event_open(&(0x7f0000000780)={0x4, 0x70, 0xff, 0x75, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x100, 0x3, 0x6000000000000000, 0x3ff, 0x0, 0x6, 0x5, 0xc7d, 0x3, 0x6, 0x7, 0x2, 0x400, 0x1, 0x80, 0x1, 0x0, 0x10001, 0x3, 0x10, 0x2, 0xffffffffffff8000, 0x4, 0x3, 0x7, 0x53, 0x0, 0x10000, 0x2, @perf_config_ext={0x3f, 0x667b}, 0x2000, 0x9, 0x40, 0x5, 0x1, 0x10001}, r2, 0xe, r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='stat\x00') r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f77d1b2a35af9a56a08755efd8b01e307aa6dd0900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0453f0000783ee299a3f1634e4739de8ce3f8040076e68cfc33c8920959b49e968607eaa70aa52c03ee4d1c9beed78c1d4ee74324dd8aac1dcd7a9132b3d451030000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d00e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c049954372aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769d3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca776eb33990cae43499ef8740931b0e1da4841ef5a2506f84f70d9be484502609dbbab0cffa7576e8ce4c2e3519a460cae00000000000000"], &(0x7f0000000040)=0x1) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000240)={"626f6e645f736c6176655f30000e00", {0x2, 0x0, @rand_addr, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}}) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={"626f6e645f736c6176655f3000000002", {0x2, 0xaa00, @local, [0x8a02]}}) ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}}) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000980)=ANY=[@ANYBLOB="7e000000711d67284d42ba825336bf76e539de7c829a0fd4010ebafc62becf9f24e8921bf3736fdc84741007c5a0b264fe29a0945d078a73170bebc8eb1a449510a30b64373abc74d37583744abd1ad5a3754b5e51faa53622debdd4ab0f70847343e4ccad581de95049e8e986ebb1efa2a424de52fde4fbead03c6d7160c4ceeb3dc867db5b2d"], &(0x7f0000000900)=0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000940)={0x0, 0x3ff80000, 0x30}, 0xc) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x400080, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r1, 0x5) write$cgroup_int(r6, &(0x7f0000000080)=0x1, 0x12) pkey_alloc(0x0, 0xa) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r7 = syz_open_dev$vcsn(&(0x7f0000000400)='/dev/vcs#\x00', 0x5, 0x200000) recvfrom$packet(r7, &(0x7f0000000600)=""/79, 0x4f, 0x120, 0x0, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs\x00') preadv(r8, &(0x7f0000000680)=[{&(0x7f0000000280)=""/204, 0xcc}, {&(0x7f00000000c0)=""/170, 0xaa}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000013c0)=""/4096, 0x8f}, {&(0x7f0000000700)=""/77, 0x4d}], 0x5, 0x3) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000840)={0x2, 0x4e22, @local}, 0x10) 00:32:08 executing program 4: 00:32:08 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f0000000280)) ftruncate(r3, 0x2007fff) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000000)) fcntl$setstatus(r0, 0x4, 0x800) sendfile(r0, r3, &(0x7f0000d83ff8)=0x1800, 0x800000000024) creat(&(0x7f0000000200)='./bus\x00', 0x0) setxattr$security_selinux(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000140)='security.selinux\x00', &(0x7f0000000340)='system_u:object_r:semanage_exec_t:s0\x00', 0x25, 0x2) 00:32:08 executing program 3: 00:32:08 executing program 2: 00:32:08 executing program 5: 00:32:08 executing program 4: 00:32:09 executing program 5: 00:32:09 executing program 3: 00:32:09 executing program 2: 00:32:09 executing program 4: 00:32:09 executing program 5: [ 332.138234] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 00:32:10 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$admmidi(&(0x7f00000003c0)='/dev/admmidi#\x00', 0x10001, 0x400040) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r2 = gettid() r3 = syz_open_dev$admmidi(&(0x7f0000000800)='/dev/admmidi#\x00', 0xfffffffffffffffa, 0x101000) perf_event_open(&(0x7f0000000780)={0x4, 0x70, 0xff, 0x75, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x100, 0x3, 0x6000000000000000, 0x3ff, 0x0, 0x6, 0x5, 0xc7d, 0x3, 0x6, 0x7, 0x2, 0x400, 0x1, 0x80, 0x1, 0x0, 0x10001, 0x3, 0x10, 0x2, 0xffffffffffff8000, 0x4, 0x3, 0x7, 0x53, 0x0, 0x10000, 0x2, @perf_config_ext={0x3f, 0x667b}, 0x2000, 0x9, 0x40, 0x5, 0x1, 0x10001}, r2, 0xe, r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='stat\x00') r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f77d1b2a35af9a56a08755efd8b01e307aa6dd0900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0453f0000783ee299a3f1634e4739de8ce3f8040076e68cfc33c8920959b49e968607eaa70aa52c03ee4d1c9beed78c1d4ee74324dd8aac1dcd7a9132b3d451030000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d00e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c049954372aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769d3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca776eb33990cae43499ef8740931b0e1da4841ef5a2506f84f70d9be484502609dbbab0cffa7576e8ce4c2e3519a460cae00000000000000"], &(0x7f0000000040)=0x1) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000240)={"626f6e645f736c6176655f30000e00", {0x2, 0x0, @rand_addr, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}}) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={"626f6e645f736c6176655f3000000002", {0x2, 0xaa00, @local, [0x8a02]}}) ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}}) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000980)=ANY=[@ANYBLOB="7e000000711d67284d42ba825336bf76e539de7c829a0fd4010ebafc62becf9f24e8921bf3736fdc84741007c5a0b264fe29a0945d078a73170bebc8eb1a449510a30b64373abc74d37583744abd1ad5a3754b5e51faa53622debdd4ab0f70847343e4ccad581de95049e8e986ebb1efa2a424de52fde4fbead03c6d7160c4ceeb3dc867db5b2d"], &(0x7f0000000900)=0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000940)={0x0, 0x3ff80000, 0x30}, 0xc) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x400080, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r1, 0x5) write$cgroup_int(r6, &(0x7f0000000080)=0x1, 0x12) pkey_alloc(0x0, 0xa) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r7 = syz_open_dev$vcsn(&(0x7f0000000400)='/dev/vcs#\x00', 0x5, 0x200000) recvfrom$packet(r7, &(0x7f0000000600)=""/79, 0x4f, 0x120, 0x0, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs\x00') preadv(r8, &(0x7f0000000680)=[{&(0x7f0000000280)=""/204, 0xcc}, {&(0x7f00000000c0)=""/170, 0xaa}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000013c0)=""/4096, 0x8f}, {&(0x7f0000000700)=""/77, 0x4d}], 0x5, 0x3) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000840)={0x2, 0x4e22, @local}, 0x10) 00:32:10 executing program 3: 00:32:10 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f0000000280)) ftruncate(r3, 0x2007fff) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000000)) fcntl$setstatus(r0, 0x4, 0x800) sendfile(r0, r3, &(0x7f0000d83ff8)=0x1800, 0x800000000024) creat(&(0x7f0000000200)='./bus\x00', 0x0) setxattr$security_selinux(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000140)='security.selinux\x00', &(0x7f0000000340)='system_u:object_r:semanage_exec_t:s0\x00', 0x25, 0x2) 00:32:10 executing program 4: 00:32:10 executing program 2: 00:32:10 executing program 5: 00:32:10 executing program 3: 00:32:10 executing program 5: 00:32:10 executing program 3: 00:32:10 executing program 2: 00:32:10 executing program 4: 00:32:11 executing program 5: 00:32:11 executing program 0: 00:32:11 executing program 3: [ 333.647803] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 00:32:11 executing program 1: 00:32:11 executing program 4: 00:32:11 executing program 2: 00:32:11 executing program 5: 00:32:11 executing program 0: 00:32:11 executing program 3: 00:32:12 executing program 3: 00:32:12 executing program 0: r0 = creat(&(0x7f0000000140)='./bus\x00', 0x0) setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000040)={{0xa, 0x0, 0x0, @mcast2, 0x9}, {0xa, 0x4e23, 0x0, @ipv4={[], [], @rand_addr}, 0x577}, 0x1000, [0x0, 0xfffffffffffffffc, 0x1, 0x6ee, 0x7fffffff, 0x0, 0x841, 0x7]}, 0x5c) syz_open_dev$dri(&(0x7f0000000180)='/dev/dri/card#\x00', 0x100000000, 0x4001) fcntl$setstatus(r0, 0x4, 0x44000) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r0, 0x111, 0x2, 0x1, 0x4) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0xa6ba0) io_setup(0x40000100000003, &(0x7f00000001c0)=0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x5}, 0x10) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000f09, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 00:32:12 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) write$FUSE_OPEN(r0, &(0x7f0000000780)={0x20, 0x0, 0x0, {0x0, 0x4}}, 0x20) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}], r3}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x0, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r5, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="a56a8df0ff24be188529f003e0", 0xd, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={[], [], @multicast2}}, 0x1c) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xffffffffffffffff]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x2, r3}, {0x2, 0x2, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x5c, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:32:12 executing program 5: r0 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000340)={'.yz'}, &(0x7f0000000c80)="da", 0x1, r0) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000000)) 00:32:12 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x72}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000002fe0)={{&(0x7f0000909000/0x4000)=nil, 0x4000}, 0x1}) readv(r0, &(0x7f00000004c0)=[{&(0x7f0000000300)=""/115, 0x73}, {&(0x7f0000000400)=""/23, 0x17}, {&(0x7f0000000440)=""/71, 0x47}], 0x3) mremap(&(0x7f000090a000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) 00:32:12 executing program 3: clone(0x200, &(0x7f00000000c0), &(0x7f0000000000), &(0x7f0000000100), &(0x7f0000000280)) mknod(&(0x7f0000000040)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000340)='./file0\x00', &(0x7f0000000300), &(0x7f0000000200)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f00000002c0)=""/11, 0xb9) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)) syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) execve(&(0x7f0000000180)='./file1\x00', &(0x7f0000000780), &(0x7f0000000800)) ioctl$BLKRAGET(r0, 0x1263, &(0x7f00000001c0)) creat(&(0x7f00000000c0)='./file1\x00', 0x0) open$dir(&(0x7f0000000240)='./file0\x00', 0x841, 0x0) 00:32:12 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000180)='./file0\x00', 0x0) lseek(r0, 0x0, 0x3) 00:32:12 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000880)={0x4c, 0x0, &(0x7f0000000640)=[@increfs, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000200)}}], 0x0, 0x0, &(0x7f00000007c0)}) 00:32:13 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) 00:32:13 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x3f, 0x4000) pwritev(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) [ 335.017143] binder: 8899:8900 got reply transaction with no transaction stack [ 335.025227] binder: 8899:8900 transaction failed 29201/-71, size 0-0 line 2741 00:32:13 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000580)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)=';', 0x1) 00:32:13 executing program 0: perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000880)={0x44, 0x0, &(0x7f0000000640)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000200)}}], 0x0, 0x0, &(0x7f00000007c0)}) [ 335.163813] binder: BINDER_SET_CONTEXT_MGR already set [ 335.169345] binder: 8899:8907 ioctl 40046207 0 returned -16 [ 335.242300] binder: 8899:8900 got reply transaction with no transaction stack [ 335.249797] binder: 8899:8900 transaction failed 29201/-71, size 0-0 line 2741 [ 335.333902] binder: undelivered TRANSACTION_ERROR: 29201 [ 335.395136] binder: undelivered TRANSACTION_ERROR: 29201 [ 335.448607] binder: 8918:8922 got reply transaction with no transaction stack [ 335.456290] binder: 8918:8922 transaction failed 29201/-71, size 0-0 line 2741 00:32:13 executing program 1: r0 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={"62726964676530000000008000", &(0x7f0000000100)=@ethtool_cmd={0xd, 0x0, 0x70f000, 0x0, 0x0, 0x0, 0x2}}) [ 335.577600] binder: 8918:8925 got reply transaction with no transaction stack [ 335.585501] binder: 8918:8925 transaction failed 29201/-71, size 0-0 line 2741 00:32:13 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4000004e20, @loopback}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x1f, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000003000000000000000000000095000000000000004ab2c366ad12d90b51e341476c845181353d882e8d3dc74fdce4618ae88d37b05e023c26bc1dc1c59510bd39cb0bb162a5e61373485b9a41cb432798c1fe6125cc0a109c4e3bca6a9e04335f4ad8d2f075e7dbe956f7bc0f7ec10fd06f9d312103301cc3631b2e339dd4e5234b056f2e36cd78fa7abf4c38aeecc62769fd19fb66684b3e350f626de2d74c4d44cf6be4a762ba079a62d1aa172ddf8e7bb3dd921be065ce3cc93c72a537f6f084eb786d4cd5b4c43cdc91bd70bb2ca0ec29df6fbff45a41511a10943f2fac8041c00e7a53db82624eee6737b919e585684731a49ba448c63442b8"], &(0x7f0000000080)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000180)=""/183}, 0x48) r2 = socket$kcm(0x29, 0x5, 0x0) write$binfmt_aout(r2, &(0x7f0000004e00)=ANY=[], 0xfffffffe) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000240)={r0, r1}) write$binfmt_elf32(r2, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, 0x1}, [{}]}, 0x58) [ 335.688543] binder: undelivered TRANSACTION_ERROR: 29201 [ 335.694371] binder: undelivered TRANSACTION_ERROR: 29201 00:32:13 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 00:32:14 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240317585717070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x0, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) semget(0xffffffffffffffff, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$RDS_CONG_MONITOR(0xffffffffffffffff, 0x114, 0x6, &(0x7f0000000400), 0x4) getpeername$packet(0xffffffffffffffff, &(0x7f0000000780)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000007c0)=0x14) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='net/dev_snmp6\x00') pselect6(0x40, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)={0x2197}, &(0x7f00000001c0)={0x0, 0x1c9c380}, &(0x7f00000002c0)={&(0x7f0000000280), 0x8}) 00:32:14 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000580)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000002c0), 0x0) [ 336.075440] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 00:32:14 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000010000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x10, &(0x7f0000000280)={'icmp6\x00'}, &(0x7f00000002c0)=0x1e) 00:32:14 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000080)=""/11, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") clone(0x2102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f0000004380)=[{{&(0x7f00000002c0)=@sco, 0x80, &(0x7f0000000500), 0x0, &(0x7f0000000580)=""/246, 0xfffffffffffffeb7}}], 0x1, 0x0, &(0x7f00000044c0)) sendmsg$nl_generic(r2, &(0x7f0000000340)={&(0x7f0000000040), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[]}}, 0x0) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000180)) dup2(r0, r1) 00:32:14 executing program 2: 00:32:14 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400), 0x4) openat$vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhci\x00', 0x0, 0x0) utime(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)) 00:32:14 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000180)={0x2, 0x3, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fc, &(0x7f00000000c0)={0x2, 0x3, @loopback}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000200)='yeah\x00', 0x5) 00:32:15 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000600)) r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000b0e000)) openat$sequencer(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/sequencer\x00', 0x6000, 0x0) 00:32:15 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f00000000c0)={0xf, 0x8, 0xfa00, {r1}}, 0x10) 00:32:15 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x20000, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000900)={0x0, @in6={{0xa, 0x4e20, 0x0, @mcast1}}}, 0x90) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) write$FUSE_OPEN(r0, &(0x7f0000000780)={0x20, 0x0, 0x3, {0x0, 0x4}}, 0x20) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}], r3}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x4e24, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r5, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) getgroups(0x2, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x0, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x54, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:32:15 executing program 2: 00:32:15 executing program 3: 00:32:15 executing program 5: 00:32:15 executing program 0: 00:32:15 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000600)) r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000b0e000)) openat$sequencer(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/sequencer\x00', 0x6000, 0x0) 00:32:15 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000600)) r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000b0e000)) openat$sequencer(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/sequencer\x00', 0x6000, 0x0) 00:32:15 executing program 2: 00:32:16 executing program 5: 00:32:16 executing program 1: 00:32:16 executing program 0: 00:32:16 executing program 2: 00:32:18 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x20000, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000900)={0x0, @in6={{0xa, 0x4e20, 0x0, @mcast1}}}, 0x90) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) write$FUSE_OPEN(r0, &(0x7f0000000780)={0x20, 0x0, 0x3, {0x0, 0x4}}, 0x20) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}], r3}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x4e24, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r5, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) getgroups(0x2, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x0, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x54, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:32:18 executing program 3: 00:32:18 executing program 5: 00:32:18 executing program 1: 00:32:18 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @local}, {0x0, @broadcast}, 0x0, {0x2, 0x0, @multicast2}, 'lo\x00'}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:32:18 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpriority(0x2, 0x0) ioctl$RNDCLEARPOOL(0xffffffffffffffff, 0x5206, &(0x7f0000000100)) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000300), 0x4) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) 00:32:18 executing program 5: 00:32:18 executing program 3: 00:32:18 executing program 1: 00:32:18 executing program 0: 00:32:18 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score\x00') preadv(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)) 00:32:18 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000040)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, 0x0}) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) 00:32:20 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000100), &(0x7f0000000140)=0xc) 00:32:20 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x20000, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000900)={0x0, @in6={{0xa, 0x4e20, 0x0, @mcast1}}}, 0x90) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) write$FUSE_OPEN(r0, &(0x7f0000000780)={0x20, 0x0, 0x3, {0x0, 0x4}}, 0x20) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}], r3}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x4e24, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r5, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) getgroups(0x2, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x0, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x54, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:32:20 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, 0x0}) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) 00:32:20 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f000014f000)={&(0x7f00003c7ff4), 0xc, &(0x7f0000000000)={&(0x7f0000c07e98)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@rand_addr, @in6=@ipv4={[], [], @local={0xac, 0x14, 0xffffffffffffffff}}}, {@in6, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0) 00:32:20 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score\x00') preadv(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)) 00:32:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snapshot\x00', 0x440000, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(0xffffffffffffffff, 0x400442c8, &(0x7f0000000500)={0xffffffffffffffff, 0x1}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:32:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snapshot\x00', 0x0, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(0xffffffffffffffff, 0x400442c8, &(0x7f0000000500)={0xffffffffffffffff, 0x1}) perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:32:20 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, 0xffffffffffffff9c, 0x100) 00:32:21 executing program 4: r0 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={"62726964676530000000008000", &(0x7f0000000100)=@ethtool_cmd={0xe, 0x0, 0x811d000}}) 00:32:21 executing program 1: creat(&(0x7f0000010200)='./file0\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000010280)='./file0\x00', 0x2000, 0xc) 00:32:21 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r1 = accept$alg(r0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000600)={0x0, 0x2008}, &(0x7f0000000640)=0x8) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000740)={0x0, 0x0, 0x2, [0x4, 0x0]}, &(0x7f0000000780)=0xc) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={&(0x7f00000000c0)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0x20001000}], 0x1, &(0x7f0000fb3fa9)=""/87, 0x57}, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0xbcda34450b800b7a, 0x40000000000a132, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.net/syz1\x00', 0x200002, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000007940), 0x0, 0x0, &(0x7f0000001440)) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000280)={0x0, 0xfffffffffffff801, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}, 0xb) connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) 00:32:21 executing program 1: ioctl(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x4000000000003, 0x80000000c) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2400000003061f001cfffd946fa2830020200a000600010006e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) socketpair(0xa, 0x0, 0x200, &(0x7f00000025c0)) getsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0x80, &(0x7f0000002600)=""/209, &(0x7f0000002700)=0xd1) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x10, 0x0, &(0x7f0000346fc8)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) [ 343.395049] netlink: 'syz-executor1': attribute type 1 has an invalid length. [ 343.402700] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. 00:32:21 executing program 0: 00:32:21 executing program 4: 00:32:21 executing program 3: [ 343.487352] netlink: 'syz-executor1': attribute type 1 has an invalid length. [ 343.495205] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. 00:32:21 executing program 2: 00:32:21 executing program 1: 00:32:21 executing program 4: 00:32:22 executing program 3: 00:32:22 executing program 0: 00:32:22 executing program 2: 00:32:22 executing program 4: 00:32:22 executing program 5: 00:32:22 executing program 0: 00:32:22 executing program 3: 00:32:22 executing program 1: 00:32:22 executing program 2: 00:32:22 executing program 0: 00:32:22 executing program 4: 00:32:23 executing program 5: 00:32:23 executing program 1: 00:32:23 executing program 3: 00:32:23 executing program 2: 00:32:23 executing program 0: 00:32:23 executing program 4: 00:32:23 executing program 3: 00:32:23 executing program 5: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) open(&(0x7f0000000100)='./file0\x00', 0x80200, 0x1c6) 00:32:23 executing program 1: r0 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={"62726964676530000000008000", &(0x7f0000000100)=@ethtool_cmd={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 00:32:23 executing program 0: r0 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x89f3, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000140)=ANY=[]}) 00:32:23 executing program 2: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x33, 0x0, @remote, @dev}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @dev}}}}}}, &(0x7f0000000100)) 00:32:23 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x0, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x405c5503, &(0x7f0000000000)={0x0, 0x0, 0x2}) ioctl$UI_DEV_SETUP(r0, 0x5501, &(0x7f0000000300)={{}, 'syz1\x00'}) ioctl$UI_DEV_DESTROY(r0, 0x5502) [ 346.015226] input:  as /devices/virtual/input/input5 00:32:24 executing program 3: r0 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x13}, 0x1c) write$binfmt_elf64(r0, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) 00:32:24 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in6=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) syz_open_procfs(0x0, &(0x7f00000000c0)='net/sco\x00') setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000400000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0) recvmmsg(r1, &(0x7f0000000f00), 0x400000000000308, 0x10000, &(0x7f0000001000)={0x77359400}) prctl$void(0x0) [ 346.080816] input:  as /devices/virtual/input/input6 00:32:24 executing program 1: socket$inet6_sctp(0xa, 0x0, 0x84) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(0xffffffffffffffff, 0x4040aea4, &(0x7f00000000c0)={0x5}) fcntl$setlease(0xffffffffffffffff, 0x400, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) sysinfo(&(0x7f00000007c0)=""/154) ioctl$BLKPG(r0, 0x1269, &(0x7f00000006c0)={0x1, 0x0, 0x0, &(0x7f0000000800)}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='memory.current\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vga_arbiter\x00', 0x0, 0x0) 00:32:24 executing program 0: socketpair$unix(0x1, 0x4000000000002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0xfffffffffffffe33) sendmmsg$unix(r1, &(0x7f0000000b80), 0x49249f8, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(0xffffffffffffffff, 0x28, 0x6, &(0x7f00000003c0), 0x8) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffee1, 0x2, 0x0) recvmmsg(r0, &(0x7f0000001080)=[{{&(0x7f0000000ac0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000000a80)=[{&(0x7f00000007c0)=""/240, 0xf0}, {&(0x7f0000000980)=""/234, 0xea}], 0x2, &(0x7f0000000680)=""/31, 0x1f}}], 0x1, 0x0, &(0x7f0000000b40)) 00:32:24 executing program 2: madvise(&(0x7f0000f97000/0x1000)=nil, 0x1000, 0xc) clone(0x0, &(0x7f0000000040), &(0x7f00000001c0), &(0x7f0000000000), &(0x7f0000000240)) 00:32:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snapshot\x00', 0x440000, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(0xffffffffffffffff, 0x400442c8, &(0x7f0000000500)={0xffffffffffffffff, 0x1}) syz_open_dev$rtc(&(0x7f00000000c0)='/dev/rtc#\x00', 0xffffffffffffffff, 0x200) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:32:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_S390_UCAS_MAP(r3, 0x4018ae50, &(0x7f0000000280)={0x1, 0x0, 0x5}) ioctl$KVM_SMI(r2, 0xaeb7) timer_create(0x0, &(0x7f0000000000)={0x0, 0x32, 0x1, @tid=0xffffffffffffffff}, &(0x7f00000000c0)=0x0) timer_gettime(r4, &(0x7f0000000140)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) syz_emit_ethernet(0x0, &(0x7f0000000240)=ANY=[], &(0x7f0000000340)={0x0, 0x0, [0x0, 0xd79]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4) 00:32:24 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f00000003c0), 0x4) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000005280)={{{@in6=@loopback, @in6}}, {{@in6=@local}, 0x0, @in6=@loopback}}, &(0x7f0000005380)=0xe8) 00:32:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"626f6e643000000000f98b00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:32:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"626f6e643000000000f98b00"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mlockall(0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:32:25 executing program 5: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKROSET(r0, 0x80140912, &(0x7f0000000000)) 00:32:25 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"626f6e643000000000f98b00"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:32:25 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)="2f65786500000000000409004bddd9de91be10eeaf000ee9a90f798058439ed554fa07424ada75af1f02ac06edbcd7a071fb35331ce39c5a00000000") flistxattr(r0, &(0x7f0000000680)=""/161, 0xa1) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000100), &(0x7f00000003c0)=0x8) [ 347.949946] pit: kvm: requested 56990 ns i8254 timer period limited to 200000 ns 00:32:26 executing program 4: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKROSET(r0, 0x80480911, &(0x7f0000000000)) 00:32:26 executing program 5: r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x2) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000000)={0x80, 0x1, "636c69656e000000000000040002000000000000000000000000000000000000000000000800", 0xffffffff90000004, "7fd82d5e02ca3901", "88e7ed00007fff051eae961ef6c6992b7e6e560000f9fff77711be18a3d918e0"}) write$sndseq(r0, &(0x7f0000042f70)=[{0x5, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd) ioctl$EXT4_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000200)) [ 348.132009] pit: kvm: requested 43580 ns i8254 timer period limited to 200000 ns [ 348.215922] pit: kvm: requested 30171 ns i8254 timer period limited to 200000 ns [ 348.294713] pit: kvm: requested 30171 ns i8254 timer period limited to 200000 ns 00:32:30 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x3, 0xffffffffffffffff) 00:32:30 executing program 2: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r0, 0xc1004111, &(0x7f0000000140)) 00:32:30 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000000)="0a5c2d0240316285717070") r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f00000000c0)={0x0, 'bpq0\x00'}, 0x18) 00:32:30 executing program 4: ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffff9c, 0xc00c642e, &(0x7f0000000380)) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000540), 0xc) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080), 0xc) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000280)) syz_extract_tcp_res$synack(&(0x7f0000000340), 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x18, &(0x7f0000000c00)=ANY=[@ANYBLOB="bf1600000000000085100000050000006d00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000040000000950000000000000031c437ac4696e15962e46f53ccc25148c13bb65bcea7aed5b7e939599c2824af045665301d9f8f40e14575f5365778b74360b25d108b9521f6a9364d77de4689af69e6d3884b4bcc84015ade6453139f2803e337d3e8644e6b3da6f69ccde136f9f0f8d746b3da106a54e302d664f2725c"], &(0x7f0000000100)='GPL\x00'}, 0x48) syz_open_dev$evdev(&(0x7f0000000400)='/dev/input/event#\x00', 0x7, 0x0) close(r0) mkdirat(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x100) perf_event_open(&(0x7f00000004c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480)}, 0x20, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x5, 0xffffffffffffffff, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(0xffffffffffffffff, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x6, 0x400000) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000640)=ANY=[@ANYBLOB="040000000000000002004e21ac141412000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000002004e20ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200bf97ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e217f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e230000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e20e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e21e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065e8efb1a83efb85c97e3918aaded6a5b6a5fce9a671aa6dac16bb5b75259067e5d3c765e7e2a0bb271c8f921fdc8aa19d6bc442838cf204272649d2fe12d438901751ffdbfa09806dc820496948e39df7e76fef5f8fd8983a3c6937b0a6aeae99e877b67d90a991bb6772480ceb27cbaea8347eb86a2893437727049258504e34da8e222d4058"], 0x1) 00:32:30 executing program 5: syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = syz_open_dev$vcsa(&(0x7f0000002240)='/dev/vcsa#\x00', 0x1000, 0x0) r2 = dup2(r0, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) sendmsg$nl_route(r1, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=@ipv4_getrule={0x20}, 0x20}}, 0x20000011) 00:32:30 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"626f6e643000000000f98b00"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 352.793774] IPVS: Unknown mcast interface: bpq0 00:32:31 executing program 0: socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @dev}}}}}}, &(0x7f0000000100)) 00:32:31 executing program 2: r0 = socket(0x40000000015, 0x805, 0x0) getsockopt(r0, 0x114, 0x2721, &(0x7f0000af0fe7)=""/13, &(0x7f000033bffc)=0x1ec) 00:32:31 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in6=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) getpgid(0x0) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000400000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0) recvmmsg(r1, &(0x7f0000000f00), 0x400000000000308, 0x10000, &(0x7f0000001000)={0x77359400}) prctl$void(0x0) sendmsg$key(0xffffffffffffffff, &(0x7f000033efc8)={0x0, 0x0, &(0x7f0000aa8000)={&(0x7f00009b9000)={0x2, 0x0, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 00:32:31 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"626f6e643000000000f98b00"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:32:31 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={&(0x7f00000000c0)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0x20001000}], 0x1, &(0x7f0000fb3fa9)=""/87, 0x57}, 0x0) 00:32:31 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x6, 0x7fffffff) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer2\x00', 0x141080, 0x0) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000480)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r3, 0x8991, &(0x7f0000000000)={'bond0\x00', @ifru_names='bond_slave_1\x00'}) ioctl$VIDIOC_ENCODER_CMD(r2, 0xc028564d, &(0x7f0000000680)={0x1000000000001, 0x1, [0x1, 0x101, 0x3ff, 0x40, 0xfffffffffffffffe, 0xfffffffffffffffb, 0x8, 0x4f]}) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r2, 0x80045400, &(0x7f00000004c0)) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x20a000, 0x0) ioctl$KDSKBSENT(r4, 0x4b49, &(0x7f0000000380)="e2da5cdea423495c8b5663b2d9e462f4e65c25cc8b2ba5e1349cd9ae758d94c045f53f48860fd0b3d8013a69034f6ac0d6e1e98dfe38d2d9e2e2c54d473c67bfa22bbf07fadb6002cda4dd466bf8b4ac1fd7837039b702b9d0fa204a8e5df87c3de67d40844e3ddd3c120aee61b90f3b98210922d8d4271c6df39457ffa88a8a1c33837414408c58e56e3fc11ec40ec466928864d45fe30bbdca4189941c975bc6fe8fb0e6bf8e2a58131d1b5d088066c68b8a6ee0c4e1fea78983de57627ebf6f449a310f966c64391d936f99802fb9320ae1cc") r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/sequencer2\x00', 0x40042, 0x0) sendto$inet(r1, &(0x7f00000000c0)="8dec431bb44aff53a310b4eabef65b9ca28574570c8753d962784ce7563c1f448215fd237bf4c9159a98e9205a38a1fef116825d2a67dccc355557378e26b4e71c9ead8245ce8f8727e4d5e348d6b048462955248e97e362bb149adcd5ad849873b82111c2ecfa383140f9d4c99f525041a886277a6592dbc6b9108911e88a440b93f5c0fae544676b44a19bf06aa255a549db9cb0a9221a90f33fec43b1d074bf", 0xa1, 0x1, &(0x7f0000000180)={0x2, 0x4e22}, 0x10) r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000580)='fou\x00') sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x100, 0x70bd28, 0x25dedbfd, {}, [@FOU_ATTR_IPPROTO={0x8, 0x3, 0x3b}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e23}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044000}, 0x40) syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="8eefb3389554f5e20364927703cbbda1057d2afc8b"], 0x1}, 0x1, 0x0, 0x0, 0x8050}, 0x40) r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) keyctl$session_to_parent(0x12) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x200) dup2(r7, r5) openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0xc81, 0x0) r8 = socket$inet_tcp(0x2, 0x1, 0x0) r9 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x1, 0x40100) getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000300)={0x0, @remote, @loopback}, &(0x7f0000000340)=0xc) sendmsg$nl_route(r9, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@mpls_delroute={0x3c, 0x19, 0x0, 0x70bd2d, 0x25dfdbfe, {0x1c, 0xa0, 0x20, 0x10000, 0x0, 0x0, 0xfe, 0x6, 0x100}, [@RTA_DST={0x10, 0x1, [{0x80000000, 0x14, 0x9}, {0x6, 0x3, 0xcaa7, 0x6}, {0x2, 0x80, 0x2, 0xb82}]}, @RTA_OIF={0x8, 0x4, r10}, @RTA_DST={0x8, 0x1, [{0x0, 0x400000000000, 0x2, 0x3ff}]}]}, 0x3c}}, 0x4008000) ioctl$sock_proto_private(r8, 0x80089ec, &(0x7f0000000140)="039625617620978a4df541244054545eefb285b44d2198c37642636f3bd6084339c6e79154e7a4e1e8a3a316d5a4d756fa828508c3eaae4df2759d4d16de576413772f248c74aae160e44749d604a7af5290efc74ba837ec71ff4bfb5f9a2d51403ecc6b5a4bb2dab710e3367549b45cd0b3fed1c251372400872f340ee3b348964d022f3224519d06adad720a5650c9b04292955ae6fd364adebee641bc911bcdd907f409e8200d95b946789c69b1d8876c") r11 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0xff, 0x80000) syz_open_dev$sndtimer(&(0x7f0000000780)='/dev/snd/timer\x00', 0x0, 0x40000407c) ioctl$VT_GETMODE(r11, 0x5601, &(0x7f0000000240)) setsockopt$inet_group_source_req(r8, 0x0, 0x2e, &(0x7f0000000000)={0x1, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev}}}, 0x108) 00:32:31 executing program 0: [ 353.572757] bond0: Releasing backup interface bond_slave_1 00:32:31 executing program 2: r0 = socket(0x40000000015, 0x805, 0x0) getsockopt(r0, 0x114, 0x2721, &(0x7f0000af0fe7)=""/13, &(0x7f000033bffc)=0x1ec) [ 353.782826] pit: kvm: requested 56990 ns i8254 timer period limited to 200000 ns 00:32:31 executing program 0: 00:32:31 executing program 4: [ 353.883016] pit: kvm: requested 43580 ns i8254 timer period limited to 200000 ns 00:32:32 executing program 1: [ 354.039250] pit: kvm: requested 30171 ns i8254 timer period limited to 200000 ns [ 354.170306] pit: kvm: requested 30171 ns i8254 timer period limited to 200000 ns 00:32:32 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x6, 0x7fffffff) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer2\x00', 0x141080, 0x0) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000480)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r3, 0x8991, &(0x7f0000000000)={'bond0\x00', @ifru_names='bond_slave_1\x00'}) ioctl$VIDIOC_ENCODER_CMD(r2, 0xc028564d, &(0x7f0000000680)={0x1000000000001, 0x1, [0x1, 0x101, 0x3ff, 0x40, 0xfffffffffffffffe, 0xfffffffffffffffb, 0x8, 0x4f]}) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r2, 0x80045400, &(0x7f00000004c0)) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x20a000, 0x0) ioctl$KDSKBSENT(r4, 0x4b49, &(0x7f0000000380)="e2da5cdea423495c8b5663b2d9e462f4e65c25cc8b2ba5e1349cd9ae758d94c045f53f48860fd0b3d8013a69034f6ac0d6e1e98dfe38d2d9e2e2c54d473c67bfa22bbf07fadb6002cda4dd466bf8b4ac1fd7837039b702b9d0fa204a8e5df87c3de67d40844e3ddd3c120aee61b90f3b98210922d8d4271c6df39457ffa88a8a1c33837414408c58e56e3fc11ec40ec466928864d45fe30bbdca4189941c975bc6fe8fb0e6bf8e2a58131d1b5d088066c68b8a6ee0c4e1fea78983de57627ebf6f449a310f966c64391d936f99802fb9320ae1cc") r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/sequencer2\x00', 0x40042, 0x0) sendto$inet(r1, &(0x7f00000000c0)="8dec431bb44aff53a310b4eabef65b9ca28574570c8753d962784ce7563c1f448215fd237bf4c9159a98e9205a38a1fef116825d2a67dccc355557378e26b4e71c9ead8245ce8f8727e4d5e348d6b048462955248e97e362bb149adcd5ad849873b82111c2ecfa383140f9d4c99f525041a886277a6592dbc6b9108911e88a440b93f5c0fae544676b44a19bf06aa255a549db9cb0a9221a90f33fec43b1d074bf", 0xa1, 0x1, &(0x7f0000000180)={0x2, 0x4e22}, 0x10) r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000580)='fou\x00') sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x100, 0x70bd28, 0x25dedbfd, {}, [@FOU_ATTR_IPPROTO={0x8, 0x3, 0x3b}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e23}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044000}, 0x40) syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="8eefb3389554f5e20364927703cbbda1057d2afc8b"], 0x1}, 0x1, 0x0, 0x0, 0x8050}, 0x40) r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) keyctl$session_to_parent(0x12) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x200) dup2(r7, r5) openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0xc81, 0x0) r8 = socket$inet_tcp(0x2, 0x1, 0x0) r9 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x1, 0x40100) getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000300)={0x0, @remote, @loopback}, &(0x7f0000000340)=0xc) sendmsg$nl_route(r9, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@mpls_delroute={0x3c, 0x19, 0x0, 0x70bd2d, 0x25dfdbfe, {0x1c, 0xa0, 0x20, 0x10000, 0x0, 0x0, 0xfe, 0x6, 0x100}, [@RTA_DST={0x10, 0x1, [{0x80000000, 0x14, 0x9}, {0x6, 0x3, 0xcaa7, 0x6}, {0x2, 0x80, 0x2, 0xb82}]}, @RTA_OIF={0x8, 0x4, r10}, @RTA_DST={0x8, 0x1, [{0x0, 0x400000000000, 0x2, 0x3ff}]}]}, 0x3c}}, 0x4008000) ioctl$sock_proto_private(r8, 0x80089ec, &(0x7f0000000140)="039625617620978a4df541244054545eefb285b44d2198c37642636f3bd6084339c6e79154e7a4e1e8a3a316d5a4d756fa828508c3eaae4df2759d4d16de576413772f248c74aae160e44749d604a7af5290efc74ba837ec71ff4bfb5f9a2d51403ecc6b5a4bb2dab710e3367549b45cd0b3fed1c251372400872f340ee3b348964d022f3224519d06adad720a5650c9b04292955ae6fd364adebee641bc911bcdd907f409e8200d95b946789c69b1d8876c") r11 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0xff, 0x80000) syz_open_dev$sndtimer(&(0x7f0000000780)='/dev/snd/timer\x00', 0x0, 0x40000407c) ioctl$VT_GETMODE(r11, 0x5601, &(0x7f0000000240)) setsockopt$inet_group_source_req(r8, 0x0, 0x2e, &(0x7f0000000000)={0x1, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev}}}, 0x108) 00:32:32 executing program 4: 00:32:32 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000080)={0x28}, 0x28) 00:32:32 executing program 2: 00:32:32 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"626f6e643000000000f98b00"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:32:32 executing program 1: 00:32:32 executing program 4: 00:32:33 executing program 2: 00:32:33 executing program 0: 00:32:33 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x6, 0x7fffffff) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer2\x00', 0x141080, 0x0) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000480)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r3, 0x8991, &(0x7f0000000000)={'bond0\x00', @ifru_names='bond_slave_1\x00'}) ioctl$VIDIOC_ENCODER_CMD(r2, 0xc028564d, &(0x7f0000000680)={0x1000000000001, 0x1, [0x1, 0x101, 0x3ff, 0x40, 0xfffffffffffffffe, 0xfffffffffffffffb, 0x8, 0x4f]}) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r2, 0x80045400, &(0x7f00000004c0)) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x20a000, 0x0) ioctl$KDSKBSENT(r4, 0x4b49, &(0x7f0000000380)="e2da5cdea423495c8b5663b2d9e462f4e65c25cc8b2ba5e1349cd9ae758d94c045f53f48860fd0b3d8013a69034f6ac0d6e1e98dfe38d2d9e2e2c54d473c67bfa22bbf07fadb6002cda4dd466bf8b4ac1fd7837039b702b9d0fa204a8e5df87c3de67d40844e3ddd3c120aee61b90f3b98210922d8d4271c6df39457ffa88a8a1c33837414408c58e56e3fc11ec40ec466928864d45fe30bbdca4189941c975bc6fe8fb0e6bf8e2a58131d1b5d088066c68b8a6ee0c4e1fea78983de57627ebf6f449a310f966c64391d936f99802fb9320ae1cc") r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/sequencer2\x00', 0x40042, 0x0) sendto$inet(r1, &(0x7f00000000c0)="8dec431bb44aff53a310b4eabef65b9ca28574570c8753d962784ce7563c1f448215fd237bf4c9159a98e9205a38a1fef116825d2a67dccc355557378e26b4e71c9ead8245ce8f8727e4d5e348d6b048462955248e97e362bb149adcd5ad849873b82111c2ecfa383140f9d4c99f525041a886277a6592dbc6b9108911e88a440b93f5c0fae544676b44a19bf06aa255a549db9cb0a9221a90f33fec43b1d074bf", 0xa1, 0x1, &(0x7f0000000180)={0x2, 0x4e22}, 0x10) r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000580)='fou\x00') sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x100, 0x70bd28, 0x25dedbfd, {}, [@FOU_ATTR_IPPROTO={0x8, 0x3, 0x3b}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e23}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044000}, 0x40) syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="8eefb3389554f5e20364927703cbbda1057d2afc8b"], 0x1}, 0x1, 0x0, 0x0, 0x8050}, 0x40) r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) keyctl$session_to_parent(0x12) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x200) dup2(r7, r5) openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0xc81, 0x0) r8 = socket$inet_tcp(0x2, 0x1, 0x0) r9 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x1, 0x40100) getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000300)={0x0, @remote, @loopback}, &(0x7f0000000340)=0xc) sendmsg$nl_route(r9, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@mpls_delroute={0x3c, 0x19, 0x0, 0x70bd2d, 0x25dfdbfe, {0x1c, 0xa0, 0x20, 0x10000, 0x0, 0x0, 0xfe, 0x6, 0x100}, [@RTA_DST={0x10, 0x1, [{0x80000000, 0x14, 0x9}, {0x6, 0x3, 0xcaa7, 0x6}, {0x2, 0x80, 0x2, 0xb82}]}, @RTA_OIF={0x8, 0x4, r10}, @RTA_DST={0x8, 0x1, [{0x0, 0x400000000000, 0x2, 0x3ff}]}]}, 0x3c}}, 0x4008000) ioctl$sock_proto_private(r8, 0x80089ec, &(0x7f0000000140)="039625617620978a4df541244054545eefb285b44d2198c37642636f3bd6084339c6e79154e7a4e1e8a3a316d5a4d756fa828508c3eaae4df2759d4d16de576413772f248c74aae160e44749d604a7af5290efc74ba837ec71ff4bfb5f9a2d51403ecc6b5a4bb2dab710e3367549b45cd0b3fed1c251372400872f340ee3b348964d022f3224519d06adad720a5650c9b04292955ae6fd364adebee641bc911bcdd907f409e8200d95b946789c69b1d8876c") r11 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0xff, 0x80000) syz_open_dev$sndtimer(&(0x7f0000000780)='/dev/snd/timer\x00', 0x0, 0x40000407c) ioctl$VT_GETMODE(r11, 0x5601, &(0x7f0000000240)) setsockopt$inet_group_source_req(r8, 0x0, 0x2e, &(0x7f0000000000)={0x1, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev}}}, 0x108) 00:32:33 executing program 1: 00:32:33 executing program 3: 00:32:33 executing program 4: 00:32:33 executing program 0: 00:32:33 executing program 2: 00:32:33 executing program 3: 00:32:33 executing program 4: 00:32:33 executing program 1: 00:32:34 executing program 2: 00:32:34 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x6, 0x7fffffff) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer2\x00', 0x141080, 0x0) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000480)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r3, 0x8991, &(0x7f0000000000)={'bond0\x00', @ifru_names='bond_slave_1\x00'}) ioctl$VIDIOC_ENCODER_CMD(r2, 0xc028564d, &(0x7f0000000680)={0x1000000000001, 0x1, [0x1, 0x101, 0x3ff, 0x40, 0xfffffffffffffffe, 0xfffffffffffffffb, 0x8, 0x4f]}) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r2, 0x80045400, &(0x7f00000004c0)) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x20a000, 0x0) ioctl$KDSKBSENT(r4, 0x4b49, &(0x7f0000000380)="e2da5cdea423495c8b5663b2d9e462f4e65c25cc8b2ba5e1349cd9ae758d94c045f53f48860fd0b3d8013a69034f6ac0d6e1e98dfe38d2d9e2e2c54d473c67bfa22bbf07fadb6002cda4dd466bf8b4ac1fd7837039b702b9d0fa204a8e5df87c3de67d40844e3ddd3c120aee61b90f3b98210922d8d4271c6df39457ffa88a8a1c33837414408c58e56e3fc11ec40ec466928864d45fe30bbdca4189941c975bc6fe8fb0e6bf8e2a58131d1b5d088066c68b8a6ee0c4e1fea78983de57627ebf6f449a310f966c64391d936f99802fb9320ae1cc") r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/sequencer2\x00', 0x40042, 0x0) sendto$inet(r1, &(0x7f00000000c0)="8dec431bb44aff53a310b4eabef65b9ca28574570c8753d962784ce7563c1f448215fd237bf4c9159a98e9205a38a1fef116825d2a67dccc355557378e26b4e71c9ead8245ce8f8727e4d5e348d6b048462955248e97e362bb149adcd5ad849873b82111c2ecfa383140f9d4c99f525041a886277a6592dbc6b9108911e88a440b93f5c0fae544676b44a19bf06aa255a549db9cb0a9221a90f33fec43b1d074bf", 0xa1, 0x1, &(0x7f0000000180)={0x2, 0x4e22}, 0x10) r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000580)='fou\x00') sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x100, 0x70bd28, 0x25dedbfd, {}, [@FOU_ATTR_IPPROTO={0x8, 0x3, 0x3b}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e23}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044000}, 0x40) syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="8eefb3389554f5e20364927703cbbda1057d2afc8b"], 0x1}, 0x1, 0x0, 0x0, 0x8050}, 0x40) r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) keyctl$session_to_parent(0x12) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x200) dup2(r7, r5) openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0xc81, 0x0) r8 = socket$inet_tcp(0x2, 0x1, 0x0) r9 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x1, 0x40100) getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000300)={0x0, @remote, @loopback}, &(0x7f0000000340)=0xc) sendmsg$nl_route(r9, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@mpls_delroute={0x3c, 0x19, 0x0, 0x70bd2d, 0x25dfdbfe, {0x1c, 0xa0, 0x20, 0x10000, 0x0, 0x0, 0xfe, 0x6, 0x100}, [@RTA_DST={0x10, 0x1, [{0x80000000, 0x14, 0x9}, {0x6, 0x3, 0xcaa7, 0x6}, {0x2, 0x80, 0x2, 0xb82}]}, @RTA_OIF={0x8, 0x4, r10}, @RTA_DST={0x8, 0x1, [{0x0, 0x400000000000, 0x2, 0x3ff}]}]}, 0x3c}}, 0x4008000) ioctl$sock_proto_private(r8, 0x80089ec, &(0x7f0000000140)="039625617620978a4df541244054545eefb285b44d2198c37642636f3bd6084339c6e79154e7a4e1e8a3a316d5a4d756fa828508c3eaae4df2759d4d16de576413772f248c74aae160e44749d604a7af5290efc74ba837ec71ff4bfb5f9a2d51403ecc6b5a4bb2dab710e3367549b45cd0b3fed1c251372400872f340ee3b348964d022f3224519d06adad720a5650c9b04292955ae6fd364adebee641bc911bcdd907f409e8200d95b946789c69b1d8876c") r11 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0xff, 0x80000) syz_open_dev$sndtimer(&(0x7f0000000780)='/dev/snd/timer\x00', 0x0, 0x40000407c) ioctl$VT_GETMODE(r11, 0x5601, &(0x7f0000000240)) setsockopt$inet_group_source_req(r8, 0x0, 0x2e, &(0x7f0000000000)={0x1, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev}}}, 0x108) 00:32:34 executing program 0: 00:32:34 executing program 4: 00:32:34 executing program 1: 00:32:34 executing program 3: 00:32:34 executing program 0: 00:32:34 executing program 2: 00:32:34 executing program 5: 00:32:34 executing program 1: 00:32:34 executing program 4: 00:32:35 executing program 3: 00:32:35 executing program 2: 00:32:35 executing program 0: 00:32:35 executing program 5: 00:32:35 executing program 1: 00:32:35 executing program 4: 00:32:35 executing program 3: 00:32:35 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x1ff, 0x201) ioctl$KVM_SET_CPUID(r0, 0x802c550a, &(0x7f0000000080)={0x2, 0x0, [{0x0, 0x8150068, 0x7ff0bdbe}]}) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x10, r1, 0x0) 00:32:35 executing program 5: io_setup(0x8, &(0x7f00000009c0)) 00:32:35 executing program 1: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000010000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r1, 0x29, 0x45, &(0x7f0000000280)={'icmp6\x00'}, &(0x7f00000002c0)=0x1e) getsockname$packet(r0, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000200)=0x14) 00:32:35 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x1ff, 0x201) ioctl$KVM_SET_CPUID(r0, 0x802c550a, &(0x7f0000000080)={0x2, 0x0, [{0x0, 0x8150068, 0x7ff0bdbe}]}) sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x4000000000002c7, 0x0) 00:32:36 executing program 4: 00:32:36 executing program 3: 00:32:36 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000005900), 0x0, 0x0) 00:32:36 executing program 2: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x689, 0x0, @local, @dev={0xac, 0x14, 0x14, 0xe1fd}}}}}}}, &(0x7f0000000100)) 00:32:36 executing program 3: r0 = syz_open_dev$sndseq(&(0x7f0000000080)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f00000001c0)={{0x80}, 'port1\x00', 0xa9824f69d137663b, 0x10800a}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKALIGNOFF(r2, 0x127a, &(0x7f0000000480)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r4, 0x0) fallocate(r4, 0x0, 0x0, 0x5c0d) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x3) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb) setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f0000788ffc)=0x100000001, 0xfdf6) perf_event_open$cgroup(&(0x7f0000000180)={0x3, 0x70, 0x8b, 0x750, 0x100000001, 0xffffffff, 0x0, 0x94d, 0x4, 0x4, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BLKROSET(r2, 0x125d, &(0x7f0000000580)=0x3) clock_nanosleep(0x0, 0x0, &(0x7f0000000000)={0x0, 0x1c9c380}, &(0x7f0000000040)) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) ioctl$RTC_EPOCH_SET(0xffffffffffffffff, 0x4008700e, 0x0) sync_file_range(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$alg(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)}], 0x1}, 0x0) bind$inet(r1, &(0x7f0000738ff0)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f00000004c0)={0x0, {{0x2, 0x0, @remote}}}, 0x88) connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e21}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x7fff, 0x80000001}, 0x14) shutdown(r1, 0x1) 00:32:36 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d0240316285717070") madvise(&(0x7f00007c9000/0x4000)=nil, 0x4000, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uinput\x00', 0x802, 0x0) write$uinput_user_dev(r1, &(0x7f0000000400)={'syz0\x00', {}, 0xfffffffffffffffd}, 0x45c) clone(0x1000000000001fd, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) ioctl$UI_DEV_SETUP(r1, 0x5501, &(0x7f0000000300)={{}, "73797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000681a00"}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000140)) madvise(&(0x7f00002f8000/0xc00000)=nil, 0xc00000, 0x0) 00:32:36 executing program 4: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/uhid\x00', 0x802, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000100)={0xb, 'syz0\x00', 'syz1\x00', 'syz0\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "80"}, 0x119) write$UHID_INPUT2(r0, &(0x7f0000000240)={0x8}, 0x6) 00:32:36 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x29b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_tables_names\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000237, 0x0) [ 358.585627] input input7: cannot allocate more than FF_MAX_EFFECTS effects 00:32:36 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x5, &(0x7f0000000040)=""/197, &(0x7f0000000200)=0xc5) [ 358.842773] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz1 00:32:37 executing program 3: r0 = socket(0xa, 0x1, 0x0) ftruncate(0xffffffffffffffff, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108) 00:32:37 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) memfd_create(&(0x7f00000000c0)='%+-selinux-\x00', 0x0) io_setup(0x8, &(0x7f0000000140)=0x0) io_getevents(r2, 0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100)={0x0, 0x1c9c380}) io_submit(r2, 0x1400, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000140), 0x5ee}]) 00:32:37 executing program 4: r0 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000140)=ANY=[]}) 00:32:37 executing program 1: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @dev}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @dev}}}}}}, &(0x7f0000000100)) 00:32:37 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_RM_CTX(r0, 0xc0086421, &(0x7f0000000100)) 00:32:37 executing program 5: 00:32:37 executing program 3: 00:32:37 executing program 1: 00:32:37 executing program 4: 00:32:37 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) syz_execute_func(&(0x7f00000000c0)="3666440f50f564ff0941c3c4e2c9975842c0c27d794e0066420fe2e33e0f1110c442019dccc4c105d0da3e470f01d4") setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, 0xfffffffffffffffe, 0x0) 00:32:37 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) timer_create(0x0, &(0x7f0000044000), &(0x7f0000000040)) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000005900)=[{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r2, &(0x7f0000000000)={&(0x7f00000000c0)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0x20001000}], 0x1, &(0x7f0000fb3fa9)=""/87, 0x57}, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0xbcda34450b800b7a, 0x40000000000a132, 0xffffffffffffffff, 0x0) 00:32:37 executing program 0: 00:32:38 executing program 3: 00:32:38 executing program 1: 00:32:38 executing program 4: 00:32:38 executing program 0: 00:32:38 executing program 3: 00:32:38 executing program 1: 00:32:38 executing program 0: 00:32:38 executing program 4: 00:32:39 executing program 3: 00:32:39 executing program 2: 00:32:39 executing program 5: 00:32:39 executing program 1: 00:32:39 executing program 0: 00:32:39 executing program 2: 00:32:39 executing program 4: 00:32:39 executing program 1: 00:32:39 executing program 3: 00:32:39 executing program 5: 00:32:39 executing program 0: 00:32:39 executing program 2: 00:32:40 executing program 4: 00:32:40 executing program 5: 00:32:40 executing program 3: 00:32:40 executing program 2: syz_emit_ethernet(0x4a, &(0x7f0000000000)={@link_local, @dev, [{}], {@ipv6={0x86dd, {0x0, 0x6, "a1d8f2", 0x10, 0x0, 0x0, @dev, @mcast2, {[], @icmpv6=@ni={0x0, 0x8}}}}}}, &(0x7f0000000080)={0xfffffffffffffffe, 0x2, [0x0, 0x36]}) 00:32:40 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x8, @remote}}}, 0x108) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xfffffffffffffff9) 00:32:40 executing program 0: socket$netlink(0x10, 0x3, 0xa) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x2, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000200)={0x2, 0x80000000, [{}, {0x1ff}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$usb(&(0x7f0000000380)='/dev/bus/usb/00#/00#\x00', 0x5, 0x800) ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000440)={0x10, 0x2, 0x7}) gettid() pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) syz_open_procfs(0x0, &(0x7f0000000000)='environ\x00') ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x100000001}) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) r3 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r3, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10) accept$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10) write$FUSE_ATTR(r1, &(0x7f0000000480)={0x78, 0x0, 0x0, {0x9, 0x2, 0x0, {0x0, 0x0, 0x0, 0x20, 0x1, 0x1, 0x3, 0x5920000000, 0x1, 0xfff, 0x3, 0x0, 0x0, 0xfffffffffffffffe, 0x3a6}}}, 0x78) connect$inet(r3, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5) setsockopt$inet_mreqsrc(r3, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28) recvmmsg(r3, &(0x7f0000000000), 0x4000074, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)="2e2f6367726f75702e6370752f73797a308c", 0x1ff) shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffe000/0x2000)=nil) 00:32:40 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x638, 0x8083) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000040)={0x0, 0x0, 0xfe, 0x0, [0xfffffffe]}) 00:32:40 executing program 5: 00:32:40 executing program 4: 00:32:40 executing program 2: syz_emit_ethernet(0xfdef, &(0x7f0000000080)={@local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x689, 0x0, @local, @dev, {[@timestamp={0x44, 0x40, 0x0, 0x0, 0x0, [{[@rand_addr]}, {[@multicast2]}, {[@multicast1]}, {}, {[@loopback]}, {[@broadcast]}, {[@multicast1]}, {[@dev]}]}]}}}}}}}, &(0x7f0000000100)) 00:32:41 executing program 1: memfd_create(&(0x7f0000000100)="bc00", 0x0) [ 363.011934] tls_set_device_offload_rx: netdev lo with no TLS offload 00:32:41 executing program 3: keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', '*\x00'}, 0x13, 0xfffffffffffffff8) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz'}, &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 00:32:41 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) clock_settime(0x0, &(0x7f0000000280)={r0, r1+10000000}) 00:32:41 executing program 5: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x2000002102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) mount(&(0x7f00000002c0)=ANY=[], &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='ecryptfs\x00', 0x0, &(0x7f00000001c0)='\x00') [ 363.382505] encrypted_key: keylen parameter is missing 00:32:41 executing program 2: perf_event_open(&(0x7f0000000d40)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x6611, &(0x7f0000000500)) [ 363.568015] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 363.580676] Error parsing options; rc = [-22] 00:32:41 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) 00:32:41 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f00000001c0)="0f066766c74424000000c0fe6766c7442402000000006766c744240600000000670f011424b843008ee8baf80c66b8508c3a8d66efbafc0c66b8e000000066ef0f011a26640fc7afeabff001153e660f08ea2300aa0066b9a40a00000f32", 0x5e}], 0x1, 0x0, &(0x7f0000000280), 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f00000002c0)={0x0, 0x10000}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000040)) [ 363.750792] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 363.763556] Error parsing options; rc = [-22] 00:32:41 executing program 0: socket$netlink(0x10, 0x3, 0xa) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x2, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000200)={0x2, 0x80000000, [{}, {0x1ff}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$usb(&(0x7f0000000380)='/dev/bus/usb/00#/00#\x00', 0x5, 0x800) ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000440)={0x10, 0x2, 0x7}) gettid() pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) syz_open_procfs(0x0, &(0x7f0000000000)='environ\x00') ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x100000001}) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) r3 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r3, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10) accept$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10) write$FUSE_ATTR(r1, &(0x7f0000000480)={0x78, 0x0, 0x0, {0x9, 0x2, 0x0, {0x0, 0x0, 0x0, 0x20, 0x1, 0x1, 0x3, 0x5920000000, 0x1, 0xfff, 0x3, 0x0, 0x0, 0xfffffffffffffffe, 0x3a6}}}, 0x78) connect$inet(r3, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5) setsockopt$inet_mreqsrc(r3, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28) recvmmsg(r3, &(0x7f0000000000), 0x4000074, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)="2e2f6367726f75702e6370752f73797a308c", 0x1ff) shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffe000/0x2000)=nil) 00:32:41 executing program 4: mkdir(&(0x7f0000000100)='./control\x00', 0x0) r0 = open(&(0x7f0000028000)='./control\x00', 0x0, 0x0) symlinkat(&(0x7f0000000300)='./control\x00', r0, &(0x7f0000000340)='./file0\x00') mknodat(r0, &(0x7f00000001c0)='./control\x00', 0x0, 0x0) renameat2(r0, &(0x7f0000000040)='./control\x00', r0, &(0x7f0000036000)='./file0\x00', 0x2) 00:32:42 executing program 2: socket$netlink(0x10, 0x3, 0xa) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x2, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000200)={0x2, 0x80000000, [{}, {0x1ff}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$usb(&(0x7f0000000380)='/dev/bus/usb/00#/00#\x00', 0x5, 0x800) ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000440)={0x10, 0x2, 0x7}) gettid() pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) syz_open_procfs(0x0, &(0x7f0000000000)='environ\x00') ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x100000001}) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) r3 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r3, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10) accept$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10) write$FUSE_ATTR(r1, &(0x7f0000000480)={0x78, 0x0, 0x0, {0x9, 0x2, 0x0, {0x0, 0x0, 0x0, 0x20, 0x1, 0x1, 0x3, 0x5920000000, 0x1, 0xfff, 0x3, 0x0, 0x0, 0xfffffffffffffffe, 0x3a6}}}, 0x78) connect$inet(r3, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5) setsockopt$inet_mreqsrc(r3, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28) recvmmsg(r3, &(0x7f0000000000), 0x4000074, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)="2e2f6367726f75702e6370752f73797a308c", 0x1ff) shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffe000/0x2000)=nil) 00:32:42 executing program 5: sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) perf_event_open(&(0x7f0000000d40)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40087602, &(0x7f0000000500)) 00:32:42 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000500)={0x0}, &(0x7f0000000540)=0x8) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000580)=@assoc_value={r1, 0x47908351}, &(0x7f00000005c0)=0x8) r2 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) listen(r2, 0x2) ioctl$LOOP_CLR_FD(r0, 0x4c01) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) syz_open_procfs(0x0, &(0x7f0000000280)='uid_map\x00') r4 = mmap$binder(&(0x7f0000ff5000/0xb000)=nil, 0xb000, 0x3000007, 0x1a7830, 0xffffffffffffff9c, 0x29) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f0000000440)={r4}) r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$netlink(r5, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f00000001c0), 0x0, &(0x7f0000000200), 0x0, 0x4890}, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0xa, 0x7000000, @dev, [0xf401000000000000, 0x300000003000000, 0xffffffff00000000, 0x300000000000000, 0x4000000, 0x0, 0x0, 0xbe7aff00000000]}}, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x98) r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) write$FUSE_ENTRY(r6, &(0x7f0000000380)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1, 0x0, 0x0, 0xffff, 0x0, 0x100000001, 0x0, 0x0, 0x2470, 0x5, 0x0, 0x0, 0x0, 0x3}}}, 0x90) ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000700)) ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)="0a5c2d024031") r7 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) 00:32:42 executing program 0: socket$netlink(0x10, 0x3, 0xa) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x2, 0x0) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000200)={0x2, 0x80000000, [{}, {0x1ff}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$usb(&(0x7f0000000380)='/dev/bus/usb/00#/00#\x00', 0x5, 0x800) ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000440)={0x10, 0x2, 0x7}) gettid() pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) syz_open_procfs(0x0, &(0x7f0000000000)='environ\x00') ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x100000001}) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) r3 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r3, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10) accept$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10) write$FUSE_ATTR(r1, &(0x7f0000000480)={0x78, 0x0, 0x0, {0x9, 0x2, 0x0, {0x0, 0x0, 0x0, 0x20, 0x1, 0x1, 0x3, 0x5920000000, 0x1, 0xfff, 0x3, 0x0, 0x0, 0xfffffffffffffffe, 0x3a6}}}, 0x78) connect$inet(r3, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5) setsockopt$inet_mreqsrc(r3, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28) recvmmsg(r3, &(0x7f0000000000), 0x4000074, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)="2e2f6367726f75702e6370752f73797a308c", 0x1ff) shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffe000/0x2000)=nil) 00:32:42 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000f76fa8)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) recvmsg(r1, &(0x7f00001f5000)={&(0x7f0000d45fa8)=@alg, 0x80, &(0x7f0000233fd0)=[{&(0x7f0000be4ffb)=""/1, 0x1}], 0x1, &(0x7f0000000040)}, 0x0) [ 364.749805] tls_set_device_offload_rx: netdev lo with no TLS offload 00:32:43 executing program 2: r0 = socket(0x1e, 0x2000000004, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x80, 0x0, 0x0, 0x73d}, 0x29b) r1 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x12, r1, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x101d0, 0x0, 0x0, 0x0) 00:32:43 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x2) writev(r0, &(0x7f0000002280)=[{&(0x7f0000001240)}], 0x1) [ 365.437117] not chained 30000 origins [ 365.440998] CPU: 1 PID: 9666 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #85 [ 365.448211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.457587] Call Trace: [ 365.460217] dump_stack+0x32d/0x480 [ 365.463895] kmsan_internal_chain_origin+0x222/0x240 [ 365.469043] ? _raw_spin_lock_irqsave+0x320/0x490 [ 365.473940] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 365.479424] ? depot_save_stack+0x398/0x4b0 [ 365.483780] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 365.488913] ? kmsan_internal_chain_origin+0x90/0x240 [ 365.494154] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 365.499563] ? is_bpf_text_address+0x49e/0x4d0 [ 365.504189] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 365.509677] ? in_task_stack+0x12c/0x210 [ 365.513785] __msan_chain_origin+0x6d/0xb0 [ 365.518071] ? release_sock+0x99/0x2a0 [ 365.521992] __save_stack_trace+0x8be/0xc60 [ 365.526376] ? release_sock+0x99/0x2a0 [ 365.530300] save_stack_trace+0xc6/0x110 [ 365.534408] kmsan_internal_chain_origin+0x136/0x240 [ 365.539538] ? do_syscall_64+0xcf/0x110 [ 365.543561] ? kmsan_internal_chain_origin+0x136/0x240 [ 365.548869] ? kmsan_memcpy_origins+0x13d/0x190 [ 365.553567] ? __msan_memcpy+0x6f/0x80 [ 365.557487] ? skb_copy_bits+0x1d2/0xc90 [ 365.561576] ? skb_copy+0x56c/0xba0 [ 365.565232] ? tcp_send_synack+0x7a3/0x18f0 [ 365.569584] ? tcp_rcv_state_process+0x275d/0x6c60 [ 365.574538] ? tcp_v4_do_rcv+0xb25/0xd80 [ 365.578625] ? __release_sock+0x32d/0x750 [ 365.582803] ? release_sock+0x99/0x2a0 [ 365.586722] ? __inet_stream_connect+0xdff/0x15d0 [ 365.591596] ? inet_stream_connect+0xff/0x170 [ 365.596117] ? kernel_connect+0xf4/0x120 [ 365.600203] ? smc_connect+0x74f/0xe60 [ 365.604119] ? __sys_connect+0x745/0x860 [ 365.608209] ? __se_sys_connect+0x8d/0xb0 [ 365.612381] ? __x64_sys_connect+0x4a/0x70 [ 365.616645] ? do_syscall_64+0xcf/0x110 [ 365.620698] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 365.626137] ? __msan_get_context_state+0x9/0x20 [ 365.630922] ? INIT_INT+0xc/0x30 [ 365.634315] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 365.639711] ? __msan_get_context_state+0x9/0x20 [ 365.644510] kmsan_memcpy_origins+0x13d/0x190 [ 365.649050] __msan_memcpy+0x6f/0x80 [ 365.652810] skb_copy_bits+0x1d2/0xc90 [ 365.656750] skb_copy+0x56c/0xba0 [ 365.660263] tcp_send_synack+0x7a3/0x18f0 [ 365.664446] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 365.669949] tcp_rcv_state_process+0x275d/0x6c60 [ 365.674788] tcp_v4_do_rcv+0xb25/0xd80 [ 365.678722] ? inet_sk_rx_dst_set+0x200/0x200 [ 365.683248] __release_sock+0x32d/0x750 [ 365.687268] release_sock+0x99/0x2a0 [ 365.691019] __inet_stream_connect+0xdff/0x15d0 [ 365.695746] ? wait_woken+0x5b0/0x5b0 [ 365.699581] inet_stream_connect+0xff/0x170 [ 365.703938] ? __inet_stream_connect+0x15d0/0x15d0 [ 365.708897] kernel_connect+0xf4/0x120 [ 365.712819] smc_connect+0x74f/0xe60 [ 365.716576] ? smc_bind+0x430/0x430 [ 365.720226] __sys_connect+0x745/0x860 [ 365.724158] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 365.729635] ? prepare_exit_to_usermode+0x182/0x4c0 [ 365.734709] __se_sys_connect+0x8d/0xb0 [ 365.738720] __x64_sys_connect+0x4a/0x70 [ 365.742813] do_syscall_64+0xcf/0x110 [ 365.746653] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 365.751872] RIP: 0033:0x457569 [ 365.755102] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 365.774025] RSP: 002b:00007fc6cb876c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 365.781763] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 365.789049] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000008 [ 365.796348] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 365.803638] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6cb8776d4 [ 365.810930] R13: 00000000004bda43 R14: 00000000004cc868 R15: 00000000ffffffff [ 365.818238] Uninit was stored to memory at: [ 365.822586] kmsan_internal_chain_origin+0x136/0x240 [ 365.827715] __msan_chain_origin+0x6d/0xb0 [ 365.831976] __save_stack_trace+0x8be/0xc60 [ 365.836321] save_stack_trace+0xc6/0x110 [ 365.840403] kmsan_internal_chain_origin+0x136/0x240 [ 365.845526] kmsan_memcpy_origins+0x13d/0x190 [ 365.850043] __msan_memcpy+0x6f/0x80 [ 365.853797] skb_copy_bits+0x1d2/0xc90 [ 365.857703] skb_copy+0x56c/0xba0 [ 365.861179] tcp_send_synack+0x7a3/0x18f0 [ 365.865346] tcp_rcv_state_process+0x275d/0x6c60 [ 365.870133] tcp_v4_do_rcv+0xb25/0xd80 [ 365.874038] __release_sock+0x32d/0x750 [ 365.878042] release_sock+0x99/0x2a0 [ 365.881788] __inet_stream_connect+0xdff/0x15d0 [ 365.886476] inet_stream_connect+0xff/0x170 [ 365.890815] kernel_connect+0xf4/0x120 [ 365.894726] smc_connect+0x74f/0xe60 [ 365.898456] __sys_connect+0x745/0x860 [ 365.902364] __se_sys_connect+0x8d/0xb0 [ 365.906359] __x64_sys_connect+0x4a/0x70 [ 365.910452] do_syscall_64+0xcf/0x110 [ 365.914283] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 365.919479] [ 365.921113] Uninit was stored to memory at: [ 365.925459] kmsan_internal_chain_origin+0x136/0x240 [ 365.930591] __msan_chain_origin+0x6d/0xb0 [ 365.934852] __save_stack_trace+0x8be/0xc60 [ 365.939194] save_stack_trace+0xc6/0x110 [ 365.943275] kmsan_internal_chain_origin+0x136/0x240 [ 365.948399] kmsan_memcpy_origins+0x13d/0x190 [ 365.952917] __msan_memcpy+0x6f/0x80 [ 365.956672] skb_copy_bits+0x1d2/0xc90 [ 365.960578] skb_copy+0x56c/0xba0 [ 365.964065] tcp_send_synack+0x7a3/0x18f0 [ 365.968237] tcp_rcv_state_process+0x275d/0x6c60 [ 365.973014] tcp_v4_do_rcv+0xb25/0xd80 [ 365.976929] __release_sock+0x32d/0x750 [ 365.980921] release_sock+0x99/0x2a0 [ 365.984657] __inet_stream_connect+0xdff/0x15d0 [ 365.989350] inet_stream_connect+0xff/0x170 [ 365.993701] kernel_connect+0xf4/0x120 [ 365.997611] smc_connect+0x74f/0xe60 [ 366.001344] __sys_connect+0x745/0x860 [ 366.005255] __se_sys_connect+0x8d/0xb0 [ 366.009247] __x64_sys_connect+0x4a/0x70 [ 366.013327] do_syscall_64+0xcf/0x110 [ 366.017167] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 366.022361] [ 366.024012] Uninit was stored to memory at: [ 366.028355] kmsan_internal_chain_origin+0x136/0x240 [ 366.033480] __msan_chain_origin+0x6d/0xb0 [ 366.037751] __save_stack_trace+0x8be/0xc60 [ 366.042108] save_stack_trace+0xc6/0x110 [ 366.046192] kmsan_internal_chain_origin+0x136/0x240 [ 366.051317] kmsan_memcpy_origins+0x13d/0x190 [ 366.055831] __msan_memcpy+0x6f/0x80 [ 366.059569] skb_copy_bits+0x1d2/0xc90 [ 366.063480] skb_copy+0x56c/0xba0 [ 366.066951] tcp_send_synack+0x7a3/0x18f0 [ 366.071113] tcp_rcv_state_process+0x275d/0x6c60 [ 366.075892] tcp_v4_do_rcv+0xb25/0xd80 [ 366.079802] __release_sock+0x32d/0x750 [ 366.083793] release_sock+0x99/0x2a0 [ 366.087529] __inet_stream_connect+0xdff/0x15d0 [ 366.092227] inet_stream_connect+0xff/0x170 [ 366.096570] kernel_connect+0xf4/0x120 [ 366.100479] smc_connect+0x74f/0xe60 [ 366.104217] __sys_connect+0x745/0x860 [ 366.108133] __se_sys_connect+0x8d/0xb0 [ 366.112127] __x64_sys_connect+0x4a/0x70 [ 366.116718] do_syscall_64+0xcf/0x110 [ 366.120547] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 366.125748] [ 366.127384] Uninit was stored to memory at: [ 366.131734] kmsan_internal_chain_origin+0x136/0x240 [ 366.136858] __msan_chain_origin+0x6d/0xb0 [ 366.141115] __save_stack_trace+0x8be/0xc60 [ 366.145460] save_stack_trace+0xc6/0x110 [ 366.149545] kmsan_internal_chain_origin+0x136/0x240 [ 366.154674] kmsan_memcpy_origins+0x13d/0x190 [ 366.159190] __msan_memcpy+0x6f/0x80 [ 366.162929] skb_copy_bits+0x1d2/0xc90 [ 366.166836] skb_copy+0x56c/0xba0 [ 366.170306] tcp_send_synack+0x7a3/0x18f0 [ 366.174472] tcp_rcv_state_process+0x275d/0x6c60 [ 366.179247] tcp_v4_do_rcv+0xb25/0xd80 [ 366.183157] __release_sock+0x32d/0x750 [ 366.187151] release_sock+0x99/0x2a0 [ 366.190886] __inet_stream_connect+0xdff/0x15d0 [ 366.195575] inet_stream_connect+0xff/0x170 [ 366.199915] kernel_connect+0xf4/0x120 [ 366.203822] smc_connect+0x74f/0xe60 [ 366.207560] __sys_connect+0x745/0x860 [ 366.211463] __se_sys_connect+0x8d/0xb0 [ 366.215452] __x64_sys_connect+0x4a/0x70 [ 366.219532] do_syscall_64+0xcf/0x110 [ 366.223356] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 366.228555] [ 366.230194] Uninit was stored to memory at: [ 366.234540] kmsan_internal_chain_origin+0x136/0x240 [ 366.239667] __msan_chain_origin+0x6d/0xb0 [ 366.243922] __save_stack_trace+0x8be/0xc60 [ 366.248264] save_stack_trace+0xc6/0x110 [ 366.252345] kmsan_internal_chain_origin+0x136/0x240 [ 366.257467] kmsan_memcpy_origins+0x13d/0x190 [ 366.261985] __msan_memcpy+0x6f/0x80 [ 366.265718] skb_copy_bits+0x1d2/0xc90 [ 366.269626] skb_copy+0x56c/0xba0 [ 366.273104] tcp_send_synack+0x7a3/0x18f0 [ 366.277273] tcp_rcv_state_process+0x275d/0x6c60 [ 366.282045] tcp_v4_do_rcv+0xb25/0xd80 [ 366.285964] __release_sock+0x32d/0x750 [ 366.289962] release_sock+0x99/0x2a0 [ 366.293705] __inet_stream_connect+0xdff/0x15d0 [ 366.298396] inet_stream_connect+0xff/0x170 [ 366.302743] kernel_connect+0xf4/0x120 [ 366.306648] smc_connect+0x74f/0xe60 [ 366.310387] __sys_connect+0x745/0x860 [ 366.314291] __se_sys_connect+0x8d/0xb0 [ 366.318283] __x64_sys_connect+0x4a/0x70 [ 366.322366] do_syscall_64+0xcf/0x110 [ 366.326277] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 366.331477] [ 366.333115] Uninit was stored to memory at: [ 366.337463] kmsan_internal_chain_origin+0x136/0x240 [ 366.342588] __msan_chain_origin+0x6d/0xb0 [ 366.346846] __save_stack_trace+0x8be/0xc60 [ 366.351199] save_stack_trace+0xc6/0x110 [ 366.355284] kmsan_internal_chain_origin+0x136/0x240 [ 366.360405] kmsan_memcpy_origins+0x13d/0x190 [ 366.364925] __msan_memcpy+0x6f/0x80 [ 366.368667] skb_copy_bits+0x1d2/0xc90 [ 366.372574] skb_copy+0x56c/0xba0 [ 366.376046] tcp_send_synack+0x7a3/0x18f0 [ 366.380226] tcp_rcv_state_process+0x275d/0x6c60 [ 366.384998] tcp_v4_do_rcv+0xb25/0xd80 [ 366.388907] __release_sock+0x32d/0x750 [ 366.392903] release_sock+0x99/0x2a0 [ 366.396640] __inet_stream_connect+0xdff/0x15d0 [ 366.401333] inet_stream_connect+0xff/0x170 [ 366.405675] kernel_connect+0xf4/0x120 [ 366.409583] smc_connect+0x74f/0xe60 [ 366.413314] __sys_connect+0x745/0x860 [ 366.417222] __se_sys_connect+0x8d/0xb0 [ 366.421216] __x64_sys_connect+0x4a/0x70 [ 366.425301] do_syscall_64+0xcf/0x110 [ 366.429123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 366.434321] [ 366.435955] Uninit was stored to memory at: [ 366.440296] kmsan_internal_chain_origin+0x136/0x240 [ 366.445424] __msan_chain_origin+0x6d/0xb0 [ 366.449687] __save_stack_trace+0x8be/0xc60 [ 366.454033] save_stack_trace+0xc6/0x110 [ 366.458120] kmsan_internal_chain_origin+0x136/0x240 [ 366.463241] kmsan_memcpy_origins+0x13d/0x190 [ 366.467768] __msan_memcpy+0x6f/0x80 [ 366.471507] skb_copy_bits+0x1d2/0xc90 [ 366.475419] skb_copy+0x56c/0xba0 [ 366.478893] tcp_send_synack+0x7a3/0x18f0 [ 366.483069] tcp_rcv_state_process+0x275d/0x6c60 [ 366.487842] tcp_v4_do_rcv+0xb25/0xd80 [ 366.491753] __release_sock+0x32d/0x750 [ 366.495743] release_sock+0x99/0x2a0 [ 366.499480] __inet_stream_connect+0xdff/0x15d0 [ 366.504167] inet_stream_connect+0xff/0x170 [ 366.508509] kernel_connect+0xf4/0x120 [ 366.512416] smc_connect+0x74f/0xe60 [ 366.516148] __sys_connect+0x745/0x860 [ 366.520057] __se_sys_connect+0x8d/0xb0 [ 366.524069] __x64_sys_connect+0x4a/0x70 [ 366.528152] do_syscall_64+0xcf/0x110 [ 366.531981] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 366.537174] [ 366.538814] Local variable description: ----_tcph.i@ip_vs_in [ 366.544623] Variable was created at: [ 366.548365] ip_vs_in+0xe9/0x3250 [ 366.551838] ip_vs_local_request4+0xec/0x130 00:32:44 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$apparmor_current(0xffffffffffffffff, &(0x7f0000000240)=ANY=[], 0x0) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x4000, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000400)={'vcan0\x00'}) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000002fc0)={&(0x7f0000000040), 0xc, &(0x7f0000002f80)={&(0x7f0000002c40)={0x20, 0x0, 0x0, 0x0, 0x0, {}, [{{0x8, 0x1, r0}, {0x4}}]}, 0x20}}, 0x0) 00:32:44 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 00:32:45 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) sendmmsg(r0, &(0x7f00000073c0)=[{{&(0x7f0000005bc0)=@ipx={0x4, 0x0, 0x0, "4794799a5fff"}, 0x80, &(0x7f0000006280), 0x0, &(0x7f0000006300)}}], 0x1, 0x0) 00:32:45 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x1000000000004) writev(r0, &(0x7f00000a8000)=[{&(0x7f00000000c0)="580000001200192300bb4b80040d8c56286932324ba7e680129643c218fe59a2e04a03ca8164243e890000000a215a0004fbf50dfff90003a5000004000000005e0000001d30221f1000010007008a96ff0000ec6b0f536e", 0x58}], 0x1) 00:32:45 executing program 4: clone(0x13102001fef, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) r0 = gettid() wait4(0x0, &(0x7f00000003c0), 0x80000000, &(0x7f0000000340)) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1b) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x401, 0x74}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) 00:32:45 executing program 5: clone(0x3102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r0 = gettid() wait4(0x0, &(0x7f00000003c0), 0x80000000, &(0x7f0000000340)) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1b) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x4f}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) 00:32:45 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$vnet(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-net\x00', 0x2, 0x0) close(r0) 00:32:45 executing program 3: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu\x00', 0x200002, 0x0) [ 367.625315] ptrace attach of "/root/syz-executor4"[9704] was attempted by "/root/syz-executor4"[9705] 00:32:45 executing program 4: socketpair(0x8000000000001e, 0x5, 0x0, &(0x7f000000dff8)={0xffffffffffffffff}) pipe(&(0x7f0000000680)) perf_event_open(&(0x7f0000000040)={0x1, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_G_DV_TIMINGS(0xffffffffffffffff, 0xc0845658, &(0x7f0000000340)={0x0, @reserved}) write(r0, &(0x7f0000000480), 0x0) eventfd(0x0) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200), &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) 00:32:45 executing program 2: r0 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={"62726964676530000000008000", &(0x7f0000000100)=@ethtool_cmd={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 00:32:46 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x29b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='fdinfo/3\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000237, 0x0) 00:32:46 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setstatus(r0, 0x4, 0x2000) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10) r2 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x9, 0x8000) write$P9_RXATTRCREATE(r2, &(0x7f00000001c0)={0x7, 0x21, 0x1}, 0x7) dup3(r1, r1, 0x80000) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f0000003040)=[{{&(0x7f00000018c0)=@ipx={0x4, 0x0, 0x0, "982a5c276750"}, 0x80, &(0x7f0000002f80)}}], 0x3ac, 0x0) 00:32:46 executing program 1: r0 = memfd_create(&(0x7f0000000100)="bc00", 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x5011, r0, 0x0) 00:32:46 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) open(&(0x7f0000010280)='./file0\x00', 0x800, 0x80000000000001c0) 00:32:46 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x37, &(0x7f0000000000)=@routing, 0x8) sendto$inet6(r1, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 00:32:46 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x1000000000004) writev(r0, &(0x7f00000a8000)=[{&(0x7f00000000c0)="580000001200192300bb4b80040d8c56286932324ba7e680129643c218fe59a2e04a03ca8164243e890000000a215a0004fbf50dfff90003a5000004000000005e0000001d30221f1000010007008a96ff0000ec6b0f536e", 0x58}], 0x1) 00:32:46 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) syz_open_dev$sndseq(&(0x7f0000000480)='/dev/snd/seq\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, &(0x7f0000000180)) tkill(0x0, 0x1000000000013) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000005900)=[{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r2, &(0x7f0000000000)={&(0x7f00000000c0)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0x20001000}], 0x1, &(0x7f0000fb3fa9)=""/87, 0x57}, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0xbcda34450b800b7a, 0x40000000000a132, 0xffffffffffffffff, 0x0) 00:32:46 executing program 2: 00:32:46 executing program 5: 00:32:46 executing program 4: 00:32:47 executing program 4: 00:32:47 executing program 2: 00:32:47 executing program 3: 00:32:47 executing program 5: clone(0x3102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000340), 0xffffffffffffffff) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) read(r0, &(0x7f0000000040)=""/11, 0xb) r1 = epoll_create1(0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000380)=0x404100000001, 0xfe3f) connect$inet6(r2, &(0x7f0000000080), 0x1c) r3 = dup2(r2, r2) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x132441) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000000600), 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000000), 0x14) r4 = dup2(r3, r1) sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14}, 0x14}}, 0x0) r5 = syz_open_pts(r0, 0x0) dup2(r1, r5) 00:32:47 executing program 0: 00:32:47 executing program 4: 00:32:47 executing program 3: 00:32:47 executing program 0: 00:32:48 executing program 1: 00:32:48 executing program 5: 00:32:48 executing program 2: 00:32:48 executing program 4: 00:32:48 executing program 3: 00:32:48 executing program 0: 00:32:48 executing program 2: 00:32:48 executing program 5: 00:32:48 executing program 1: 00:32:48 executing program 4: 00:32:48 executing program 3: 00:32:48 executing program 0: 00:32:48 executing program 5: 00:32:48 executing program 3: 00:32:49 executing program 4: 00:32:49 executing program 0: 00:32:49 executing program 2: 00:32:49 executing program 1: 00:32:49 executing program 5: 00:32:49 executing program 0: 00:32:49 executing program 3: 00:32:49 executing program 2: 00:32:49 executing program 4: 00:32:49 executing program 1: 00:32:49 executing program 3: 00:32:49 executing program 0: 00:32:50 executing program 5: 00:32:50 executing program 2: 00:32:50 executing program 1: 00:32:50 executing program 4: 00:32:50 executing program 0: 00:32:50 executing program 3: 00:32:50 executing program 4: 00:32:50 executing program 5: 00:32:50 executing program 2: 00:32:50 executing program 0: 00:32:50 executing program 1: 00:32:50 executing program 3: 00:32:50 executing program 4: 00:32:51 executing program 0: 00:32:51 executing program 5: 00:32:51 executing program 3: 00:32:51 executing program 2: 00:32:51 executing program 4: 00:32:51 executing program 1: 00:32:51 executing program 0: 00:32:51 executing program 3: 00:32:51 executing program 1: 00:32:51 executing program 5: 00:32:51 executing program 4: 00:32:51 executing program 0: 00:32:52 executing program 3: 00:32:52 executing program 2: 00:32:52 executing program 1: 00:32:52 executing program 4: 00:32:52 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000010000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x10000, 0x0) ioctl$RTC_PLL_GET(r0, 0x801c7011, &(0x7f00000007c0)) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = geteuid() setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000002c0)={{{@in6, @in6=@mcast2, 0x0, 0x6, 0x0, 0x81, 0x2, 0x80, 0x80, 0xbf, 0x0, r1}, {0x0, 0xffffffffffffd786, 0x9, 0x0, 0xe580000, 0x3ff, 0x0, 0x4}, {0x0, 0x100000001, 0x0, 0x2}, 0x0, 0x0, 0x1, 0x0, 0x743a35633b7eee2b, 0x2}, {{@in=@multicast1, 0x4d6}, 0x0, @in=@multicast1, 0x3507, 0x6, 0x3, 0x0, 0x3, 0x0, 0xf35}}, 0xe8) io_submit(0x0, 0x0, &(0x7f0000000fc0)) r2 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x80, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x1}, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @local, 0x2000000008}, 0x1c) sendmmsg(r4, &(0x7f00000002c0), 0x400000000000027, 0x0) rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f00000000c0)) gettid() getuid() r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)={0x2, 0x0, [0x8b]}) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000500)={0x0, 0x1c, &(0x7f00000004c0)=[@in6={0xa, 0x4e20, 0x7, @ipv4={[], [], @broadcast}, 0x9}]}, &(0x7f0000000540)=0x10) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e22, 0x80000000, @mcast1, 0x2}}}, &(0x7f0000000640)=0x84) ioctl$KVM_ASSIGN_PCI_DEVICE(r2, 0x8040ae69, &(0x7f0000000740)={0x2, 0x6, 0x5, 0x7}) ioctl$sock_inet6_SIOCSIFADDR(r5, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x0, 0x3ef, 0xa500000000000000, 0x3f00000000000000, 0x0, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) getresuid(&(0x7f0000000680), &(0x7f00000006c0), &(0x7f0000000700)) 00:32:52 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0x9201, &(0x7f0000000180)) 00:32:52 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) rt_tgsigqueueinfo(0x0, 0x0, 0x9, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x1ff}) 00:32:52 executing program 1: shmget(0x0, 0x3000, 0x0, &(0x7f0000fef000/0x3000)=nil) 00:32:52 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000040)={0x2, 0x0, @ioapic={0x2000, 0x6, 0x80, 0x0, 0x0, [{0x0, 0x0, 0x48000, [], 0x7}, {0x0, 0x0, 0xf343, [], 0x7}, {0x7, 0x8}, {}, {0x0, 0x7, 0x0, [], 0x4}, {0x2, 0x3ff, 0x3a7e}, {0x0, 0x90, 0x0, [], 0x3}, {0x8, 0x4f7, 0x8000}, {0x94}, {}, {0x0, 0xfffffffffffffffc, 0x0, [], 0x8}, {0x7f, 0x7ff, 0x8, [], 0x400}, {0x40, 0x8, 0x9, [], 0x9}, {0x0, 0x12e, 0xfffffffffffffe00}, {0x0, 0x0, 0x7ff}, {0x9, 0x0, 0x2, [], 0x1}, {0x1, 0x8000, 0x5}, {0x0, 0x0, 0x2, [], 0x7}, {0x0, 0x6, 0xffffffff80000000}, {0x41, 0x2164000000000000, 0x8}, {0x0, 0x0, 0x0, [], 0xfffffffffffffff7}, {0x0, 0x4fd, 0xe3}, {0x47, 0x2, 0x100}, {0x8, 0x1f}]}}) syz_open_dev$vbi(&(0x7f0000000140)='/dev/vbi#\x00', 0x3, 0x2) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) sendfile(r0, r1, &(0x7f0000d83ff8), 0x8000fffffffe) 00:32:52 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000240)=""/246) ioctl$EVIOCGREP(r0, 0x40107446, &(0x7f0000000440)=""/174) 00:32:53 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0xffffffffffffffff, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) poll(&(0x7f0000000000)=[{r1}, {r0, 0x4004}], 0x5, 0x0) 00:32:53 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x0, 0x182) r1 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81805) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r0, 0x4c01) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[], 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) 00:32:53 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000001680)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) read$FUSE(r0, &(0x7f00000016c0), 0x1000) 00:32:53 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000002c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, @in={0x2, 0x0, @loopback}}}, 0x90) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000000)={0x7, 0x4}, 0xf8) close(r0) 00:32:54 executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000008000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000010000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0xe, 0xd4, &(0x7f0000000400)="7c3288c9fb80248bb4f681641578", &(0x7f0000000640)=""/212}, 0x28) 00:32:54 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0xffffffffffffffff, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) poll(&(0x7f0000000000)=[{r1}], 0x1, 0x800) [ 376.103224] print_req_error: I/O error, dev loop0, sector 0 [ 376.109241] Buffer I/O error on dev loop0, logical block 0, lost async page write [ 376.117871] print_req_error: I/O error, dev loop0, sector 8 [ 376.123766] Buffer I/O error on dev loop0, logical block 1, lost async page write [ 376.131598] print_req_error: I/O error, dev loop0, sector 16 [ 376.137592] Buffer I/O error on dev loop0, logical block 2, lost async page write [ 376.145598] print_req_error: I/O error, dev loop0, sector 24 [ 376.151486] Buffer I/O error on dev loop0, logical block 3, lost async page write [ 376.159411] print_req_error: I/O error, dev loop0, sector 32 [ 376.165385] Buffer I/O error on dev loop0, logical block 4, lost async page write [ 376.173338] print_req_error: I/O error, dev loop0, sector 40 [ 376.179246] Buffer I/O error on dev loop0, logical block 5, lost async page write [ 376.187203] print_req_error: I/O error, dev loop0, sector 48 [ 376.193197] Buffer I/O error on dev loop0, logical block 6, lost async page write [ 376.201027] print_req_error: I/O error, dev loop0, sector 56 [ 376.207161] Buffer I/O error on dev loop0, logical block 7, lost async page write [ 376.215071] print_req_error: I/O error, dev loop0, sector 64 [ 376.220982] Buffer I/O error on dev loop0, logical block 8, lost async page write [ 376.228912] print_req_error: I/O error, dev loop0, sector 72 [ 376.234885] Buffer I/O error on dev loop0, logical block 9, lost async page write 00:32:54 executing program 0: perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b702000008000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7030000000000006a0a00fe00000000850000001f000000b7000000000000009500000000000000"], &(0x7f0000003fc0)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r0, 0x8002a0ffffffff, 0xe, 0xd7, &(0x7f0000000140)="3c08000000f08b41637c2fee86dd", &(0x7f0000000380)=""/215, 0x4aa}, 0x28) 00:32:54 executing program 4: perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b702000008000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7030000000000006a0a00fe00000000850000001f000000b7000000000000009500000000000000"], &(0x7f0000003fc0)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r0, 0x8002a0ffffffff, 0xe, 0xd7, &(0x7f0000000140)="3c08000000f08b41637c2fee86dd", &(0x7f0000000380)=""/215, 0x631}, 0x28) 00:32:54 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000010000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)}, &(0x7f0000000540)=0xc) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000580)={0x0, @in6={{0xa, 0x0, 0x0, @mcast1}}}, &(0x7f0000000640)=0x84) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x0, 0x3ef, 0xa500000000000000, 0x3f00000000000000, 0x0, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) getresuid(&(0x7f0000000680), &(0x7f00000006c0), &(0x7f0000000700)) ioctl$sock_inet6_SIOCADDRT(r0, 0x89a0, &(0x7f0000000100)={@local, @empty, @loopback, 0x3}) 00:32:55 executing program 1: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:32:56 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5379, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x401}, 0x0, 0x0, 0x20000000000000, 0x200000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$sndmidi(&(0x7f0000000240)='/dev/snd/midiC#D#\x00', 0x8, 0x200000) pipe2(&(0x7f0000000500), 0x0) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000000), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$cont(0x21, r0, 0x0, 0x0) 00:32:56 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000010000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x10000, 0x0) ioctl$RTC_PLL_GET(r0, 0x801c7011, &(0x7f00000007c0)) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = geteuid() setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000002c0)={{{@in6, @in6=@mcast2, 0x0, 0x6, 0x0, 0x81, 0x2, 0x80, 0x80, 0xbf, 0x0, r1}, {0x0, 0xffffffffffffd786, 0x9, 0x0, 0xe580000, 0x3ff, 0x0, 0x4}, {0x0, 0x100000001, 0x0, 0x2}, 0x0, 0x0, 0x1, 0x0, 0x743a35633b7eee2b, 0x2}, {{@in=@multicast1, 0x4d6}, 0x0, @in=@multicast1, 0x3507, 0x6, 0x3, 0x0, 0x3, 0x0, 0xf35}}, 0xe8) io_submit(0x0, 0x0, &(0x7f0000000fc0)) r2 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x80, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x1}, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @local, 0x2000000008}, 0x1c) sendmmsg(r4, &(0x7f00000002c0), 0x400000000000027, 0x0) rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f00000000c0)) gettid() getuid() r5 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)={0x2, 0x0, [0x8b]}) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000500)={0x0, 0x1c, &(0x7f00000004c0)=[@in6={0xa, 0x4e20, 0x7, @ipv4={[], [], @broadcast}, 0x9}]}, &(0x7f0000000540)=0x10) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e22, 0x80000000, @mcast1, 0x2}}}, &(0x7f0000000640)=0x84) ioctl$KVM_ASSIGN_PCI_DEVICE(r2, 0x8040ae69, &(0x7f0000000740)={0x2, 0x6, 0x5, 0x7}) ioctl$sock_inet6_SIOCSIFADDR(r5, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x0, 0x3ef, 0xa500000000000000, 0x3f00000000000000, 0x0, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) getresuid(&(0x7f0000000680), &(0x7f00000006c0), &(0x7f0000000700)) 00:32:56 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0x9208, &(0x7f0000000180)) 00:32:56 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x0, 0x182) r1 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81805) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff) sendfile(r0, r0, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r0, 0x4c01) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) 00:32:56 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") r1 = socket$packet(0x11, 0x4000000003, 0x300) sendmmsg(r1, &(0x7f00000009c0)=[{{&(0x7f00000002c0)=@nfc={0x27, 0x1}, 0x80, &(0x7f0000000100)=[{&(0x7f00000003c0)}], 0x1, &(0x7f0000000540)=[{0x10, 0x13f, 0x100000000}], 0x10, 0x4800}}], 0x1, 0x80) 00:32:56 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000240)="0a5c2d0240316285717070") r2 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.memory_migrate\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f0000000040), 0x20) 00:32:56 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b702000008000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7030000000000006a0a00fe00000000850000001f000000b7000000000000009500000000000000"], &(0x7f0000003fc0)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r0, 0x8002a0ffffffff, 0xe, 0xd7, &(0x7f0000000140)="3c08020000f08b41637c2fee86dd", &(0x7f0000000380)=""/215, 0x631}, 0x28) 00:32:56 executing program 0: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, &(0x7f0000000380)) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) mkdir(&(0x7f00000003c0)='.\x00', 0x0) io_cancel(0x0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x81, r0, &(0x7f0000000400), 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000480)) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) sched_setaffinity(0x0, 0xffffffffffffffbf, &(0x7f0000000180)=0xfff) connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x2764, @mcast2}, 0x1c) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket(0x10, 0x3, 0x0) ioctl$sock_ifreq(r3, 0x89f0, &(0x7f0000000080)={'ip_vti0\x00', @ifru_data=&(0x7f0000000000)="b06f31673d3da2b793d4f9a507e3c9133ba7ce8f5e6e538ecf8829b08f7f4aae"}) ioctl$sock_ifreq(r3, 0x89f3, &(0x7f0000000080)={'ip_vti0\x00', @ifru_data=&(0x7f0000000000)="b06f31673d3da2b793d4f9a507e3c9133ba7ce8f5e6e538ecf8829b08f7f4aae"}) connect(0xffffffffffffffff, &(0x7f0000000140)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @broadcast}, 0x4, 0x3, 0x0, 0x3}}, 0x80) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r4, &(0x7f00000000c0)={0x2, 0x200004e23, @broadcast}, 0x10) setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x4) sendto$inet(r4, &(0x7f0000000000), 0x0, 0x20000802, &(0x7f0000001180)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000100)='nr0\x00', 0x6) ioctl$UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f00000004c0)={0x8, 0x4000000000000}) getsockname$inet6(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000280)=0x1c) sendto$inet(r4, &(0x7f0000d7cfcb), 0x100000252, 0x0, &(0x7f0000893ff0), 0x10) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000600)={{0x1, 0x0, 0x5, 0x0, 0x1f}, 0xc26, 0x9, 0x980f}) shutdown(r4, 0x400000000000001) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000400)={{0x3, 0x3, 0x0, 0x3, 0x21}, 0x0, 0x3ff, 0xffffffffffffff80}) capset(&(0x7f0000000340)={0x20080522}, &(0x7f0000000480)={0x7, 0x4, 0x5, 0xa3e5, 0x6, 0x7fff}) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000080)={'lo\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}}) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f00000002c0)={'broute\x00'}, &(0x7f00000003c0)=0x78) 00:32:56 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000240)="0a5c2d0240316285717070") r2 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.memory_migrate\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f0000000040), 0x20) 00:32:56 executing program 4: 00:32:56 executing program 3: 00:32:57 executing program 5: 00:32:57 executing program 3: 00:32:57 executing program 2: clone(0x41fc, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0)) syz_open_dev$rtc(&(0x7f0000000080)='/dev/rtc#\x00', 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000000)) ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000000)={&(0x7f00000002c0)=""/4096, 0x1000}) 00:32:57 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000180)={0x2, 0x0, [{}, {0x80000001, 0x0, 0x306c387b527d8bc6}]}) 00:32:57 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000240)="0a5c2d0240316285717070") r2 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.memory_migrate\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f0000000040), 0x20) 00:32:57 executing program 5: 00:32:57 executing program 3: 00:32:57 executing program 5: 00:32:58 executing program 0: 00:32:58 executing program 4: 00:32:58 executing program 3: 00:32:58 executing program 5: 00:32:58 executing program 2: 00:32:58 executing program 1: 00:32:58 executing program 0: 00:32:58 executing program 2: 00:32:58 executing program 4: 00:32:58 executing program 1: 00:32:58 executing program 3: 00:32:59 executing program 5: 00:32:59 executing program 0: 00:32:59 executing program 2: 00:32:59 executing program 4: 00:32:59 executing program 1: 00:32:59 executing program 5: 00:32:59 executing program 3: 00:32:59 executing program 2: 00:32:59 executing program 0: 00:32:59 executing program 1: 00:32:59 executing program 3: 00:32:59 executing program 4: 00:33:00 executing program 5: 00:33:00 executing program 2: 00:33:00 executing program 0: 00:33:00 executing program 3: 00:33:00 executing program 1: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000001080)={0x0, 'syz1\x00', "737978310000000000000000000000000000000200000057310f00000000000000000000000000170000220000000000000000000000000000000000001400", 'syz0\x00', &(0x7f0000000000)=""/11, 0xb}, 0x11c) openat$snapshot(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/snapshot\x00', 0x80001, 0x0) 00:33:00 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x0, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, &(0x7f0000a88f88), 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4) write$binfmt_elf64(r1, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 00:33:00 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000240)="0a5c2d0240316285717070") r2 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.memory_spread_page\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f0000000040), 0x20) 00:33:00 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b702000008000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7030000000000006a0a00fe00000000850000001f000000b7000000000000009500000000000000"], &(0x7f0000003fc0)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r0, 0x8002a0ffffffff, 0xe, 0xd7, &(0x7f0000000140)="3c08000000f08b41637c2fee86dd", &(0x7f0000000380)=""/215}, 0x28) 00:33:00 executing program 2: [ 382.610264] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.617243] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.624153] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.630921] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.637897] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.644847] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.651771] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.658555] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.665441] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.672306] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 382.679088] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 00:33:00 executing program 3: [ 382.888760] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syx1 [ 382.992872] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.999707] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 383.006726] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 383.013683] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 383.020471] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 383.027423] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 383.034391] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 00:33:01 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000001280)={0x0, 0x0, 0x100002, 0x20000002}) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000240)={0xe00500, 0x0, 0x0, 0x40000002}) [ 383.041177] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 383.048118] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 383.054998] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 383.061943] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 00:33:01 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000d80)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = epoll_create1(0x0) r3 = epoll_create1(0x0) r4 = syz_open_pts(r1, 0x0) dup3(r2, r1, 0x0) dup2(r3, r4) 00:33:01 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:33:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="46c2"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) epoll_create(0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 383.375887] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz1] on syx1 00:33:01 executing program 1: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000001080)={0x0, 'syz1\x00', "737978310000000000000000000000000000000200000057310f00000000000000000000000000170000220000000000000000000000000000000000001400", 'syz0\x00', &(0x7f0000000000)=""/11, 0xb}, 0x11c) openat$snapshot(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/snapshot\x00', 0x80001, 0x0) 00:33:01 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) 00:33:01 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000880)=ANY=[@ANYBLOB="92079e"], 0x3) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, @scatter={0x3, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)=""/188, 0xbc}, {&(0x7f0000000400)=""/162, 0xa2}, {&(0x7f0000000000)=""/58, 0x3a}]}, &(0x7f0000000180), &(0x7f0000000240)=""/126, 0x0, 0x4, 0x4, &(0x7f00000002c0)}) write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0xf6) 00:33:01 executing program 5: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff) r0 = gettid() clone(0x0, &(0x7f0000000180), &(0x7f0000000380), &(0x7f0000000100), &(0x7f0000000740)) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x8000000000000014) waitid(0x1, r0, &(0x7f00000001c0), 0x4, &(0x7f00000003c0)) [ 383.849141] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.856155] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.863156] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.869929] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.876814] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.883696] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.890480] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.897367] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.904340] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.911129] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 383.918019] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 00:33:02 executing program 4: mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000004c0)}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000700)={0x16, 0x98, 0xfa00, {&(0x7f0000000280), 0x0, 0xffffffffffffffff, 0x1c, 0x0, @ib={0x1b, 0x0, 0x0, {"6d3a03a22ad13804238c25806cdd75ac"}}}}, 0xa5e0936e7f46bf5c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000340), 0xffffffffffffffff) mount(&(0x7f0000000240)=ANY=[], &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='nfsd', 0x0, &(0x7f0000000000)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f0000000440)={0xffffffffffffffa0}, 0x14) 00:33:02 executing program 3: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount(&(0x7f0000000440), &(0x7f0000027000)='./file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, &(0x7f000000a000)) [ 384.134092] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syx1 00:33:02 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="db186158", 0x4) 00:33:02 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80040000000002, &(0x7f00000000c0)=0x65, 0x4) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000), 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='illinois\x00', 0xd470041877f0fcc9) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20004000, &(0x7f0000e68000)={0x2, 0x4004e23, @local, [0x0, 0x53d1342100000000, 0x1802000000000000]}, 0x10) chdir(&(0x7f00000002c0)='./file0\x00') shutdown(r0, 0x1) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x0, 0x0) 00:33:02 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fcntl$getown(r0, 0x9) prctl$setptracer(0x59616d61, r1) r2 = syz_open_dev$admmidi(&(0x7f00000003c0)='/dev/admmidi#\x00', 0x10001, 0x400040) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x20000000000002cd, 0x0) r3 = gettid() r4 = syz_open_procfs(0x0, &(0x7f0000000000)='stat\x00') r5 = socket$inet_tcp(0x2, 0x1, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x4) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000300)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64a824b84d3a2c982c27bca678f77d1b2a35af9a56a08755efd8b01e307aa6dd9d93d56f69eac8006dedd205ea06bdf5d0d1d6d0e074c112bb783ee399a3f1634e4739de8ce3f8040076e68cfc33c8920959b49e968607eaa70aa52c000000"], &(0x7f0000000040)=0x1) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000240)={"626f6e645f736c6176655f30000e00", {0x2, 0x0, @rand_addr, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}}) sched_setaffinity(r3, 0x8, &(0x7f0000000280)=0xaffc) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @local}}) ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}}) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x400080, 0x0) write$cgroup_int(r6, &(0x7f0000000080)=0x1, 0x12) pkey_alloc(0x0, 0xffffffff) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r4, 0x84, 0xc, &(0x7f00000000c0)=0x9, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs\x00') preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0) 00:33:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="46c2"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) epoll_create(0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:02 executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) open(&(0x7f0000000100)='./file0\x00', 0x61181, 0x0) 00:33:03 executing program 3: mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000700)={0x16, 0x98, 0xfa00, {&(0x7f0000000280), 0x0, 0xffffffffffffffff, 0x0, 0x0, @ib={0x1b, 0x0, 0x0, {"6d3a03a22ad13804238c25806cdd75ac"}}}}, 0xa5e0936e7f46bf5c) ioctl$NBD_DO_IT(0xffffffffffffffff, 0xab03) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000340), 0xffffffffffffffff) mount(&(0x7f0000000240)=ANY=[], &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='nfsd', 0x0, &(0x7f0000000000)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) 00:33:03 executing program 2: setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000200), 0x4) r0 = socket$inet(0x2, 0x3, 0x2) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000100)={@dev, @rand_addr, r1}, 0xc) 00:33:03 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r0, &(0x7f0000000100)='6', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0x0, 0xac141437}}, 0x1c) 00:33:03 executing program 1: socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(0xffffffffffffffff, &(0x7f0000000080), 0xfffffffffffffee4) socketpair$inet(0x2, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00001ec000), 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x1f, &(0x7f00000000c0), &(0x7f00000005c0)=0x4) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x7c774aac) setsockopt$IP_VS_SO_SET_EDIT(r1, 0x0, 0x483, &(0x7f0000000180)={0x2c, @multicast1, 0x4e20, 0x4, 'nq\x00', 0x2b, 0xffffffff00000001, 0xa}, 0x2c) mmap(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x300000a, 0x2011, r1, 0x0) getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000140)=@assoc_id=0x0, &(0x7f0000000240)=0x4) mmap(&(0x7f0000f44000/0x4000)=nil, 0x50707c, 0x1000004, 0x2013, r1, 0x500000) syz_genetlink_get_family_id$fou(&(0x7f00000006c0)='fou\x00') bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)={&(0x7f00000001c0)='./file0\x00'}, 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000540)={r2, 0x20, &(0x7f0000000500)=[@in={0x2, 0x4e24, @local}, @in={0x2, 0x4e23, @rand_addr=0x2}]}, &(0x7f0000000580)=0x10) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000000000)=0x800) bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x20}, 0xffffffffffffffdb) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x3, &(0x7f0000000100)=@framed={{0xffffffb4, 0x0, 0x48, 0x0, 0x0, 0x15}}, &(0x7f0000003ff6)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) r3 = openat$cgroup_ro(r1, &(0x7f00000004c0)="ea9a97d0320463931602f85f1b8b9f7d6d6540afb4d966", 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuset.effective_mems\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000400)={r2, 0x46, "5d88c2b1baa38e16a0aa191513f20c3e52f0d0c2d1134ef9c2538cf2bc0bb6bf349325e348d5e68d891f98d6246c561e9557beb2b787563692c1c6890a2d5b09577f8d65b494"}, &(0x7f0000000600)=0x4e) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000040)="fb15e638f876a49052a7a95d1ce04045", 0x350) write$binfmt_elf32(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfffffd4f) syz_genetlink_get_family_id$nbd(&(0x7f0000000300)='nbd\x00') sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100400}, 0xc, &(0x7f0000000340)={&(0x7f0000000680)=ANY=[]}, 0x1, 0x0, 0x0, 0x10}, 0x408c0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000004e00)=[{{&(0x7f0000000380)=@rc, 0x80, &(0x7f0000003fc0), 0x0, &(0x7f0000004040)=""/224, 0xe0}}], 0x1, 0x0, &(0x7f00000002c0)={0x0, r4+10000000}) socket$inet_udp(0x2, 0x2, 0x0) 00:33:05 executing program 5: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x0}) sendmsg(r0, &(0x7f0000000180)={0x0, 0xfffffffffffffc55, &(0x7f0000000140), 0x10a, &(0x7f0000000140)}, 0x0) 00:33:05 executing program 3: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) chmod(&(0x7f00000000c0)='./file0\x00', 0x0) fchmodat(r0, &(0x7f0000000040)='./file0\x00', 0x85) 00:33:05 executing program 2: 00:33:05 executing program 4: 00:33:05 executing program 0: 00:33:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000080)={0x7b, 0x0, [0xce, 0x0, 0x40000106]}) 00:33:05 executing program 0: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240)='/dev/fuse\x00', 0x2, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x80000) 00:33:05 executing program 3: 00:33:05 executing program 2: 00:33:05 executing program 4: 00:33:05 executing program 5: 00:33:05 executing program 1: 00:33:05 executing program 3: 00:33:05 executing program 2: 00:33:05 executing program 5: 00:33:06 executing program 0: 00:33:06 executing program 4: 00:33:06 executing program 1: 00:33:06 executing program 2: 00:33:06 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140)) ioctl$KVM_SET_PIT2(r1, 0x4040ae77, &(0x7f00000001c0)) 00:33:06 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:06 executing program 1: 00:33:06 executing program 5: 00:33:06 executing program 4: 00:33:06 executing program 2: 00:33:07 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap$binder(&(0x7f0000002000/0x4000)=nil, 0x4048, 0x2, 0x12, r0, 0x0) 00:33:07 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffc000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x4b564d01, 0x1]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:07 executing program 1: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) [ 389.199178] binder: binder_mmap: 10280 20002000-20007000 bad vm_flags failed -1 00:33:07 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:07 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = syz_open_dev$sndctrl(&(0x7f00000000c0)='/dev/snd/controlC#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001000)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000005000), 0x2}, 0x1000000000c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000080)=0x8001) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f000000d000), &(0x7f0000001000)=0xfea6) ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0xc1105517, &(0x7f0000001000)) 00:33:07 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f) 00:33:07 executing program 3: r0 = socket(0x1000100000010, 0x0, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000640)=ANY=[@ANYBLOB="2800030000408ecf9e0a8a9dea02eb003c5e78"], &(0x7f00000003c0)=0x1) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYBLOB="d700000033adf923e51e3ebef85bab25e5a3e635761390606536ba7f73c739efba49f71db634333021e6497945dec27d886540b98c4a3ddd65caadc631caf1772419252697a7118331bf2af3a9935b0ce0190c688ea20f8c2c11a49e01ec7e1805f5f9929fac7c6d0e7716f70eec9a6e21a227111284cb385dcefcde9a21da867e19d5b8053606b5973833d243d6451b634cf00be6634ce5592162a6743d6396a5fc840b9ef331f9bcdc32fd516cde1bb017157c2fcd6ae6337035d1bca2ec05cd66ba1d0fe1393ecd9c60ccc0341b06ce476f2e80f67f03968400"], &(0x7f0000000500)=0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000005e00)={&(0x7f0000005a00), 0xc, &(0x7f0000005dc0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="1e6323ab93c86b42a71ab2a30c0000000000003a20ea7d3f384a0aadca21423c41116003b9531c80c77ea004d19c1fa6566244cd56be5e5e137f8f5bc7be806b2de4b1558396c4951701cda7675d1bf5025f6a44bbbaa98564fbe5a7e224bb347de3454939a8c7c9c4b3868784d5c1c2cac9c3de0667e15d1469"], 0x1}}, 0x0) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f0000000140)={'gretap0\x00', 0x15}) write(r1, &(0x7f0000000380)="1f0000001e0007f1fff5ff0200000000", 0x10) ioctl$sock_SIOCADDDLCI(0xffffffffffffffff, 0x8980, &(0x7f00000000c0)={'team_slave_1\x00'}) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000006c0)={0x0, 0x6}, &(0x7f0000000900)=0x8) socket$inet6_udplite(0xa, 0x2, 0x88) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x78, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x0, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, &(0x7f0000a88f88), 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r2, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 00:33:07 executing program 1: syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x4, 0x4400) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$int_in(r0, 0x5473, &(0x7f0000000040)=0xffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'rat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0xb, 0x0, 0x0, 'e_0\x00', 'sit0\x00', 'ip6gretap0\x00', 'ipddp0\x00', @broadcast, [], @dev, [], 0xa0, 0xa0, 0xd0, [@pkttype={'pkttype\x00', 0x8}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x5, 0x0, 0x0, 'rose0\x00', "200000fa0000001300", 'veth0_to_bridge\x00', 'vlan0\x00', @broadcast, [], @link_local, [], 0x70, 0x70, 0xa8}}, @arpreply={'arpreply\x00', 0x10}}]}]}, 0x280) 00:33:07 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000340)='bridge0\x00'}, 0x30) r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) geteuid() ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000080)) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0x40189206, &(0x7f0000000180)) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000140)='trusted.overlay.upper\x00', &(0x7f0000000240)={0x0, 0xfb, 0x15, 0x3, 0x0, "02cfaa0fec4abacc2a7f9fbac5d30397"}, 0x15, 0x0) write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f00000005c0)={0x7, 0x4b, 0x2}, 0x7) 00:33:07 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:08 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x1, 0x0) write(r0, &(0x7f0000c34fff), 0xffffff0b) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000040)) 00:33:08 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) [ 390.040586] x_tables: eb_tables: arpreply target: only valid in nat table, not rat [ 390.183837] x_tables: eb_tables: arpreply target: only valid in nat table, not rat 00:33:08 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0xfffffffe, 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd60c22df704011100fe800000000000000000000000000000fe8000000000000000000000000000aa00004e2004019078000087ae00ca83452b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f497169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60bbebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"], &(0x7f0000000000)) 00:33:08 executing program 2: dup(0xffffffffffffff9c) clone(0x2102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x17}}, 0xfff}, {0xa, 0x0, 0x0, @remote}, 0x0, [0x0, 0x0, 0x0, 0x24, 0x0, 0x8000, 0x0, 0x6]}, 0x5c) 00:33:08 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:08 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write(r1, &(0x7f00000000c0)="c4", 0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000900)={0x0, 0x0, 0x20}, 0xc) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x0, 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00'], 0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000140)={0x4}, 0x20) sendmmsg$alg(r1, &(0x7f0000005d40)=[{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000002c0)="ca", 0x1}], 0x1}], 0x1, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:08 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0xffffffffffffffff, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x157, 0x0, &(0x7f00000003c0), 0x0) 00:33:08 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:09 executing program 3: r0 = socket(0x1000100000010, 0x0, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000640)=ANY=[@ANYBLOB="2800030000408ecf9e0a8a9dea02eb003c5e78"], &(0x7f00000003c0)=0x1) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYBLOB="d700000033adf923e51e3ebef85bab25e5a3e635761390606536ba7f73c739efba49f71db634333021e6497945dec27d886540b98c4a3ddd65caadc631caf1772419252697a7118331bf2af3a9935b0ce0190c688ea20f8c2c11a49e01ec7e1805f5f9929fac7c6d0e7716f70eec9a6e21a227111284cb385dcefcde9a21da867e19d5b8053606b5973833d243d6451b634cf00be6634ce5592162a6743d6396a5fc840b9ef331f9bcdc32fd516cde1bb017157c2fcd6ae6337035d1bca2ec05cd66ba1d0fe1393ecd9c60ccc0341b06ce476f2e80f67f03968400"], &(0x7f0000000500)=0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000005e00)={&(0x7f0000005a00), 0xc, &(0x7f0000005dc0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="1e6323ab93c86b42a71ab2a30c0000000000003a20ea7d3f384a0aadca21423c41116003b9531c80c77ea004d19c1fa6566244cd56be5e5e137f8f5bc7be806b2de4b1558396c4951701cda7675d1bf5025f6a44bbbaa98564fbe5a7e224bb347de3454939a8c7c9c4b3868784d5c1c2cac9c3de0667e15d1469"], 0x1}}, 0x0) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f0000000140)={'gretap0\x00', 0x15}) write(r1, &(0x7f0000000380)="1f0000001e0007f1fff5ff0200000000", 0x10) ioctl$sock_SIOCADDDLCI(0xffffffffffffffff, 0x8980, &(0x7f00000000c0)={'team_slave_1\x00'}) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000006c0)={0x0, 0x6}, &(0x7f0000000900)=0x8) socket$inet6_udplite(0xa, 0x2, 0x88) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x78, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x0, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, &(0x7f0000a88f88), 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000100), 0x4) recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r2, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 00:33:09 executing program 5: syz_emit_ethernet(0x2a, &(0x7f0000000040)={@broadcast, @empty, [], {@arp={0x806, @ether_ipv4={0x6, 0x800, 0x6, 0x4, 0x1, @random="f8bf88df5b1b", @remote, @dev, @rand_addr}}}}, &(0x7f0000000080)) 00:33:09 executing program 1: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) get_robust_list(0x0, &(0x7f00000005c0)=&(0x7f0000000580)={&(0x7f00000004c0), 0x0, &(0x7f0000000540)={&(0x7f0000000500)}}, &(0x7f0000000600)=0xc) 00:33:09 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) accept4(r0, 0x0, &(0x7f0000000080), 0x0) 00:33:09 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$inet(0x2, 0x6000000000000003, 0x6) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000002c0)='sit0\x00', 0x8b) sendto$inet(r1, &(0x7f00000003c0), 0x0, 0x404c0c0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000380), 0x4) sendto$inet(r1, &(0x7f0000000080), 0x5b0, 0x0, &(0x7f00000001c0)={0x2, 0x0, @rand_addr}, 0x10) 00:33:09 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:09 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x1, 0x0) write(r0, &(0x7f0000c34fff), 0xffffff0b) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)) ioctl$TCSETS(r0, 0x5456, &(0x7f0000000040)) 00:33:09 executing program 1: 00:33:10 executing program 2: 00:33:10 executing program 1: 00:33:10 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") socket(0x1e, 0x5, 0x0) 00:33:10 executing program 3: 00:33:10 executing program 1: 00:33:10 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) accept4(r0, 0x0, &(0x7f0000000080), 0x0) 00:33:10 executing program 3: 00:33:10 executing program 2: 00:33:11 executing program 5: 00:33:11 executing program 1: 00:33:11 executing program 2: 00:33:11 executing program 3: 00:33:11 executing program 1: 00:33:11 executing program 2: 00:33:11 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") sendmsg(0xffffffffffffffff, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:11 executing program 5: 00:33:11 executing program 3: 00:33:11 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) accept4(r0, 0x0, &(0x7f0000000080), 0x0) 00:33:11 executing program 2: 00:33:11 executing program 5: 00:33:12 executing program 1: 00:33:12 executing program 3: 00:33:12 executing program 2: 00:33:12 executing program 1: 00:33:12 executing program 5: [ 394.444328] not chained 40000 origins [ 394.448215] CPU: 1 PID: 10444 Comm: syz-executor3 Not tainted 4.20.0-rc2+ #85 [ 394.455511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.464890] Call Trace: [ 394.467491] [ 394.469673] dump_stack+0x32d/0x480 [ 394.473342] ? save_stack_trace+0xc6/0x110 [ 394.477630] kmsan_internal_chain_origin+0x222/0x240 [ 394.482789] ? kmsan_internal_chain_origin+0x136/0x240 [ 394.488096] ? __msan_chain_origin+0x6d/0xb0 [ 394.492547] ? __save_stack_trace+0x8be/0xc60 [ 394.497068] ? save_stack_trace+0xc6/0x110 [ 394.501331] ? kmsan_internal_chain_origin+0x136/0x240 [ 394.506639] ? kmsan_memcpy_origins+0x13d/0x190 [ 394.511347] ? __msan_memcpy+0x6f/0x80 [ 394.515283] ? skb_copy_bits+0x1d2/0xc90 [ 394.519376] ? skb_copy+0x56c/0xba0 [ 394.523030] ? sctp_make_reassembled_event+0xcbe/0x1210 [ 394.528418] ? sctp_ulpq_partial_delivery+0x850/0xab0 [ 394.533638] ? sctp_do_sm+0x1cf3/0x9c50 [ 394.537640] ? sctp_assoc_bh_rcv+0x66a/0xd90 [ 394.542077] ? sctp_inq_push+0x300/0x420 [ 394.546170] ? sctp_rcv+0x42f2/0x4e40 [ 394.549996] ? sctp6_rcv+0x41/0x70 [ 394.553563] ? ip6_input_finish+0xb53/0x2450 [ 394.557993] ? ip6_input+0x29d/0x340 [ 394.561734] ? ip6_rcv_finish+0x4d2/0x710 [ 394.565919] ? ipv6_rcv+0x34b/0x3f0 [ 394.569575] ? process_backlog+0x82b/0x11e0 [ 394.573927] ? net_rx_action+0x98f/0x1d50 [ 394.578101] ? __do_softirq+0x721/0xc7f [ 394.582108] ? irq_exit+0x305/0x340 [ 394.585773] ? exiting_irq+0xe/0x10 [ 394.589431] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 394.594814] ? __module_address+0x6a/0x5f0 [ 394.599088] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 394.604577] ? in_task_stack+0x12c/0x210 [ 394.608671] ? get_stack_info+0x206/0x220 [ 394.612863] __msan_chain_origin+0x6d/0xb0 [ 394.617141] ? exit_mmap+0x51e/0xa10 [ 394.620885] __save_stack_trace+0x8be/0xc60 [ 394.625265] ? exit_mmap+0x51e/0xa10 [ 394.629013] save_stack_trace+0xc6/0x110 [ 394.633110] kmsan_internal_chain_origin+0x136/0x240 [ 394.638260] ? process_backlog+0x82b/0x11e0 [ 394.642619] ? exit_mmap+0x51e/0xa10 [ 394.646358] ? kmsan_internal_chain_origin+0x136/0x240 [ 394.651658] ? kmsan_memcpy_origins+0x13d/0x190 [ 394.656353] ? __msan_memcpy+0x6f/0x80 [ 394.660269] ? skb_copy_bits+0x1d2/0xc90 [ 394.664361] ? skb_copy+0x56c/0xba0 [ 394.668019] ? sctp_make_reassembled_event+0xcbe/0x1210 [ 394.673410] ? sctp_ulpq_partial_delivery+0x850/0xab0 [ 394.678629] ? sctp_do_sm+0x1cf3/0x9c50 [ 394.682638] ? sctp_assoc_bh_rcv+0x66a/0xd90 [ 394.687070] ? sctp_inq_push+0x300/0x420 [ 394.691175] ? sctp_rcv+0x42f2/0x4e40 [ 394.695004] ? sctp6_rcv+0x41/0x70 [ 394.698574] ? ip6_input_finish+0xb53/0x2450 [ 394.703005] ? ip6_input+0x29d/0x340 [ 394.706754] ? ip6_rcv_finish+0x4d2/0x710 [ 394.710927] ? ipv6_rcv+0x34b/0x3f0 [ 394.714588] ? process_backlog+0x82b/0x11e0 [ 394.718936] ? net_rx_action+0x98f/0x1d50 [ 394.723110] ? __do_softirq+0x721/0xc7f [ 394.727134] ? irq_exit+0x305/0x340 [ 394.730784] ? exiting_irq+0xe/0x10 [ 394.734433] ? smp_apic_timer_interrupt+0x64/0x90 [ 394.739302] ? apic_timer_interrupt+0xf/0x20 [ 394.743749] ? kmsan_get_metadata_or_null+0x29/0x380 [ 394.748883] ? __msan_poison_alloca+0x1e0/0x270 [ 394.753575] ? page_remove_rmap+0x16f/0x1820 [ 394.758009] ? unmap_page_range+0x213a/0x3950 [ 394.762530] ? unmap_single_vma+0x43f/0x5e0 [ 394.766873] ? unmap_vmas+0x251/0x380 [ 394.770699] ? exit_mmap+0x51e/0xa10 [ 394.774439] ? __mmput+0x17a/0x700 [ 394.778006] ? mmput+0x190/0x210 [ 394.781396] ? exit_mm+0xa90/0xc70 [ 394.784959] ? do_exit+0x10f2/0x4070 [ 394.788692] ? do_group_exit+0x1a7/0x350 [ 394.792782] ? __do_sys_exit_group+0x21/0x30 [ 394.797215] ? __se_sys_exit_group+0x14/0x20 [ 394.801655] ? __x64_sys_exit_group+0x1d/0x20 [ 394.806181] ? do_syscall_64+0xcf/0x110 [ 394.810183] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 394.815584] ? __msan_get_context_state+0x9/0x20 [ 394.820358] ? INIT_INT+0xc/0x30 [ 394.823835] ? __kmalloc_node_track_caller+0x1226/0x14e0 [ 394.829318] ? INIT_INT+0xc/0x30 [ 394.832733] kmsan_memcpy_origins+0x13d/0x190 [ 394.837271] __msan_memcpy+0x6f/0x80 [ 394.841017] skb_copy_bits+0x1d2/0xc90 [ 394.844960] skb_copy+0x56c/0xba0 [ 394.848477] sctp_make_reassembled_event+0xcbe/0x1210 [ 394.853745] sctp_ulpq_partial_delivery+0x850/0xab0 [ 394.858818] ? sctp_ulpq_renege_list+0x870/0x870 [ 394.863610] sctp_do_sm+0x1cf3/0x9c50 [ 394.867476] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 394.872882] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 394.878358] ? skb_pull+0x13f/0x230 [ 394.882025] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 394.887414] ? ktime_get+0x2e6/0x420 [ 394.891188] sctp_assoc_bh_rcv+0x66a/0xd90 [ 394.895476] ? sctp_assoc_lookup_asconf_ack+0x2a0/0x2a0 [ 394.900871] sctp_inq_push+0x300/0x420 [ 394.904797] sctp_rcv+0x42f2/0x4e40 [ 394.908507] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 394.913906] sctp6_rcv+0x41/0x70 [ 394.917298] ? sctp_inet6addr_event+0xbd0/0xbd0 [ 394.921990] ip6_input_finish+0xb53/0x2450 [ 394.926287] ? ip6_input_finish+0x13e1/0x2450 [ 394.930806] ip6_input+0x29d/0x340 [ 394.934376] ? ip6_input+0x340/0x340 [ 394.938109] ? ip6_sublist_rcv+0x1ab0/0x1ab0 [ 394.942551] ip6_rcv_finish+0x4d2/0x710 [ 394.946550] ipv6_rcv+0x34b/0x3f0 [ 394.950031] ? dst_hold+0x5e0/0x5e0 [ 394.953686] process_backlog+0x82b/0x11e0 [ 394.957860] ? ip6_rcv_finish+0x710/0x710 [ 394.962055] ? rps_trigger_softirq+0x2e0/0x2e0 [ 394.966662] net_rx_action+0x98f/0x1d50 [ 394.970686] ? net_tx_action+0xf20/0xf20 [ 394.974774] __do_softirq+0x721/0xc7f [ 394.978613] irq_exit+0x305/0x340 [ 394.982095] exiting_irq+0xe/0x10 [ 394.985661] smp_apic_timer_interrupt+0x64/0x90 [ 394.990347] apic_timer_interrupt+0xf/0x20 [ 394.994598] [ 394.996859] RIP: 0010:kmsan_get_metadata_or_null+0x29/0x380 [ 395.002587] Code: 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 10 48 89 fb 49 be 00 00 00 00 80 77 00 00 89 d8 83 e0 03 45 31 ff 89 55 d4 <85> d2 4c 0f 45 f8 48 85 c0 4c 0f 44 f8 4c 29 fb 49 89 dc 49 81 ec [ 395.021504] RSP: 0018:ffff88810b32f588 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 395.029662] RAX: 0000000000000000 RBX: ffff88810b32f6cc RCX: ffff88810b32f610 [ 395.036941] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff88810b32f6cc [ 395.044230] RBP: ffff88810b32f5c0 R08: 0000000000480020 R09: 0000000000000002 [ 395.051514] R10: 000000ffffffffff R11: 0000000000000000 R12: ffff88810b32f6cc [ 395.058798] R13: 0000000000000007 R14: 0000778000000000 R15: 0000000000000000 [ 395.066135] __msan_poison_alloca+0x1e0/0x270 [ 395.070660] ? page_remove_rmap+0x16f/0x1820 [ 395.075083] ? unmap_page_range+0x213a/0x3950 [ 395.079620] page_remove_rmap+0x16f/0x1820 [ 395.083880] ? __tlb_remove_page_size+0x24b/0x560 [ 395.088765] unmap_page_range+0x213a/0x3950 [ 395.093191] unmap_single_vma+0x43f/0x5e0 [ 395.097378] unmap_vmas+0x251/0x380 [ 395.101040] exit_mmap+0x51e/0xa10 [ 395.104634] __mmput+0x17a/0x700 [ 395.108020] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 395.113416] mmput+0x190/0x210 [ 395.116636] exit_mm+0xa90/0xc70 [ 395.120044] do_exit+0x10f2/0x4070 [ 395.123628] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 395.129111] do_group_exit+0x1a7/0x350 [ 395.133028] ? syscall_return_slowpath+0xed/0x730 [ 395.137895] __do_sys_exit_group+0x21/0x30 [ 395.142162] __se_sys_exit_group+0x14/0x20 [ 395.146417] __x64_sys_exit_group+0x1d/0x20 [ 395.150759] do_syscall_64+0xcf/0x110 [ 395.154584] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 395.159785] RIP: 0033:0x457569 [ 395.162992] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 395.181920] RSP: 002b:0000000000a3fd78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 395.189653] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000457569 [ 395.196932] RDX: 0000000000411000 RSI: 00000000000001da RDI: 0000000000000000 [ 395.204212] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000001 [ 395.211498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 395.218776] R13: 0000000000000001 R14: 000000000000006f R15: 0000000000000003 [ 395.226078] Uninit was stored to memory at: [ 395.230423] kmsan_internal_chain_origin+0x136/0x240 [ 395.235539] __msan_chain_origin+0x6d/0xb0 [ 395.239790] __save_stack_trace+0x8be/0xc60 [ 395.244135] save_stack_trace+0xc6/0x110 [ 395.248212] kmsan_internal_chain_origin+0x136/0x240 [ 395.253332] kmsan_memcpy_origins+0x13d/0x190 [ 395.257846] __msan_memcpy+0x6f/0x80 [ 395.261573] skb_copy_bits+0x1d2/0xc90 [ 395.265474] skb_copy+0x56c/0xba0 [ 395.268943] sctp_make_reassembled_event+0xcbe/0x1210 [ 395.274156] sctp_ulpq_partial_delivery+0x850/0xab0 [ 395.279187] sctp_do_sm+0x1cf3/0x9c50 [ 395.283004] sctp_assoc_bh_rcv+0x66a/0xd90 [ 395.287256] sctp_inq_push+0x300/0x420 [ 395.291163] sctp_rcv+0x42f2/0x4e40 [ 395.294813] sctp6_rcv+0x41/0x70 [ 395.298189] ip6_input_finish+0xb53/0x2450 [ 395.302435] ip6_input+0x29d/0x340 [ 395.305986] ip6_rcv_finish+0x4d2/0x710 [ 395.309969] ipv6_rcv+0x34b/0x3f0 [ 395.313437] process_backlog+0x82b/0x11e0 [ 395.317599] net_rx_action+0x98f/0x1d50 [ 395.321587] __do_softirq+0x721/0xc7f [ 395.325390] [ 395.327018] Uninit was stored to memory at: [ 395.331357] kmsan_internal_chain_origin+0x136/0x240 [ 395.336480] __msan_chain_origin+0x6d/0xb0 [ 395.340735] __save_stack_trace+0x8be/0xc60 [ 395.345069] save_stack_trace+0xc6/0x110 [ 395.349153] kmsan_internal_chain_origin+0x136/0x240 [ 395.354280] kmsan_memcpy_origins+0x13d/0x190 [ 395.358792] __msan_memcpy+0x6f/0x80 [ 395.362520] skb_copy_bits+0x1d2/0xc90 [ 395.366419] skb_copy+0x56c/0xba0 [ 395.369884] sctp_make_reassembled_event+0xcbe/0x1210 [ 395.375086] sctp_ulpq_partial_delivery+0x850/0xab0 [ 395.380122] sctp_do_sm+0x1cf3/0x9c50 [ 395.383948] sctp_assoc_bh_rcv+0x66a/0xd90 [ 395.388210] sctp_inq_push+0x300/0x420 [ 395.392112] sctp_rcv+0x42f2/0x4e40 [ 395.395769] sctp6_rcv+0x41/0x70 [ 395.399167] ip6_input_finish+0xb53/0x2450 [ 395.403417] ip6_input+0x29d/0x340 [ 395.406969] ip6_rcv_finish+0x4d2/0x710 [ 395.410956] ipv6_rcv+0x34b/0x3f0 [ 395.414427] process_backlog+0x82b/0x11e0 [ 395.418590] net_rx_action+0x98f/0x1d50 [ 395.422578] __do_softirq+0x721/0xc7f [ 395.426377] [ 395.428005] Uninit was stored to memory at: [ 395.432345] kmsan_internal_chain_origin+0x136/0x240 [ 395.437460] __msan_chain_origin+0x6d/0xb0 [ 395.441709] __save_stack_trace+0x8be/0xc60 [ 395.446048] save_stack_trace+0xc6/0x110 [ 395.450133] kmsan_internal_chain_origin+0x136/0x240 [ 395.455250] kmsan_memcpy_origins+0x13d/0x190 [ 395.459767] __msan_memcpy+0x6f/0x80 [ 395.463494] skb_copy_bits+0x1d2/0xc90 [ 395.467394] skb_copy+0x56c/0xba0 [ 395.470858] sctp_make_reassembled_event+0xcbe/0x1210 [ 395.476062] sctp_ulpq_partial_delivery+0x850/0xab0 [ 395.481098] sctp_do_sm+0x1cf3/0x9c50 [ 395.484918] sctp_assoc_bh_rcv+0x66a/0xd90 [ 395.489168] sctp_inq_push+0x300/0x420 [ 395.493071] sctp_rcv+0x42f2/0x4e40 [ 395.496733] sctp6_rcv+0x41/0x70 [ 395.500110] ip6_input_finish+0xb53/0x2450 [ 395.504367] ip6_input+0x29d/0x340 [ 395.507931] ip6_rcv_finish+0x4d2/0x710 [ 395.511920] ipv6_rcv+0x34b/0x3f0 [ 395.515387] process_backlog+0x82b/0x11e0 [ 395.519548] net_rx_action+0x98f/0x1d50 [ 395.523537] __do_softirq+0x721/0xc7f [ 395.527340] [ 395.528969] Uninit was stored to memory at: [ 395.533311] kmsan_internal_chain_origin+0x136/0x240 [ 395.538429] __msan_chain_origin+0x6d/0xb0 [ 395.542676] __save_stack_trace+0x8be/0xc60 [ 395.547010] save_stack_trace+0xc6/0x110 [ 395.551096] kmsan_internal_chain_origin+0x136/0x240 [ 395.556220] kmsan_memcpy_origins+0x13d/0x190 [ 395.560733] __msan_memcpy+0x6f/0x80 [ 395.564465] skb_copy_bits+0x1d2/0xc90 [ 395.568374] skb_copy+0x56c/0xba0 [ 395.571843] sctp_make_reassembled_event+0xcbe/0x1210 [ 395.577048] sctp_ulpq_partial_delivery+0x850/0xab0 [ 395.582076] sctp_do_sm+0x1cf3/0x9c50 [ 395.585895] sctp_assoc_bh_rcv+0x66a/0xd90 [ 395.590156] sctp_inq_push+0x300/0x420 [ 395.594060] sctp_rcv+0x42f2/0x4e40 [ 395.597700] sctp6_rcv+0x41/0x70 [ 395.601079] ip6_input_finish+0xb53/0x2450 [ 395.605330] ip6_input+0x29d/0x340 [ 395.608882] ip6_rcv_finish+0x4d2/0x710 [ 395.612865] ipv6_rcv+0x34b/0x3f0 [ 395.616339] process_backlog+0x82b/0x11e0 [ 395.620507] net_rx_action+0x98f/0x1d50 [ 395.624495] __do_softirq+0x721/0xc7f [ 395.628299] [ 395.629930] Uninit was stored to memory at: [ 395.634271] kmsan_internal_chain_origin+0x136/0x240 [ 395.639391] __msan_chain_origin+0x6d/0xb0 [ 395.643643] __save_stack_trace+0x8be/0xc60 [ 395.647979] save_stack_trace+0xc6/0x110 [ 395.652052] kmsan_internal_chain_origin+0x136/0x240 [ 395.657171] kmsan_memcpy_origins+0x13d/0x190 [ 395.661678] __msan_memcpy+0x6f/0x80 [ 395.665414] skb_copy_bits+0x1d2/0xc90 [ 395.669319] skb_copy+0x56c/0xba0 [ 395.672795] sctp_make_reassembled_event+0xcbe/0x1210 [ 395.678000] sctp_ulpq_partial_delivery+0x850/0xab0 [ 395.683034] sctp_do_sm+0x1cf3/0x9c50 [ 395.686849] sctp_assoc_bh_rcv+0x66a/0xd90 [ 395.691099] sctp_inq_push+0x300/0x420 [ 395.695007] sctp_rcv+0x42f2/0x4e40 [ 395.698644] sctp6_rcv+0x41/0x70 [ 395.702020] ip6_input_finish+0xb53/0x2450 [ 395.706282] ip6_input+0x29d/0x340 [ 395.709836] ip6_rcv_finish+0x4d2/0x710 [ 395.713827] ipv6_rcv+0x34b/0x3f0 [ 395.717293] process_backlog+0x82b/0x11e0 [ 395.721456] net_rx_action+0x98f/0x1d50 [ 395.725442] __do_softirq+0x721/0xc7f [ 395.729243] [ 395.730872] Uninit was stored to memory at: [ 395.735210] kmsan_internal_chain_origin+0x136/0x240 [ 395.740326] __msan_chain_origin+0x6d/0xb0 [ 395.744579] __save_stack_trace+0x8be/0xc60 [ 395.748918] save_stack_trace+0xc6/0x110 [ 395.752993] kmsan_internal_chain_origin+0x136/0x240 [ 395.758109] kmsan_memcpy_origins+0x13d/0x190 [ 395.762626] __msan_memcpy+0x6f/0x80 [ 395.766358] skb_copy_bits+0x1d2/0xc90 [ 395.770258] skb_copy+0x56c/0xba0 [ 395.773735] sctp_make_reassembled_event+0xcbe/0x1210 [ 395.778935] sctp_ulpq_partial_delivery+0x850/0xab0 [ 395.783967] sctp_do_sm+0x1cf3/0x9c50 [ 395.787780] sctp_assoc_bh_rcv+0x66a/0xd90 [ 395.792046] sctp_inq_push+0x300/0x420 [ 395.795949] sctp_rcv+0x42f2/0x4e40 [ 395.799586] sctp6_rcv+0x41/0x70 [ 395.802967] ip6_input_finish+0xb53/0x2450 [ 395.807210] ip6_input+0x29d/0x340 [ 395.810765] ip6_rcv_finish+0x4d2/0x710 [ 395.814756] ipv6_rcv+0x34b/0x3f0 [ 395.818225] process_backlog+0x82b/0x11e0 [ 395.822387] net_rx_action+0x98f/0x1d50 [ 395.826374] __do_softirq+0x721/0xc7f [ 395.830175] [ 395.831806] Uninit was stored to memory at: [ 395.836154] kmsan_internal_chain_origin+0x136/0x240 [ 395.841276] __msan_chain_origin+0x6d/0xb0 [ 395.845530] __save_stack_trace+0x8be/0xc60 [ 395.849863] save_stack_trace+0xc6/0x110 [ 395.853937] kmsan_internal_chain_origin+0x136/0x240 [ 395.859053] kmsan_memcpy_origins+0x13d/0x190 [ 395.863563] __msan_memcpy+0x6f/0x80 [ 395.867291] skb_copy_bits+0x1d2/0xc90 [ 395.871197] skb_copy+0x56c/0xba0 [ 395.874665] sctp_make_reassembled_event+0xcbe/0x1210 [ 395.879867] sctp_ulpq_partial_delivery+0x850/0xab0 [ 395.884897] sctp_do_sm+0x1cf3/0x9c50 [ 395.888715] sctp_assoc_bh_rcv+0x66a/0xd90 [ 395.892966] sctp_inq_push+0x300/0x420 [ 395.896871] sctp_rcv+0x42f2/0x4e40 [ 395.900516] sctp6_rcv+0x41/0x70 [ 395.903903] ip6_input_finish+0xb53/0x2450 [ 395.908155] ip6_input+0x29d/0x340 [ 395.911711] ip6_rcv_finish+0x4d2/0x710 [ 395.915703] ipv6_rcv+0x34b/0x3f0 [ 395.919172] process_backlog+0x82b/0x11e0 [ 395.923336] net_rx_action+0x98f/0x1d50 [ 395.927324] __do_softirq+0x721/0xc7f [ 395.931134] [ 395.932774] Local variable description: ----oc.i.i@__alloc_pages_nodemask [ 395.939697] Variable was created at: [ 395.943432] __alloc_pages_nodemask+0x108/0x64d0 00:33:14 executing program 1: [ 395.948199] __kmalloc_node_track_caller+0x6db/0x14e0 00:33:14 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:14 executing program 2: 00:33:14 executing program 5: 00:33:14 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x1) 00:33:14 executing program 3: 00:33:14 executing program 1: 00:33:14 executing program 2: 00:33:14 executing program 5: 00:33:14 executing program 1: 00:33:14 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x1) 00:33:14 executing program 3: 00:33:14 executing program 2: 00:33:14 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:14 executing program 5: 00:33:15 executing program 1: 00:33:15 executing program 3: 00:33:15 executing program 2: 00:33:15 executing program 5: 00:33:15 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x1) 00:33:15 executing program 3: 00:33:15 executing program 1: 00:33:15 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:15 executing program 5: 00:33:15 executing program 2: 00:33:16 executing program 1: 00:33:16 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r0, r1, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) 00:33:16 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80200000000002, &(0x7f0000000680)=0x82, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0x8d7) accept4$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000002c0)=0x14, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'ip6gre0\x00'}) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f00000008c0)='trusted.overlay.opaque\x00', &(0x7f0000000640)='y\x00', 0xfb, 0x0) fcntl$getflags(0xffffffffffffffff, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000040), 0x4) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x0) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x49, &(0x7f0000000480)=[{&(0x7f0000001700)=""/4096, 0x1000}], 0x1, &(0x7f0000000180)=""/20, 0x14}, 0x100) 00:33:16 executing program 5: 00:33:16 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:16 executing program 1: 00:33:16 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:16 executing program 5: 00:33:16 executing program 1: 00:33:16 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r0, r1, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) 00:33:17 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:17 executing program 5: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r0, r1, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) 00:33:17 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000240)="0a5c2d0240316285717070") r2 = openat$cgroup_int(r0, &(0x7f0000000140)='cpuset.mem_exclusive\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f0000000040), 0x20) 00:33:17 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:17 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec", 0x4) 00:33:17 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000001c0)={0x20000000000002a7, &(0x7f0000000140)}) fsetxattr$security_smack_transmute(0xffffffffffffffff, &(0x7f0000000140)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000180)='TRUE', 0x4, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) 00:33:17 executing program 5: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r0, r1, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) 00:33:17 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:17 executing program 5: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r0, r1, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) 00:33:17 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:18 executing program 3: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) futex(&(0x7f0000000000), 0x85, 0x0, &(0x7f0000000040), &(0x7f0000000140), 0x200000040000000) 00:33:18 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000001c0), 0xfa) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000e15000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58) r2 = accept4$alg(r1, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000380)="7026f2c5", 0x4) sendmmsg(r2, &(0x7f0000000080)=[{{&(0x7f00005fafe4)=@in6={0xa, 0x0, 0x0, @loopback}, 0x259, &(0x7f00008e3fb8)}}, {{&(0x7f0000000140)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000632000), 0x222}}], 0x2, 0x0) sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0273ec3750d90b464eaa2046945e5915130b06cf350500005756ebb73ceb2f1e000000f41d22071904fb7e5ca8bb2d7a9c1c2251aea3bf068bff9c1e785185893a6f991f7ac8d45928ed4cff0baef0370195a4131c99d29c478463259f49a519524ab6d59dcc37cd00000000000000000000"], 0x72}}, 0x1) sendmsg$key(r0, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000003fc0)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r4 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r4, &(0x7f00000009c0)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000040)='irlan0\x00') setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x1, 0x800000000000000a}, {}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x2, @in, 0x0, 0x4}}, 0xe8) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r5 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000400)={'vcan0\x00', 0x0}) r7 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r7, 0x11b, 0x3, &(0x7f00000000c0)=0x2, 0x4) setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/17, 0x10000, 0x1000}, 0x18) socket$nl_crypto(0x10, 0x3, 0x15) setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f00000008c0)=0x8, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f00000002c0)=0x80, 0x4) bind$xdp(r7, &(0x7f0000000300)={0x2c, 0x0, r6, 0x6}, 0x4) write$binfmt_elf64(r7, &(0x7f0000000800)=ANY=[], 0x0) socketpair$inet(0x2, 0x6, 0x7, &(0x7f0000000240)) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000900)={0x0, 0x80000001}, &(0x7f0000000940)=0x8) 00:33:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000080)={0x7b, 0x0, [0x40000084, 0x0, 0x40000105]}) 00:33:18 executing program 5: 00:33:18 executing program 3: 00:33:18 executing program 4: r0 = socket(0x1e, 0x2, 0x0) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:18 executing program 5: 00:33:19 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:19 executing program 2: 00:33:19 executing program 3: 00:33:19 executing program 5: 00:33:19 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000001c0), 0xfa) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000e15000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58) r2 = accept4$alg(r1, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000380)="7026f2c5", 0x4) sendmmsg(r2, &(0x7f0000000080)=[{{&(0x7f00005fafe4)=@in6={0xa, 0x0, 0x0, @loopback}, 0x259, &(0x7f00008e3fb8)}}, {{&(0x7f0000000140)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000632000), 0x222}}], 0x2, 0x0) sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0273ec3750d90b464eaa2046945e5915130b06cf350500005756ebb73ceb2f1e000000f41d22071904fb7e5ca8bb2d7a9c1c2251aea3bf068bff9c1e785185893a6f991f7ac8d45928ed4cff0baef0370195a4131c99d29c478463259f49a519524ab6d59dcc37cd00000000000000000000"], 0x72}}, 0x1) sendmsg$key(r0, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000003fc0)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r4 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r4, &(0x7f00000009c0)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000040)='irlan0\x00') setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x1, 0x800000000000000a}, {}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x2, @in, 0x0, 0x4}}, 0xe8) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r5 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000400)={'vcan0\x00', 0x0}) r7 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r7, 0x11b, 0x3, &(0x7f00000000c0)=0x2, 0x4) setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/17, 0x10000, 0x1000}, 0x18) socket$nl_crypto(0x10, 0x3, 0x15) setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f00000008c0)=0x8, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f00000002c0)=0x80, 0x4) bind$xdp(r7, &(0x7f0000000300)={0x2c, 0x0, r6, 0x6}, 0x4) write$binfmt_elf64(r7, &(0x7f0000000800)=ANY=[], 0x0) socketpair$inet(0x2, 0x6, 0x7, &(0x7f0000000240)) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000900)={0x0, 0x80000001}, &(0x7f0000000940)=0x8) 00:33:19 executing program 3: 00:33:19 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:19 executing program 2: 00:33:19 executing program 4: bind(0xffffffffffffffff, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(0xffffffffffffffff, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:20 executing program 5: 00:33:20 executing program 3: 00:33:20 executing program 2: 00:33:20 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:20 executing program 4: r0 = socket(0x0, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:20 executing program 3: 00:33:20 executing program 2: perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x12}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:33:20 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ustat(0x20, &(0x7f0000000040)) 00:33:20 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x1, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") ioctl$TCSETSF(r0, 0x5404, &(0x7f00000000c0)) write$sndseq(r0, &(0x7f0000000140)=[{0x81, 0x5, 0x0, 0x0, @tick, {}, {}, @raw8={"959546592b83c98a10d789af"}}], 0xffffff1c) 00:33:20 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(0xffffffffffffffff, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r1 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r1, 0x1) 00:33:20 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001540)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000002900)}}], 0x1, 0x0, &(0x7f0000003280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp\x00') r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) preadv(r0, &(0x7f00000017c0), 0x1ce, 0x1000000) 00:33:21 executing program 2: 00:33:21 executing program 4: r0 = socket(0x1e, 0x0, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:21 executing program 5: 00:33:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc018ae85, &(0x7f0000000080)={0x7b}) 00:33:21 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x0, 0x0, &(0x7f0000000080)) 00:33:21 executing program 5: socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000580)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000002c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f00000001c0)={0x9, 0xda}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:21 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(0xffffffffffffffff, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:22 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(0xffffffffffffffff, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r1 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r1, 0x1) 00:33:22 executing program 2: r0 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000680)=0x8) io_destroy(0x0) memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0) add_key$user(&(0x7f00000006c0)='user\x00', &(0x7f00000002c0), &(0x7f0000000180), 0x0, 0xfffffffffffffffb) 00:33:22 executing program 1: perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) clone(0x80a102001ff8, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) perf_event_open(&(0x7f000000a000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8000000200000000, 0x800007f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000140), &(0x7f0000343ff8)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000)) write$sndseq(0xffffffffffffffff, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') 00:33:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000580)=[@text32={0x20, &(0x7f00000005c0)="b9950b0000b8f7000000ba000000000f309a2c1271363c01b9800000c00f3235002000000f3066b8e3008ee066baf80cb8c7110f86ef66bafc0cb03fee660ff43966baf80cb86063cf8aef66bafc0cb8e9580000efc4e105d2b3002000000f00949900800000f30fc77385", 0x6b}], 0x0, 0x0, &(0x7f0000000640), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x1, 0x0, &(0x7f0000000300), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:22 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000700)) 00:33:22 executing program 5: perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000300), &(0x7f0000000340)={0x0, 0x1c9c380}, &(0x7f00000003c0)={&(0x7f0000000380), 0x8}) [ 404.933181] sg_write: data in/out 1869837835/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 404.933181] program syz-executor2 not setting count and/or reply_len properly [ 404.958826] sg_write: data in/out 1869837835/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 404.958826] program syz-executor2 not setting count and/or reply_len properly 00:33:23 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x0, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:23 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x15, 0x10, 0xc6}, 0x2c) bpf$MAP_UPDATE_ELEM(0x4, &(0x7f0000000380)={r0, &(0x7f0000000300), &(0x7f0000000340)}, 0x20) 00:33:23 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000700)) 00:33:23 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(0xffffffffffffffff, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r1 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r1, 0x1) 00:33:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x0, 0x2}) [ 405.513667] sg_write: data in/out 1869837835/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 405.513667] program syz-executor2 not setting count and/or reply_len properly 00:33:23 executing program 3: rt_sigaction(0x2b, &(0x7f00000000c0)={&(0x7f0000000000)="0f01a70c000000c441215da500000000f20f5e75b6c402f9db3d02000000c4e1f970d299660f7ef4c46220f31fc44154599e7df000003e3689cec4c2a1ac48f7", {}, 0x0, &(0x7f0000000040)="c4024db7e6c4c27d1a116788ffc403ed4206008f297812c4c46279248f03800000c421cdfce5c4639d5dac3f000000000b26f241a7407700"}, 0x0, 0x8, &(0x7f0000000100)) 00:33:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000580)=[@text32={0x20, &(0x7f00000005c0)="b9950b0000b8f7000000ba000000000f309a2c1271363c01b9800000c00f3235002000000f3066b8e3008ee066baf80cb8c7110f86ef66bafc0cb03fee660ff43966baf80cb86063cf8aef66bafc0cb8e9580000efc4e105d2b3002000000f00949900800000f30fc77385", 0x6b}], 0x0, 0x0, &(0x7f0000000640), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x1, 0x0, &(0x7f0000000300), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:23 executing program 2: 00:33:24 executing program 3: 00:33:24 executing program 2: 00:33:24 executing program 1: 00:33:24 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(0xffffffffffffffff, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:24 executing program 2: 00:33:24 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:24 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) io_setup(0xb, &(0x7f0000000240)=0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000100)) io_submit(r1, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x10000, 0x407000}]) truncate(&(0x7f0000000000)='./bus\x00', 0x3100c) 00:33:24 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = creat(&(0x7f0000000a00)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x8000000000044000) io_setup(0xb, &(0x7f0000000240)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x10000}]) truncate(&(0x7f0000000340)='./bus\x00', 0x12) 00:33:25 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0), 0x0, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:25 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r0, 0x80184153, &(0x7f0000000140)) 00:33:25 executing program 5: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKROSET(r0, 0x125d, &(0x7f00000000c0)) 00:33:25 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:25 executing program 3: r0 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r0, 0x40084146, &(0x7f0000000140)) 00:33:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f000000c000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, &(0x7f00000003c0)="3e67f36fb9900900000f32eafaffffff3a010fc72eb8008000000f23d80f21f835800000700f23f88fc9309202c4e3796967aa9a0fc75f0566baf80cb8a76a1a84ef66bafc0cecc4c10d73d280", 0x4d}], 0x1, 0x0, &(0x7f0000000480), 0x0) 00:33:25 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:25 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000580)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(cast6)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) 00:33:25 executing program 5: openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x40, 0x0) 00:33:25 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)="2f65786500000000000409004bddd9de91be10eeaf000ee9a90f798058439ed554fa07424ada75af1f02ac06edbcd7a071fb35331ce39c5a00000000") socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) flistxattr(r0, &(0x7f0000000680)=""/161, 0xa1) 00:33:26 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:26 executing program 5: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@vsock={0x28, 0x0, 0xffffffff}, 0x80) 00:33:26 executing program 2: r0 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'veth1_to_team\x00', 0x8}, 0x18) ioctl(r0, 0x8916, &(0x7f0000000000)) 00:33:26 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:26 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f00000003c0), 0x4) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000a40)='/dev/ptmx\x00', 0x0, 0x0) read(r2, &(0x7f0000000100)=""/11, 0xb) 00:33:26 executing program 2: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x400000010, 0x802, 0x0) write(r0, &(0x7f0000000000)="fc0000001100071bab092500090007000aab08000a0000000000e293210001c000000000000000000000000009000000fa2c5ec28656aaa79bb94b46fe000000bc00020000036c6c256f1a272fdf0d11512fd633d44000000000008934d07302ade01720d7d5bbc91a3e2e80772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a463ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b176e83df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48f6f0000080548deac270e33429f3794dec896592d69d38a873cf1587c3b", 0xfc) write$RDMA_USER_CM_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000004c0)={0x6, 0x118, 0xfa00, {{0x4e9b, 0x401, "5d2c8aadbc53e874a8902796d1075ed15c1e2eff3feadc3b9ea76df352ecb80f94dfa802f76067235274b2d6847d1b8eaa5d8fbead53d2a5fd4e952466dbdd622dcf631ab7117ad25e5f5cd6185f2bd4db8b2b407e454fe24e45ea1fc52b5e0dfd914e216b53dc690d30fd9ea1927d0162616ef45e53810e16f8b362ea9e1bfd70c6bbe8ded18ee85a70fe0dfa5fbb1569905e9ee06dc0934244cff5b6d059810a44e3b249c22b1fa164dfba29527c1a9ff1780efc10c3afb2c6ae3d2e1b395ce8b8f59eebe41eaef558b40546687e19859bc8115e2a249f858fad080501dcb87ebc874beef9e4374f2ebbe03ada2b4e4c6afb469a2f87435f03538e3cc91037", 0x97, 0x2efffffffff, 0x0, 0x0, 0x3, 0x2, 0x6}}}, 0x120) 00:33:26 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:26 executing program 5: setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000080), 0x0) r0 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'veth1_to_team\x00', 0x8}, 0x18) ioctl(r0, 0x8916, &(0x7f0000000000)) ioctl(r0, 0x8936, &(0x7f0000000000)) 00:33:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000080)="f20f2d7e00c4e3bd40ce630f07f7cd0c000000660f01c90ff8cd0fc7588ab8ad6e00000f23d80f21f835000000c00f23f8c4e3cd6971f500f20f08", 0x3b}], 0x1, 0x0, &(0x7f0000000040), 0x0) [ 408.885573] netlink: 220 bytes leftover after parsing attributes in process `syz-executor2'. 00:33:27 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) [ 409.052595] netlink: 220 bytes leftover after parsing attributes in process `syz-executor2'. 00:33:27 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f00000003c0), 0x4) accept4$inet(r1, 0x0, &(0x7f0000000100), 0x0) 00:33:27 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz'}, &(0x7f00000000c0), 0x206, 0xffffffffffffffff) write$vnet(0xffffffffffffffff, &(0x7f0000000480)={0x1, {&(0x7f0000000300)=""/88, 0x58, &(0x7f0000000380)=""/47}}, 0x68) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000003c0)={@mcast1, 0x0, 0x0, 0x0, 0xc}, &(0x7f0000000640)=0x20) msgrcv(0x0, &(0x7f0000000500)=ANY=[], 0x0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000400), 0x0) 00:33:27 executing program 3: ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffff9c, 0xc00c642e, &(0x7f0000000380)) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000540), 0xc) syz_extract_tcp_res$synack(&(0x7f0000000340), 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x18, &(0x7f0000000c00)=ANY=[@ANYBLOB="bf1600000000000085100000050000006d00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000040000000950000000000000031c437ac4696e15962e46f53ccc25148c13bb65bcea7aed5b7e939599c2824af045665301d9f8f40e14575f5365778b74360b25d108b9521f6a9364d77de4689af69e6d3884b4bcc84015ade6453139f2803e337d3e8644e6b3da6f69ccde136f9f0f8d746b3da106a54e302d664f2725c"], &(0x7f0000000100)='GPL\x00'}, 0x48) syz_open_dev$evdev(&(0x7f0000000400)='/dev/input/event#\x00', 0x7, 0x0) close(r0) recvfrom(0xffffffffffffffff, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x6, 0x400000) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000640)=ANY=[@ANYBLOB="040000000000000002004e21ac141412000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000002004e20ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200bf97ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e217f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e230000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e20e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e21e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065e8efb1a83efb85c97e3918aaded6a5b6a5fce9a671aa6dac16bb5b75259067e5d3c765e7e2a0bb271c8f921fdc8aa19d6bc442838cf204272649d2fe12d438901751ffdbfa09806dc820496948e39df7e76fef5f8fd8983a3c6937b0a6aeae99e877b67d90a991bb6772480ceb27cbaea8347eb86a2893437727049258504e34da8e222d4058"], 0x1) 00:33:28 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:28 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:28 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, 0x0, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000000c0)={0x1, r2}) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) write$FUSE_OPEN(r0, &(0x7f0000000780)={0x20, 0x0, 0x0, {0x0, 0x4}}, 0x20) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}], r3}, 0x18, 0x0) dup(r0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x0, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r5, 0x1, 0x0, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="a56a8df0ff24be188529f003e0", 0xd, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={[], [], @multicast2}}, 0x1c) getgroups(0x1, &(0x7f0000000840)=[0x0]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x2, r3}, {0x2, 0x2, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x5c, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:33:28 executing program 2: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKROSET(r0, 0x125d, &(0x7f00000000c0)=0xfffffffffffffffa) 00:33:28 executing program 3: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240)='/dev/net/tun\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='wlan1-\x00'}, 0x10) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffff9c, 0xc00c642e, &(0x7f0000000380)) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000540)={0x0, 0xffffffffffffffff}, 0xc) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x6a6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0x9, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080), 0xc) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000280)) syz_extract_tcp_res$synack(&(0x7f0000000340), 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x18, &(0x7f0000000c00)=ANY=[@ANYBLOB="bf1600000000000085100000050000006d00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000040000000950000000000000031c437ac4696e15962e46f53ccc25148c13bb65bcea7aed5b7e939599c2824af045665301d9f8f40e14575f5365778b74360b25d108b9521f6a9364d77de4689af69e6d3884b4bcc84015ade6453139f2803e337d3e8644e6b3da6f69ccde136f9f0f8d746b3da106a54e302d664f2725c"], &(0x7f0000000100)='GPL\x00'}, 0x48) syz_open_dev$evdev(&(0x7f0000000400)='/dev/input/event#\x00', 0x7, 0x0) close(r0) mkdirat(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x100) perf_event_open(&(0x7f00000004c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480)}, 0x20, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x5, 0xffffffffffffffff, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(0xffffffffffffffff, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x6, 0x400000) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000640)=ANY=[@ANYBLOB="040000000000000002004e21ac141412000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000002004e20ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200bf97ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e217f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e230000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e20e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e21e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065e8efb1a83efb85c97e3918aaded6a5b6a5fce9a671aa6dac16bb5b75259067e5d3c765e7e2a0bb271c8f921fdc8aa19d6bc442838cf204272649d2fe12d438901751ffdbfa09806dc820496948e39df7e76fef5f8fd8983a3c6937b0a6aeae99e877b67d90a991bb6772480ceb27cbaea8347eb86a2893437727049258504e34da8e222d4058"], 0x1) 00:33:28 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:28 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_score_adj\x00') write$FUSE_NOTIFY_DELETE(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB='7'], 0x1) 00:33:29 executing program 1: ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffff9c, 0xc00c642e, &(0x7f0000000380)) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000540)={0x0, 0xffffffffffffffff}, 0xc) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x6a6, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, 0x0, 0x9, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080), 0xc) syz_extract_tcp_res$synack(&(0x7f0000000340), 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x18, &(0x7f0000000c00)=ANY=[@ANYBLOB="bf1600000000000085100000050000006d00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000040000000950000000000000031c437ac4696e15962e46f53ccc25148c13bb65bcea7aed5b7e939599c2824af045665301d9f8f40e14575f5365778b74360b25d108b9521f6a9364d77de4689af69e6d3884b4bcc84015ade6453139f2803e337d3e8644e6b3da6f69ccde136f9f0f8d746b3da106a54e302d664f2725c"], &(0x7f0000000100)='GPL\x00'}, 0x48) syz_open_dev$evdev(&(0x7f0000000400)='/dev/input/event#\x00', 0x7, 0x0) close(r0) mkdirat(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x100) perf_event_open(&(0x7f00000004c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480)}, 0x20, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x5, 0xffffffffffffffff, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2]}, 0x10) recvfrom(0xffffffffffffffff, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x6, 0x400000) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000640)=ANY=[@ANYBLOB="040000000000000002004e21ac141412000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000002004e20ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200bf97ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e217f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e230000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e20e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e21e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065e8efb1a83efb85c97e3918aaded6a5b6a5fce9a671aa6dac16bb5b75259067e5d3c765e7e2a0bb271c8f921fdc8aa19d6bc442838cf204272649d2fe12d438901751ffdbfa09806dc820496948e39df7e76fef5f8fd8983a3c6937b0a6aeae99e877b67d90a991bb6772480ceb27cbaea8347eb86a2893437727049258504e34da8e222d4058"], 0x1) 00:33:29 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) sysinfo(&(0x7f00000007c0)=""/154) ioctl$BLKPG(r0, 0x1269, &(0x7f00000006c0)={0x1, 0x0, 0x0, &(0x7f0000000800)}) 00:33:29 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}]}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r3, @in={{0x2, 0x0, @local}}}, 0x84) r4 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r4, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="a56a8df0ff24be188529f003e0", 0xd, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={[], [], @multicast2}}, 0x1c) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xffffffffffffffff]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{}, {}, {0x2, 0x1}, {}, {0x2, 0x7}, {}, {0x2, 0x2}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x5c, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:33:29 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:29 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:29 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x1000) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8) sendmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="de", 0x1}], 0x1, &(0x7f0000000580)}}], 0x1, 0x0) 00:33:29 executing program 3: clone(0x13102001fef, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) r0 = gettid() wait4(0x0, &(0x7f00000003c0), 0x80000000, &(0x7f0000000340)) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x19) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x400401, 0x74}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) 00:33:30 executing program 2: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000100)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKROSET(r0, 0x40480923, &(0x7f0000000000)) [ 411.992370] ptrace attach of "/root/syz-executor3"[10957] was attempted by "/root/syz-executor3"[10958] 00:33:30 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)) r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:30 executing program 1: r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000002ac0)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000000440)={0x1d, r1}, 0x10) 00:33:30 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}]}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r3, @in={{0x2, 0x0, @local}}}, 0x84) r4 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r4, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="a56a8df0ff24be188529f003e0", 0xd, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={[], [], @multicast2}}, 0x1c) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xffffffffffffffff]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{}, {}, {0x2, 0x1}, {}, {0x2, 0x7}, {}, {0x2, 0x2}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x5c, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:33:30 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f00000003c0), 0x4) mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000340)='./file0\x00', &(0x7f0000000300), &(0x7f0000000180)) 00:33:30 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f00000003c0), 0x4) write(r0, &(0x7f0000000400), 0x0) 00:33:30 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)) r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:30 executing program 1: clone(0x200, &(0x7f00000000c0), &(0x7f0000000000), &(0x7f0000000100), &(0x7f0000000280)) mknod(&(0x7f0000000040)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000340)='./file0\x00', &(0x7f0000000300), &(0x7f0000000200)) syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") clone(0x2000003102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f00000005c0), 0xffffffffffffffff) execve(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000140), &(0x7f0000000240)) msgrcv(0x0, &(0x7f0000000380)={0x0, ""/228}, 0xec, 0x0, 0x0) open$dir(&(0x7f0000000300)='./file0\x00', 0x841, 0x0) 00:33:30 executing program 0: bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0xffffffffffffff7f) r0 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r0, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r0, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r0, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r1 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) shutdown(r1, 0x1) 00:33:30 executing program 2: open(&(0x7f00000001c0)='./file0\x00', 0x10001, 0x8) 00:33:31 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x0) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) write$FUSE_OPEN(r0, &(0x7f0000000780)={0x20, 0x0, 0x0, {0x0, 0x4}}, 0x20) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}], r3}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x0, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) setsockopt$sock_int(r5, 0x1, 0x0, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="a56a8df0ff24be188529f003e0", 0xd, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x0, r3}, {0x2, 0x2, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x5c, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:33:31 executing program 0: bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0xffffffffffffff7f) r0 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r0, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r0, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r0, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r1 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) shutdown(r1, 0x1) 00:33:31 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = creat(&(0x7f0000000a00)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x8000000000044000) io_setup(0xb, &(0x7f0000000240)=0x0) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000100)) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x10000}]) truncate(&(0x7f0000000340)='./bus\x00', 0x0) 00:33:31 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)) r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:32 executing program 0: bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0xffffffffffffff7f) r0 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r0, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r0, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r0, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r1 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) shutdown(r1, 0x1) 00:33:32 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d024031") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:32 executing program 3: shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000300)=""/200) 00:33:33 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001240)={{{@in6=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@remote, 0x0, 0xff}, 0x0, @in=@multicast2}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b0001020000000000400000000000"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0) dup3(r0, r1, 0x0) 00:33:33 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:33 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d024031") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:33 executing program 1: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKROSET(r0, 0x4004092b, &(0x7f0000000000)) 00:33:33 executing program 3: syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) ioctl$VT_WAITACTIVE(0xffffffffffffffff, 0x5607) ioctl$GIO_UNIMAP(0xffffffffffffffff, 0x4b66, &(0x7f0000000280)={0x0, &(0x7f0000000240)}) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000580)) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x82) r1 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340), 0x0, 0x81805) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0xa, &(0x7f00000000c0), 0x4) listxattr(&(0x7f0000000380)='./file0\x00', &(0x7f00000013c0)=""/21, 0xfffffea1) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, &(0x7f0000000000)={0x1, @broadcast, 0x4e23, 0x2, 'rr\x00', 0x2, 0xda74, 0x5e}, 0x2c) 00:33:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(0xffffffffffffffff, 0x400442c8, &(0x7f0000000500)) syz_open_dev$rtc(&(0x7f00000000c0)='/dev/rtc#\x00', 0xffffffffffffffff, 0x200) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:33 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:33 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d024031") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:34 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) close(r0) [ 416.037500] *** Guest State *** [ 416.041041] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 416.050263] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 416.059356] CR3 = 0x0000000000000000 [ 416.063250] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000 [ 416.069805] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 416.076479] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 416.082615] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 416.088650] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 416.095509] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 416.103761] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 416.111927] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 416.120492] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 416.128724] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 416.136917] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 416.145079] GDTR: limit=0x00000000, base=0x0000000000000000 [ 416.153277] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 416.161310] IDTR: limit=0x00000000, base=0x0000000000000000 [ 416.169467] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 416.177616] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 416.184193] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 416.191815] Interruptibility = 00000000 ActivityState = 00000000 [ 416.198092] *** Host State *** [ 416.201342] RIP = 0xffffffff812cf768 RSP = 0xffff8881031df378 [ 416.207512] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 416.214118] FSBase=00007fedb96ab700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000 [ 416.222093] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 416.228051] CR0=0000000080050033 CR3=0000000105ffd000 CR4=00000000001426e0 [ 416.235795] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260 [ 416.242839] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 416.248945] *** Control State *** [ 416.252632] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 416.259355] EntryControls=0000d1ff ExitControls=002fefff [ 416.265042] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 416.272147] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 416.278885] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 00:33:34 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r0, 0x40044102, &(0x7f0000000140)) [ 416.285715] reason=80000021 qualification=0000000000000000 [ 416.292259] IDTVectoring: info=00000000 errcode=00000000 [ 416.297766] TSC Offset = 0xffffff1bdc6be187 [ 416.302733] EPT pointer = 0x00000001019f201e 00:33:34 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d024031628571") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:34 executing program 3: r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x0, 0x2}, 0x20) 00:33:34 executing program 5: r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000002ac0)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000000440)={0x1d, r1}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000000), 0x10, &(0x7f0000000040)={&(0x7f00000000c0)={0x5, 0x0, 0x0, {0x0, 0x2710}, {0x77359400}, {}, 0x8, @can={{}, 0x0, 0x0, 0x0, 0x0, "c4d981ae211e6951"}}, 0x20000108}}, 0x0) 00:33:35 executing program 2: clone(0x84007ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r0 = getpid() pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) fstat(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r2, 0x0, 0x0) mknod(&(0x7f0000000080)='./file0\x00', 0x103c, 0x0) ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, &(0x7f00000000c0)={0x4}) execve(&(0x7f0000000240)='./file0\x00', &(0x7f00000002c0), &(0x7f00000001c0)) ptrace(0x10, r0) tkill(r0, 0x10) 00:33:35 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:35 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d024031628571") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:35 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000400)="0a5c2d0240316285717070") r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @empty, 0x0, 0x2, 'ovf\x00'}, 0x2c) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000080)={@dev={0xfe, 0x80, [], 0x1d}, r2}, 0x14) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000001680)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$IP_VS_SO_SET_ZERO(r3, 0x0, 0x48f, &(0x7f00000016c0)={0x29, @empty, 0x4e20, 0x4, 'ovf\x00', 0x1e, 0x553b}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000140)={0x84, @multicast1, 0x0, 0x1102, 'mh\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 '}, 0x2c) 00:33:35 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f0000000080)) mknod(&(0x7f0000000080)='./file0\x00', 0x103f, 0x0) execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000d00), &(0x7f00000006c0)) r0 = syz_open_procfs(0x0, &(0x7f0000000780)="696f005bfc57169babee54ed16e39e7a8fe4b90016f266e3f63c443b3fc5040006bb5cd4bd7c7373b3d4d470a0cb5617aadbfb64c5e4983c25d024a9f3c489cc438f9e6de16364672bf70ad3bc27c924384f5586d4a51c6420a4e356e4e5ff7e284ee69a86f67264667d24b6f6502eb380104d262f889f390101ccaff805816603f65ba309000000000000004a80004e16b70c9649a2f9f6900fc77267a03436ba91a7f50c747f58236e5fa35ce74bb8da57ae4acad3aec3660ea6671da9f55e8211dfc5a17b8d3b1865e97da694c88f4920f772f196bdf299fc0b233d60654271ce981015") pread64(r0, &(0x7f0000000000), 0x115, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000340), 0xffffffffffffffff) lseek(r0, 0x0, 0x0) write$P9_RSTAT(r0, &(0x7f0000000380)={0x21c, 0x7d, 0x0, {0x0, 0x215, 0x0, 0x0, {0x80, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0xe5, "696f005bfc57169babee54ed16e39e7a8fe4b90016f266e3f63c443b3fc5040006bb5cd4bd7c7373b3d4d470a0cb5617aadbfb64c5e4983c25d024a9f3c489cc438f9e6de16364672bf70ad3bc27c924384f5586d4a51c6420a4e356e4e5ff7e284ee69a86f67264667d24b6f6502eb380104d262f889f390101ccaff805816603f65ba309000000000000004a80004e16b70c9649a2f9f6900fc77267a03436ba91a7f50c747f58236e5fa35ce74bb8da57ae4acad3aec3660ea6671da9f55e8211dfc5a17b8d3b1865e97da694c88f4920f772f196bdf299fc0b233d60654271ce981015", 0x7, 'keyring', 0x11, "e16b657972696e67747275737465647b5c", 0xe5, "696f005bfc57169babee54ed16e39e7a8fe4b90016f266e3f63c443b3fc5040006bb5cd4bd7c7373b3d4d470a0cb5617aadbfb64c5e4983c25d024a9f3c489cc438f9e6de16364672bf70ad3bc27c924384f5586d4a51c6420a4e356e4e5ff7e284ee69a86f67264667d24b6f6502eb380104d262f889f390101ccaff805816603f65ba309000000000000004a80004e16b70c9649a2f9f6900fc77267a03436ba91a7f50c747f58236e5fa35ce74bb8da57ae4acad3aec3660ea6671da9f55e8211dfc5a17b8d3b1865e97da694c88f4920f772f196bdf299fc0b233d60654271ce981015"}}, 0x21c) ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f00000000c0)) open$dir(&(0x7f0000000000)='./file0\x00', 0x27e, 0x0) 00:33:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000000c0)="c4c379146600006543a02d0000000000000064670f01cab8010000000f01d946d8f1e1b066ba400066edb9f60800000f32f2400f0964460f35", 0x39}], 0x335, 0x0, &(0x7f0000000000), 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000100)) syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:35 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17, 0x0, 0x20000}) 00:33:35 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d024031628571") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:35 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_S390_UCAS_MAP(r3, 0x4018ae50, &(0x7f0000000280)={0x1, 0x0, 0x5}) ioctl$KVM_SMI(r2, 0xaeb7) timer_create(0x0, &(0x7f0000000000)={0x0, 0x32, 0x1, @tid=0xffffffffffffffff}, &(0x7f00000000c0)=0x0) timer_gettime(r4, &(0x7f0000000140)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) syz_emit_ethernet(0x0, &(0x7f0000000240)=ANY=[], &(0x7f0000000340)={0x0, 0x0, [0x0, 0xd79]}) add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz'}, &(0x7f0000000280), 0x0, 0xfffffffffffffffe) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, {0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, {}, {}, {0xfffffffffffffffc}, {0x0, 0x0, 0xf}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) ioctl$VIDIOC_G_TUNER(0xffffffffffffffff, 0xc054561d, &(0x7f0000000180)={0x0, "d45a7807b331591f0613723b35dc181158df8e7186b920397e5787deebc97cf8", 0x7, 0x848, 0x2, 0x2, 0x2, 0x3, 0x0, 0x8f0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4) 00:33:36 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f0000000180)="2e2f66692e65318c", 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = fanotify_init(0x0, 0x0) fanotify_mark(r1, 0x11, 0x2, r0, &(0x7f0000000380)="2e2f66692e65318c00") fanotify_mark(r1, 0x80, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="2e2f66692e65318c00") 00:33:36 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, &(0x7f0000000000)) r2 = eventfd(0x0) dup3(r2, r1, 0x0) 00:33:36 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d02403162857170") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={'veth1_to_team\x00', {0x2, 0x0, @rand_addr}}) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000100)={'veth1_to_team\x00', {0x2, 0x0, @loopback}}) 00:33:36 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) write$FUSE_OPEN(r0, &(0x7f0000000780)={0x20, 0x0, 0x0, {0x0, 0x4}}, 0x20) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}], r3}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x0, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0x0, 0x8000000000000006]) setsockopt$sock_int(r5, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="a56a8df0ff24be188529f003e0", 0xd, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={[], [], @multicast2}}, 0x1c) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xffffffffffffffff]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x0, r3}, {0x2, 0x2, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x5c, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:33:36 executing program 3: r0 = memfd_create(&(0x7f0000001fc1)='#vmnet1nodevem1\x00', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000001000), 0xfec) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x0) [ 418.990333] *** Guest State *** [ 418.993967] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 419.003050] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 419.012089] CR3 = 0x0000000000000000 [ 419.015859] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 419.022127] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 419.028284] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 419.035327] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 419.043576] DS: sel=0x0002, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 419.051739] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0xfffffffffffffffc [ 419.059797] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 419.068028] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 419.076277] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 419.084556] GDTR: limit=0x00000000, base=0x0000000000000000 [ 419.092745] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 419.100804] IDTR: limit=0x00000000, base=0x0000000000000000 [ 419.109581] TR: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 419.118281] EFER = 0x0000000000006500 PAT = 0x0007040600070406 [ 419.124939] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 419.132591] Interruptibility = 00000000 ActivityState = 00000000 [ 419.138878] *** Host State *** [ 419.142342] RIP = 0xffffffff812cf768 RSP = 0xffff8881053af378 [ 419.148404] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 419.155066] FSBase=00007fe7530eb700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000 [ 419.163044] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 419.168998] CR0=0000000080050033 CR3=00000001050e5000 CR4=00000000001426e0 [ 419.176735] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260 [ 419.183587] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 00:33:37 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:37 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d02403162857170") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) [ 419.189701] *** Control State *** [ 419.193325] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 419.200054] EntryControls=0000d3ff ExitControls=002fefff [ 419.205868] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 419.212994] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 419.219722] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 419.226549] reason=80000021 qualification=0000000000000000 [ 419.233031] IDTVectoring: info=00000000 errcode=00000000 [ 419.238534] TSC Offset = 0xffffff1a52ae24fc [ 419.243246] EPT pointer = 0x00000001010d701e 00:33:37 executing program 5: 00:33:38 executing program 3: 00:33:38 executing program 5: 00:33:38 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:38 executing program 3: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff) 00:33:38 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x0, 0x3f5d}], r3}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x0, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r5, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="a56a8df0ff24be188529f003e0", 0xd, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={[], [], @multicast2}}, 0x1c) getgroups(0x1, &(0x7f0000000840)=[0x0]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x0, r3}, {0x2, 0x2, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x5c, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:33:39 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d02403162857170") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:40 executing program 1: 00:33:41 executing program 2: 00:33:41 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0xffffffffffffffff, 0x2) poll(&(0x7f0000000000)=[{r1}, {r0, 0x12b}], 0x2, 0x0) 00:33:41 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:41 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x0, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:41 executing program 1: 00:33:41 executing program 1: 00:33:41 executing program 3: 00:33:41 executing program 2: 00:33:42 executing program 1: 00:33:42 executing program 5: 00:33:42 executing program 3: 00:33:42 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:42 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x0, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:42 executing program 2: 00:33:42 executing program 1: 00:33:43 executing program 3: 00:33:43 executing program 2: 00:33:43 executing program 1: 00:33:43 executing program 5: 00:33:43 executing program 1: 00:33:43 executing program 2: 00:33:43 executing program 3: 00:33:43 executing program 5: 00:33:43 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:44 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") socket(0x1e, 0x5, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:44 executing program 1: 00:33:44 executing program 3: 00:33:44 executing program 2: 00:33:44 executing program 5: 00:33:44 executing program 3: 00:33:44 executing program 2: 00:33:44 executing program 5: 00:33:44 executing program 1: 00:33:44 executing program 3: 00:33:44 executing program 2: 00:33:45 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x0, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:45 executing program 1: 00:33:45 executing program 5: 00:33:45 executing program 3: 00:33:45 executing program 2: 00:33:45 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x0, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="c9", 0x1}], 0x1, &(0x7f0000000180)}, 0x0) 00:33:45 executing program 1: 00:33:45 executing program 3: 00:33:45 executing program 2: 00:33:45 executing program 5: 00:33:45 executing program 1: 00:33:45 executing program 3: 00:33:46 executing program 2: 00:33:46 executing program 5: 00:33:46 executing program 4: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:33:46 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x0, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:46 executing program 1: 00:33:46 executing program 3: 00:33:46 executing program 1: 00:33:46 executing program 2: 00:33:46 executing program 5: 00:33:46 executing program 3: 00:33:46 executing program 1: 00:33:47 executing program 5: 00:33:47 executing program 2: 00:33:47 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x0, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:47 executing program 3: 00:33:47 executing program 1: 00:33:47 executing program 5: 00:33:47 executing program 4: 00:33:47 executing program 2: 00:33:47 executing program 3: 00:33:47 executing program 1: 00:33:47 executing program 2: 00:33:48 executing program 5: 00:33:48 executing program 4: 00:33:48 executing program 3: 00:33:48 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:48 executing program 2: 00:33:48 executing program 1: 00:33:48 executing program 5: 00:33:48 executing program 3: 00:33:48 executing program 4: 00:33:48 executing program 4: 00:33:49 executing program 2: 00:33:49 executing program 5: 00:33:49 executing program 3: 00:33:49 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:49 executing program 1: 00:33:49 executing program 4: 00:33:49 executing program 2: 00:33:49 executing program 3: 00:33:49 executing program 5: 00:33:49 executing program 1: 00:33:49 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:49 executing program 4: 00:33:50 executing program 3: 00:33:50 executing program 5: 00:33:50 executing program 2: 00:33:50 executing program 1: 00:33:50 executing program 4: 00:33:50 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:50 executing program 5: 00:33:50 executing program 3: 00:33:50 executing program 1: 00:33:50 executing program 2: 00:33:50 executing program 4: 00:33:50 executing program 5: 00:33:50 executing program 3: 00:33:51 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:51 executing program 2: 00:33:51 executing program 4: 00:33:51 executing program 1: 00:33:51 executing program 5: 00:33:51 executing program 3: 00:33:51 executing program 2: 00:33:51 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:51 executing program 4: 00:33:51 executing program 1: 00:33:51 executing program 5: 00:33:51 executing program 3: 00:33:52 executing program 2: 00:33:52 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:52 executing program 1: 00:33:52 executing program 3: 00:33:52 executing program 5: 00:33:52 executing program 4: 00:33:52 executing program 5: 00:33:52 executing program 4: 00:33:52 executing program 1: 00:33:52 executing program 2: 00:33:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="66b9810000400f322ed30cbad104ec660f38df2b0fe21526660ff85e503ede1b0f20c06635000000800f22c0b800088ec00fae470b", 0x35}], 0x1, 0x51, &(0x7f00000001c0), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x129, 0x0, &(0x7f00000000c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:53 executing program 5: arch_prctl(0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="46c2"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:53 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x2812, r1, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$tun(r1, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x1) mmap(&(0x7f0000004000/0x4000)=nil, 0x705000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 00:33:53 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:53 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000000c0)="0a5c2d024031") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) arch_prctl(0x1001, &(0x7f0000000000)="d5daad960488a96a7ef73305fb0d970cfe30e577a339e44d6bb4c0424aaf39b2ce2c82b743846ebb27d3e0ae9755642c0f31e8161e79af23dc7d31011dd38fbba5d241") syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="66b9810000400f322ed30cbad104ec660f38df2b0fe21526660ff85e503ede1b0f20c06635000000800f22c0b800088ec00fae470b", 0x35}], 0x1, 0x51, &(0x7f00000001c0), 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x129, 0x0, &(0x7f00000000c0), 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="46c2"]) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$KVM_NMI(r6, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:33:53 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'\a\x00'}, &(0x7f0000001fee)="520972697374e363757367725669643a4465", 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x91fb, 0x7, 0x4, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x841, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x5, @perf_config_ext={0x401}, 0x0, 0xb2bd, 0x73, 0x0, 0xffffffffffffffff}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x0) msync(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f00000013c0)}, 0x0) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000200), 0x0, 0x0) 00:33:53 executing program 4: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x300000000) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000000300)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) close(r1) socket$packet(0x11, 0x3, 0x300) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000200)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000100)={0x0, r1}) 00:33:53 executing program 3: ioctl(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="46c2"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="66b9810000400f322ed30cbad104ec660f38df2b0fe21526660ff85e503ede1b0f20c06635000000800f22c0b800088ec00fae470b", 0x35}], 0x1, 0x51, &(0x7f00000001c0), 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000000)="67c6f80ff20f0f4f82bb0f08f265660f30260f3808d666b9e40900000f322e3e360f2204660f09d2a200806766c74424004f8842fa6766c7442402000000006766c744240600000000670f011424", 0x4e}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:54 executing program 5: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") r4 = accept4(r2, 0x0, &(0x7f00000000c0)=0xff67, 0x0) write(r1, &(0x7f0000000240)="48c0c510706c49e07e712b11646e77c5a85ef2de617be590f0eb53", 0x1b) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="ad56b6cc0400fbab65d8b4ac2ca35c6e", 0x10) splice(r0, 0x0, r4, 0x0, 0x20000000003, 0x0) 00:33:54 executing program 4: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000340)={@my}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x4, "a0d229f7"}, &(0x7f0000000400)=0xc) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a45320, &(0x7f0000000640)={{}, 'port0\x00', 0xd7ffb85c3231897d, 0x40000, 0x2, 0x4, 0xffff, 0x1, 0xffffffff, 0x0, 0x3, 0x9}) write$binfmt_misc(r1, &(0x7f00000000c0)=ANY=[], 0x7fffffff) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000000c0)={0x0, 0x1, 0x6, @link_local}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000540), 0x0) recvfrom(r2, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) 00:33:54 executing program 5: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="2e0000003e0081aee4050cecce4cb9040a485e510befccdf7f3e9cf0758ef900e1cf38ebb1cb4c100c0003720000", 0x2e}], 0x1, &(0x7f0000000040)}, 0x0) 00:33:54 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000080)={0x7b, 0x0, [0x40000084, 0x0, 0x40000106]}) 00:33:55 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f0000000080)=""/187, &(0x7f0000000000)=0xbb) 00:33:55 executing program 1: r0 = socket(0x40000000015, 0x5, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x300]}, 0x6}, 0x1c) 00:33:55 executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000000c0)) 00:33:55 executing program 2: prctl$intptr(0x4, 0x0) [ 437.637299] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma? 00:33:55 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="46c2"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:33:56 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) 00:33:56 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000000c0)='\n\\') arch_prctl(0x0, &(0x7f0000000000)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="46c2"]) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:33:56 executing program 1: r0 = socket(0x40000000015, 0x5, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x300]}, 0x6}, 0x1c) 00:33:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10080000000}) 00:33:56 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) [ 438.388264] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma? 00:33:56 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="7b1cd5078a8a6eb852b807b4f1e3f0b218", 0x11}], 0x1, &(0x7f0000000200)=[@assoc={0x18, 0x117, 0x4, 0x20}], 0x18, 0x4000000}, 0x5) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000013c0)=""/4096, 0xb003}], 0x1, &(0x7f0000000100)=""/123, 0x7b}, 0x0) 00:33:56 executing program 3: ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040)) perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f00000000c0)) clone(0x80a102001ff8, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) perf_event_open(&(0x7f000000a000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8000000200000000, 0x800007f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000140), &(0x7f0000343ff8)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000)) write$sndseq(0xffffffffffffffff, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) 00:33:56 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:56 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'\a\x00'}, &(0x7f0000001fee)="520972697374e363757367725669643a4465", 0x0) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f00000013c0)}, 0x0) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000200), 0x1, 0x0) 00:33:57 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='stat\x00') preadv(r0, &(0x7f0000000580), 0x100000000000020d, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000240)={"626f6e645f736c6176655f30000e00", {0x2, 0x0, @rand_addr, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000040)={0x8, 0x1}) 00:33:57 executing program 2: 00:33:57 executing program 5: 00:33:57 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:57 executing program 4: 00:33:57 executing program 1: 00:33:57 executing program 2: 00:33:57 executing program 5: 00:33:57 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:57 executing program 3: 00:33:58 executing program 1: 00:33:58 executing program 4: 00:33:58 executing program 2: 00:33:58 executing program 5: 00:33:58 executing program 3: 00:33:58 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:58 executing program 1: 00:33:58 executing program 4: 00:33:58 executing program 2: 00:33:58 executing program 5: 00:33:58 executing program 3: 00:33:59 executing program 1: 00:33:59 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:33:59 executing program 2: 00:33:59 executing program 5: 00:33:59 executing program 4: 00:33:59 executing program 3: 00:33:59 executing program 1: 00:33:59 executing program 4: 00:33:59 executing program 5: 00:33:59 executing program 2: 00:33:59 executing program 3: 00:33:59 executing program 1: 00:33:59 executing program 4: 00:34:00 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:00 executing program 5: 00:34:00 executing program 3: 00:34:00 executing program 2: 00:34:00 executing program 4: 00:34:00 executing program 1: 00:34:00 executing program 3: 00:34:00 executing program 4: 00:34:00 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/tcp6\x00') preadv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x142) 00:34:00 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000880)="240000005e0007031dfffd946fa2830020200a00090003045e1d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff, 0x10}, 0xc) 00:34:00 executing program 2: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000340)={@my}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000380), &(0x7f0000000400)=0x8) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a45320, &(0x7f0000000640)={{}, 'port0\x00', 0xd7ffb85c3231897d, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) write$binfmt_misc(r1, &(0x7f00000000c0)=ANY=[], 0x7fffffff) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000000c0)={0x0, 0x1, 0x6, @link_local}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000540), 0x0) recvfrom(r2, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) 00:34:01 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="7f454c46047a0520010000000000000000003e0000100000cd020000380000007b"], 0x21) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000013c0)=""/4096, 0xb003}], 0x1, &(0x7f0000000100)=""/123, 0x7b}, 0x0) 00:34:01 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:01 executing program 4: r0 = socket$pppoe(0x18, 0x1, 0x0) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x0, @random="15a713edcd74", 'teql0\x00'}}) 00:34:01 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x40000, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000340)={@my}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x8, "a0d229f7cc426ee6"}, &(0x7f0000000400)=0x10) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000480)={r1, 0xeea}, 0x8) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a45320, &(0x7f0000000640)={{}, 'port0\x00', 0xd7ffb85c3231897d, 0x40000, 0x2, 0x4, 0xffff, 0x1, 0xffffffff, 0x0, 0x0, 0x9}) r4 = gettid() process_vm_readv(r4, &(0x7f0000000380), 0x0, &(0x7f0000000580), 0x0, 0x0) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x7fffffff) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000000c0)={0x0, 0x1, 0x6, @link_local}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000540)=[@in={0x2, 0x0, @broadcast}], 0x10) getuid() recvfrom(r3, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) memfd_create(&(0x7f00000003c0)=' ', 0x0) 00:34:01 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4864, 0x0, 0x0, 0x0, 0x4000000002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_config_ext, 0x10025, 0x0, 0x800000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000008c0), 0xffffffffffffffff) lstat(&(0x7f0000000600)='./file0/file0\x00', &(0x7f0000000680)) r0 = getpid() r1 = socket(0x10, 0x802, 0x0) fstat(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setregid(0x0, r2) rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$poke(0x5, r0, &(0x7f0000000040), 0x0) 00:34:01 executing program 5: socketpair$unix(0x1, 0x40000000001, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r1, 0x2007) r2 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r2, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) write$binfmt_aout(r2, &(0x7f0000000540)=ANY=[], 0x0) r3 = accept4(r1, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000180)=0xff53, 0x0) recvfrom$inet(r3, &(0x7f00000001c0)=""/168, 0xa8, 0xfffffffffffffffe, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x70f000) 00:34:02 executing program 4: ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}}) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) clone(0x80a102001ff8, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) perf_event_open(&(0x7f000000a000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8000000200000000, 0x800007f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000140), &(0x7f0000343ff8)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000)) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000180), &(0x7f00000002c0)=""/198}, 0x18) 00:34:02 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) set_mempolicy(0xc002, &(0x7f0000000000), 0x0) 00:34:02 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x3166b194}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) memfd_create(&(0x7f0000000180)='wlan0\x00', 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$inet(0x2, 0x6000000000000003, 0x6) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000002c0)='sit0\x00', 0x8b) sendto$inet(r1, &(0x7f00000003c0), 0x0, 0x404c0c0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000380)={0x0, 0x0, 0x2ffd}, 0x4) sendto$inet(r1, &(0x7f0000000080), 0xfe7a, 0x60c10000, &(0x7f00000001c0)={0x2, 0x0, @rand_addr}, 0x10) 00:34:02 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:02 executing program 5: perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000300), &(0x7f0000000340)={0x0, 0x1c9c380}, &(0x7f00000003c0)={&(0x7f0000000380), 0x8}) 00:34:02 executing program 3: r0 = socket$pppoe(0x18, 0x1, 0x0) ioctl$PPPOEIOCSFWD(r0, 0x40047459, &(0x7f0000000040)={0x18, 0x0, {0x0, @random="15a713edcd74", 'teql0\x00'}}) 00:34:03 executing program 3: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) 00:34:03 executing program 4: prctl$setname(0xf, &(0x7f0000000580)="21225cd318f05894450e2c090782ecb5009aaf4271e6c8b7e0c4ce14582378ead3c0d61fe57a222e3d904b0154ff8e6d75b09d8abbef35d31dff6b7773c58b9f51b2e7cfdb6ac443bde0ef8c4952d93e06dd107200775dc3c63cf4a5514fff1aff4effec41f94dcfbf792d99f326d818f775244c9ee42dbb5a2701ae34c0fa084f2a929c7c7adba09c8762b9546f3ccb76997c720dc6703091e81e59be51478d77094c4df21da148ef3385255bff9fecb19b1e8730b89a1fea91172d9fb8b5e24390df0624618ad113d89339437ffb5098a5f034ac4eea30846ffbe94cf03a657b8701818f86cb502d2426d6b49812bfcfa62680bd029b2d3c863f9f2b0d866fd671d941af8e0ee51f4f1798e7a88b71ad9f1ed3e1665f9a374e53c5d87f242b0abf61c1ef30c1") socket$nl_generic(0x10, 0x3, 0x10) 00:34:03 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x40000, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000340)={@my}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x8, "a0d229f7cc426ee6"}, &(0x7f0000000400)=0x10) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000480)={r1, 0xeea}, 0x8) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a45320, &(0x7f0000000640)={{}, 'port0\x00', 0xd7ffb85c3231897d, 0x40000, 0x2, 0x4, 0xffff, 0x1, 0xffffffff, 0x0, 0x0, 0x9}) r4 = gettid() process_vm_readv(r4, &(0x7f0000000380), 0x0, &(0x7f0000000580), 0x0, 0x0) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x7fffffff) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000000c0)={0x0, 0x1, 0x6, @link_local}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000540)=[@in={0x2, 0x0, @broadcast}], 0x10) getuid() recvfrom(r3, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) memfd_create(&(0x7f00000003c0)=' ', 0x0) [ 445.171706] not chained 50000 origins [ 445.175592] CPU: 1 PID: 11827 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 445.182903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 445.192289] Call Trace: [ 445.194914] dump_stack+0x32d/0x480 [ 445.198599] kmsan_internal_chain_origin+0x222/0x240 [ 445.203769] ? apic_timer_interrupt+0xa/0x20 [ 445.208224] ? __entry_text_end+0x7/0x7 [ 445.212276] ? kmsan_internal_chain_origin+0x90/0x240 [ 445.217526] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 445.222934] ? is_bpf_text_address+0x49e/0x4d0 [ 445.227563] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 445.233056] ? in_task_stack+0x12c/0x210 [ 445.237167] __msan_chain_origin+0x6d/0xb0 [ 445.241445] ? ip_finish_output2+0x141a/0x1560 [ 445.246063] __save_stack_trace+0x8be/0xc60 [ 445.250438] ? trace_event_raw_event_drv_pre_channel_switch+0x7bd/0xce0 [ 445.257232] ? ip_finish_output2+0x141a/0x1560 [ 445.261868] save_stack_trace+0xc6/0x110 [ 445.265974] kmsan_internal_chain_origin+0x136/0x240 [ 445.271113] ? inet_sendmsg+0x4e9/0x800 [ 445.275136] ? kmsan_internal_chain_origin+0x136/0x240 [ 445.280443] ? kmsan_memcpy_origins+0x13d/0x190 [ 445.285143] ? __msan_memcpy+0x6f/0x80 [ 445.289062] ? pskb_expand_head+0x436/0x1d20 [ 445.293505] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 445.297864] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 445.302209] ? dev_hard_start_xmit+0x6dc/0xde0 [ 445.306831] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 445.311361] ? dev_queue_xmit+0x4b/0x60 [ 445.315372] ? neigh_direct_output+0x42/0x50 [ 445.319817] ? ip_finish_output2+0x141a/0x1560 [ 445.324426] ? ip_do_fragment+0x1b42/0x3f10 [ 445.328774] ? ip_fragment+0x247/0x400 [ 445.332688] ? ip_finish_output+0x1056/0x10f0 [ 445.337208] ? ip_mc_output+0xf25/0x10f0 [ 445.341310] ? ip_push_pending_frames+0x243/0x470 [ 445.346173] ? raw_sendmsg+0x2e54/0x45c0 [ 445.350267] ? inet_sendmsg+0x4e9/0x800 [ 445.354275] ? __sys_sendto+0x940/0xb80 [ 445.358285] ? __se_sys_sendto+0x107/0x130 [ 445.362546] ? __x64_sys_sendto+0x6e/0x90 [ 445.366730] ? do_syscall_64+0xcf/0x110 [ 445.370747] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 445.376169] ? __msan_get_context_state+0x9/0x20 [ 445.380950] ? INIT_INT+0xc/0x30 [ 445.384366] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 445.389779] kmsan_memcpy_origins+0x13d/0x190 [ 445.394316] __msan_memcpy+0x6f/0x80 [ 445.398172] pskb_expand_head+0x436/0x1d20 [ 445.402476] ip_tunnel_xmit+0x35a3/0x3d90 [ 445.406708] sit_tunnel_xmit+0xbf8/0x3d40 [ 445.410889] ? packet_direct_xmit+0x3d0/0x3d0 [ 445.415417] ? dev_queue_xmit_nit+0x1222/0x1320 00:34:03 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) [ 445.420160] ? ipip6_tunnel_uninit+0x800/0x800 [ 445.424775] dev_hard_start_xmit+0x6dc/0xde0 [ 445.429263] __dev_queue_xmit+0x2d9e/0x3e00 [ 445.433653] ? __msan_poison_alloca+0x1e0/0x270 [ 445.438369] dev_queue_xmit+0x4b/0x60 [ 445.442201] neigh_direct_output+0x42/0x50 [ 445.446478] ? neigh_connected_output+0x700/0x700 [ 445.451355] ip_finish_output2+0x141a/0x1560 [ 445.455820] ip_do_fragment+0x1b42/0x3f10 [ 445.460013] ? ip_fragment+0x400/0x400 [ 445.463992] ip_fragment+0x247/0x400 [ 445.467751] ip_finish_output+0x1056/0x10f0 [ 445.472129] ip_mc_output+0xf25/0x10f0 [ 445.476076] ? ip_mc_finish_output+0x440/0x440 [ 445.480688] ? ip_build_and_send_pkt+0xe60/0xe60 [ 445.485474] ip_push_pending_frames+0x243/0x470 [ 445.490185] raw_sendmsg+0x2e54/0x45c0 [ 445.494175] ? __msan_poison_alloca+0x1a0/0x270 [ 445.498897] ? compat_raw_ioctl+0x100/0x100 [ 445.503257] inet_sendmsg+0x4e9/0x800 [ 445.507092] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 445.512483] ? security_socket_sendmsg+0x1bd/0x200 [ 445.517451] ? inet_getname+0x490/0x490 [ 445.521455] __sys_sendto+0x940/0xb80 [ 445.525325] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 445.530802] ? prepare_exit_to_usermode+0x182/0x4c0 [ 445.535876] __se_sys_sendto+0x107/0x130 [ 445.539979] __x64_sys_sendto+0x6e/0x90 [ 445.543986] do_syscall_64+0xcf/0x110 [ 445.547823] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 445.553038] RIP: 0033:0x457569 [ 445.556266] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 445.575190] RSP: 002b:00007fedb96aac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 445.582938] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 445.590228] RDX: 000000000000fe7a RSI: 0000000020000080 RDI: 0000000000000008 [ 445.597531] RBP: 000000000072bf00 R08: 00000000200001c0 R09: 0000000000000010 [ 445.604823] R10: 0000000060c10000 R11: 0000000000000246 R12: 00007fedb96ab6d4 [ 445.611246] not chained 60000 origins [ 445.612130] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 445.623230] Uninit was stored to memory at: [ 445.623257] CPU: 0 PID: 11846 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 445.623276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 445.627609] kmsan_internal_chain_origin+0x136/0x240 [ 445.634846] Call Trace: [ 445.634879] dump_stack+0x32d/0x480 [ 445.644224] __msan_chain_origin+0x6d/0xb0 [ 445.649331] kmsan_internal_chain_origin+0x222/0x240 [ 445.651891] __save_stack_trace+0x8be/0xc60 [ 445.655539] ? save_stack_trace+0xc6/0x110 [ 445.659738] save_stack_trace+0xc6/0x110 [ 445.664869] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 445.669193] kmsan_internal_chain_origin+0x136/0x240 [ 445.673426] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 445.677472] kmsan_memcpy_origins+0x13d/0x190 [ 445.682564] ? __module_address+0x6a/0x5f0 [ 445.687660] __msan_memcpy+0x6f/0x80 [ 445.693025] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 445.697513] pskb_expand_head+0x436/0x1d20 [ 445.701735] ? is_bpf_text_address+0x49e/0x4d0 [ 445.705441] ip_tunnel_xmit+0x35a3/0x3d90 [ 445.710800] ? INIT_INT+0xc/0x30 [ 445.715022] sit_tunnel_xmit+0xbf8/0x3d40 [ 445.719608] __msan_chain_origin+0x6d/0xb0 [ 445.723730] dev_hard_start_xmit+0x6dc/0xde0 [ 445.727092] __save_stack_trace+0xaff/0xc60 [ 445.731227] __dev_queue_xmit+0x2d9e/0x3e00 [ 445.735503] save_stack_trace+0xc6/0x110 [ 445.739863] dev_queue_xmit+0x4b/0x60 [ 445.744184] kmsan_internal_chain_origin+0x136/0x240 [ 445.748494] neigh_direct_output+0x42/0x50 [ 445.752546] ? inet_sendmsg+0x4e9/0x800 [ 445.756333] ip_finish_output2+0x141a/0x1560 [ 445.761439] ? kmsan_internal_chain_origin+0x136/0x240 [ 445.765656] ip_do_fragment+0x1b42/0x3f10 [ 445.769625] ? kmsan_memcpy_origins+0x13d/0x190 [ 445.774018] ip_fragment+0x247/0x400 [ 445.779287] ? __msan_memcpy+0x6f/0x80 [ 445.783422] ip_finish_output+0x1056/0x10f0 [ 445.788088] ? pskb_expand_head+0x436/0x1d20 [ 445.791784] ip_mc_output+0xf25/0x10f0 [ 445.795672] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 445.799980] ip_push_pending_frames+0x243/0x470 [ 445.804382] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 445.808270] raw_sendmsg+0x2e54/0x45c0 [ 445.812586] ? dev_hard_start_xmit+0x6dc/0xde0 [ 445.817255] inet_sendmsg+0x4e9/0x800 [ 445.821567] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 445.825441] __sys_sendto+0x940/0xb80 [ 445.830018] ? dev_queue_xmit+0x4b/0x60 [ 445.833807] __se_sys_sendto+0x107/0x130 [ 445.838304] ? neigh_direct_output+0x42/0x50 [ 445.842096] __x64_sys_sendto+0x6e/0x90 [ 445.846074] ? ip_finish_output2+0x141a/0x1560 [ 445.850118] do_syscall_64+0xcf/0x110 [ 445.854518] ? ip_do_fragment+0x1b42/0x3f10 [ 445.858485] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 445.863055] ? ip_fragment+0x247/0x400 [ 445.866836] [ 445.871160] ? ip_finish_output+0x1056/0x10f0 [ 445.876341] kmsan_internal_chain_origin+0x136/0x240 [ 445.880223] ? ip_mc_output+0xf25/0x10f0 [ 445.881855] __msan_chain_origin+0x6d/0xb0 [ 445.886345] ? ip_push_pending_frames+0x243/0x470 [ 445.891434] __save_stack_trace+0x8be/0xc60 [ 445.895481] ? raw_sendmsg+0x2e54/0x45c0 [ 445.900130] save_stack_trace+0xc6/0x110 [ 445.904924] ? inet_sendmsg+0x4e9/0x800 [ 445.909253] kmsan_internal_chain_origin+0x136/0x240 [ 445.913304] ? __sys_sendto+0x940/0xb80 [ 445.917359] kmsan_memcpy_origins+0x13d/0x190 [ 445.917391] __msan_memcpy+0x6f/0x80 [ 445.921358] ? __se_sys_sendto+0x107/0x130 [ 445.926461] pskb_expand_head+0x436/0x1d20 [ 445.930421] ? __x64_sys_sendto+0x6e/0x90 [ 445.934913] ip_tunnel_xmit+0x35a3/0x3d90 [ 445.938621] ? do_syscall_64+0xcf/0x110 [ 445.942851] sit_tunnel_xmit+0xbf8/0x3d40 [ 445.947119] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 445.951266] dev_hard_start_xmit+0x6dc/0xde0 [ 445.955434] ? __msan_get_context_state+0x9/0x20 [ 445.959379] __dev_queue_xmit+0x2d9e/0x3e00 [ 445.963533] ? INIT_INT+0xc/0x30 [ 445.968885] dev_queue_xmit+0x4b/0x60 [ 445.973285] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 445.978026] neigh_direct_output+0x42/0x50 [ 445.982365] kmsan_memcpy_origins+0x13d/0x190 [ 445.985706] ip_finish_output2+0x141a/0x1560 [ 445.989509] __msan_memcpy+0x6f/0x80 [ 445.994860] ip_do_fragment+0x1b42/0x3f10 [ 445.999099] pskb_expand_head+0x436/0x1d20 [ 446.003577] ip_fragment+0x247/0x400 [ 446.008012] ip_tunnel_xmit+0x35a3/0x3d90 [ 446.011686] ip_finish_output+0x1056/0x10f0 [ 446.015874] sit_tunnel_xmit+0xbf8/0x3d40 [ 446.020055] ip_mc_output+0xf25/0x10f0 [ 446.023773] ? packet_direct_xmit+0x3d0/0x3d0 [ 446.027913] ip_push_pending_frames+0x243/0x470 [ 446.032252] ? dev_queue_xmit_nit+0x1222/0x1320 [ 446.036391] raw_sendmsg+0x2e54/0x45c0 [ 446.040314] ? ipip6_tunnel_uninit+0x800/0x800 [ 446.044989] inet_sendmsg+0x4e9/0x800 [ 446.049582] dev_hard_start_xmit+0x6dc/0xde0 [ 446.054252] __sys_sendto+0x940/0xb80 [ 446.058165] __dev_queue_xmit+0x2d9e/0x3e00 [ 446.062717] __se_sys_sendto+0x107/0x130 [ 446.066547] ? __msan_poison_alloca+0x1e0/0x270 [ 446.070911] __x64_sys_sendto+0x6e/0x90 [ 446.074707] dev_queue_xmit+0x4b/0x60 [ 446.079019] do_syscall_64+0xcf/0x110 [ 446.083092] neigh_direct_output+0x42/0x50 [ 446.087756] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.091718] ? neigh_connected_output+0x700/0x700 [ 446.095501] [ 446.099309] ip_finish_output2+0x141a/0x1560 [ 446.103535] kmsan_internal_chain_origin+0x136/0x240 [ 446.108738] ip_do_fragment+0x1b42/0x3f10 [ 446.113552] __msan_chain_origin+0x6d/0xb0 [ 446.115171] ? ip_fragment+0x400/0x400 [ 446.115274] ip_fragment+0x247/0x400 [ 446.120287] __save_stack_trace+0x8be/0xc60 [ 446.125401] ip_finish_output+0x1056/0x10f0 [ 446.129530] save_stack_trace+0xc6/0x110 [ 446.133776] ip_mc_output+0xf25/0x10f0 [ 446.137637] kmsan_internal_chain_origin+0x136/0x240 [ 446.141363] ? ip_mc_finish_output+0x440/0x440 [ 446.145649] kmsan_memcpy_origins+0x13d/0x190 [ 446.149966] ? ip_build_and_send_pkt+0xe60/0xe60 [ 446.154020] __msan_memcpy+0x6f/0x80 [ 446.157912] ip_push_pending_frames+0x243/0x470 [ 446.163010] pskb_expand_head+0x436/0x1d20 [ 446.167589] raw_sendmsg+0x2e54/0x45c0 [ 446.172070] ip_tunnel_xmit+0x35a3/0x3d90 [ 446.176879] ? __msan_poison_alloca+0x1a0/0x270 [ 446.180520] sit_tunnel_xmit+0xbf8/0x3d40 [ 446.185190] ? compat_raw_ioctl+0x100/0x100 [ 446.189429] dev_hard_start_xmit+0x6dc/0xde0 [ 446.193317] inet_sendmsg+0x4e9/0x800 [ 446.197457] __dev_queue_xmit+0x2d9e/0x3e00 [ 446.202125] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 446.206267] dev_queue_xmit+0x4b/0x60 [ 446.210582] ? security_socket_sendmsg+0x1bd/0x200 [ 446.214980] neigh_direct_output+0x42/0x50 [ 446.218779] ? inet_getname+0x490/0x490 [ 446.223089] ip_finish_output2+0x141a/0x1560 [ 446.228444] __sys_sendto+0x940/0xb80 [ 446.232246] ip_do_fragment+0x1b42/0x3f10 [ 446.237206] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 446.241417] ip_fragment+0x247/0x400 [ 446.245389] ? prepare_exit_to_usermode+0x182/0x4c0 [ 446.249788] ip_finish_output+0x1056/0x10f0 [ 446.253590] __se_sys_sendto+0x107/0x130 [ 446.257718] ip_mc_output+0xf25/0x10f0 [ 446.263169] __x64_sys_sendto+0x6e/0x90 [ 446.266871] ip_push_pending_frames+0x243/0x470 [ 446.271880] do_syscall_64+0xcf/0x110 [ 446.276188] raw_sendmsg+0x2e54/0x45c0 [ 446.280254] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.284129] inet_sendmsg+0x4e9/0x800 [ 446.288090] RIP: 0033:0x457569 [ 446.292753] __sys_sendto+0x940/0xb80 [ 446.296545] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 446.300422] __se_sys_sendto+0x107/0x130 [ 446.305595] RSP: 002b:00007fedb9668c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 446.309437] __x64_sys_sendto+0x6e/0x90 [ 446.312621] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 446.316418] do_syscall_64+0xcf/0x110 [ 446.335332] RDX: 000000000000fe7a RSI: 0000000020000080 RDI: 000000000000000e [ 446.339408] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.347097] RBP: 000000000072c040 R08: 00000000200001c0 R09: 0000000000000010 [ 446.351054] [ 446.358327] R10: 0000000060c10000 R11: 0000000000000246 R12: 00007fedb96696d4 [ 446.362130] kmsan_internal_chain_origin+0x136/0x240 [ 446.369382] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 446.374570] __msan_chain_origin+0x6d/0xb0 [ 446.381838] Uninit was stored to memory at: [ 446.383459] __save_stack_trace+0x8be/0xc60 [ 446.390726] kmsan_internal_chain_origin+0x136/0x240 [ 446.395816] save_stack_trace+0xc6/0x110 [ 446.403078] __msan_chain_origin+0x6d/0xb0 [ 446.407305] kmsan_internal_chain_origin+0x136/0x240 [ 446.411622] __save_stack_trace+0x8be/0xc60 [ 446.415932] kmsan_memcpy_origins+0x13d/0x190 [ 446.421027] save_stack_trace+0xc6/0x110 [ 446.425084] __msan_memcpy+0x6f/0x80 [ 446.429313] kmsan_internal_chain_origin+0x136/0x240 [ 446.434414] pskb_expand_head+0x436/0x1d20 [ 446.438730] kmsan_memcpy_origins+0x13d/0x190 [ 446.443228] ip_tunnel_xmit+0x35a3/0x3d90 [ 446.447280] __msan_memcpy+0x6f/0x80 [ 446.450988] sit_tunnel_xmit+0xbf8/0x3d40 [ 446.456081] pskb_expand_head+0x436/0x1d20 [ 446.460309] dev_hard_start_xmit+0x6dc/0xde0 [ 446.464797] ip_tunnel_xmit+0x35a3/0x3d90 [ 446.468933] __dev_queue_xmit+0x2d9e/0x3e00 [ 446.472646] sit_tunnel_xmit+0xbf8/0x3d40 [ 446.476787] dev_queue_xmit+0x4b/0x60 [ 446.481012] dev_hard_start_xmit+0x6dc/0xde0 [ 446.485409] neigh_direct_output+0x42/0x50 [ 446.489546] __dev_queue_xmit+0x2d9e/0x3e00 [ 446.493873] ip_finish_output2+0x141a/0x1560 [ 446.498015] dev_queue_xmit+0x4b/0x60 [ 446.501807] ip_do_fragment+0x1b42/0x3f10 [ 446.506206] neigh_direct_output+0x42/0x50 [ 446.510435] ip_fragment+0x247/0x400 [ 446.514746] ip_finish_output2+0x141a/0x1560 [ 446.519145] ip_finish_output+0x1056/0x10f0 [ 446.522938] ip_do_fragment+0x1b42/0x3f10 [ 446.527079] ip_mc_output+0xf25/0x10f0 [ 446.531303] ip_fragment+0x247/0x400 [ 446.535009] ip_push_pending_frames+0x243/0x470 [ 446.539407] ip_finish_output+0x1056/0x10f0 [ 446.543719] raw_sendmsg+0x2e54/0x45c0 [ 446.547865] ip_mc_output+0xf25/0x10f0 [ 446.551744] inet_sendmsg+0x4e9/0x800 [ 446.555446] ip_push_pending_frames+0x243/0x470 [ 446.560104] __sys_sendto+0x940/0xb80 [ 446.564416] raw_sendmsg+0x2e54/0x45c0 [ 446.568295] __se_sys_sendto+0x107/0x130 [ 446.572175] inet_sendmsg+0x4e9/0x800 [ 446.575964] __x64_sys_sendto+0x6e/0x90 [ 446.580635] __sys_sendto+0x940/0xb80 [ 446.584428] do_syscall_64+0xcf/0x110 [ 446.588306] __se_sys_sendto+0x107/0x130 [ 446.592368] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.596155] __x64_sys_sendto+0x6e/0x90 [ 446.600109] [ 446.603911] do_syscall_64+0xcf/0x110 [ 446.607707] kmsan_internal_chain_origin+0x136/0x240 [ 446.611758] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.616936] __msan_chain_origin+0x6d/0xb0 [ 446.620895] [ 446.622530] __save_stack_trace+0x8be/0xc60 [ 446.626305] Uninit was stored to memory at: [ 446.631411] save_stack_trace+0xc6/0x110 [ 446.636592] kmsan_internal_chain_origin+0x136/0x240 [ 446.640818] kmsan_internal_chain_origin+0x136/0x240 [ 446.642443] __msan_chain_origin+0x6d/0xb0 [ 446.646756] kmsan_memcpy_origins+0x13d/0x190 [ 446.651066] __save_stack_trace+0x8be/0xc60 [ 446.655118] __msan_memcpy+0x6f/0x80 [ 446.660210] save_stack_trace+0xc6/0x110 [ 446.665303] pskb_expand_head+0x436/0x1d20 [ 446.669698] kmsan_internal_chain_origin+0x136/0x240 [ 446.674184] ip_tunnel_xmit+0x35a3/0x3d90 [ 446.678495] kmsan_memcpy_origins+0x13d/0x190 [ 446.682198] sit_tunnel_xmit+0xbf8/0x3d40 [ 446.686260] __msan_memcpy+0x6f/0x80 [ 446.690490] dev_hard_start_xmit+0x6dc/0xde0 [ 446.695586] pskb_expand_head+0x436/0x1d20 [ 446.699721] __dev_queue_xmit+0x2d9e/0x3e00 [ 446.704210] ip_tunnel_xmit+0x35a3/0x3d90 [ 446.708344] dev_queue_xmit+0x4b/0x60 [ 446.712052] sit_tunnel_xmit+0xbf8/0x3d40 [ 446.716544] neigh_direct_output+0x42/0x50 [ 446.720772] dev_hard_start_xmit+0x6dc/0xde0 [ 446.725093] ip_finish_output2+0x141a/0x1560 [ 446.729233] __dev_queue_xmit+0x2d9e/0x3e00 [ 446.733043] ip_do_fragment+0x1b42/0x3f10 [ 446.737183] dev_queue_xmit+0x4b/0x60 [ 446.741408] ip_fragment+0x247/0x400 [ 446.745809] neigh_direct_output+0x42/0x50 [ 446.750209] ip_finish_output+0x1056/0x10f0 [ 446.754526] ip_finish_output2+0x141a/0x1560 [ 446.758664] ip_mc_output+0xf25/0x10f0 [ 446.762462] ip_do_fragment+0x1b42/0x3f10 [ 446.766168] ip_push_pending_frames+0x243/0x470 [ 446.770390] ip_fragment+0x247/0x400 [ 446.774703] raw_sendmsg+0x2e54/0x45c0 [ 446.779102] ip_finish_output+0x1056/0x10f0 [ 446.782987] inet_sendmsg+0x4e9/0x800 [ 446.787127] ip_mc_output+0xf25/0x10f0 [ 446.791788] __sys_sendto+0x940/0xb80 [ 446.795506] ip_push_pending_frames+0x243/0x470 [ 446.799384] __se_sys_sendto+0x107/0x130 [ 446.803698] raw_sendmsg+0x2e54/0x45c0 [ 446.807489] __x64_sys_sendto+0x6e/0x90 [ 446.811368] inet_sendmsg+0x4e9/0x800 [ 446.815163] do_syscall_64+0xcf/0x110 [ 446.819825] __sys_sendto+0x940/0xb80 [ 446.823897] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.827769] __se_sys_sendto+0x107/0x130 [ 446.831728] [ 446.835534] __x64_sys_sendto+0x6e/0x90 [ 446.839321] Uninit was stored to memory at: [ 446.843128] do_syscall_64+0xcf/0x110 [ 446.848320] kmsan_internal_chain_origin+0x136/0x240 [ 446.852372] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.853993] __msan_chain_origin+0x6d/0xb0 [ 446.857939] [ 446.862273] __save_stack_trace+0x8be/0xc60 [ 446.866064] kmsan_internal_chain_origin+0x136/0x240 [ 446.871158] save_stack_trace+0xc6/0x110 [ 446.876336] __msan_chain_origin+0x6d/0xb0 [ 446.880558] kmsan_internal_chain_origin+0x136/0x240 [ 446.882180] __save_stack_trace+0x8be/0xc60 [ 446.886492] kmsan_memcpy_origins+0x13d/0x190 [ 446.891588] save_stack_trace+0xc6/0x110 [ 446.895641] __msan_memcpy+0x6f/0x80 [ 446.899871] kmsan_internal_chain_origin+0x136/0x240 [ 446.904965] pskb_expand_head+0x436/0x1d20 [ 446.909283] kmsan_memcpy_origins+0x13d/0x190 [ 446.913776] ip_tunnel_xmit+0x35a3/0x3d90 [ 446.917829] __msan_memcpy+0x6f/0x80 [ 446.921547] sit_tunnel_xmit+0xbf8/0x3d40 [ 446.926643] pskb_expand_head+0x436/0x1d20 [ 446.930882] dev_hard_start_xmit+0x6dc/0xde0 [ 446.935368] ip_tunnel_xmit+0x35a3/0x3d90 [ 446.939508] __dev_queue_xmit+0x2d9e/0x3e00 [ 446.943214] sit_tunnel_xmit+0xbf8/0x3d40 [ 446.947352] dev_queue_xmit+0x4b/0x60 [ 446.951600] dev_hard_start_xmit+0x6dc/0xde0 [ 446.956025] neigh_direct_output+0x42/0x50 [ 446.960169] __dev_queue_xmit+0x2d9e/0x3e00 [ 446.964486] ip_finish_output2+0x141a/0x1560 [ 446.968622] dev_queue_xmit+0x4b/0x60 [ 446.972417] ip_do_fragment+0x1b42/0x3f10 [ 446.976815] neigh_direct_output+0x42/0x50 [ 446.981038] ip_fragment+0x247/0x400 [ 446.985715] ip_finish_output2+0x141a/0x1560 [ 446.990122] ip_finish_output+0x1056/0x10f0 [ 446.993915] ip_do_fragment+0x1b42/0x3f10 [ 446.998065] ip_mc_output+0xf25/0x10f0 [ 447.002291] ip_fragment+0x247/0x400 [ 447.005996] ip_push_pending_frames+0x243/0x470 [ 447.010398] ip_finish_output+0x1056/0x10f0 [ 447.014711] raw_sendmsg+0x2e54/0x45c0 [ 447.018849] ip_mc_output+0xf25/0x10f0 [ 447.022732] inet_sendmsg+0x4e9/0x800 [ 447.026434] ip_push_pending_frames+0x243/0x470 [ 447.031091] __sys_sendto+0x940/0xb80 [ 447.035406] raw_sendmsg+0x2e54/0x45c0 [ 447.039289] __se_sys_sendto+0x107/0x130 [ 447.043177] inet_sendmsg+0x4e9/0x800 [ 447.046970] __x64_sys_sendto+0x6e/0x90 [ 447.051628] __sys_sendto+0x940/0xb80 [ 447.055422] do_syscall_64+0xcf/0x110 [ 447.059301] __se_sys_sendto+0x107/0x130 [ 447.063358] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.067148] __x64_sys_sendto+0x6e/0x90 [ 447.071106] [ 447.074910] do_syscall_64+0xcf/0x110 [ 447.078703] kmsan_internal_chain_origin+0x136/0x240 [ 447.082759] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.087937] __msan_chain_origin+0x6d/0xb0 [ 447.091887] [ 447.093524] __save_stack_trace+0x8be/0xc60 [ 447.097300] Uninit was stored to memory at: [ 447.102411] save_stack_trace+0xc6/0x110 [ 447.107591] kmsan_internal_chain_origin+0x136/0x240 [ 447.111814] kmsan_internal_chain_origin+0x136/0x240 [ 447.113439] __msan_chain_origin+0x6d/0xb0 [ 447.117782] kmsan_memcpy_origins+0x13d/0x190 [ 447.122092] __save_stack_trace+0x8be/0xc60 [ 447.126143] __msan_memcpy+0x6f/0x80 [ 447.131250] save_stack_trace+0xc6/0x110 [ 447.136347] pskb_expand_head+0x436/0x1d20 [ 447.141446] kmsan_internal_chain_origin+0x136/0x240 [ 447.145934] ip_tunnel_xmit+0x35a3/0x3d90 [ 447.150260] kmsan_memcpy_origins+0x13d/0x190 [ 447.153968] sit_tunnel_xmit+0xbf8/0x3d40 [ 447.158023] __msan_memcpy+0x6f/0x80 [ 447.162262] dev_hard_start_xmit+0x6dc/0xde0 [ 447.167365] pskb_expand_head+0x436/0x1d20 [ 447.171499] __dev_queue_xmit+0x2d9e/0x3e00 [ 447.175985] ip_tunnel_xmit+0x35a3/0x3d90 [ 447.180120] dev_queue_xmit+0x4b/0x60 [ 447.183824] sit_tunnel_xmit+0xbf8/0x3d40 [ 447.188219] neigh_direct_output+0x42/0x50 [ 447.192449] dev_hard_start_xmit+0x6dc/0xde0 [ 447.196761] ip_finish_output2+0x141a/0x1560 [ 447.200896] __dev_queue_xmit+0x2d9e/0x3e00 [ 447.204691] ip_do_fragment+0x1b42/0x3f10 [ 447.208829] dev_queue_xmit+0x4b/0x60 [ 447.213062] ip_fragment+0x247/0x400 [ 447.217461] neigh_direct_output+0x42/0x50 [ 447.221860] ip_finish_output+0x1056/0x10f0 [ 447.226170] ip_finish_output2+0x141a/0x1560 [ 447.230311] ip_mc_output+0xf25/0x10f0 [ 447.234101] ip_do_fragment+0x1b42/0x3f10 [ 447.237806] ip_push_pending_frames+0x243/0x470 [ 447.242028] ip_fragment+0x247/0x400 [ 447.246338] raw_sendmsg+0x2e54/0x45c0 [ 447.250742] ip_finish_output+0x1056/0x10f0 [ 447.254626] inet_sendmsg+0x4e9/0x800 [ 447.258759] ip_mc_output+0xf25/0x10f0 [ 447.263418] __sys_sendto+0x940/0xb80 [ 447.267123] ip_push_pending_frames+0x243/0x470 [ 447.270996] __se_sys_sendto+0x107/0x130 [ 447.275310] raw_sendmsg+0x2e54/0x45c0 [ 447.279100] __x64_sys_sendto+0x6e/0x90 [ 447.282978] inet_sendmsg+0x4e9/0x800 [ 447.286772] do_syscall_64+0xcf/0x110 [ 447.291431] __sys_sendto+0x940/0xb80 [ 447.295489] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.299360] __se_sys_sendto+0x107/0x130 [ 447.303316] [ 447.307118] __x64_sys_sendto+0x6e/0x90 [ 447.329538] do_syscall_64+0xcf/0x110 [ 447.333379] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.338573] [ 447.340210] Uninit was stored to memory at: [ 447.344563] kmsan_internal_chain_origin+0x136/0x240 [ 447.349687] __msan_chain_origin+0x6d/0xb0 [ 447.353948] __save_stack_trace+0x8be/0xc60 [ 447.358289] save_stack_trace+0xc6/0x110 [ 447.362378] kmsan_internal_chain_origin+0x136/0x240 [ 447.367506] kmsan_memcpy_origins+0x13d/0x190 [ 447.372027] __msan_memcpy+0x6f/0x80 [ 447.375767] pskb_expand_head+0x436/0x1d20 [ 447.380024] ip_tunnel_xmit+0x35a3/0x3d90 [ 447.384194] sit_tunnel_xmit+0xbf8/0x3d40 [ 447.388369] dev_hard_start_xmit+0x6dc/0xde0 [ 447.392799] __dev_queue_xmit+0x2d9e/0x3e00 [ 447.397139] dev_queue_xmit+0x4b/0x60 [ 447.400962] neigh_direct_output+0x42/0x50 [ 447.405215] ip_finish_output2+0x141a/0x1560 [ 447.409650] ip_do_fragment+0x1b42/0x3f10 [ 447.413814] ip_fragment+0x247/0x400 [ 447.417551] ip_finish_output+0x1056/0x10f0 [ 447.421891] ip_mc_output+0xf25/0x10f0 [ 447.425804] ip_push_pending_frames+0x243/0x470 [ 447.430491] raw_sendmsg+0x2e54/0x45c0 [ 447.434402] inet_sendmsg+0x4e9/0x800 [ 447.438223] __sys_sendto+0x940/0xb80 [ 447.442049] __se_sys_sendto+0x107/0x130 [ 447.446132] __x64_sys_sendto+0x6e/0x90 [ 447.450123] do_syscall_64+0xcf/0x110 [ 447.453945] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.459143] [ 447.460777] Uninit was stored to memory at: [ 447.465124] kmsan_internal_chain_origin+0x136/0x240 [ 447.470256] __msan_chain_origin+0x6d/0xb0 [ 447.474511] __save_stack_trace+0x8be/0xc60 [ 447.478853] save_stack_trace+0xc6/0x110 [ 447.482939] kmsan_internal_chain_origin+0x136/0x240 [ 447.488065] kmsan_memcpy_origins+0x13d/0x190 [ 447.492579] __msan_memcpy+0x6f/0x80 [ 447.496318] pskb_expand_head+0x436/0x1d20 [ 447.500575] ip_tunnel_xmit+0x35a3/0x3d90 [ 447.504742] sit_tunnel_xmit+0xbf8/0x3d40 [ 447.508909] dev_hard_start_xmit+0x6dc/0xde0 [ 447.513339] __dev_queue_xmit+0x2d9e/0x3e00 [ 447.517680] dev_queue_xmit+0x4b/0x60 [ 447.521497] neigh_direct_output+0x42/0x50 [ 447.525755] ip_finish_output2+0x141a/0x1560 [ 447.530182] ip_do_fragment+0x1b42/0x3f10 [ 447.534354] ip_fragment+0x247/0x400 [ 447.538089] ip_finish_output+0x1056/0x10f0 [ 447.542426] ip_mc_output+0xf25/0x10f0 [ 447.546329] ip_push_pending_frames+0x243/0x470 [ 447.551016] raw_sendmsg+0x2e54/0x45c0 [ 447.554924] inet_sendmsg+0x4e9/0x800 [ 447.558749] __sys_sendto+0x940/0xb80 [ 447.562570] __se_sys_sendto+0x107/0x130 [ 447.566646] __x64_sys_sendto+0x6e/0x90 [ 447.570637] do_syscall_64+0xcf/0x110 [ 447.574459] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.579652] [ 447.581292] Uninit was stored to memory at: [ 447.585633] kmsan_internal_chain_origin+0x136/0x240 [ 447.590759] __msan_chain_origin+0x6d/0xb0 [ 447.595015] __save_stack_trace+0x8be/0xc60 [ 447.599358] save_stack_trace+0xc6/0x110 [ 447.603444] kmsan_internal_chain_origin+0x136/0x240 [ 447.608563] kmsan_memcpy_origins+0x13d/0x190 [ 447.613077] __msan_memcpy+0x6f/0x80 [ 447.616810] pskb_expand_head+0x436/0x1d20 [ 447.621067] ip_tunnel_xmit+0x35a3/0x3d90 [ 447.625236] sit_tunnel_xmit+0xbf8/0x3d40 [ 447.629409] dev_hard_start_xmit+0x6dc/0xde0 [ 447.633832] __dev_queue_xmit+0x2d9e/0x3e00 [ 447.638170] dev_queue_xmit+0x4b/0x60 [ 447.641995] neigh_direct_output+0x42/0x50 [ 447.646256] ip_finish_output2+0x141a/0x1560 [ 447.650685] ip_do_fragment+0x1b42/0x3f10 [ 447.654851] ip_fragment+0x247/0x400 [ 447.658582] ip_finish_output+0x1056/0x10f0 [ 447.662921] ip_mc_output+0xf25/0x10f0 [ 447.666824] ip_push_pending_frames+0x243/0x470 [ 447.671515] raw_sendmsg+0x2e54/0x45c0 [ 447.675424] inet_sendmsg+0x4e9/0x800 [ 447.679249] __sys_sendto+0x940/0xb80 [ 447.683069] __se_sys_sendto+0x107/0x130 [ 447.687151] __x64_sys_sendto+0x6e/0x90 [ 447.691143] do_syscall_64+0xcf/0x110 [ 447.694966] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.700159] [ 447.701801] Local variable description: ----v.addr.i.i@ip_do_fragment [ 447.708383] Variable was created at: [ 447.712118] ip_do_fragment+0xa1/0x3f10 [ 447.716110] ip_fragment+0x247/0x400 [ 447.740057] not chained 70000 origins [ 447.743930] CPU: 0 PID: 11846 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 447.751220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 447.760604] Call Trace: [ 447.763224] dump_stack+0x32d/0x480 [ 447.766906] kmsan_internal_chain_origin+0x222/0x240 [ 447.772069] ? save_stack_trace+0xc6/0x110 [ 447.776333] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 447.781475] ? kmsan_internal_chain_origin+0x90/0x240 [ 447.786706] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 447.792093] ? is_bpf_text_address+0x49e/0x4d0 [ 447.796720] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 447.802199] ? in_task_stack+0x12c/0x210 [ 447.806330] __msan_chain_origin+0x6d/0xb0 [ 447.810602] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.815990] __save_stack_trace+0x8be/0xc60 [ 447.820380] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.825775] save_stack_trace+0xc6/0x110 [ 447.829869] kmsan_internal_chain_origin+0x136/0x240 [ 447.834991] ? inet_sendmsg+0x4e9/0x800 [ 447.839000] ? kmsan_internal_chain_origin+0x136/0x240 [ 447.844302] ? kmsan_memcpy_origins+0x13d/0x190 [ 447.848993] ? __msan_memcpy+0x6f/0x80 [ 447.852904] ? pskb_expand_head+0x436/0x1d20 [ 447.857336] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 447.861689] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 447.866034] ? dev_hard_start_xmit+0x6dc/0xde0 [ 447.870639] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 447.875155] ? dev_queue_xmit+0x4b/0x60 [ 447.879148] ? neigh_direct_output+0x42/0x50 [ 447.883576] ? ip_finish_output2+0x141a/0x1560 [ 447.888175] ? ip_do_fragment+0x1b42/0x3f10 [ 447.892516] ? ip_fragment+0x247/0x400 [ 447.896423] ? ip_finish_output+0x1056/0x10f0 [ 447.900946] ? ip_mc_output+0xf25/0x10f0 [ 447.905025] ? ip_push_pending_frames+0x243/0x470 [ 447.909891] ? raw_sendmsg+0x2e54/0x45c0 [ 447.913974] ? inet_sendmsg+0x4e9/0x800 [ 447.917965] ? __sys_sendto+0x940/0xb80 [ 447.921958] ? __se_sys_sendto+0x107/0x130 [ 447.926214] ? __x64_sys_sendto+0x6e/0x90 [ 447.930401] ? do_syscall_64+0xcf/0x110 [ 447.934405] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.939835] ? __msan_get_context_state+0x9/0x20 [ 447.944613] ? INIT_INT+0xc/0x30 [ 447.948007] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 447.953414] kmsan_memcpy_origins+0x13d/0x190 [ 447.957952] __msan_memcpy+0x6f/0x80 [ 447.961695] pskb_expand_head+0x436/0x1d20 [ 447.965990] ip_tunnel_xmit+0x35a3/0x3d90 [ 447.970212] sit_tunnel_xmit+0xbf8/0x3d40 [ 447.974393] ? packet_direct_xmit+0x3d0/0x3d0 [ 447.978915] ? dev_queue_xmit_nit+0x1222/0x1320 [ 447.983649] ? ipip6_tunnel_uninit+0x800/0x800 [ 447.988659] dev_hard_start_xmit+0x6dc/0xde0 [ 447.993127] __dev_queue_xmit+0x2d9e/0x3e00 [ 447.997519] ? __msan_poison_alloca+0x1e0/0x270 [ 448.002221] dev_queue_xmit+0x4b/0x60 [ 448.006068] neigh_direct_output+0x42/0x50 [ 448.010325] ? neigh_connected_output+0x700/0x700 [ 448.015203] ip_finish_output2+0x141a/0x1560 [ 448.019668] ip_do_fragment+0x1b42/0x3f10 [ 448.023845] ? ip_fragment+0x400/0x400 [ 448.027818] ip_fragment+0x247/0x400 [ 448.031574] ip_finish_output+0x1056/0x10f0 [ 448.035940] ip_mc_output+0xf25/0x10f0 [ 448.039873] ? ip_mc_finish_output+0x440/0x440 [ 448.044481] ? ip_build_and_send_pkt+0xe60/0xe60 [ 448.049269] ip_push_pending_frames+0x243/0x470 [ 448.053978] raw_sendmsg+0x2e54/0x45c0 [ 448.057963] ? __msan_poison_alloca+0x1a0/0x270 [ 448.062676] ? compat_raw_ioctl+0x100/0x100 [ 448.067032] inet_sendmsg+0x4e9/0x800 [ 448.070863] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 448.076267] ? security_socket_sendmsg+0x1bd/0x200 [ 448.081233] ? inet_getname+0x490/0x490 [ 448.085250] __sys_sendto+0x940/0xb80 [ 448.089112] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 448.094590] ? prepare_exit_to_usermode+0x182/0x4c0 [ 448.099638] __se_sys_sendto+0x107/0x130 [ 448.103735] __x64_sys_sendto+0x6e/0x90 [ 448.107733] do_syscall_64+0xcf/0x110 [ 448.111561] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 448.116969] RIP: 0033:0x457569 [ 448.120182] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 448.139105] RSP: 002b:00007fedb9668c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 448.146861] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 448.154154] RDX: 000000000000fe7a RSI: 0000000020000080 RDI: 000000000000000e [ 448.161446] RBP: 000000000072c040 R08: 00000000200001c0 R09: 0000000000000010 [ 448.168734] R10: 0000000060c10000 R11: 0000000000000246 R12: 00007fedb96696d4 [ 448.176021] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 448.183330] Uninit was stored to memory at: [ 448.187683] kmsan_internal_chain_origin+0x136/0x240 [ 448.192809] __msan_chain_origin+0x6d/0xb0 [ 448.197068] __save_stack_trace+0x8be/0xc60 [ 448.201407] save_stack_trace+0xc6/0x110 [ 448.205489] kmsan_internal_chain_origin+0x136/0x240 [ 448.210614] kmsan_memcpy_origins+0x13d/0x190 [ 448.215128] __msan_memcpy+0x6f/0x80 [ 448.218867] pskb_expand_head+0x436/0x1d20 [ 448.223123] ip_tunnel_xmit+0x35a3/0x3d90 [ 448.227294] sit_tunnel_xmit+0xbf8/0x3d40 [ 448.231464] dev_hard_start_xmit+0x6dc/0xde0 [ 448.235904] __dev_queue_xmit+0x2d9e/0x3e00 [ 448.240260] dev_queue_xmit+0x4b/0x60 [ 448.244294] neigh_direct_output+0x42/0x50 [ 448.248551] ip_finish_output2+0x141a/0x1560 [ 448.252991] ip_do_fragment+0x1b42/0x3f10 [ 448.257158] ip_fragment+0x247/0x400 [ 448.260892] ip_finish_output+0x1056/0x10f0 [ 448.265239] ip_mc_output+0xf25/0x10f0 [ 448.269162] ip_push_pending_frames+0x243/0x470 [ 448.273846] raw_sendmsg+0x2e54/0x45c0 [ 448.277754] inet_sendmsg+0x4e9/0x800 [ 448.281574] __sys_sendto+0x940/0xb80 [ 448.285394] __se_sys_sendto+0x107/0x130 [ 448.289473] __x64_sys_sendto+0x6e/0x90 [ 448.293463] do_syscall_64+0xcf/0x110 [ 448.297294] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 448.302574] [ 448.304207] Uninit was stored to memory at: [ 448.308560] kmsan_internal_chain_origin+0x136/0x240 [ 448.313687] __msan_chain_origin+0x6d/0xb0 [ 448.317945] __save_stack_trace+0x8be/0xc60 [ 448.322284] save_stack_trace+0xc6/0x110 [ 448.326369] kmsan_internal_chain_origin+0x136/0x240 [ 448.331491] kmsan_memcpy_origins+0x13d/0x190 [ 448.336005] __msan_memcpy+0x6f/0x80 [ 448.339825] pskb_expand_head+0x436/0x1d20 [ 448.344077] ip_tunnel_xmit+0x35a3/0x3d90 [ 448.348249] sit_tunnel_xmit+0xbf8/0x3d40 [ 448.352418] dev_hard_start_xmit+0x6dc/0xde0 [ 448.356841] __dev_queue_xmit+0x2d9e/0x3e00 [ 448.361179] dev_queue_xmit+0x4b/0x60 [ 448.364996] neigh_direct_output+0x42/0x50 [ 448.369260] ip_finish_output2+0x141a/0x1560 [ 448.373686] ip_do_fragment+0x1b42/0x3f10 [ 448.377850] ip_fragment+0x247/0x400 [ 448.381579] ip_finish_output+0x1056/0x10f0 [ 448.385918] ip_mc_output+0xf25/0x10f0 [ 448.389835] ip_push_pending_frames+0x243/0x470 [ 448.394524] raw_sendmsg+0x2e54/0x45c0 [ 448.398449] inet_sendmsg+0x4e9/0x800 [ 448.402280] __sys_sendto+0x940/0xb80 [ 448.406103] __se_sys_sendto+0x107/0x130 [ 448.410179] __x64_sys_sendto+0x6e/0x90 [ 448.414173] do_syscall_64+0xcf/0x110 [ 448.417998] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 448.423197] [ 448.424835] Uninit was stored to memory at: [ 448.429176] kmsan_internal_chain_origin+0x136/0x240 [ 448.434298] __msan_chain_origin+0x6d/0xb0 [ 448.438555] __save_stack_trace+0x8be/0xc60 [ 448.442898] save_stack_trace+0xc6/0x110 [ 448.446979] kmsan_internal_chain_origin+0x136/0x240 [ 448.452101] kmsan_memcpy_origins+0x13d/0x190 [ 448.456620] __msan_memcpy+0x6f/0x80 [ 448.460835] pskb_expand_head+0x436/0x1d20 [ 448.465102] ip_tunnel_xmit+0x35a3/0x3d90 [ 448.469279] sit_tunnel_xmit+0xbf8/0x3d40 [ 448.473444] dev_hard_start_xmit+0x6dc/0xde0 [ 448.477868] __dev_queue_xmit+0x2d9e/0x3e00 [ 448.482207] dev_queue_xmit+0x4b/0x60 [ 448.486028] neigh_direct_output+0x42/0x50 [ 448.490289] ip_finish_output2+0x141a/0x1560 [ 448.494719] ip_do_fragment+0x1b42/0x3f10 [ 448.498891] ip_fragment+0x247/0x400 [ 448.502621] ip_finish_output+0x1056/0x10f0 [ 448.506957] ip_mc_output+0xf25/0x10f0 [ 448.510861] ip_push_pending_frames+0x243/0x470 [ 448.515550] raw_sendmsg+0x2e54/0x45c0 [ 448.519457] inet_sendmsg+0x4e9/0x800 [ 448.523280] __sys_sendto+0x940/0xb80 [ 448.527098] __se_sys_sendto+0x107/0x130 [ 448.531176] __x64_sys_sendto+0x6e/0x90 [ 448.535168] do_syscall_64+0xcf/0x110 [ 448.538992] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 448.544185] [ 448.545823] Uninit was stored to memory at: [ 448.550167] kmsan_internal_chain_origin+0x136/0x240 [ 448.555296] __msan_chain_origin+0x6d/0xb0 [ 448.559554] __save_stack_trace+0x8be/0xc60 [ 448.563898] save_stack_trace+0xc6/0x110 [ 448.567980] kmsan_internal_chain_origin+0x136/0x240 [ 448.573107] kmsan_memcpy_origins+0x13d/0x190 [ 448.577623] __msan_memcpy+0x6f/0x80 [ 448.581361] pskb_expand_head+0x436/0x1d20 [ 448.585620] ip_tunnel_xmit+0x35a3/0x3d90 [ 448.589788] sit_tunnel_xmit+0xbf8/0x3d40 [ 448.593954] dev_hard_start_xmit+0x6dc/0xde0 [ 448.598382] __dev_queue_xmit+0x2d9e/0x3e00 [ 448.602726] dev_queue_xmit+0x4b/0x60 [ 448.606565] neigh_direct_output+0x42/0x50 [ 448.610820] ip_finish_output2+0x141a/0x1560 [ 448.615258] ip_do_fragment+0x1b42/0x3f10 [ 448.619426] ip_fragment+0x247/0x400 [ 448.623160] ip_finish_output+0x1056/0x10f0 [ 448.627500] ip_mc_output+0xf25/0x10f0 [ 448.631407] ip_push_pending_frames+0x243/0x470 [ 448.636094] raw_sendmsg+0x2e54/0x45c0 [ 448.639998] inet_sendmsg+0x4e9/0x800 [ 448.643817] __sys_sendto+0x940/0xb80 [ 448.647634] __se_sys_sendto+0x107/0x130 [ 448.651711] __x64_sys_sendto+0x6e/0x90 [ 448.655701] do_syscall_64+0xcf/0x110 [ 448.659524] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 448.664719] [ 448.666360] Uninit was stored to memory at: [ 448.670702] kmsan_internal_chain_origin+0x136/0x240 [ 448.675827] __msan_chain_origin+0x6d/0xb0 [ 448.680082] __save_stack_trace+0x8be/0xc60 [ 448.684422] save_stack_trace+0xc6/0x110 [ 448.688505] kmsan_internal_chain_origin+0x136/0x240 [ 448.693642] kmsan_memcpy_origins+0x13d/0x190 [ 448.698169] __msan_memcpy+0x6f/0x80 [ 448.701911] pskb_expand_head+0x436/0x1d20 [ 448.706169] ip_tunnel_xmit+0x35a3/0x3d90 [ 448.710339] sit_tunnel_xmit+0xbf8/0x3d40 [ 448.714509] dev_hard_start_xmit+0x6dc/0xde0 [ 448.718938] __dev_queue_xmit+0x2d9e/0x3e00 [ 448.723285] dev_queue_xmit+0x4b/0x60 [ 448.727104] neigh_direct_output+0x42/0x50 [ 448.731363] ip_finish_output2+0x141a/0x1560 [ 448.735788] ip_do_fragment+0x1b42/0x3f10 [ 448.739955] ip_fragment+0x247/0x400 [ 448.743687] ip_finish_output+0x1056/0x10f0 [ 448.748031] ip_mc_output+0xf25/0x10f0 [ 448.751934] ip_push_pending_frames+0x243/0x470 [ 448.756618] raw_sendmsg+0x2e54/0x45c0 [ 448.760524] inet_sendmsg+0x4e9/0x800 [ 448.764353] __sys_sendto+0x940/0xb80 [ 448.768174] __se_sys_sendto+0x107/0x130 [ 448.772259] __x64_sys_sendto+0x6e/0x90 [ 448.776267] do_syscall_64+0xcf/0x110 [ 448.780095] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 448.785290] [ 448.786926] Uninit was stored to memory at: [ 448.791276] kmsan_internal_chain_origin+0x136/0x240 [ 448.796404] __msan_chain_origin+0x6d/0xb0 [ 448.800658] __save_stack_trace+0x8be/0xc60 [ 448.805000] save_stack_trace+0xc6/0x110 [ 448.809079] kmsan_internal_chain_origin+0x136/0x240 [ 448.814201] kmsan_memcpy_origins+0x13d/0x190 [ 448.818725] __msan_memcpy+0x6f/0x80 [ 448.822463] pskb_expand_head+0x436/0x1d20 [ 448.826715] ip_tunnel_xmit+0x35a3/0x3d90 [ 448.830881] sit_tunnel_xmit+0xbf8/0x3d40 [ 448.835046] dev_hard_start_xmit+0x6dc/0xde0 [ 448.839473] __dev_queue_xmit+0x2d9e/0x3e00 [ 448.843813] dev_queue_xmit+0x4b/0x60 [ 448.847628] neigh_direct_output+0x42/0x50 [ 448.851878] ip_finish_output2+0x141a/0x1560 [ 448.856303] ip_do_fragment+0x1b42/0x3f10 [ 448.860470] ip_fragment+0x247/0x400 [ 448.864199] ip_finish_output+0x1056/0x10f0 [ 448.868542] ip_mc_output+0xf25/0x10f0 [ 448.872449] ip_push_pending_frames+0x243/0x470 [ 448.877131] raw_sendmsg+0x2e54/0x45c0 [ 448.881820] inet_sendmsg+0x4e9/0x800 [ 448.885635] __sys_sendto+0x940/0xb80 [ 448.889452] __se_sys_sendto+0x107/0x130 [ 448.893528] __x64_sys_sendto+0x6e/0x90 [ 448.897522] do_syscall_64+0xcf/0x110 [ 448.901352] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 448.906550] [ 448.908187] Uninit was stored to memory at: [ 448.912534] kmsan_internal_chain_origin+0x136/0x240 [ 448.917657] __msan_chain_origin+0x6d/0xb0 [ 448.921911] __save_stack_trace+0x8be/0xc60 [ 448.926262] save_stack_trace+0xc6/0x110 [ 448.930340] kmsan_internal_chain_origin+0x136/0x240 [ 448.935495] kmsan_memcpy_origins+0x13d/0x190 [ 448.940013] __msan_memcpy+0x6f/0x80 [ 448.943749] pskb_expand_head+0x436/0x1d20 [ 448.948003] ip_tunnel_xmit+0x35a3/0x3d90 [ 448.952225] sit_tunnel_xmit+0xbf8/0x3d40 [ 448.956463] dev_hard_start_xmit+0x6dc/0xde0 [ 448.960893] __dev_queue_xmit+0x2d9e/0x3e00 [ 448.965233] dev_queue_xmit+0x4b/0x60 [ 448.969064] neigh_direct_output+0x42/0x50 [ 448.973319] ip_finish_output2+0x141a/0x1560 [ 448.977777] ip_do_fragment+0x1b42/0x3f10 [ 448.981942] ip_fragment+0x247/0x400 [ 448.986061] ip_finish_output+0x1056/0x10f0 [ 448.990400] ip_mc_output+0xf25/0x10f0 [ 448.994304] ip_push_pending_frames+0x243/0x470 [ 448.999007] raw_sendmsg+0x2e54/0x45c0 [ 449.002916] inet_sendmsg+0x4e9/0x800 [ 449.006730] __sys_sendto+0x940/0xb80 [ 449.010547] __se_sys_sendto+0x107/0x130 [ 449.014623] __x64_sys_sendto+0x6e/0x90 [ 449.018614] do_syscall_64+0xcf/0x110 [ 449.022440] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 449.027637] [ 449.029275] Local variable description: ----v.addr.i.i@ip_do_fragment [ 449.035860] Variable was created at: [ 449.039593] ip_do_fragment+0xa1/0x3f10 [ 449.043587] ip_fragment+0x247/0x400 [ 449.059418] not chained 80000 origins [ 449.063277] CPU: 0 PID: 11846 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 449.070563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 449.080020] Call Trace: [ 449.082643] dump_stack+0x32d/0x480 [ 449.086317] kmsan_internal_chain_origin+0x222/0x240 [ 449.091488] ? save_stack_trace+0xc6/0x110 [ 449.095748] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 449.100881] ? kmsan_internal_chain_origin+0x90/0x240 [ 449.106115] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 449.111502] ? is_bpf_text_address+0x49e/0x4d0 [ 449.116119] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 449.121691] ? in_task_stack+0x12c/0x210 [ 449.125802] __msan_chain_origin+0x6d/0xb0 [ 449.130065] ? inet_sendmsg+0x4e9/0x800 [ 449.134064] __save_stack_trace+0x8be/0xc60 [ 449.138447] ? inet_sendmsg+0x4e9/0x800 [ 449.142450] save_stack_trace+0xc6/0x110 [ 449.146549] kmsan_internal_chain_origin+0x136/0x240 [ 449.151674] ? inet_sendmsg+0x4e9/0x800 [ 449.155685] ? kmsan_internal_chain_origin+0x136/0x240 [ 449.160980] ? kmsan_memcpy_origins+0x13d/0x190 [ 449.165762] ? __msan_memcpy+0x6f/0x80 [ 449.169673] ? pskb_expand_head+0x436/0x1d20 [ 449.174106] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 449.178455] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 449.182797] ? dev_hard_start_xmit+0x6dc/0xde0 [ 449.187398] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 449.191918] ? dev_queue_xmit+0x4b/0x60 [ 449.195913] ? neigh_direct_output+0x42/0x50 [ 449.200351] ? ip_finish_output2+0x141a/0x1560 [ 449.204955] ? ip_do_fragment+0x1b42/0x3f10 [ 449.209294] ? ip_fragment+0x247/0x400 [ 449.213200] ? ip_finish_output+0x1056/0x10f0 [ 449.217724] ? ip_mc_output+0xf25/0x10f0 [ 449.221804] ? ip_push_pending_frames+0x243/0x470 [ 449.226664] ? raw_sendmsg+0x2e54/0x45c0 [ 449.230745] ? inet_sendmsg+0x4e9/0x800 [ 449.234739] ? __sys_sendto+0x940/0xb80 [ 449.238745] ? __se_sys_sendto+0x107/0x130 [ 449.243004] ? __x64_sys_sendto+0x6e/0x90 [ 449.247171] ? do_syscall_64+0xcf/0x110 [ 449.251175] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 449.256596] ? __msan_get_context_state+0x9/0x20 [ 449.261379] ? INIT_INT+0xc/0x30 [ 449.264769] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 449.270209] kmsan_memcpy_origins+0x13d/0x190 [ 449.274760] __msan_memcpy+0x6f/0x80 [ 449.278508] pskb_expand_head+0x436/0x1d20 [ 449.282806] ip_tunnel_xmit+0x35a3/0x3d90 [ 449.287027] sit_tunnel_xmit+0xbf8/0x3d40 [ 449.291199] ? packet_direct_xmit+0x3d0/0x3d0 [ 449.295716] ? dev_queue_xmit_nit+0x1222/0x1320 [ 449.300459] ? ipip6_tunnel_uninit+0x800/0x800 [ 449.305063] dev_hard_start_xmit+0x6dc/0xde0 [ 449.309531] __dev_queue_xmit+0x2d9e/0x3e00 [ 449.313921] ? __msan_poison_alloca+0x1e0/0x270 [ 449.318623] dev_queue_xmit+0x4b/0x60 [ 449.322447] neigh_direct_output+0x42/0x50 [ 449.326708] ? neigh_connected_output+0x700/0x700 [ 449.331587] ip_finish_output2+0x141a/0x1560 [ 449.336054] ip_do_fragment+0x1b42/0x3f10 [ 449.340227] ? ip_fragment+0x400/0x400 [ 449.344211] ip_fragment+0x247/0x400 [ 449.347969] ip_finish_output+0x1056/0x10f0 [ 449.352342] ip_mc_output+0xf25/0x10f0 [ 449.356290] ? ip_mc_finish_output+0x440/0x440 [ 449.360896] ? ip_build_and_send_pkt+0xe60/0xe60 [ 449.365673] ip_push_pending_frames+0x243/0x470 [ 449.370385] raw_sendmsg+0x2e54/0x45c0 [ 449.374374] ? __msan_poison_alloca+0x1a0/0x270 [ 449.379088] ? compat_raw_ioctl+0x100/0x100 [ 449.383435] inet_sendmsg+0x4e9/0x800 [ 449.387279] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 449.392670] ? security_socket_sendmsg+0x1bd/0x200 [ 449.397635] ? inet_getname+0x490/0x490 [ 449.401636] __sys_sendto+0x940/0xb80 [ 449.405506] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 449.410977] ? prepare_exit_to_usermode+0x182/0x4c0 [ 449.416028] __se_sys_sendto+0x107/0x130 [ 449.420127] __x64_sys_sendto+0x6e/0x90 [ 449.424129] do_syscall_64+0xcf/0x110 [ 449.427958] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 449.433167] RIP: 0033:0x457569 [ 449.436381] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 449.455306] RSP: 002b:00007fedb9668c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 449.463079] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 449.470371] RDX: 000000000000fe7a RSI: 0000000020000080 RDI: 000000000000000e [ 449.477657] RBP: 000000000072c040 R08: 00000000200001c0 R09: 0000000000000010 [ 449.484950] R10: 0000000060c10000 R11: 0000000000000246 R12: 00007fedb96696d4 [ 449.492238] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 449.499553] Uninit was stored to memory at: [ 449.503903] kmsan_internal_chain_origin+0x136/0x240 [ 449.509028] __msan_chain_origin+0x6d/0xb0 [ 449.513291] __save_stack_trace+0x8be/0xc60 [ 449.517632] save_stack_trace+0xc6/0x110 [ 449.521714] kmsan_internal_chain_origin+0x136/0x240 [ 449.526835] kmsan_memcpy_origins+0x13d/0x190 [ 449.531352] __msan_memcpy+0x6f/0x80 [ 449.535089] pskb_expand_head+0x436/0x1d20 [ 449.539354] ip_tunnel_xmit+0x35a3/0x3d90 [ 449.543526] sit_tunnel_xmit+0xbf8/0x3d40 [ 449.547690] dev_hard_start_xmit+0x6dc/0xde0 [ 449.552117] __dev_queue_xmit+0x2d9e/0x3e00 [ 449.556455] dev_queue_xmit+0x4b/0x60 [ 449.560278] neigh_direct_output+0x42/0x50 [ 449.564534] ip_finish_output2+0x141a/0x1560 [ 449.568958] ip_do_fragment+0x1b42/0x3f10 [ 449.573123] ip_fragment+0x247/0x400 [ 449.576856] ip_finish_output+0x1056/0x10f0 [ 449.581201] ip_mc_output+0xf25/0x10f0 [ 449.585137] ip_push_pending_frames+0x243/0x470 [ 449.589826] raw_sendmsg+0x2e54/0x45c0 [ 449.593737] inet_sendmsg+0x4e9/0x800 [ 449.597556] __sys_sendto+0x940/0xb80 [ 449.601375] __se_sys_sendto+0x107/0x130 [ 449.605456] __x64_sys_sendto+0x6e/0x90 [ 449.609460] do_syscall_64+0xcf/0x110 [ 449.613294] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 449.618507] [ 449.620142] Uninit was stored to memory at: [ 449.624486] kmsan_internal_chain_origin+0x136/0x240 [ 449.629614] __msan_chain_origin+0x6d/0xb0 [ 449.633867] __save_stack_trace+0x8be/0xc60 [ 449.638208] save_stack_trace+0xc6/0x110 [ 449.642300] kmsan_internal_chain_origin+0x136/0x240 [ 449.647423] kmsan_memcpy_origins+0x13d/0x190 [ 449.651937] __msan_memcpy+0x6f/0x80 [ 449.655692] pskb_expand_head+0x436/0x1d20 [ 449.659951] ip_tunnel_xmit+0x35a3/0x3d90 [ 449.664115] sit_tunnel_xmit+0xbf8/0x3d40 [ 449.668291] dev_hard_start_xmit+0x6dc/0xde0 [ 449.672719] __dev_queue_xmit+0x2d9e/0x3e00 [ 449.677053] dev_queue_xmit+0x4b/0x60 [ 449.680873] neigh_direct_output+0x42/0x50 [ 449.685126] ip_finish_output2+0x141a/0x1560 [ 449.689550] ip_do_fragment+0x1b42/0x3f10 [ 449.693719] ip_fragment+0x247/0x400 [ 449.697451] ip_finish_output+0x1056/0x10f0 [ 449.701884] ip_mc_output+0xf25/0x10f0 [ 449.705792] ip_push_pending_frames+0x243/0x470 [ 449.710476] raw_sendmsg+0x2e54/0x45c0 [ 449.714385] inet_sendmsg+0x4e9/0x800 [ 449.718209] __sys_sendto+0x940/0xb80 [ 449.722036] __se_sys_sendto+0x107/0x130 [ 449.726112] __x64_sys_sendto+0x6e/0x90 [ 449.730110] do_syscall_64+0xcf/0x110 [ 449.733934] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 449.739141] [ 449.740779] Uninit was stored to memory at: [ 449.745128] kmsan_internal_chain_origin+0x136/0x240 [ 449.750262] __msan_chain_origin+0x6d/0xb0 [ 449.754517] __save_stack_trace+0x8be/0xc60 [ 449.758865] save_stack_trace+0xc6/0x110 [ 449.762944] kmsan_internal_chain_origin+0x136/0x240 [ 449.768064] kmsan_memcpy_origins+0x13d/0x190 [ 449.772583] __msan_memcpy+0x6f/0x80 [ 449.776325] pskb_expand_head+0x436/0x1d20 [ 449.780581] ip_tunnel_xmit+0x35a3/0x3d90 [ 449.784749] sit_tunnel_xmit+0xbf8/0x3d40 [ 449.788916] dev_hard_start_xmit+0x6dc/0xde0 [ 449.793345] __dev_queue_xmit+0x2d9e/0x3e00 [ 449.797688] dev_queue_xmit+0x4b/0x60 [ 449.801509] neigh_direct_output+0x42/0x50 [ 449.805762] ip_finish_output2+0x141a/0x1560 [ 449.810192] ip_do_fragment+0x1b42/0x3f10 [ 449.814364] ip_fragment+0x247/0x400 [ 449.818096] ip_finish_output+0x1056/0x10f0 [ 449.822445] ip_mc_output+0xf25/0x10f0 [ 449.826360] ip_push_pending_frames+0x243/0x470 [ 449.831045] raw_sendmsg+0x2e54/0x45c0 [ 449.834950] inet_sendmsg+0x4e9/0x800 [ 449.838770] __sys_sendto+0x940/0xb80 [ 449.842585] __se_sys_sendto+0x107/0x130 [ 449.846672] __x64_sys_sendto+0x6e/0x90 [ 449.850673] do_syscall_64+0xcf/0x110 [ 449.854495] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 449.859688] [ 449.861320] Uninit was stored to memory at: [ 449.865669] kmsan_internal_chain_origin+0x136/0x240 [ 449.870796] __msan_chain_origin+0x6d/0xb0 [ 449.875052] __save_stack_trace+0x8be/0xc60 [ 449.879397] save_stack_trace+0xc6/0x110 [ 449.883481] kmsan_internal_chain_origin+0x136/0x240 [ 449.888602] kmsan_memcpy_origins+0x13d/0x190 [ 449.893121] __msan_memcpy+0x6f/0x80 [ 449.896859] pskb_expand_head+0x436/0x1d20 [ 449.901121] ip_tunnel_xmit+0x35a3/0x3d90 [ 449.905293] sit_tunnel_xmit+0xbf8/0x3d40 [ 449.909465] dev_hard_start_xmit+0x6dc/0xde0 [ 449.913895] __dev_queue_xmit+0x2d9e/0x3e00 [ 449.918235] dev_queue_xmit+0x4b/0x60 [ 449.922063] neigh_direct_output+0x42/0x50 [ 449.926319] ip_finish_output2+0x141a/0x1560 [ 449.930753] ip_do_fragment+0x1b42/0x3f10 [ 449.934916] ip_fragment+0x247/0x400 [ 449.938646] ip_finish_output+0x1056/0x10f0 [ 449.942988] ip_mc_output+0xf25/0x10f0 [ 449.946895] ip_push_pending_frames+0x243/0x470 [ 449.951578] raw_sendmsg+0x2e54/0x45c0 [ 449.955488] inet_sendmsg+0x4e9/0x800 [ 449.959328] __sys_sendto+0x940/0xb80 [ 449.963162] __se_sys_sendto+0x107/0x130 [ 449.967240] __x64_sys_sendto+0x6e/0x90 [ 449.971264] do_syscall_64+0xcf/0x110 [ 449.975088] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 449.980282] [ 449.981915] Uninit was stored to memory at: [ 449.986264] kmsan_internal_chain_origin+0x136/0x240 [ 449.991394] __msan_chain_origin+0x6d/0xb0 [ 449.995649] __save_stack_trace+0x8be/0xc60 [ 449.999988] save_stack_trace+0xc6/0x110 [ 450.004073] kmsan_internal_chain_origin+0x136/0x240 [ 450.009198] kmsan_memcpy_origins+0x13d/0x190 [ 450.013714] __msan_memcpy+0x6f/0x80 [ 450.017452] pskb_expand_head+0x436/0x1d20 [ 450.021710] ip_tunnel_xmit+0x35a3/0x3d90 [ 450.025890] sit_tunnel_xmit+0xbf8/0x3d40 [ 450.030073] dev_hard_start_xmit+0x6dc/0xde0 [ 450.034501] __dev_queue_xmit+0x2d9e/0x3e00 [ 450.038837] dev_queue_xmit+0x4b/0x60 [ 450.042661] neigh_direct_output+0x42/0x50 [ 450.046912] ip_finish_output2+0x141a/0x1560 [ 450.051333] ip_do_fragment+0x1b42/0x3f10 [ 450.055506] ip_fragment+0x247/0x400 [ 450.059240] ip_finish_output+0x1056/0x10f0 [ 450.063593] ip_mc_output+0xf25/0x10f0 [ 450.067501] ip_push_pending_frames+0x243/0x470 [ 450.072188] raw_sendmsg+0x2e54/0x45c0 [ 450.076095] inet_sendmsg+0x4e9/0x800 [ 450.079910] __sys_sendto+0x940/0xb80 [ 450.083728] __se_sys_sendto+0x107/0x130 [ 450.087809] __x64_sys_sendto+0x6e/0x90 [ 450.091807] do_syscall_64+0xcf/0x110 [ 450.095631] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 450.100830] [ 450.102469] Uninit was stored to memory at: [ 450.106812] kmsan_internal_chain_origin+0x136/0x240 [ 450.111937] __msan_chain_origin+0x6d/0xb0 [ 450.116345] __save_stack_trace+0x8be/0xc60 [ 450.120692] save_stack_trace+0xc6/0x110 [ 450.124775] kmsan_internal_chain_origin+0x136/0x240 [ 450.129900] kmsan_memcpy_origins+0x13d/0x190 [ 450.134412] __msan_memcpy+0x6f/0x80 [ 450.138146] pskb_expand_head+0x436/0x1d20 [ 450.142404] ip_tunnel_xmit+0x35a3/0x3d90 [ 450.146572] sit_tunnel_xmit+0xbf8/0x3d40 [ 450.150739] dev_hard_start_xmit+0x6dc/0xde0 [ 450.155167] __dev_queue_xmit+0x2d9e/0x3e00 [ 450.159507] dev_queue_xmit+0x4b/0x60 [ 450.163328] neigh_direct_output+0x42/0x50 [ 450.167587] ip_finish_output2+0x141a/0x1560 [ 450.172017] ip_do_fragment+0x1b42/0x3f10 [ 450.176181] ip_fragment+0x247/0x400 [ 450.179916] ip_finish_output+0x1056/0x10f0 [ 450.184266] ip_mc_output+0xf25/0x10f0 [ 450.188169] ip_push_pending_frames+0x243/0x470 [ 450.192858] raw_sendmsg+0x2e54/0x45c0 [ 450.196764] inet_sendmsg+0x4e9/0x800 [ 450.200577] __sys_sendto+0x940/0xb80 [ 450.204390] __se_sys_sendto+0x107/0x130 [ 450.208477] __x64_sys_sendto+0x6e/0x90 [ 450.212471] do_syscall_64+0xcf/0x110 [ 450.216299] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 450.221491] [ 450.223132] Uninit was stored to memory at: [ 450.227475] kmsan_internal_chain_origin+0x136/0x240 [ 450.232600] __msan_chain_origin+0x6d/0xb0 [ 450.236860] __save_stack_trace+0x8be/0xc60 [ 450.241201] save_stack_trace+0xc6/0x110 [ 450.245296] kmsan_internal_chain_origin+0x136/0x240 [ 450.250426] kmsan_memcpy_origins+0x13d/0x190 [ 450.254937] __msan_memcpy+0x6f/0x80 [ 450.258682] pskb_expand_head+0x436/0x1d20 [ 450.262933] ip_tunnel_xmit+0x35a3/0x3d90 [ 450.267101] sit_tunnel_xmit+0xbf8/0x3d40 [ 450.271277] dev_hard_start_xmit+0x6dc/0xde0 [ 450.275706] __dev_queue_xmit+0x2d9e/0x3e00 [ 450.280046] dev_queue_xmit+0x4b/0x60 [ 450.283861] neigh_direct_output+0x42/0x50 [ 450.288115] ip_finish_output2+0x141a/0x1560 [ 450.292543] ip_do_fragment+0x1b42/0x3f10 [ 450.296704] ip_fragment+0x247/0x400 [ 450.300439] ip_finish_output+0x1056/0x10f0 [ 450.304778] ip_mc_output+0xf25/0x10f0 [ 450.308685] ip_push_pending_frames+0x243/0x470 [ 450.313373] raw_sendmsg+0x2e54/0x45c0 [ 450.317287] inet_sendmsg+0x4e9/0x800 [ 450.321106] __sys_sendto+0x940/0xb80 [ 450.324924] __se_sys_sendto+0x107/0x130 [ 450.329000] __x64_sys_sendto+0x6e/0x90 [ 450.332991] do_syscall_64+0xcf/0x110 [ 450.336822] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 450.342015] [ 450.343654] Local variable description: ----v.addr.i.i@ip_do_fragment [ 450.350234] Variable was created at: [ 450.353976] ip_do_fragment+0xa1/0x3f10 [ 450.357968] ip_fragment+0x247/0x400 [ 450.371263] not chained 90000 origins [ 450.375100] CPU: 0 PID: 11846 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 450.382387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 450.391756] Call Trace: [ 450.394403] dump_stack+0x32d/0x480 [ 450.398074] kmsan_internal_chain_origin+0x222/0x240 [ 450.403234] ? save_stack_trace+0xc6/0x110 [ 450.407502] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 450.412638] ? kmsan_internal_chain_origin+0x90/0x240 [ 450.417870] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 450.423269] ? is_bpf_text_address+0x49e/0x4d0 [ 450.427888] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 450.433380] ? in_task_stack+0x12c/0x210 [ 450.437481] __msan_chain_origin+0x6d/0xb0 [ 450.441746] ? ip_fragment+0x247/0x400 [ 450.445656] __save_stack_trace+0x8be/0xc60 [ 450.450032] ? ip_fragment+0x247/0x400 [ 450.453948] save_stack_trace+0xc6/0x110 [ 450.458047] kmsan_internal_chain_origin+0x136/0x240 [ 450.463177] ? inet_sendmsg+0x4e9/0x800 [ 450.467188] ? kmsan_internal_chain_origin+0x136/0x240 [ 450.472489] ? kmsan_memcpy_origins+0x13d/0x190 [ 450.477177] ? __msan_memcpy+0x6f/0x80 [ 450.481085] ? pskb_expand_head+0x436/0x1d20 [ 450.485515] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 450.489864] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 450.494212] ? dev_hard_start_xmit+0x6dc/0xde0 [ 450.498820] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 450.503337] ? dev_queue_xmit+0x4b/0x60 [ 450.507332] ? neigh_direct_output+0x42/0x50 [ 450.511773] ? ip_finish_output2+0x141a/0x1560 [ 450.516379] ? ip_do_fragment+0x1b42/0x3f10 [ 450.520718] ? ip_fragment+0x247/0x400 [ 450.524627] ? ip_finish_output+0x1056/0x10f0 [ 450.529140] ? ip_mc_output+0xf25/0x10f0 [ 450.533223] ? ip_push_pending_frames+0x243/0x470 [ 450.538089] ? raw_sendmsg+0x2e54/0x45c0 [ 450.542174] ? inet_sendmsg+0x4e9/0x800 [ 450.546165] ? __sys_sendto+0x940/0xb80 [ 450.550159] ? __se_sys_sendto+0x107/0x130 [ 450.554416] ? __x64_sys_sendto+0x6e/0x90 [ 450.558583] ? do_syscall_64+0xcf/0x110 [ 450.562583] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 450.568001] ? __msan_get_context_state+0x9/0x20 [ 450.572778] ? INIT_INT+0xc/0x30 [ 450.576164] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 450.581566] kmsan_memcpy_origins+0x13d/0x190 [ 450.586098] __msan_memcpy+0x6f/0x80 [ 450.589847] pskb_expand_head+0x436/0x1d20 [ 450.594140] ip_tunnel_xmit+0x35a3/0x3d90 [ 450.598367] sit_tunnel_xmit+0xbf8/0x3d40 [ 450.602536] ? packet_direct_xmit+0x3d0/0x3d0 [ 450.607055] ? dev_queue_xmit_nit+0x1222/0x1320 [ 450.611791] ? ipip6_tunnel_uninit+0x800/0x800 [ 450.616397] dev_hard_start_xmit+0x6dc/0xde0 [ 450.620867] __dev_queue_xmit+0x2d9e/0x3e00 [ 450.625262] ? __msan_poison_alloca+0x1e0/0x270 [ 450.629959] dev_queue_xmit+0x4b/0x60 [ 450.633790] neigh_direct_output+0x42/0x50 [ 450.638052] ? neigh_connected_output+0x700/0x700 [ 450.642923] ip_finish_output2+0x141a/0x1560 [ 450.647390] ip_do_fragment+0x1b42/0x3f10 [ 450.651560] ? ip_fragment+0x400/0x400 [ 450.655526] ip_fragment+0x247/0x400 [ 450.659283] ip_finish_output+0x1056/0x10f0 [ 450.663654] ip_mc_output+0xf25/0x10f0 [ 450.667587] ? ip_mc_finish_output+0x440/0x440 [ 450.672195] ? ip_build_and_send_pkt+0xe60/0xe60 [ 450.676974] ip_push_pending_frames+0x243/0x470 [ 450.681680] raw_sendmsg+0x2e54/0x45c0 [ 450.685662] ? __msan_poison_alloca+0x1a0/0x270 [ 450.690370] ? compat_raw_ioctl+0x100/0x100 [ 450.694728] inet_sendmsg+0x4e9/0x800 [ 450.698566] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 450.703955] ? security_socket_sendmsg+0x1bd/0x200 [ 450.708928] ? inet_getname+0x490/0x490 [ 450.712925] __sys_sendto+0x940/0xb80 [ 450.716787] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 450.722271] ? prepare_exit_to_usermode+0x182/0x4c0 [ 450.727321] __se_sys_sendto+0x107/0x130 [ 450.731421] __x64_sys_sendto+0x6e/0x90 [ 450.735417] do_syscall_64+0xcf/0x110 [ 450.739257] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 450.744466] RIP: 0033:0x457569 [ 450.747683] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 450.766607] RSP: 002b:00007fedb9668c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 450.774343] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 450.781637] RDX: 000000000000fe7a RSI: 0000000020000080 RDI: 000000000000000e [ 450.788923] RBP: 000000000072c040 R08: 00000000200001c0 R09: 0000000000000010 [ 450.796220] R10: 0000000060c10000 R11: 0000000000000246 R12: 00007fedb96696d4 [ 450.803514] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 450.810820] Uninit was stored to memory at: [ 450.815170] kmsan_internal_chain_origin+0x136/0x240 [ 450.820299] __msan_chain_origin+0x6d/0xb0 [ 450.824557] __save_stack_trace+0x8be/0xc60 [ 450.828901] save_stack_trace+0xc6/0x110 [ 450.832981] kmsan_internal_chain_origin+0x136/0x240 [ 450.838108] kmsan_memcpy_origins+0x13d/0x190 [ 450.842628] __msan_memcpy+0x6f/0x80 [ 450.846369] pskb_expand_head+0x436/0x1d20 [ 450.850624] ip_tunnel_xmit+0x35a3/0x3d90 [ 450.854790] sit_tunnel_xmit+0xbf8/0x3d40 [ 450.858952] dev_hard_start_xmit+0x6dc/0xde0 [ 450.863381] __dev_queue_xmit+0x2d9e/0x3e00 [ 450.867717] dev_queue_xmit+0x4b/0x60 [ 450.871532] neigh_direct_output+0x42/0x50 [ 450.875791] ip_finish_output2+0x141a/0x1560 [ 450.880220] ip_do_fragment+0x1b42/0x3f10 [ 450.884391] ip_fragment+0x247/0x400 [ 450.888125] ip_finish_output+0x1056/0x10f0 [ 450.892464] ip_mc_output+0xf25/0x10f0 [ 450.896380] ip_push_pending_frames+0x243/0x470 [ 450.901060] raw_sendmsg+0x2e54/0x45c0 [ 450.904964] inet_sendmsg+0x4e9/0x800 [ 450.908777] __sys_sendto+0x940/0xb80 [ 450.912593] __se_sys_sendto+0x107/0x130 [ 450.916672] __x64_sys_sendto+0x6e/0x90 [ 450.920685] do_syscall_64+0xcf/0x110 [ 450.924519] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 450.929711] [ 450.931345] Uninit was stored to memory at: [ 450.935691] kmsan_internal_chain_origin+0x136/0x240 [ 450.940813] __msan_chain_origin+0x6d/0xb0 [ 450.945076] __save_stack_trace+0x8be/0xc60 [ 450.949414] save_stack_trace+0xc6/0x110 [ 450.953498] kmsan_internal_chain_origin+0x136/0x240 [ 450.958622] kmsan_memcpy_origins+0x13d/0x190 [ 450.963147] __msan_memcpy+0x6f/0x80 [ 450.966885] pskb_expand_head+0x436/0x1d20 [ 450.971136] ip_tunnel_xmit+0x35a3/0x3d90 [ 450.975305] sit_tunnel_xmit+0xbf8/0x3d40 [ 450.979471] dev_hard_start_xmit+0x6dc/0xde0 [ 450.984307] __dev_queue_xmit+0x2d9e/0x3e00 [ 450.988654] dev_queue_xmit+0x4b/0x60 [ 450.992471] neigh_direct_output+0x42/0x50 [ 450.996727] ip_finish_output2+0x141a/0x1560 [ 451.001153] ip_do_fragment+0x1b42/0x3f10 [ 451.005328] ip_fragment+0x247/0x400 [ 451.009067] ip_finish_output+0x1056/0x10f0 [ 451.013406] ip_mc_output+0xf25/0x10f0 [ 451.017310] ip_push_pending_frames+0x243/0x470 [ 451.022003] raw_sendmsg+0x2e54/0x45c0 [ 451.025909] inet_sendmsg+0x4e9/0x800 [ 451.029725] __sys_sendto+0x940/0xb80 [ 451.033549] __se_sys_sendto+0x107/0x130 [ 451.037624] __x64_sys_sendto+0x6e/0x90 [ 451.041615] do_syscall_64+0xcf/0x110 [ 451.045445] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.050643] [ 451.052290] Uninit was stored to memory at: [ 451.056636] kmsan_internal_chain_origin+0x136/0x240 [ 451.061759] __msan_chain_origin+0x6d/0xb0 [ 451.066012] __save_stack_trace+0x8be/0xc60 [ 451.070362] save_stack_trace+0xc6/0x110 [ 451.074444] kmsan_internal_chain_origin+0x136/0x240 [ 451.079588] kmsan_memcpy_origins+0x13d/0x190 [ 451.084103] __msan_memcpy+0x6f/0x80 [ 451.087837] pskb_expand_head+0x436/0x1d20 [ 451.092095] ip_tunnel_xmit+0x35a3/0x3d90 [ 451.096275] sit_tunnel_xmit+0xbf8/0x3d40 [ 451.100438] dev_hard_start_xmit+0x6dc/0xde0 [ 451.104657] clocksource: timekeeping watchdog on CPU1: Marking clocksource 'tsc' as unstable because the skew is too large: [ 451.104861] __dev_queue_xmit+0x2d9e/0x3e00 [ 451.104898] dev_queue_xmit+0x4b/0x60 [ 451.117351] clocksource: 'acpi_pm' wd_now: cdcf2a wd_last: 65b5a1 mask: ffffff [ 451.121292] neigh_direct_output+0x42/0x50 [ 451.121313] ip_finish_output2+0x141a/0x1560 [ 451.121347] ip_do_fragment+0x1b42/0x3f10 [ 451.125889] clocksource: 'tsc' cs_now: f6faa065b8 cs_last: f372cd5ead mask: ffffffffffffffff [ 451.134810] ip_fragment+0x247/0x400 [ 451.134829] ip_finish_output+0x1056/0x10f0 [ 451.134847] ip_mc_output+0xf25/0x10f0 [ 451.134866] ip_push_pending_frames+0x243/0x470 [ 451.134883] raw_sendmsg+0x2e54/0x45c0 [ 451.134917] inet_sendmsg+0x4e9/0x800 [ 451.139651] tsc: Marking TSC unstable due to clocksource watchdog [ 451.143989] __sys_sendto+0x940/0xb80 [ 451.144007] __se_sys_sendto+0x107/0x130 [ 451.144024] __x64_sys_sendto+0x6e/0x90 [ 451.144043] do_syscall_64+0xcf/0x110 [ 451.144067] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.144102] kmsan_internal_chain_origin+0x136/0x240 [ 451.174718] TSC found unstable after boot, most likely due to broken BIOS. Use 'tsc=unstable'. [ 451.175337] __msan_chain_origin+0x6d/0xb0 [ 451.175373] __save_stack_trace+0x8be/0xc60 [ 451.179301] sched_clock: Marking unstable (451233116257, -58422352)<-(451292915756, -118220693) [ 451.183070] save_stack_trace+0xc6/0x110 [ 451.183093] kmsan_internal_chain_origin+0x136/0x240 [ 451.183113] kmsan_memcpy_origins+0x13d/0x190 [ 451.183133] __msan_memcpy+0x6f/0x80 [ 451.183169] pskb_expand_head+0x436/0x1d20 [ 451.204987] ip_tunnel_xmit+0x35a3/0x3d90 [ 451.204987] sit_tunnel_xmit+0xbf8/0x3d40 [ 451.204987] dev_hard_start_xmit+0x6dc/0xde0 [ 451.204987] __dev_queue_xmit+0x2d9e/0x3e00 [ 451.204987] dev_queue_xmit+0x4b/0x60 [ 451.204987] neigh_direct_output+0x42/0x50 [ 451.204987] ip_finish_output2+0x141a/0x1560 [ 451.204987] ip_do_fragment+0x1b42/0x3f10 [ 451.204987] ip_fragment+0x247/0x400 [ 451.204987] ip_finish_output+0x1056/0x10f0 [ 451.204987] ip_mc_output+0xf25/0x10f0 [ 451.204987] ip_push_pending_frames+0x243/0x470 [ 451.204987] raw_sendmsg+0x2e54/0x45c0 [ 451.204987] inet_sendmsg+0x4e9/0x800 [ 451.204987] __sys_sendto+0x940/0xb80 [ 451.204987] __se_sys_sendto+0x107/0x130 [ 451.204987] __x64_sys_sendto+0x6e/0x90 [ 451.204987] do_syscall_64+0xcf/0x110 [ 451.204987] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.204987] [ 451.204987] Uninit was stored to memory at: [ 451.204987] kmsan_internal_chain_origin+0x136/0x240 [ 451.204987] __msan_chain_origin+0x6d/0xb0 [ 451.204987] __save_stack_trace+0x8be/0xc60 [ 451.204987] save_stack_trace+0xc6/0x110 [ 451.204987] kmsan_internal_chain_origin+0x136/0x240 [ 451.204987] kmsan_memcpy_origins+0x13d/0x190 [ 451.204987] __msan_memcpy+0x6f/0x80 [ 451.204987] pskb_expand_head+0x436/0x1d20 [ 451.204987] ip_tunnel_xmit+0x35a3/0x3d90 [ 451.204987] sit_tunnel_xmit+0xbf8/0x3d40 [ 451.204987] dev_hard_start_xmit+0x6dc/0xde0 [ 451.204987] __dev_queue_xmit+0x2d9e/0x3e00 [ 451.204987] dev_queue_xmit+0x4b/0x60 [ 451.204987] neigh_direct_output+0x42/0x50 [ 451.204987] ip_finish_output2+0x141a/0x1560 [ 451.204987] ip_do_fragment+0x1b42/0x3f10 [ 451.204987] ip_fragment+0x247/0x400 [ 451.204987] ip_finish_output+0x1056/0x10f0 [ 451.204987] ip_mc_output+0xf25/0x10f0 [ 451.204987] ip_push_pending_frames+0x243/0x470 [ 451.204987] raw_sendmsg+0x2e54/0x45c0 [ 451.204987] inet_sendmsg+0x4e9/0x800 [ 451.204987] __sys_sendto+0x940/0xb80 [ 451.204987] __se_sys_sendto+0x107/0x130 [ 451.204987] __x64_sys_sendto+0x6e/0x90 [ 451.204987] do_syscall_64+0xcf/0x110 [ 451.204987] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.204987] [ 451.204987] Uninit was stored to memory at: [ 451.204987] kmsan_internal_chain_origin+0x136/0x240 [ 451.204987] __msan_chain_origin+0x6d/0xb0 [ 451.204987] __save_stack_trace+0x8be/0xc60 [ 451.204987] save_stack_trace+0xc6/0x110 [ 451.204987] kmsan_internal_chain_origin+0x136/0x240 [ 451.204987] kmsan_memcpy_origins+0x13d/0x190 [ 451.204987] __msan_memcpy+0x6f/0x80 [ 451.204987] pskb_expand_head+0x436/0x1d20 [ 451.204987] ip_tunnel_xmit+0x35a3/0x3d90 [ 451.204987] sit_tunnel_xmit+0xbf8/0x3d40 [ 451.204987] dev_hard_start_xmit+0x6dc/0xde0 [ 451.204987] __dev_queue_xmit+0x2d9e/0x3e00 [ 451.204987] dev_queue_xmit+0x4b/0x60 [ 451.204987] neigh_direct_output+0x42/0x50 [ 451.204987] ip_finish_output2+0x141a/0x1560 [ 451.204987] ip_do_fragment+0x1b42/0x3f10 [ 451.204987] ip_fragment+0x247/0x400 [ 451.204987] ip_finish_output+0x1056/0x10f0 [ 451.204987] ip_mc_output+0xf25/0x10f0 [ 451.204987] ip_push_pending_frames+0x243/0x470 [ 451.204987] raw_sendmsg+0x2e54/0x45c0 [ 451.204987] inet_sendmsg+0x4e9/0x800 [ 451.204987] __sys_sendto+0x940/0xb80 [ 451.204987] __se_sys_sendto+0x107/0x130 [ 451.204987] __x64_sys_sendto+0x6e/0x90 [ 451.204987] do_syscall_64+0xcf/0x110 [ 451.204987] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.204987] [ 451.204987] Uninit was stored to memory at: [ 451.204987] kmsan_internal_chain_origin+0x136/0x240 [ 451.204987] __msan_chain_origin+0x6d/0xb0 [ 451.204987] __save_stack_trace+0x8be/0xc60 [ 451.204987] save_stack_trace+0xc6/0x110 [ 451.204987] kmsan_internal_chain_origin+0x136/0x240 [ 451.204987] kmsan_memcpy_origins+0x13d/0x190 [ 451.204987] __msan_memcpy+0x6f/0x80 [ 451.204987] pskb_expand_head+0x436/0x1d20 [ 451.204987] ip_tunnel_xmit+0x35a3/0x3d90 [ 451.204987] sit_tunnel_xmit+0xbf8/0x3d40 [ 451.204987] dev_hard_start_xmit+0x6dc/0xde0 [ 451.204987] __dev_queue_xmit+0x2d9e/0x3e00 [ 451.204987] dev_queue_xmit+0x4b/0x60 [ 451.204987] neigh_direct_output+0x42/0x50 [ 451.204987] ip_finish_output2+0x141a/0x1560 [ 451.204987] ip_do_fragment+0x1b42/0x3f10 [ 451.204987] ip_fragment+0x247/0x400 [ 451.204987] ip_finish_output+0x1056/0x10f0 [ 451.204987] ip_mc_output+0xf25/0x10f0 [ 451.204987] ip_push_pending_frames+0x243/0x470 [ 451.204987] raw_sendmsg+0x2e54/0x45c0 [ 451.204987] inet_sendmsg+0x4e9/0x800 [ 451.204987] __sys_sendto+0x940/0xb80 [ 451.204987] __se_sys_sendto+0x107/0x130 [ 451.204987] __x64_sys_sendto+0x6e/0x90 [ 451.204987] do_syscall_64+0xcf/0x110 [ 451.204987] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.204987] [ 451.204987] Local variable description: ----v.addr.i.i@ip_do_fragment [ 451.204987] Variable was created at: [ 451.204987] ip_do_fragment+0xa1/0x3f10 [ 451.204987] ip_fragment+0x247/0x400 [ 451.738644] not chained 100000 origins [ 451.741638] CPU: 0 PID: 11846 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 451.741638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 451.759155] Call Trace: [ 451.759155] dump_stack+0x32d/0x480 [ 451.759155] ? save_stack_trace+0xc6/0x110 [ 451.759155] kmsan_internal_chain_origin+0x222/0x240 [ 451.759155] ? kmsan_internal_chain_origin+0x136/0x240 [ 451.759155] ? __msan_chain_origin+0x6d/0xb0 [ 451.759155] ? __save_stack_trace+0x833/0xc60 [ 451.759155] ? save_stack_trace+0xc6/0x110 [ 451.759155] ? kmsan_internal_chain_origin+0x136/0x240 [ 451.759155] ? kmsan_memcpy_origins+0x13d/0x190 [ 451.759155] ? __msan_memcpy+0x6f/0x80 [ 451.759155] ? pskb_expand_head+0x436/0x1d20 [ 451.759155] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 451.759155] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 451.759155] ? dev_hard_start_xmit+0x6dc/0xde0 [ 451.759155] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 451.759155] ? dev_queue_xmit+0x4b/0x60 [ 451.759155] ? neigh_direct_output+0x42/0x50 [ 451.759155] ? ip_finish_output2+0x141a/0x1560 [ 451.759155] ? ip_do_fragment+0x1b42/0x3f10 [ 451.759155] ? ip_fragment+0x247/0x400 [ 451.759155] ? ip_finish_output+0x1056/0x10f0 [ 451.759155] ? ip_mc_output+0xf25/0x10f0 [ 451.759155] ? ip_push_pending_frames+0x243/0x470 [ 451.759155] ? raw_sendmsg+0x2e54/0x45c0 [ 451.759155] ? inet_sendmsg+0x4e9/0x800 [ 451.759155] ? __sys_sendto+0x940/0xb80 [ 451.759155] ? __se_sys_sendto+0x107/0x130 [ 451.759155] ? __x64_sys_sendto+0x6e/0x90 [ 451.759155] ? do_syscall_64+0xcf/0x110 [ 451.759155] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.759155] ? kmsan_internal_chain_origin+0x136/0x240 [ 451.759155] ? __msan_chain_origin+0x6d/0xb0 [ 451.759155] ? save_stack_trace+0xfa/0x110 [ 451.759155] ? kmsan_internal_chain_origin+0x136/0x240 [ 451.759155] ? kmsan_memcpy_origins+0x13d/0x190 [ 451.759155] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 451.759155] ? in_task_stack+0x12c/0x210 [ 451.759155] __msan_chain_origin+0x6d/0xb0 [ 451.759155] ? ip_do_fragment+0x1b42/0x3f10 [ 451.759155] __save_stack_trace+0x8be/0xc60 [ 451.759155] ? ip_do_fragment+0x1b42/0x3f10 [ 451.759155] save_stack_trace+0xc6/0x110 [ 451.759155] kmsan_internal_chain_origin+0x136/0x240 [ 451.759155] ? inet_sendmsg+0x4e9/0x800 [ 451.759155] ? kmsan_internal_chain_origin+0x136/0x240 [ 451.759155] ? kmsan_memcpy_origins+0x13d/0x190 [ 451.759155] ? __msan_memcpy+0x6f/0x80 [ 451.759155] ? pskb_expand_head+0x436/0x1d20 [ 451.759155] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 451.759155] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 451.759155] ? dev_hard_start_xmit+0x6dc/0xde0 [ 451.759155] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 451.759155] ? dev_queue_xmit+0x4b/0x60 [ 451.759155] ? neigh_direct_output+0x42/0x50 [ 451.759155] ? ip_finish_output2+0x141a/0x1560 00:34:10 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:10 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000040)=0xffff) 00:34:10 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x40000, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000340)={@my}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x8, "a0d229f7cc426ee6"}, &(0x7f0000000400)=0x10) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000480)={r1, 0xeea}, 0x8) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a45320, &(0x7f0000000640)={{}, 'port0\x00', 0xd7ffb85c3231897d, 0x40000, 0x2, 0x4, 0xffff, 0x1, 0xffffffff, 0x0, 0x0, 0x9}) r4 = gettid() process_vm_readv(r4, &(0x7f0000000380), 0x0, &(0x7f0000000580), 0x0, 0x0) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x7fffffff) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000000c0)={0x0, 0x1, 0x6, @link_local}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000540)=[@in={0x2, 0x0, @broadcast}], 0x10) getuid() recvfrom(r3, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) memfd_create(&(0x7f00000003c0)=' ', 0x0) [ 451.759155] ? ip_do_fragment+0x1b42/0x3f10 [ 451.759155] ? ip_fragment+0x247/0x400 [ 451.759155] ? ip_finish_output+0x1056/0x10f0 [ 452.018546] ? ip_mc_output+0xf25/0x10f0 [ 452.018546] ? ip_push_pending_frames+0x243/0x470 [ 452.018546] ? raw_sendmsg+0x2e54/0x45c0 [ 452.018546] ? inet_sendmsg+0x4e9/0x800 [ 452.018546] ? __sys_sendto+0x940/0xb80 [ 452.018546] ? __se_sys_sendto+0x107/0x130 [ 452.018546] ? __x64_sys_sendto+0x6e/0x90 [ 452.018546] ? do_syscall_64+0xcf/0x110 [ 452.018546] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.018546] ? __msan_get_context_state+0x9/0x20 [ 452.018546] ? INIT_INT+0xc/0x30 [ 452.018546] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 452.018546] kmsan_memcpy_origins+0x13d/0x190 [ 452.018546] __msan_memcpy+0x6f/0x80 [ 452.018546] pskb_expand_head+0x436/0x1d20 [ 452.018546] ip_tunnel_xmit+0x35a3/0x3d90 [ 452.018546] sit_tunnel_xmit+0xbf8/0x3d40 [ 452.018546] ? packet_direct_xmit+0x3d0/0x3d0 [ 452.018546] ? dev_queue_xmit_nit+0x1222/0x1320 [ 452.018546] ? ipip6_tunnel_uninit+0x800/0x800 [ 452.018546] dev_hard_start_xmit+0x6dc/0xde0 [ 452.018546] __dev_queue_xmit+0x2d9e/0x3e00 [ 452.018546] ? __msan_poison_alloca+0x1e0/0x270 [ 452.018546] dev_queue_xmit+0x4b/0x60 [ 452.018546] neigh_direct_output+0x42/0x50 [ 452.018546] ? neigh_connected_output+0x700/0x700 [ 452.018546] ip_finish_output2+0x141a/0x1560 [ 452.018546] ip_do_fragment+0x1b42/0x3f10 [ 452.018546] ? ip_fragment+0x400/0x400 [ 452.018546] ip_fragment+0x247/0x400 [ 452.018546] ip_finish_output+0x1056/0x10f0 [ 452.018546] ip_mc_output+0xf25/0x10f0 [ 452.018546] ? ip_mc_finish_output+0x440/0x440 [ 452.018546] ? ip_build_and_send_pkt+0xe60/0xe60 [ 452.018546] ip_push_pending_frames+0x243/0x470 [ 452.018546] raw_sendmsg+0x2e54/0x45c0 [ 452.018546] ? __msan_poison_alloca+0x1a0/0x270 [ 452.018546] ? compat_raw_ioctl+0x100/0x100 [ 452.018546] inet_sendmsg+0x4e9/0x800 [ 452.018546] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 452.018546] ? security_socket_sendmsg+0x1bd/0x200 [ 452.018546] ? inet_getname+0x490/0x490 [ 452.018546] __sys_sendto+0x940/0xb80 [ 452.018546] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 452.018546] ? prepare_exit_to_usermode+0x182/0x4c0 [ 452.018546] __se_sys_sendto+0x107/0x130 [ 452.018546] __x64_sys_sendto+0x6e/0x90 [ 452.018546] do_syscall_64+0xcf/0x110 [ 452.018546] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.018546] RIP: 0033:0x457569 [ 452.018546] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 452.018546] RSP: 002b:00007fedb9668c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 452.018546] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 452.018546] RDX: 000000000000fe7a RSI: 0000000020000080 RDI: 000000000000000e [ 452.018546] RBP: 000000000072c040 R08: 00000000200001c0 R09: 0000000000000010 [ 452.018546] R10: 0000000060c10000 R11: 0000000000000246 R12: 00007fedb96696d4 [ 452.018546] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 452.018546] Uninit was stored to memory at: [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] __msan_chain_origin+0x6d/0xb0 [ 452.018546] __save_stack_trace+0x8be/0xc60 [ 452.018546] save_stack_trace+0xc6/0x110 [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] kmsan_memcpy_origins+0x13d/0x190 [ 452.018546] __msan_memcpy+0x6f/0x80 [ 452.018546] pskb_expand_head+0x436/0x1d20 [ 452.018546] ip_tunnel_xmit+0x35a3/0x3d90 [ 452.018546] sit_tunnel_xmit+0xbf8/0x3d40 [ 452.018546] dev_hard_start_xmit+0x6dc/0xde0 [ 452.018546] __dev_queue_xmit+0x2d9e/0x3e00 [ 452.018546] dev_queue_xmit+0x4b/0x60 [ 452.018546] neigh_direct_output+0x42/0x50 [ 452.018546] ip_finish_output2+0x141a/0x1560 [ 452.018546] ip_do_fragment+0x1b42/0x3f10 [ 452.018546] ip_fragment+0x247/0x400 [ 452.018546] ip_finish_output+0x1056/0x10f0 [ 452.018546] ip_mc_output+0xf25/0x10f0 [ 452.018546] ip_push_pending_frames+0x243/0x470 [ 452.018546] raw_sendmsg+0x2e54/0x45c0 [ 452.018546] inet_sendmsg+0x4e9/0x800 [ 452.018546] __sys_sendto+0x940/0xb80 [ 452.018546] __se_sys_sendto+0x107/0x130 [ 452.018546] __x64_sys_sendto+0x6e/0x90 [ 452.018546] do_syscall_64+0xcf/0x110 [ 452.018546] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.018546] [ 452.018546] Uninit was stored to memory at: [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] __msan_chain_origin+0x6d/0xb0 [ 452.018546] __save_stack_trace+0x8be/0xc60 [ 452.018546] save_stack_trace+0xc6/0x110 [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] kmsan_memcpy_origins+0x13d/0x190 [ 452.018546] __msan_memcpy+0x6f/0x80 [ 452.018546] pskb_expand_head+0x436/0x1d20 [ 452.018546] ip_tunnel_xmit+0x35a3/0x3d90 [ 452.018546] sit_tunnel_xmit+0xbf8/0x3d40 [ 452.018546] dev_hard_start_xmit+0x6dc/0xde0 [ 452.018546] __dev_queue_xmit+0x2d9e/0x3e00 [ 452.018546] dev_queue_xmit+0x4b/0x60 [ 452.018546] neigh_direct_output+0x42/0x50 [ 452.018546] ip_finish_output2+0x141a/0x1560 [ 452.018546] ip_do_fragment+0x1b42/0x3f10 [ 452.018546] ip_fragment+0x247/0x400 [ 452.018546] ip_finish_output+0x1056/0x10f0 [ 452.018546] ip_mc_output+0xf25/0x10f0 [ 452.018546] ip_push_pending_frames+0x243/0x470 [ 452.018546] raw_sendmsg+0x2e54/0x45c0 [ 452.018546] inet_sendmsg+0x4e9/0x800 [ 452.018546] __sys_sendto+0x940/0xb80 [ 452.018546] __se_sys_sendto+0x107/0x130 [ 452.018546] __x64_sys_sendto+0x6e/0x90 [ 452.018546] do_syscall_64+0xcf/0x110 [ 452.018546] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.018546] [ 452.018546] Uninit was stored to memory at: [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] __msan_chain_origin+0x6d/0xb0 [ 452.018546] __save_stack_trace+0x8be/0xc60 [ 452.018546] save_stack_trace+0xc6/0x110 [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] kmsan_memcpy_origins+0x13d/0x190 [ 452.018546] __msan_memcpy+0x6f/0x80 [ 452.018546] pskb_expand_head+0x436/0x1d20 [ 452.018546] ip_tunnel_xmit+0x35a3/0x3d90 [ 452.018546] sit_tunnel_xmit+0xbf8/0x3d40 [ 452.018546] dev_hard_start_xmit+0x6dc/0xde0 [ 452.018546] __dev_queue_xmit+0x2d9e/0x3e00 [ 452.018546] dev_queue_xmit+0x4b/0x60 [ 452.018546] neigh_direct_output+0x42/0x50 [ 452.018546] ip_finish_output2+0x141a/0x1560 [ 452.018546] ip_do_fragment+0x1b42/0x3f10 [ 452.018546] ip_fragment+0x247/0x400 [ 452.018546] ip_finish_output+0x1056/0x10f0 [ 452.018546] ip_mc_output+0xf25/0x10f0 [ 452.018546] ip_push_pending_frames+0x243/0x470 [ 452.018546] raw_sendmsg+0x2e54/0x45c0 [ 452.018546] inet_sendmsg+0x4e9/0x800 [ 452.018546] __sys_sendto+0x940/0xb80 [ 452.018546] __se_sys_sendto+0x107/0x130 [ 452.018546] __x64_sys_sendto+0x6e/0x90 [ 452.018546] do_syscall_64+0xcf/0x110 [ 452.018546] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.018546] [ 452.018546] Uninit was stored to memory at: [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] __msan_chain_origin+0x6d/0xb0 [ 452.018546] __save_stack_trace+0x8be/0xc60 [ 452.018546] save_stack_trace+0xc6/0x110 [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] kmsan_memcpy_origins+0x13d/0x190 [ 452.018546] __msan_memcpy+0x6f/0x80 [ 452.018546] pskb_expand_head+0x436/0x1d20 [ 452.018546] ip_tunnel_xmit+0x35a3/0x3d90 [ 452.018546] sit_tunnel_xmit+0xbf8/0x3d40 [ 452.018546] dev_hard_start_xmit+0x6dc/0xde0 [ 452.018546] __dev_queue_xmit+0x2d9e/0x3e00 [ 452.018546] dev_queue_xmit+0x4b/0x60 [ 452.018546] neigh_direct_output+0x42/0x50 [ 452.018546] ip_finish_output2+0x141a/0x1560 [ 452.018546] ip_do_fragment+0x1b42/0x3f10 [ 452.018546] ip_fragment+0x247/0x400 [ 452.018546] ip_finish_output+0x1056/0x10f0 [ 452.018546] ip_mc_output+0xf25/0x10f0 [ 452.018546] ip_push_pending_frames+0x243/0x470 [ 452.018546] raw_sendmsg+0x2e54/0x45c0 [ 452.018546] inet_sendmsg+0x4e9/0x800 [ 452.018546] __sys_sendto+0x940/0xb80 [ 452.018546] __se_sys_sendto+0x107/0x130 [ 452.018546] __x64_sys_sendto+0x6e/0x90 [ 452.018546] do_syscall_64+0xcf/0x110 [ 452.018546] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.018546] [ 452.018546] Uninit was stored to memory at: [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] __msan_chain_origin+0x6d/0xb0 [ 452.018546] __save_stack_trace+0x8be/0xc60 [ 452.018546] save_stack_trace+0xc6/0x110 [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] kmsan_memcpy_origins+0x13d/0x190 [ 452.018546] __msan_memcpy+0x6f/0x80 [ 452.018546] pskb_expand_head+0x436/0x1d20 [ 452.018546] ip_tunnel_xmit+0x35a3/0x3d90 [ 452.018546] sit_tunnel_xmit+0xbf8/0x3d40 [ 452.018546] dev_hard_start_xmit+0x6dc/0xde0 [ 452.018546] __dev_queue_xmit+0x2d9e/0x3e00 [ 452.018546] dev_queue_xmit+0x4b/0x60 [ 452.018546] neigh_direct_output+0x42/0x50 [ 452.018546] ip_finish_output2+0x141a/0x1560 [ 452.018546] ip_do_fragment+0x1b42/0x3f10 [ 452.018546] ip_fragment+0x247/0x400 [ 452.018546] ip_finish_output+0x1056/0x10f0 [ 452.018546] ip_mc_output+0xf25/0x10f0 [ 452.018546] ip_push_pending_frames+0x243/0x470 [ 452.018546] raw_sendmsg+0x2e54/0x45c0 [ 452.018546] inet_sendmsg+0x4e9/0x800 [ 452.018546] __sys_sendto+0x940/0xb80 [ 452.018546] __se_sys_sendto+0x107/0x130 [ 452.018546] __x64_sys_sendto+0x6e/0x90 [ 452.018546] do_syscall_64+0xcf/0x110 [ 452.018546] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.018546] [ 452.018546] Uninit was stored to memory at: [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] __msan_chain_origin+0x6d/0xb0 [ 452.018546] __save_stack_trace+0x8be/0xc60 [ 452.018546] save_stack_trace+0xc6/0x110 [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] kmsan_memcpy_origins+0x13d/0x190 [ 452.018546] __msan_memcpy+0x6f/0x80 [ 452.018546] pskb_expand_head+0x436/0x1d20 [ 452.018546] ip_tunnel_xmit+0x35a3/0x3d90 [ 452.018546] sit_tunnel_xmit+0xbf8/0x3d40 [ 452.018546] dev_hard_start_xmit+0x6dc/0xde0 [ 452.018546] __dev_queue_xmit+0x2d9e/0x3e00 [ 452.018546] dev_queue_xmit+0x4b/0x60 [ 452.018546] neigh_direct_output+0x42/0x50 [ 452.018546] ip_finish_output2+0x141a/0x1560 [ 452.018546] ip_do_fragment+0x1b42/0x3f10 [ 452.018546] ip_fragment+0x247/0x400 [ 452.018546] ip_finish_output+0x1056/0x10f0 [ 452.018546] ip_mc_output+0xf25/0x10f0 [ 452.018546] ip_push_pending_frames+0x243/0x470 [ 452.018546] raw_sendmsg+0x2e54/0x45c0 [ 452.018546] inet_sendmsg+0x4e9/0x800 [ 452.018546] __sys_sendto+0x940/0xb80 [ 452.018546] __se_sys_sendto+0x107/0x130 [ 452.018546] __x64_sys_sendto+0x6e/0x90 [ 452.018546] do_syscall_64+0xcf/0x110 [ 452.018546] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.018546] [ 452.018546] Uninit was stored to memory at: [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] __msan_chain_origin+0x6d/0xb0 [ 452.018546] __save_stack_trace+0x8be/0xc60 [ 452.018546] save_stack_trace+0xc6/0x110 [ 452.018546] kmsan_internal_chain_origin+0x136/0x240 [ 452.018546] kmsan_memcpy_origins+0x13d/0x190 [ 452.018546] __msan_memcpy+0x6f/0x80 [ 452.018546] pskb_expand_head+0x436/0x1d20 [ 452.018546] ip_tunnel_xmit+0x35a3/0x3d90 [ 452.018546] sit_tunnel_xmit+0xbf8/0x3d40 [ 452.018546] dev_hard_start_xmit+0x6dc/0xde0 [ 452.018546] __dev_queue_xmit+0x2d9e/0x3e00 [ 452.018546] dev_queue_xmit+0x4b/0x60 [ 452.018546] neigh_direct_output+0x42/0x50 [ 452.018546] ip_finish_output2+0x141a/0x1560 [ 452.018546] ip_do_fragment+0x1b42/0x3f10 [ 452.018546] ip_fragment+0x247/0x400 [ 452.018546] ip_finish_output+0x1056/0x10f0 [ 452.018546] ip_mc_output+0xf25/0x10f0 [ 452.018546] ip_push_pending_frames+0x243/0x470 [ 452.018546] raw_sendmsg+0x2e54/0x45c0 [ 452.018546] inet_sendmsg+0x4e9/0x800 [ 452.018546] __sys_sendto+0x940/0xb80 [ 452.018546] __se_sys_sendto+0x107/0x130 [ 452.018546] __x64_sys_sendto+0x6e/0x90 [ 452.018546] do_syscall_64+0xcf/0x110 [ 452.018546] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.018546] [ 452.018546] Local variable description: ----v.addr.i.i@ip_do_fragment [ 452.018546] Variable was created at: [ 452.018546] ip_do_fragment+0xa1/0x3f10 [ 452.018546] ip_fragment+0x247/0x400 [ 453.214943] clocksource: Switched to clocksource acpi_pm 00:34:11 executing program 5: perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000300), &(0x7f0000000340)={0x0, 0x1c9c380}, &(0x7f00000003c0)={&(0x7f0000000380), 0x8}) [ 453.634806] kvm: pic: level sensitive irq not supported [ 453.636970] kvm: pic: single mode not supported [ 453.644847] kvm: pic: single mode not supported [ 453.649807] kvm: pic: level sensitive irq not supported [ 453.673249] kvm: pic: level sensitive irq not supported [ 453.692935] kvm: pic: single mode not supported [ 453.698613] kvm: pic: level sensitive irq not supported [ 453.756983] kvm: pic: level sensitive irq not supported [ 453.767838] kvm: pic: level sensitive irq not supported [ 453.787137] kvm: pic: level sensitive irq not supported [ 453.905855] syz-executor2 (11827) used greatest stack depth: 52176 bytes left 00:34:12 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:12 executing program 4: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000055c0)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000000100)={{0x7fffffff, 0xa}, {}, 0xfdfdffff}) 00:34:12 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x3166b194}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) memfd_create(&(0x7f0000000180)='wlan0\x00', 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$inet(0x2, 0x6000000000000003, 0x6) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000002c0)='sit0\x00', 0x8b) sendto$inet(r1, &(0x7f00000003c0), 0x0, 0x404c0c0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000380)={0x0, 0x0, 0x2ffd}, 0x4) sendto$inet(r1, &(0x7f0000000080), 0xfe7a, 0x60c10000, &(0x7f00000001c0)={0x2, 0x0, @rand_addr}, 0x10) 00:34:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f00000003c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) shutdown(r0, 0x1) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000040), 0x4) 00:34:12 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) execve(&(0x7f0000000640)='./file0\x00', &(0x7f00000000c0), &(0x7f00000007c0)=[&(0x7f0000000080)='fo\x00']) creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmmsg(r0, &(0x7f0000000680), 0x8000424, 0x0) 00:34:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 454.174939] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 454.304661] not chained 110000 origins [ 454.308607] CPU: 0 PID: 11889 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 454.311809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 454.311809] Call Trace: [ 454.311809] dump_stack+0x32d/0x480 [ 454.311809] kmsan_internal_chain_origin+0x222/0x240 [ 454.311809] ? save_stack_trace+0xc6/0x110 [ 454.311809] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 454.344674] ? kmsan_internal_chain_origin+0x90/0x240 [ 454.344674] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 454.351770] ? is_bpf_text_address+0x49e/0x4d0 [ 454.358462] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 454.365012] ? in_task_stack+0x12c/0x210 [ 454.365012] __msan_chain_origin+0x6d/0xb0 [ 454.365012] ? ip_fragment+0x247/0x400 [ 454.365012] __save_stack_trace+0x8be/0xc60 [ 454.365012] ? trace_event_raw_event_drv_pre_channel_switch+0x7bd/0xce0 [ 454.365012] ? ip_fragment+0x247/0x400 [ 454.365012] save_stack_trace+0xc6/0x110 [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] ? inet_sendmsg+0x4e9/0x800 [ 454.397039] ? kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] ? kmsan_memcpy_origins+0x13d/0x190 [ 454.397039] ? __msan_memcpy+0x6f/0x80 [ 454.397039] ? pskb_expand_head+0x436/0x1d20 [ 454.397039] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 454.397039] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 454.397039] ? dev_hard_start_xmit+0x6dc/0xde0 [ 454.397039] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 454.397039] ? dev_queue_xmit+0x4b/0x60 [ 454.397039] ? neigh_direct_output+0x42/0x50 [ 454.397039] ? ip_finish_output2+0x141a/0x1560 [ 454.397039] ? ip_do_fragment+0x1b42/0x3f10 [ 454.397039] ? ip_fragment+0x247/0x400 [ 454.397039] ? ip_finish_output+0x1056/0x10f0 [ 454.397039] ? ip_mc_output+0xf25/0x10f0 [ 454.397039] ? ip_push_pending_frames+0x243/0x470 [ 454.397039] ? raw_sendmsg+0x2e54/0x45c0 [ 454.397039] ? inet_sendmsg+0x4e9/0x800 [ 454.397039] ? __sys_sendto+0x940/0xb80 [ 454.397039] ? __se_sys_sendto+0x107/0x130 [ 454.397039] ? __x64_sys_sendto+0x6e/0x90 [ 454.397039] ? do_syscall_64+0xcf/0x110 [ 454.397039] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.397039] ? __msan_get_context_state+0x9/0x20 [ 454.397039] ? INIT_INT+0xc/0x30 [ 454.397039] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 454.397039] kmsan_memcpy_origins+0x13d/0x190 [ 454.397039] __msan_memcpy+0x6f/0x80 [ 454.397039] pskb_expand_head+0x436/0x1d20 [ 454.397039] ip_tunnel_xmit+0x35a3/0x3d90 [ 454.397039] sit_tunnel_xmit+0xbf8/0x3d40 [ 454.397039] ? packet_direct_xmit+0x3d0/0x3d0 [ 454.397039] ? dev_queue_xmit_nit+0x1222/0x1320 [ 454.397039] ? ipip6_tunnel_uninit+0x800/0x800 [ 454.397039] dev_hard_start_xmit+0x6dc/0xde0 [ 454.397039] __dev_queue_xmit+0x2d9e/0x3e00 [ 454.397039] ? __msan_poison_alloca+0x1e0/0x270 [ 454.397039] dev_queue_xmit+0x4b/0x60 [ 454.397039] neigh_direct_output+0x42/0x50 [ 454.397039] ? neigh_connected_output+0x700/0x700 [ 454.397039] ip_finish_output2+0x141a/0x1560 [ 454.397039] ip_do_fragment+0x1b42/0x3f10 [ 454.397039] ? ip_fragment+0x400/0x400 [ 454.397039] ip_fragment+0x247/0x400 [ 454.397039] ip_finish_output+0x1056/0x10f0 [ 454.397039] ip_mc_output+0xf25/0x10f0 [ 454.397039] ? ip_mc_finish_output+0x440/0x440 [ 454.397039] ? ip_build_and_send_pkt+0xe60/0xe60 [ 454.397039] ip_push_pending_frames+0x243/0x470 [ 454.397039] raw_sendmsg+0x2e54/0x45c0 [ 454.397039] ? __msan_poison_alloca+0x1a0/0x270 [ 454.397039] ? compat_raw_ioctl+0x100/0x100 [ 454.397039] inet_sendmsg+0x4e9/0x800 [ 454.397039] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 454.397039] ? security_socket_sendmsg+0x1bd/0x200 [ 454.397039] ? inet_getname+0x490/0x490 [ 454.397039] __sys_sendto+0x940/0xb80 [ 454.397039] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 454.397039] ? prepare_exit_to_usermode+0x182/0x4c0 [ 454.397039] __se_sys_sendto+0x107/0x130 [ 454.397039] __x64_sys_sendto+0x6e/0x90 [ 454.397039] do_syscall_64+0xcf/0x110 [ 454.397039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.397039] RIP: 0033:0x457569 [ 454.397039] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 454.397039] RSP: 002b:00007fedb96aac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 454.397039] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 454.397039] RDX: 000000000000fe7a RSI: 0000000020000080 RDI: 0000000000000008 [ 454.397039] RBP: 000000000072bf00 R08: 00000000200001c0 R09: 0000000000000010 [ 454.397039] R10: 0000000060c10000 R11: 0000000000000246 R12: 00007fedb96ab6d4 [ 454.397039] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 454.397039] Uninit was stored to memory at: [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] __msan_chain_origin+0x6d/0xb0 [ 454.397039] __save_stack_trace+0x8be/0xc60 [ 454.397039] save_stack_trace+0xc6/0x110 [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] kmsan_memcpy_origins+0x13d/0x190 [ 454.397039] __msan_memcpy+0x6f/0x80 [ 454.397039] pskb_expand_head+0x436/0x1d20 [ 454.397039] ip_tunnel_xmit+0x35a3/0x3d90 [ 454.397039] sit_tunnel_xmit+0xbf8/0x3d40 [ 454.397039] dev_hard_start_xmit+0x6dc/0xde0 [ 454.397039] __dev_queue_xmit+0x2d9e/0x3e00 [ 454.397039] dev_queue_xmit+0x4b/0x60 [ 454.397039] neigh_direct_output+0x42/0x50 [ 454.397039] ip_finish_output2+0x141a/0x1560 [ 454.397039] ip_do_fragment+0x1b42/0x3f10 [ 454.397039] ip_fragment+0x247/0x400 [ 454.397039] ip_finish_output+0x1056/0x10f0 [ 454.397039] ip_mc_output+0xf25/0x10f0 [ 454.397039] ip_push_pending_frames+0x243/0x470 [ 454.397039] raw_sendmsg+0x2e54/0x45c0 [ 454.397039] inet_sendmsg+0x4e9/0x800 [ 454.397039] __sys_sendto+0x940/0xb80 [ 454.397039] __se_sys_sendto+0x107/0x130 [ 454.397039] __x64_sys_sendto+0x6e/0x90 [ 454.397039] do_syscall_64+0xcf/0x110 [ 454.397039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.397039] [ 454.397039] Uninit was stored to memory at: [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] __msan_chain_origin+0x6d/0xb0 [ 454.397039] __save_stack_trace+0x8be/0xc60 [ 454.397039] save_stack_trace+0xc6/0x110 [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] kmsan_memcpy_origins+0x13d/0x190 [ 454.397039] __msan_memcpy+0x6f/0x80 [ 454.397039] pskb_expand_head+0x436/0x1d20 [ 454.397039] ip_tunnel_xmit+0x35a3/0x3d90 [ 454.397039] sit_tunnel_xmit+0xbf8/0x3d40 [ 454.397039] dev_hard_start_xmit+0x6dc/0xde0 [ 454.397039] __dev_queue_xmit+0x2d9e/0x3e00 [ 454.397039] dev_queue_xmit+0x4b/0x60 [ 454.397039] neigh_direct_output+0x42/0x50 [ 454.397039] ip_finish_output2+0x141a/0x1560 [ 454.397039] ip_do_fragment+0x1b42/0x3f10 [ 454.397039] ip_fragment+0x247/0x400 [ 454.397039] ip_finish_output+0x1056/0x10f0 [ 454.397039] ip_mc_output+0xf25/0x10f0 [ 454.397039] ip_push_pending_frames+0x243/0x470 [ 454.397039] raw_sendmsg+0x2e54/0x45c0 [ 454.397039] inet_sendmsg+0x4e9/0x800 [ 454.397039] __sys_sendto+0x940/0xb80 [ 454.397039] __se_sys_sendto+0x107/0x130 [ 454.397039] __x64_sys_sendto+0x6e/0x90 [ 454.397039] do_syscall_64+0xcf/0x110 [ 454.397039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.397039] [ 454.397039] Uninit was stored to memory at: [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] __msan_chain_origin+0x6d/0xb0 [ 454.397039] __save_stack_trace+0x8be/0xc60 [ 454.397039] save_stack_trace+0xc6/0x110 [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] kmsan_memcpy_origins+0x13d/0x190 [ 454.397039] __msan_memcpy+0x6f/0x80 [ 454.397039] pskb_expand_head+0x436/0x1d20 [ 454.397039] ip_tunnel_xmit+0x35a3/0x3d90 [ 454.397039] sit_tunnel_xmit+0xbf8/0x3d40 [ 454.397039] dev_hard_start_xmit+0x6dc/0xde0 [ 454.397039] __dev_queue_xmit+0x2d9e/0x3e00 [ 454.397039] dev_queue_xmit+0x4b/0x60 [ 454.397039] neigh_direct_output+0x42/0x50 [ 454.397039] ip_finish_output2+0x141a/0x1560 [ 454.397039] ip_do_fragment+0x1b42/0x3f10 [ 454.397039] ip_fragment+0x247/0x400 [ 454.397039] ip_finish_output+0x1056/0x10f0 [ 454.397039] ip_mc_output+0xf25/0x10f0 [ 454.397039] ip_push_pending_frames+0x243/0x470 [ 454.397039] raw_sendmsg+0x2e54/0x45c0 [ 454.397039] inet_sendmsg+0x4e9/0x800 [ 454.397039] __sys_sendto+0x940/0xb80 [ 454.397039] __se_sys_sendto+0x107/0x130 [ 454.397039] __x64_sys_sendto+0x6e/0x90 [ 454.397039] do_syscall_64+0xcf/0x110 [ 454.397039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.397039] [ 454.397039] Uninit was stored to memory at: [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] __msan_chain_origin+0x6d/0xb0 [ 454.397039] __save_stack_trace+0x8be/0xc60 [ 454.397039] save_stack_trace+0xc6/0x110 [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] kmsan_memcpy_origins+0x13d/0x190 [ 454.397039] __msan_memcpy+0x6f/0x80 [ 454.397039] pskb_expand_head+0x436/0x1d20 [ 454.397039] ip_tunnel_xmit+0x35a3/0x3d90 [ 454.397039] sit_tunnel_xmit+0xbf8/0x3d40 [ 454.397039] dev_hard_start_xmit+0x6dc/0xde0 [ 454.397039] __dev_queue_xmit+0x2d9e/0x3e00 [ 454.397039] dev_queue_xmit+0x4b/0x60 [ 454.397039] neigh_direct_output+0x42/0x50 [ 454.397039] ip_finish_output2+0x141a/0x1560 [ 454.397039] ip_do_fragment+0x1b42/0x3f10 [ 454.397039] ip_fragment+0x247/0x400 [ 454.397039] ip_finish_output+0x1056/0x10f0 [ 454.397039] ip_mc_output+0xf25/0x10f0 [ 454.397039] ip_push_pending_frames+0x243/0x470 [ 454.397039] raw_sendmsg+0x2e54/0x45c0 [ 454.397039] inet_sendmsg+0x4e9/0x800 [ 454.397039] __sys_sendto+0x940/0xb80 [ 454.397039] __se_sys_sendto+0x107/0x130 [ 454.397039] __x64_sys_sendto+0x6e/0x90 [ 454.397039] do_syscall_64+0xcf/0x110 [ 454.397039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.397039] [ 454.397039] Uninit was stored to memory at: [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] __msan_chain_origin+0x6d/0xb0 [ 454.397039] __save_stack_trace+0x8be/0xc60 [ 454.397039] save_stack_trace+0xc6/0x110 [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] kmsan_memcpy_origins+0x13d/0x190 [ 454.397039] __msan_memcpy+0x6f/0x80 [ 454.397039] pskb_expand_head+0x436/0x1d20 [ 454.397039] ip_tunnel_xmit+0x35a3/0x3d90 [ 454.397039] sit_tunnel_xmit+0xbf8/0x3d40 [ 454.397039] dev_hard_start_xmit+0x6dc/0xde0 [ 454.397039] __dev_queue_xmit+0x2d9e/0x3e00 [ 454.397039] dev_queue_xmit+0x4b/0x60 [ 454.397039] neigh_direct_output+0x42/0x50 [ 454.397039] ip_finish_output2+0x141a/0x1560 [ 454.397039] ip_do_fragment+0x1b42/0x3f10 [ 454.397039] ip_fragment+0x247/0x400 [ 454.397039] ip_finish_output+0x1056/0x10f0 [ 454.397039] ip_mc_output+0xf25/0x10f0 [ 454.397039] ip_push_pending_frames+0x243/0x470 [ 454.397039] raw_sendmsg+0x2e54/0x45c0 [ 454.397039] inet_sendmsg+0x4e9/0x800 [ 454.397039] __sys_sendto+0x940/0xb80 [ 454.397039] __se_sys_sendto+0x107/0x130 [ 454.397039] __x64_sys_sendto+0x6e/0x90 [ 454.397039] do_syscall_64+0xcf/0x110 [ 454.397039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.397039] [ 454.397039] Uninit was stored to memory at: [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] __msan_chain_origin+0x6d/0xb0 [ 454.397039] __save_stack_trace+0x8be/0xc60 [ 454.397039] save_stack_trace+0xc6/0x110 [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] kmsan_memcpy_origins+0x13d/0x190 [ 454.397039] __msan_memcpy+0x6f/0x80 [ 454.397039] pskb_expand_head+0x436/0x1d20 [ 454.397039] ip_tunnel_xmit+0x35a3/0x3d90 [ 454.397039] sit_tunnel_xmit+0xbf8/0x3d40 [ 454.397039] dev_hard_start_xmit+0x6dc/0xde0 [ 454.397039] __dev_queue_xmit+0x2d9e/0x3e00 [ 454.397039] dev_queue_xmit+0x4b/0x60 [ 454.397039] neigh_direct_output+0x42/0x50 [ 454.397039] ip_finish_output2+0x141a/0x1560 [ 454.397039] ip_do_fragment+0x1b42/0x3f10 [ 454.397039] ip_fragment+0x247/0x400 [ 454.397039] ip_finish_output+0x1056/0x10f0 [ 454.397039] ip_mc_output+0xf25/0x10f0 [ 454.397039] ip_push_pending_frames+0x243/0x470 [ 454.397039] raw_sendmsg+0x2e54/0x45c0 [ 454.397039] inet_sendmsg+0x4e9/0x800 [ 454.397039] __sys_sendto+0x940/0xb80 [ 454.397039] __se_sys_sendto+0x107/0x130 [ 454.397039] __x64_sys_sendto+0x6e/0x90 [ 454.397039] do_syscall_64+0xcf/0x110 [ 454.397039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.397039] [ 454.397039] Uninit was stored to memory at: [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] __msan_chain_origin+0x6d/0xb0 [ 454.397039] __save_stack_trace+0x8be/0xc60 [ 454.397039] save_stack_trace+0xc6/0x110 [ 454.397039] kmsan_internal_chain_origin+0x136/0x240 [ 454.397039] kmsan_memcpy_origins+0x13d/0x190 [ 454.397039] __msan_memcpy+0x6f/0x80 [ 454.397039] pskb_expand_head+0x436/0x1d20 [ 454.397039] ip_tunnel_xmit+0x35a3/0x3d90 [ 454.397039] sit_tunnel_xmit+0xbf8/0x3d40 [ 454.397039] dev_hard_start_xmit+0x6dc/0xde0 [ 454.397039] __dev_queue_xmit+0x2d9e/0x3e00 [ 454.397039] dev_queue_xmit+0x4b/0x60 [ 454.397039] neigh_direct_output+0x42/0x50 [ 454.397039] ip_finish_output2+0x141a/0x1560 [ 454.397039] ip_do_fragment+0x1b42/0x3f10 [ 454.397039] ip_fragment+0x247/0x400 [ 454.397039] ip_finish_output+0x1056/0x10f0 [ 454.397039] ip_mc_output+0xf25/0x10f0 [ 454.397039] ip_push_pending_frames+0x243/0x470 [ 454.397039] raw_sendmsg+0x2e54/0x45c0 [ 454.397039] inet_sendmsg+0x4e9/0x800 [ 454.397039] __sys_sendto+0x940/0xb80 [ 454.397039] __se_sys_sendto+0x107/0x130 [ 454.397039] __x64_sys_sendto+0x6e/0x90 [ 454.397039] do_syscall_64+0xcf/0x110 [ 454.397039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.397039] [ 454.397039] Local variable description: ----v.addr.i.i@ip_do_fragment [ 454.397039] Variable was created at: [ 454.397039] ip_do_fragment+0xa1/0x3f10 00:34:13 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(0xffffffffffffffff, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:13 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0xee6a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4864, 0x0, 0x0, 0x0, 0x4000000002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10025, 0x0, 0x800000000, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000008c0), 0xffffffffffffffff) lstat(&(0x7f0000000600)='./file0/file0\x00', &(0x7f0000000680)) r0 = getpid() r1 = socket(0x10, 0x802, 0x0) fstat(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setregid(0x0, r2) rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$poke(0x5, r0, &(0x7f0000000040), 0x0) [ 454.397039] ip_fragment+0x247/0x400 [ 455.676984] not chained 120000 origins [ 455.680915] CPU: 0 PID: 11889 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 455.686395] kvm: pic: level sensitive irq not supported [ 455.687275] kvm: pic: single mode not supported [ 455.681661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 455.681661] Call Trace: [ 455.710123] dump_stack+0x32d/0x480 [ 455.710123] kmsan_internal_chain_origin+0x222/0x240 [ 455.710123] ? save_stack_trace+0xc6/0x110 [ 455.710123] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 455.710123] ? kmsan_internal_chain_origin+0x90/0x240 [ 455.729387] kvm: pic: single mode not supported [ 455.729407] kvm: pic: level sensitive irq not supported [ 455.710123] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 455.710123] ? is_bpf_text_address+0x49e/0x4d0 [ 455.710123] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 455.710123] ? in_task_stack+0x12c/0x210 [ 455.710123] __msan_chain_origin+0x6d/0xb0 [ 455.710123] ? ip_fragment+0x247/0x400 [ 455.710123] __save_stack_trace+0x8be/0xc60 [ 455.710123] ? ip_fragment+0x247/0x400 [ 455.710123] save_stack_trace+0xc6/0x110 [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] ? inet_sendmsg+0x4e9/0x800 [ 455.710123] ? kmsan_internal_chain_origin+0x136/0x240 [ 455.776627] kvm: pic: level sensitive irq not supported [ 455.781317] kvm: pic: single mode not supported [ 455.710123] ? kmsan_memcpy_origins+0x13d/0x190 [ 455.710123] ? __msan_memcpy+0x6f/0x80 [ 455.710123] ? pskb_expand_head+0x436/0x1d20 [ 455.710123] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 455.710123] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 455.710123] ? dev_hard_start_xmit+0x6dc/0xde0 [ 455.710123] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 455.710123] ? dev_queue_xmit+0x4b/0x60 [ 455.710123] ? neigh_direct_output+0x42/0x50 [ 455.710123] ? ip_finish_output2+0x141a/0x1560 [ 455.710123] ? ip_do_fragment+0x1b42/0x3f10 [ 455.710123] ? ip_fragment+0x247/0x400 [ 455.710123] ? ip_finish_output+0x1056/0x10f0 [ 455.710123] ? ip_mc_output+0xf25/0x10f0 [ 455.710123] ? ip_push_pending_frames+0x243/0x470 [ 455.710123] ? raw_sendmsg+0x2e54/0x45c0 [ 455.710123] ? inet_sendmsg+0x4e9/0x800 [ 455.710123] ? __sys_sendto+0x940/0xb80 [ 455.710123] ? __se_sys_sendto+0x107/0x130 [ 455.710123] ? __x64_sys_sendto+0x6e/0x90 [ 455.710123] ? do_syscall_64+0xcf/0x110 [ 455.710123] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.710123] ? __msan_get_context_state+0x9/0x20 [ 455.710123] ? INIT_INT+0xc/0x30 [ 455.710123] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 455.710123] kmsan_memcpy_origins+0x13d/0x190 [ 455.710123] __msan_memcpy+0x6f/0x80 [ 455.710123] pskb_expand_head+0x436/0x1d20 [ 455.710123] ip_tunnel_xmit+0x35a3/0x3d90 [ 455.710123] sit_tunnel_xmit+0xbf8/0x3d40 [ 455.710123] ? packet_direct_xmit+0x3d0/0x3d0 [ 455.710123] ? dev_queue_xmit_nit+0x1222/0x1320 [ 455.710123] ? ipip6_tunnel_uninit+0x800/0x800 [ 455.710123] dev_hard_start_xmit+0x6dc/0xde0 [ 455.710123] __dev_queue_xmit+0x2d9e/0x3e00 [ 455.710123] ? __msan_poison_alloca+0x1e0/0x270 [ 455.710123] dev_queue_xmit+0x4b/0x60 [ 455.710123] neigh_direct_output+0x42/0x50 [ 455.710123] ? neigh_connected_output+0x700/0x700 [ 455.710123] ip_finish_output2+0x141a/0x1560 [ 455.710123] ip_do_fragment+0x1b42/0x3f10 [ 455.710123] ? ip_fragment+0x400/0x400 [ 455.710123] ip_fragment+0x247/0x400 [ 455.710123] ip_finish_output+0x1056/0x10f0 [ 455.710123] ip_mc_output+0xf25/0x10f0 [ 455.710123] ? ip_mc_finish_output+0x440/0x440 [ 455.710123] ? ip_build_and_send_pkt+0xe60/0xe60 [ 455.710123] ip_push_pending_frames+0x243/0x470 [ 455.710123] raw_sendmsg+0x2e54/0x45c0 [ 455.710123] ? __msan_poison_alloca+0x1a0/0x270 [ 455.710123] ? compat_raw_ioctl+0x100/0x100 [ 455.710123] inet_sendmsg+0x4e9/0x800 [ 455.710123] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 455.710123] ? security_socket_sendmsg+0x1bd/0x200 [ 455.710123] ? inet_getname+0x490/0x490 [ 455.710123] __sys_sendto+0x940/0xb80 [ 455.710123] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 455.710123] ? prepare_exit_to_usermode+0x182/0x4c0 [ 455.710123] __se_sys_sendto+0x107/0x130 [ 455.710123] __x64_sys_sendto+0x6e/0x90 [ 455.710123] do_syscall_64+0xcf/0x110 [ 455.710123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.710123] RIP: 0033:0x457569 [ 455.710123] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 455.710123] RSP: 002b:00007fedb96aac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 455.710123] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 455.710123] RDX: 000000000000fe7a RSI: 0000000020000080 RDI: 0000000000000008 [ 455.710123] RBP: 000000000072bf00 R08: 00000000200001c0 R09: 0000000000000010 [ 455.710123] R10: 0000000060c10000 R11: 0000000000000246 R12: 00007fedb96ab6d4 [ 455.710123] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 455.710123] Uninit was stored to memory at: [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] __msan_chain_origin+0x6d/0xb0 [ 455.710123] __save_stack_trace+0x8be/0xc60 [ 455.710123] save_stack_trace+0xc6/0x110 [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] kmsan_memcpy_origins+0x13d/0x190 [ 455.710123] __msan_memcpy+0x6f/0x80 [ 455.710123] pskb_expand_head+0x436/0x1d20 [ 455.710123] ip_tunnel_xmit+0x35a3/0x3d90 [ 455.710123] sit_tunnel_xmit+0xbf8/0x3d40 [ 455.710123] dev_hard_start_xmit+0x6dc/0xde0 [ 455.710123] __dev_queue_xmit+0x2d9e/0x3e00 [ 455.710123] dev_queue_xmit+0x4b/0x60 [ 455.710123] neigh_direct_output+0x42/0x50 [ 455.710123] ip_finish_output2+0x141a/0x1560 [ 455.710123] ip_do_fragment+0x1b42/0x3f10 [ 455.710123] ip_fragment+0x247/0x400 [ 455.710123] ip_finish_output+0x1056/0x10f0 [ 455.710123] ip_mc_output+0xf25/0x10f0 [ 455.710123] ip_push_pending_frames+0x243/0x470 [ 455.710123] raw_sendmsg+0x2e54/0x45c0 [ 455.710123] inet_sendmsg+0x4e9/0x800 [ 455.710123] __sys_sendto+0x940/0xb80 [ 455.710123] __se_sys_sendto+0x107/0x130 [ 455.710123] __x64_sys_sendto+0x6e/0x90 [ 455.710123] do_syscall_64+0xcf/0x110 [ 455.710123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.710123] [ 455.710123] Uninit was stored to memory at: [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] __msan_chain_origin+0x6d/0xb0 [ 455.710123] __save_stack_trace+0x8be/0xc60 [ 455.710123] save_stack_trace+0xc6/0x110 [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] kmsan_memcpy_origins+0x13d/0x190 [ 455.710123] __msan_memcpy+0x6f/0x80 [ 455.710123] pskb_expand_head+0x436/0x1d20 [ 455.710123] ip_tunnel_xmit+0x35a3/0x3d90 [ 455.710123] sit_tunnel_xmit+0xbf8/0x3d40 [ 455.710123] dev_hard_start_xmit+0x6dc/0xde0 [ 455.710123] __dev_queue_xmit+0x2d9e/0x3e00 [ 455.710123] dev_queue_xmit+0x4b/0x60 [ 455.710123] neigh_direct_output+0x42/0x50 [ 455.710123] ip_finish_output2+0x141a/0x1560 [ 455.710123] ip_do_fragment+0x1b42/0x3f10 [ 455.710123] ip_fragment+0x247/0x400 [ 455.710123] ip_finish_output+0x1056/0x10f0 [ 455.710123] ip_mc_output+0xf25/0x10f0 [ 455.710123] ip_push_pending_frames+0x243/0x470 [ 455.710123] raw_sendmsg+0x2e54/0x45c0 [ 455.710123] inet_sendmsg+0x4e9/0x800 [ 455.710123] __sys_sendto+0x940/0xb80 [ 455.710123] __se_sys_sendto+0x107/0x130 [ 455.710123] __x64_sys_sendto+0x6e/0x90 [ 455.710123] do_syscall_64+0xcf/0x110 [ 455.710123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.710123] [ 455.710123] Uninit was stored to memory at: [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] __msan_chain_origin+0x6d/0xb0 [ 455.710123] __save_stack_trace+0x8be/0xc60 [ 455.710123] save_stack_trace+0xc6/0x110 [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] kmsan_memcpy_origins+0x13d/0x190 [ 455.710123] __msan_memcpy+0x6f/0x80 [ 455.710123] pskb_expand_head+0x436/0x1d20 [ 455.710123] ip_tunnel_xmit+0x35a3/0x3d90 [ 455.710123] sit_tunnel_xmit+0xbf8/0x3d40 [ 455.710123] dev_hard_start_xmit+0x6dc/0xde0 [ 455.710123] __dev_queue_xmit+0x2d9e/0x3e00 [ 455.710123] dev_queue_xmit+0x4b/0x60 [ 455.710123] neigh_direct_output+0x42/0x50 [ 455.710123] ip_finish_output2+0x141a/0x1560 [ 455.710123] ip_do_fragment+0x1b42/0x3f10 [ 455.710123] ip_fragment+0x247/0x400 [ 455.710123] ip_finish_output+0x1056/0x10f0 [ 455.710123] ip_mc_output+0xf25/0x10f0 [ 455.710123] ip_push_pending_frames+0x243/0x470 [ 455.710123] raw_sendmsg+0x2e54/0x45c0 [ 455.710123] inet_sendmsg+0x4e9/0x800 [ 455.710123] __sys_sendto+0x940/0xb80 [ 455.710123] __se_sys_sendto+0x107/0x130 [ 455.710123] __x64_sys_sendto+0x6e/0x90 [ 455.710123] do_syscall_64+0xcf/0x110 [ 455.710123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.710123] [ 455.710123] Uninit was stored to memory at: [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] __msan_chain_origin+0x6d/0xb0 [ 455.710123] __save_stack_trace+0x8be/0xc60 [ 455.710123] save_stack_trace+0xc6/0x110 [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] kmsan_memcpy_origins+0x13d/0x190 [ 455.710123] __msan_memcpy+0x6f/0x80 [ 455.710123] pskb_expand_head+0x436/0x1d20 [ 455.710123] ip_tunnel_xmit+0x35a3/0x3d90 [ 455.710123] sit_tunnel_xmit+0xbf8/0x3d40 [ 455.710123] dev_hard_start_xmit+0x6dc/0xde0 [ 455.710123] __dev_queue_xmit+0x2d9e/0x3e00 [ 455.710123] dev_queue_xmit+0x4b/0x60 [ 455.710123] neigh_direct_output+0x42/0x50 [ 455.710123] ip_finish_output2+0x141a/0x1560 [ 455.710123] ip_do_fragment+0x1b42/0x3f10 [ 455.710123] ip_fragment+0x247/0x400 [ 455.710123] ip_finish_output+0x1056/0x10f0 [ 455.710123] ip_mc_output+0xf25/0x10f0 [ 455.710123] ip_push_pending_frames+0x243/0x470 [ 455.710123] raw_sendmsg+0x2e54/0x45c0 [ 455.710123] inet_sendmsg+0x4e9/0x800 [ 455.710123] __sys_sendto+0x940/0xb80 [ 455.710123] __se_sys_sendto+0x107/0x130 [ 455.710123] __x64_sys_sendto+0x6e/0x90 [ 455.710123] do_syscall_64+0xcf/0x110 [ 455.710123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.710123] [ 455.710123] Uninit was stored to memory at: [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] __msan_chain_origin+0x6d/0xb0 [ 455.710123] __save_stack_trace+0x8be/0xc60 [ 455.710123] save_stack_trace+0xc6/0x110 [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] kmsan_memcpy_origins+0x13d/0x190 [ 455.710123] __msan_memcpy+0x6f/0x80 [ 455.710123] pskb_expand_head+0x436/0x1d20 [ 455.710123] ip_tunnel_xmit+0x35a3/0x3d90 [ 455.710123] sit_tunnel_xmit+0xbf8/0x3d40 [ 455.710123] dev_hard_start_xmit+0x6dc/0xde0 [ 455.710123] __dev_queue_xmit+0x2d9e/0x3e00 [ 455.710123] dev_queue_xmit+0x4b/0x60 [ 455.710123] neigh_direct_output+0x42/0x50 [ 455.710123] ip_finish_output2+0x141a/0x1560 [ 455.710123] ip_do_fragment+0x1b42/0x3f10 [ 455.710123] ip_fragment+0x247/0x400 [ 455.710123] ip_finish_output+0x1056/0x10f0 [ 455.710123] ip_mc_output+0xf25/0x10f0 [ 455.710123] ip_push_pending_frames+0x243/0x470 [ 455.710123] raw_sendmsg+0x2e54/0x45c0 [ 455.710123] inet_sendmsg+0x4e9/0x800 [ 455.710123] __sys_sendto+0x940/0xb80 [ 455.710123] __se_sys_sendto+0x107/0x130 [ 455.710123] __x64_sys_sendto+0x6e/0x90 [ 455.710123] do_syscall_64+0xcf/0x110 [ 455.710123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.710123] [ 455.710123] Uninit was stored to memory at: [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] __msan_chain_origin+0x6d/0xb0 [ 455.710123] __save_stack_trace+0x8be/0xc60 [ 455.710123] save_stack_trace+0xc6/0x110 [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] kmsan_memcpy_origins+0x13d/0x190 [ 455.710123] __msan_memcpy+0x6f/0x80 [ 455.710123] pskb_expand_head+0x436/0x1d20 [ 455.710123] ip_tunnel_xmit+0x35a3/0x3d90 [ 455.710123] sit_tunnel_xmit+0xbf8/0x3d40 [ 455.710123] dev_hard_start_xmit+0x6dc/0xde0 [ 455.710123] __dev_queue_xmit+0x2d9e/0x3e00 [ 455.710123] dev_queue_xmit+0x4b/0x60 [ 455.710123] neigh_direct_output+0x42/0x50 [ 455.710123] ip_finish_output2+0x141a/0x1560 [ 455.710123] ip_do_fragment+0x1b42/0x3f10 [ 455.710123] ip_fragment+0x247/0x400 [ 455.710123] ip_finish_output+0x1056/0x10f0 [ 455.710123] ip_mc_output+0xf25/0x10f0 [ 455.710123] ip_push_pending_frames+0x243/0x470 [ 455.710123] raw_sendmsg+0x2e54/0x45c0 [ 455.710123] inet_sendmsg+0x4e9/0x800 [ 455.710123] __sys_sendto+0x940/0xb80 [ 455.710123] __se_sys_sendto+0x107/0x130 [ 455.710123] __x64_sys_sendto+0x6e/0x90 [ 455.710123] do_syscall_64+0xcf/0x110 [ 455.710123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.710123] [ 455.710123] Uninit was stored to memory at: [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] __msan_chain_origin+0x6d/0xb0 [ 455.710123] __save_stack_trace+0x8be/0xc60 [ 455.710123] save_stack_trace+0xc6/0x110 [ 455.710123] kmsan_internal_chain_origin+0x136/0x240 [ 455.710123] kmsan_memcpy_origins+0x13d/0x190 [ 455.710123] __msan_memcpy+0x6f/0x80 [ 455.710123] pskb_expand_head+0x436/0x1d20 [ 455.710123] ip_tunnel_xmit+0x35a3/0x3d90 [ 455.710123] sit_tunnel_xmit+0xbf8/0x3d40 [ 455.710123] dev_hard_start_xmit+0x6dc/0xde0 [ 455.710123] __dev_queue_xmit+0x2d9e/0x3e00 [ 455.710123] dev_queue_xmit+0x4b/0x60 [ 455.710123] neigh_direct_output+0x42/0x50 [ 455.710123] ip_finish_output2+0x141a/0x1560 [ 455.710123] ip_do_fragment+0x1b42/0x3f10 [ 455.710123] ip_fragment+0x247/0x400 [ 455.710123] ip_finish_output+0x1056/0x10f0 [ 455.710123] ip_mc_output+0xf25/0x10f0 [ 455.710123] ip_push_pending_frames+0x243/0x470 [ 455.710123] raw_sendmsg+0x2e54/0x45c0 [ 455.710123] inet_sendmsg+0x4e9/0x800 [ 455.710123] __sys_sendto+0x940/0xb80 [ 455.710123] __se_sys_sendto+0x107/0x130 [ 455.710123] __x64_sys_sendto+0x6e/0x90 [ 455.710123] do_syscall_64+0xcf/0x110 [ 455.710123] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.710123] [ 455.710123] Local variable description: ----v.addr.i.i@ip_do_fragment [ 455.710123] Variable was created at: [ 455.710123] ip_do_fragment+0xa1/0x3f10 [ 455.710123] ip_fragment+0x247/0x400 [ 457.083050] not chained 130000 origins [ 457.086990] CPU: 0 PID: 11889 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 457.091669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 457.091669] Call Trace: [ 457.091669] dump_stack+0x32d/0x480 [ 457.091669] kmsan_internal_chain_origin+0x222/0x240 [ 457.091669] ? save_stack_trace+0xc6/0x110 [ 457.091669] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 457.091669] ? kmsan_internal_chain_origin+0x90/0x240 [ 457.091669] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 457.091669] ? is_bpf_text_address+0x49e/0x4d0 [ 457.091669] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 457.091669] ? in_task_stack+0x12c/0x210 [ 457.091669] __msan_chain_origin+0x6d/0xb0 [ 457.091669] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] __save_stack_trace+0x8be/0xc60 [ 457.091669] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] save_stack_trace+0xc6/0x110 [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] ? inet_sendmsg+0x4e9/0x800 [ 457.091669] ? kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] ? kmsan_memcpy_origins+0x13d/0x190 [ 457.091669] ? __msan_memcpy+0x6f/0x80 [ 457.091669] ? pskb_expand_head+0x436/0x1d20 [ 457.091669] ? ip_tunnel_xmit+0x35a3/0x3d90 [ 457.091669] ? sit_tunnel_xmit+0xbf8/0x3d40 [ 457.091669] ? dev_hard_start_xmit+0x6dc/0xde0 [ 457.091669] ? __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] ? dev_queue_xmit+0x4b/0x60 [ 457.091669] ? neigh_direct_output+0x42/0x50 [ 457.091669] ? ip_finish_output2+0x141a/0x1560 [ 457.091669] ? ip_do_fragment+0x1b42/0x3f10 [ 457.091669] ? ip_fragment+0x247/0x400 [ 457.091669] ? ip_finish_output+0x1056/0x10f0 [ 457.091669] ? ip_mc_output+0xf25/0x10f0 [ 457.091669] ? ip_push_pending_frames+0x243/0x470 [ 457.091669] ? raw_sendmsg+0x2e54/0x45c0 [ 457.091669] ? inet_sendmsg+0x4e9/0x800 [ 457.091669] ? __sys_sendto+0x940/0xb80 [ 457.091669] ? __se_sys_sendto+0x107/0x130 [ 457.091669] ? __x64_sys_sendto+0x6e/0x90 [ 457.091669] ? do_syscall_64+0xcf/0x110 [ 457.091669] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.091669] ? __msan_get_context_state+0x9/0x20 [ 457.091669] ? INIT_INT+0xc/0x30 [ 457.091669] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 457.091669] kmsan_memcpy_origins+0x13d/0x190 [ 457.091669] __msan_memcpy+0x6f/0x80 [ 457.091669] pskb_expand_head+0x436/0x1d20 [ 457.091669] ip_tunnel_xmit+0x35a3/0x3d90 [ 457.091669] sit_tunnel_xmit+0xbf8/0x3d40 [ 457.091669] ? packet_direct_xmit+0x3d0/0x3d0 [ 457.091669] ? dev_queue_xmit_nit+0x1222/0x1320 [ 457.091669] ? ipip6_tunnel_uninit+0x800/0x800 [ 457.091669] dev_hard_start_xmit+0x6dc/0xde0 [ 457.091669] __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] ? __msan_poison_alloca+0x1e0/0x270 [ 457.091669] dev_queue_xmit+0x4b/0x60 [ 457.091669] neigh_direct_output+0x42/0x50 [ 457.091669] ? neigh_connected_output+0x700/0x700 [ 457.091669] ip_finish_output2+0x141a/0x1560 [ 457.091669] ip_do_fragment+0x1b42/0x3f10 [ 457.091669] ? ip_fragment+0x400/0x400 [ 457.091669] ip_fragment+0x247/0x400 [ 457.091669] ip_finish_output+0x1056/0x10f0 [ 457.091669] ip_mc_output+0xf25/0x10f0 [ 457.091669] ? ip_mc_finish_output+0x440/0x440 [ 457.091669] ? ip_build_and_send_pkt+0xe60/0xe60 [ 457.091669] ip_push_pending_frames+0x243/0x470 [ 457.091669] raw_sendmsg+0x2e54/0x45c0 [ 457.091669] ? __msan_poison_alloca+0x1a0/0x270 [ 457.091669] ? compat_raw_ioctl+0x100/0x100 [ 457.091669] inet_sendmsg+0x4e9/0x800 [ 457.091669] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 457.091669] ? security_socket_sendmsg+0x1bd/0x200 [ 457.091669] ? inet_getname+0x490/0x490 [ 457.091669] __sys_sendto+0x940/0xb80 [ 457.091669] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 457.091669] ? prepare_exit_to_usermode+0x182/0x4c0 [ 457.091669] __se_sys_sendto+0x107/0x130 [ 457.091669] __x64_sys_sendto+0x6e/0x90 [ 457.091669] do_syscall_64+0xcf/0x110 [ 457.091669] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.091669] RIP: 0033:0x457569 [ 457.091669] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 457.091669] RSP: 002b:00007fedb96aac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 457.091669] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 457.091669] RDX: 000000000000fe7a RSI: 0000000020000080 RDI: 0000000000000008 [ 457.091669] RBP: 000000000072bf00 R08: 00000000200001c0 R09: 0000000000000010 [ 457.091669] R10: 0000000060c10000 R11: 0000000000000246 R12: 00007fedb96ab6d4 [ 457.091669] R13: 00000000004c3c11 R14: 00000000004d5e80 R15: 00000000ffffffff [ 457.091669] Uninit was stored to memory at: [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] __msan_chain_origin+0x6d/0xb0 [ 457.091669] __save_stack_trace+0x8be/0xc60 [ 457.091669] save_stack_trace+0xc6/0x110 [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] kmsan_memcpy_origins+0x13d/0x190 [ 457.091669] __msan_memcpy+0x6f/0x80 [ 457.091669] pskb_expand_head+0x436/0x1d20 [ 457.091669] ip_tunnel_xmit+0x35a3/0x3d90 [ 457.091669] sit_tunnel_xmit+0xbf8/0x3d40 [ 457.091669] dev_hard_start_xmit+0x6dc/0xde0 [ 457.091669] __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] dev_queue_xmit+0x4b/0x60 [ 457.091669] neigh_direct_output+0x42/0x50 [ 457.091669] ip_finish_output2+0x141a/0x1560 [ 457.091669] ip_do_fragment+0x1b42/0x3f10 [ 457.091669] ip_fragment+0x247/0x400 [ 457.091669] ip_finish_output+0x1056/0x10f0 [ 457.091669] ip_mc_output+0xf25/0x10f0 [ 457.091669] ip_push_pending_frames+0x243/0x470 [ 457.091669] raw_sendmsg+0x2e54/0x45c0 [ 457.091669] inet_sendmsg+0x4e9/0x800 [ 457.091669] __sys_sendto+0x940/0xb80 [ 457.091669] __se_sys_sendto+0x107/0x130 [ 457.091669] __x64_sys_sendto+0x6e/0x90 [ 457.091669] do_syscall_64+0xcf/0x110 [ 457.091669] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.091669] [ 457.091669] Uninit was stored to memory at: [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] __msan_chain_origin+0x6d/0xb0 [ 457.091669] __save_stack_trace+0x8be/0xc60 [ 457.091669] save_stack_trace+0xc6/0x110 [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] kmsan_memcpy_origins+0x13d/0x190 [ 457.091669] __msan_memcpy+0x6f/0x80 [ 457.091669] pskb_expand_head+0x436/0x1d20 [ 457.091669] ip_tunnel_xmit+0x35a3/0x3d90 [ 457.091669] sit_tunnel_xmit+0xbf8/0x3d40 [ 457.091669] dev_hard_start_xmit+0x6dc/0xde0 [ 457.091669] __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] dev_queue_xmit+0x4b/0x60 [ 457.091669] neigh_direct_output+0x42/0x50 [ 457.091669] ip_finish_output2+0x141a/0x1560 [ 457.091669] ip_do_fragment+0x1b42/0x3f10 [ 457.091669] ip_fragment+0x247/0x400 [ 457.091669] ip_finish_output+0x1056/0x10f0 [ 457.091669] ip_mc_output+0xf25/0x10f0 [ 457.091669] ip_push_pending_frames+0x243/0x470 [ 457.091669] raw_sendmsg+0x2e54/0x45c0 [ 457.091669] inet_sendmsg+0x4e9/0x800 [ 457.091669] __sys_sendto+0x940/0xb80 [ 457.091669] __se_sys_sendto+0x107/0x130 [ 457.091669] __x64_sys_sendto+0x6e/0x90 [ 457.091669] do_syscall_64+0xcf/0x110 [ 457.091669] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.091669] [ 457.091669] Uninit was stored to memory at: [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] __msan_chain_origin+0x6d/0xb0 [ 457.091669] __save_stack_trace+0x8be/0xc60 [ 457.091669] save_stack_trace+0xc6/0x110 [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] kmsan_memcpy_origins+0x13d/0x190 [ 457.091669] __msan_memcpy+0x6f/0x80 [ 457.091669] pskb_expand_head+0x436/0x1d20 [ 457.091669] ip_tunnel_xmit+0x35a3/0x3d90 [ 457.091669] sit_tunnel_xmit+0xbf8/0x3d40 [ 457.091669] dev_hard_start_xmit+0x6dc/0xde0 [ 457.091669] __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] dev_queue_xmit+0x4b/0x60 [ 457.091669] neigh_direct_output+0x42/0x50 [ 457.091669] ip_finish_output2+0x141a/0x1560 [ 457.091669] ip_do_fragment+0x1b42/0x3f10 [ 457.091669] ip_fragment+0x247/0x400 [ 457.091669] ip_finish_output+0x1056/0x10f0 [ 457.091669] ip_mc_output+0xf25/0x10f0 [ 457.091669] ip_push_pending_frames+0x243/0x470 [ 457.091669] raw_sendmsg+0x2e54/0x45c0 [ 457.091669] inet_sendmsg+0x4e9/0x800 [ 457.091669] __sys_sendto+0x940/0xb80 [ 457.091669] __se_sys_sendto+0x107/0x130 [ 457.091669] __x64_sys_sendto+0x6e/0x90 [ 457.091669] do_syscall_64+0xcf/0x110 [ 457.091669] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.091669] [ 457.091669] Uninit was stored to memory at: [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] __msan_chain_origin+0x6d/0xb0 [ 457.091669] __save_stack_trace+0x8be/0xc60 [ 457.091669] save_stack_trace+0xc6/0x110 [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] kmsan_memcpy_origins+0x13d/0x190 [ 457.091669] __msan_memcpy+0x6f/0x80 [ 457.091669] pskb_expand_head+0x436/0x1d20 [ 457.091669] ip_tunnel_xmit+0x35a3/0x3d90 [ 457.091669] sit_tunnel_xmit+0xbf8/0x3d40 [ 457.091669] dev_hard_start_xmit+0x6dc/0xde0 [ 457.091669] __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] dev_queue_xmit+0x4b/0x60 [ 457.091669] neigh_direct_output+0x42/0x50 [ 457.091669] ip_finish_output2+0x141a/0x1560 [ 457.091669] ip_do_fragment+0x1b42/0x3f10 [ 457.091669] ip_fragment+0x247/0x400 [ 457.091669] ip_finish_output+0x1056/0x10f0 [ 457.091669] ip_mc_output+0xf25/0x10f0 [ 457.091669] ip_push_pending_frames+0x243/0x470 [ 457.091669] raw_sendmsg+0x2e54/0x45c0 [ 457.091669] inet_sendmsg+0x4e9/0x800 [ 457.091669] __sys_sendto+0x940/0xb80 [ 457.091669] __se_sys_sendto+0x107/0x130 [ 457.091669] __x64_sys_sendto+0x6e/0x90 [ 457.091669] do_syscall_64+0xcf/0x110 [ 457.091669] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.091669] [ 457.091669] Uninit was stored to memory at: [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] __msan_chain_origin+0x6d/0xb0 [ 457.091669] __save_stack_trace+0x8be/0xc60 [ 457.091669] save_stack_trace+0xc6/0x110 [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] kmsan_memcpy_origins+0x13d/0x190 [ 457.091669] __msan_memcpy+0x6f/0x80 [ 457.091669] pskb_expand_head+0x436/0x1d20 [ 457.091669] ip_tunnel_xmit+0x35a3/0x3d90 [ 457.091669] sit_tunnel_xmit+0xbf8/0x3d40 [ 457.091669] dev_hard_start_xmit+0x6dc/0xde0 [ 457.091669] __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] dev_queue_xmit+0x4b/0x60 [ 457.091669] neigh_direct_output+0x42/0x50 [ 457.091669] ip_finish_output2+0x141a/0x1560 [ 457.091669] ip_do_fragment+0x1b42/0x3f10 [ 457.091669] ip_fragment+0x247/0x400 [ 457.091669] ip_finish_output+0x1056/0x10f0 [ 457.091669] ip_mc_output+0xf25/0x10f0 [ 457.091669] ip_push_pending_frames+0x243/0x470 [ 457.091669] raw_sendmsg+0x2e54/0x45c0 [ 457.091669] inet_sendmsg+0x4e9/0x800 [ 457.091669] __sys_sendto+0x940/0xb80 [ 457.091669] __se_sys_sendto+0x107/0x130 [ 457.091669] __x64_sys_sendto+0x6e/0x90 [ 457.091669] do_syscall_64+0xcf/0x110 [ 457.091669] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.091669] [ 457.091669] Uninit was stored to memory at: [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] __msan_chain_origin+0x6d/0xb0 [ 457.091669] __save_stack_trace+0x8be/0xc60 [ 457.091669] save_stack_trace+0xc6/0x110 [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] kmsan_memcpy_origins+0x13d/0x190 [ 457.091669] __msan_memcpy+0x6f/0x80 [ 457.091669] pskb_expand_head+0x436/0x1d20 [ 457.091669] ip_tunnel_xmit+0x35a3/0x3d90 [ 457.091669] sit_tunnel_xmit+0xbf8/0x3d40 [ 457.091669] dev_hard_start_xmit+0x6dc/0xde0 [ 457.091669] __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] dev_queue_xmit+0x4b/0x60 [ 457.091669] neigh_direct_output+0x42/0x50 [ 457.091669] ip_finish_output2+0x141a/0x1560 [ 457.091669] ip_do_fragment+0x1b42/0x3f10 [ 457.091669] ip_fragment+0x247/0x400 [ 457.091669] ip_finish_output+0x1056/0x10f0 [ 457.091669] ip_mc_output+0xf25/0x10f0 [ 457.091669] ip_push_pending_frames+0x243/0x470 [ 457.091669] raw_sendmsg+0x2e54/0x45c0 [ 457.091669] inet_sendmsg+0x4e9/0x800 [ 457.091669] __sys_sendto+0x940/0xb80 [ 457.091669] __se_sys_sendto+0x107/0x130 [ 457.091669] __x64_sys_sendto+0x6e/0x90 [ 457.091669] do_syscall_64+0xcf/0x110 [ 457.091669] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.091669] [ 457.091669] Uninit was stored to memory at: [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] __msan_chain_origin+0x6d/0xb0 [ 457.091669] __save_stack_trace+0x8be/0xc60 [ 457.091669] save_stack_trace+0xc6/0x110 [ 457.091669] kmsan_internal_chain_origin+0x136/0x240 [ 457.091669] kmsan_memcpy_origins+0x13d/0x190 [ 457.091669] __msan_memcpy+0x6f/0x80 [ 457.091669] pskb_expand_head+0x436/0x1d20 [ 457.091669] ip_tunnel_xmit+0x35a3/0x3d90 [ 457.091669] sit_tunnel_xmit+0xbf8/0x3d40 [ 457.091669] dev_hard_start_xmit+0x6dc/0xde0 [ 457.091669] __dev_queue_xmit+0x2d9e/0x3e00 [ 457.091669] dev_queue_xmit+0x4b/0x60 [ 457.091669] neigh_direct_output+0x42/0x50 [ 457.091669] ip_finish_output2+0x141a/0x1560 [ 457.091669] ip_do_fragment+0x1b42/0x3f10 [ 457.091669] ip_fragment+0x247/0x400 [ 457.091669] ip_finish_output+0x1056/0x10f0 [ 457.091669] ip_mc_output+0xf25/0x10f0 [ 457.091669] ip_push_pending_frames+0x243/0x470 [ 457.091669] raw_sendmsg+0x2e54/0x45c0 [ 457.091669] inet_sendmsg+0x4e9/0x800 [ 457.091669] __sys_sendto+0x940/0xb80 [ 457.091669] __se_sys_sendto+0x107/0x130 [ 457.091669] __x64_sys_sendto+0x6e/0x90 [ 457.091669] do_syscall_64+0xcf/0x110 [ 457.091669] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.091669] [ 457.091669] Local variable description: ----v.addr.i.i@ip_do_fragment [ 457.091669] Variable was created at: [ 457.091669] ip_do_fragment+0xa1/0x3f10 [ 457.091669] ip_fragment+0x247/0x400 00:34:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x40000, &(0x7f0000000440)}, &(0x7f0000000140)="5f39203a1ec6", &(0x7f00000004c0)=""/44, 0x0, 0x0, 0x0, &(0x7f0000000600)}) 00:34:16 executing program 4: socket$inet6(0xa, 0x2000000802, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000280)={@loopback, @loopback, @dev}, &(0x7f00000002c0)=0xc) r0 = syz_open_procfs(0x0, &(0x7f0000000380)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000001e1, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(0xffffffffffffffff, 0xc04c5349, &(0x7f00000003c0)={0x0, 0x0, 0x1}) mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x4}) 00:34:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:17 executing program 5: [ 459.408948] pic_ioport_write: 3 callbacks suppressed [ 459.408971] kvm: pic: level sensitive irq not supported 00:34:17 executing program 3: [ 459.409889] kvm: pic: single mode not supported [ 459.507320] kvm: pic: single mode not supported [ 459.512387] kvm: pic: level sensitive irq not supported 00:34:17 executing program 4: [ 459.560494] kvm: pic: level sensitive irq not supported [ 459.614090] kvm: pic: single mode not supported [ 459.619540] kvm: pic: level sensitive irq not supported [ 459.663968] kvm: pic: level sensitive irq not supported [ 459.707195] kvm: pic: level sensitive irq not supported 00:34:18 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000001c000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x15c) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 00:34:18 executing program 5: 00:34:18 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(0xffffffffffffffff, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:18 executing program 4: 00:34:18 executing program 3: 00:34:18 executing program 5: 00:34:18 executing program 4: 00:34:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:18 executing program 3: 00:34:18 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(0xffffffffffffffff, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:18 executing program 4: 00:34:18 executing program 2: 00:34:18 executing program 5: 00:34:19 executing program 4: [ 459.834790] kvm: pic: level sensitive irq not supported 00:34:19 executing program 3: [ 461.159162] kvm: pic: level sensitive irq not supported 00:34:19 executing program 2: 00:34:19 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300), 0x0, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) [ 461.250541] kvm: pic: single mode not supported [ 461.333145] kvm: pic: single mode not supported 00:34:19 executing program 5: [ 461.338197] kvm: pic: level sensitive irq not supported [ 461.487012] kvm: pic: level sensitive irq not supported 00:34:19 executing program 3: 00:34:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:20 executing program 4: 00:34:20 executing program 2: 00:34:20 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300), 0x0, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:20 executing program 5: 00:34:20 executing program 3: 00:34:20 executing program 2: 00:34:20 executing program 4: 00:34:20 executing program 5: 00:34:20 executing program 3: 00:34:20 executing program 2: 00:34:20 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300), 0x0, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:21 executing program 4: 00:34:21 executing program 3: 00:34:21 executing program 5: 00:34:21 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') preadv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x0) 00:34:21 executing program 4: setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000280)={@loopback, @loopback, @dev}, &(0x7f00000002c0)=0xc) r0 = syz_open_procfs(0x0, &(0x7f0000000380)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000001e1, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(0xffffffffffffffff, 0xc04c5349, &(0x7f00000003c0)) mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x0, 0x0, &(0x7f0000000080)) 00:34:21 executing program 3: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) close(r0) 00:34:21 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x0, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:21 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) rename(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000180)='./file1\x00') creat(&(0x7f0000000080)='./file1\x00', 0x0) 00:34:21 executing program 5: 00:34:22 executing program 3: 00:34:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:22 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x26}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00003e3000/0x2000)=nil, 0x2000}, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r1, 0x0) read(r2, &(0x7f00000000c0)=""/1, 0x1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)) r3 = gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x12, 0x0, @thr={&(0x7f0000000180), &(0x7f0000000200)}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x1c9c380}}, &(0x7f0000040000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) tkill(r3, 0x1000000000016) prctl$intptr(0x29, 0x2) clone(0x0, &(0x7f0000000240), &(0x7f00000001c0), &(0x7f0000001000), &(0x7f0000000200)) read(r0, &(0x7f0000000400)=""/100, 0x64) 00:34:22 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000240)="0a5c2d0240316285717070") socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f0000000040), 0x20) 00:34:22 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="ab553fec947a1333177e24b5ebadf404", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmmsg(r1, &(0x7f0000004740)=[{{&(0x7f00000007c0)=@pptp={0x18, 0x2, {0x0, @rand_addr}}, 0x80, &(0x7f0000000e00)=[{&(0x7f0000000940)=""/191, 0xbf}, {&(0x7f0000000b40)=""/166, 0xa6}], 0x2, &(0x7f0000000ec0)=""/210, 0xd2}}], 0x1, 0x0, &(0x7f0000004840)) memfd_create(&(0x7f0000000000)='{cgroupselfwlan1ppp1#,self+(GPLe/^\x00', 0x0) 00:34:22 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x0, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:22 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x7e, 0x1, 0x5, 0x0, 0xffffffffffffffff, 0x9}, 0x2c) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0106434, &(0x7f0000000280)={0xff}) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40086436, &(0x7f00000002c0)) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000080)=0xffffffffffffeb71) bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0xcef, 0x0, r1, 0x0, [0x305f, 0xa]}, 0x2c) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0x10000000c) 00:34:22 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x7e, 0x1, 0x5, 0x0, 0xffffffffffffffff, 0x9}, 0x2c) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0106434, &(0x7f0000000280)={0xff}) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40086436, &(0x7f00000002c0)) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000080)=0xffffffffffffeb71) bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0xcef, 0x0, r1, 0x0, [0x305f, 0xa]}, 0x2c) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0x10000000c) 00:34:22 executing program 2: r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000140)={0x1d, r1}, 0x73) 00:34:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:23 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x0, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:23 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000380)={@empty, @remote, 0x0}, &(0x7f0000000480)=0xfffffffffffffef1) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000008c0), 0xffffffffffffffff) r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)={&(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x8}, 0x10) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000540)=ANY=[], 0x0) fcntl$getown(r2, 0x9) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, &(0x7f0000000700)=0x1) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x0, 0x0) semctl$SEM_INFO(0x0, 0x5, 0x13, &(0x7f0000000080)=""/57) setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={r1, @local, @multicast1}, 0x187) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000740)=ANY=[@ANYBLOB="418f0140f9ffc3ba9c10e551cedbde4274e0b1a4a1bcb7ec3f21696254fba606e2"], &(0x7f0000000300)=0x1) fcntl$dupfd(0xffffffffffffffff, 0x406, r0) r3 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.sched_load_balance\x00', 0x2, 0x0) write$cgroup_int(r3, &(0x7f0000000040)=0x9000000000000000, 0xffffffffffffffcf) faccessat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x8000000000000, 0x1100) fcntl$setstatus(r3, 0x4, 0x400) 00:34:23 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x7e, 0x1, 0x5, 0x0, 0xffffffffffffffff, 0x9}, 0x2c) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0106434, &(0x7f0000000280)={0xff}) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40086436, &(0x7f00000002c0)) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000080)=0xffffffffffffeb71) bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0xcef, 0x0, r1, 0x0, [0x305f, 0xa]}, 0x2c) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0x10000000c) 00:34:23 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000004d00)=[{{&(0x7f00000006c0)=@l2, 0x80, &(0x7f00000008c0)=[{&(0x7f0000000780)=""/99, 0x3c0}], 0x1, &(0x7f0000000900)=""/194, 0xc2}}], 0x1, 0x0, 0x0) 00:34:24 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x26}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00003e3000/0x2000)=nil, 0x2000}, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r1, 0x0) read(r2, &(0x7f00000000c0)=""/1, 0x1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)) r3 = gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x12, 0x0, @thr={&(0x7f0000000180), &(0x7f0000000200)}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x1c9c380}}, &(0x7f0000040000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) tkill(r3, 0x1000000000016) prctl$intptr(0x29, 0x2) clone(0x0, &(0x7f0000000240), &(0x7f00000001c0), &(0x7f0000001000), &(0x7f0000000200)) read(r0, &(0x7f0000000400)=""/100, 0x64) 00:34:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 00:34:24 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:24 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x7e, 0x1, 0x5, 0x0, 0xffffffffffffffff, 0x9}, 0x2c) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0106434, &(0x7f0000000280)={0xff}) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40086436, &(0x7f00000002c0)) ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000080)=0xffffffffffffeb71) bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0xcef, 0x0, r1, 0x0, [0x305f, 0xa]}, 0x2c) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0x10000000c) 00:34:24 executing program 2: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDTOENTCNT(r1, 0x5452, &(0x7f0000000000)=0x4) 00:34:24 executing program 3: io_setup(0x20, &(0x7f0000000180)=0x0) r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x0, 0x0) close(r1) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_submit(r0, 0x1, &(0x7f0000000b00)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 00:34:24 executing program 5: r0 = creat(&(0x7f0000000180)='./file0\x00', 0x0) fallocate(r0, 0x0, 0x0, 0x7) lseek(r0, 0x0, 0x3) 00:34:24 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="7f454c46047a0520010000000000000000003e0000100000cd02000038000000"], 0x20) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000013c0)=""/4096, 0xb003}], 0x1, &(0x7f0000000100)=""/123, 0x7b}, 0x0) [ 461.501382] kvm: pic: single mode not supported [ 466.656656] not chained 140000 origins [ 466.661660] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.20.0-rc2+ #85 [ 466.661660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 466.661660] Call Trace: [ 466.661660] dump_stack+0x32d/0x480 [ 466.661660] kmsan_internal_chain_origin+0x222/0x240 [ 466.661660] ? _raw_spin_lock_irqsave+0x320/0x490 [ 466.661660] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 466.661660] ? depot_save_stack+0x398/0x4b0 [ 466.661660] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 466.661660] ? kmsan_internal_chain_origin+0x90/0x240 [ 466.661660] ? kmsan_internal_chain_origin+0x136/0x240 [ 466.661660] ? __msan_chain_origin+0x6d/0xb0 [ 466.661660] ? save_stack_trace+0xfa/0x110 [ 466.661660] ? kmsan_internal_chain_origin+0x136/0x240 [ 466.661660] ? kmsan_memcpy_origins+0x13d/0x190 [ 466.661660] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 466.661660] ? in_task_stack+0x12c/0x210 [ 466.661660] __msan_chain_origin+0x6d/0xb0 [ 466.661660] ? process_backlog+0x82b/0x11e0 [ 466.661660] __save_stack_trace+0x8be/0xc60 [ 466.661660] ? process_backlog+0x82b/0x11e0 [ 466.661660] save_stack_trace+0xc6/0x110 [ 466.661660] kmsan_internal_chain_origin+0x136/0x240 [ 466.775219] ? process_backlog+0x82b/0x11e0 [ 466.775219] ? kmsan_internal_chain_origin+0x136/0x240 [ 466.775219] ? kmsan_memcpy_origins+0x13d/0x190 [ 466.775219] ? __msan_memcpy+0x6f/0x80 [ 466.775219] ? skb_copy_bits+0x1d2/0xc90 [ 466.775219] ? skb_copy+0x56c/0xba0 00:34:24 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="7f"], 0x1) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000013c0)=""/4096, 0xb003}], 0x1, &(0x7f0000000100)=""/123, 0x7b}, 0x0) [ 466.775219] ? sctp_make_reassembled_event+0xcbe/0x1210 [ 466.775219] ? sctp_ulpq_partial_delivery+0x850/0xab0 [ 466.775219] ? sctp_do_sm+0x1cf3/0x9c50 [ 466.775219] ? sctp_assoc_bh_rcv+0x66a/0xd90 [ 466.775219] ? sctp_inq_push+0x300/0x420 [ 466.775219] ? sctp_rcv+0x42f2/0x4e40 [ 466.775219] ? sctp6_rcv+0x41/0x70 [ 466.775219] ? ip6_input_finish+0xb53/0x2450 [ 466.775219] ? ip6_input+0x29d/0x340 [ 466.775219] ? ip6_rcv_finish+0x4d2/0x710 [ 466.775219] ? ipv6_rcv+0x34b/0x3f0 [ 466.775219] ? process_backlog+0x82b/0x11e0 [ 466.775219] ? net_rx_action+0x98f/0x1d50 [ 466.775219] ? __do_softirq+0x721/0xc7f [ 466.860241] ? run_ksoftirqd+0x37/0x60 [ 466.860241] ? smpboot_thread_fn+0x69c/0xb30 [ 466.860241] ? kthread+0x5e7/0x620 [ 466.860241] ? ret_from_fork+0x35/0x40 [ 466.860241] ? __msan_get_context_state+0x9/0x20 [ 466.860241] ? INIT_INT+0xc/0x30 [ 466.860241] ? __kmalloc_node_track_caller+0x1226/0x14e0 [ 466.860241] ? INIT_INT+0xc/0x30 [ 466.860241] kmsan_memcpy_origins+0x13d/0x190 [ 466.860241] __msan_memcpy+0x6f/0x80 [ 466.860241] skb_copy_bits+0x1d2/0xc90 [ 466.860241] skb_copy+0x56c/0xba0 [ 466.860241] sctp_make_reassembled_event+0xcbe/0x1210 [ 466.860241] sctp_ulpq_partial_delivery+0x850/0xab0 [ 466.860241] ? sctp_ulpq_renege_list+0x870/0x870 [ 466.860241] sctp_do_sm+0x1cf3/0x9c50 [ 466.860241] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 466.860241] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 466.860241] ? skb_pull+0x13f/0x230 [ 466.860241] ? acpi_pm_read_slow+0x100/0x100 [ 466.860241] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 466.860241] ? ktime_get+0x2e6/0x420 [ 466.860241] sctp_assoc_bh_rcv+0x66a/0xd90 [ 466.860241] ? sctp_assoc_lookup_asconf_ack+0x2a0/0x2a0 [ 466.860241] sctp_inq_push+0x300/0x420 [ 466.860241] sctp_rcv+0x42f2/0x4e40 [ 466.860241] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 466.860241] sctp6_rcv+0x41/0x70 [ 466.860241] ? sctp_inet6addr_event+0xbd0/0xbd0 [ 466.860241] ip6_input_finish+0xb53/0x2450 [ 466.860241] ? ip6_input_finish+0x13e1/0x2450 [ 466.860241] ip6_input+0x29d/0x340 [ 466.860241] ? ip6_input+0x340/0x340 [ 466.860241] ? ip6_sublist_rcv+0x1ab0/0x1ab0 [ 466.860241] ip6_rcv_finish+0x4d2/0x710 [ 466.860241] ipv6_rcv+0x34b/0x3f0 [ 466.860241] ? dst_hold+0x5e0/0x5e0 [ 466.860241] process_backlog+0x82b/0x11e0 [ 466.860241] ? __msan_poison_alloca+0x1e0/0x270 [ 466.860241] ? ip6_rcv_finish+0x710/0x710 [ 466.860241] ? rps_trigger_softirq+0x2e0/0x2e0 [ 466.860241] net_rx_action+0x98f/0x1d50 [ 466.860241] ? net_tx_action+0xf20/0xf20 [ 466.860241] __do_softirq+0x721/0xc7f [ 466.860241] ? ksoftirqd_should_run+0x50/0x50 [ 466.860241] run_ksoftirqd+0x37/0x60 [ 466.860241] smpboot_thread_fn+0x69c/0xb30 [ 466.860241] kthread+0x5e7/0x620 [ 467.067918] ? cpu_report_death+0x4a0/0x4a0 [ 467.070646] ? INIT_BOOL+0x30/0x30 [ 467.070646] ret_from_fork+0x35/0x40 [ 467.070646] Uninit was stored to memory at: [ 467.083530] kmsan_internal_chain_origin+0x136/0x240 [ 467.083530] __msan_chain_origin+0x6d/0xb0 [ 467.083530] __save_stack_trace+0x8be/0xc60 [ 467.083530] save_stack_trace+0xc6/0x110 [ 467.083530] kmsan_internal_chain_origin+0x136/0x240 00:34:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 00:34:25 executing program 3: open$dir(&(0x7f0000000000)='./file0\x00', 0x20040, 0x0) mount(&(0x7f0000000080)=ANY=[], &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, &(0x7f0000000380)) mount(&(0x7f0000000240), &(0x7f00000001c0)='./file0\x00', &(0x7f0000000480)="b3b8155713fb18dea1325403cf49458ea055d7591982903d491d14c2e9cbc39e8bf705c21d4cc6c570ba1b1b03c6db40040c163a6dee9329d669c3a83a02ef2119957d6d4d06f79c5d29c3f97acbbbd1a0034898939712cc63020f31107f31c3a7ea6b055a3d9cd058451eefee6ebdb0357831796761e16f810e2452be7d0bbb99ee890739873f2de48187428342a5e95f625e7b49265dcb01cdb718bd2920863ed6af48bf044ad87394625a24423d5fefebc93d3a4a96d582c636a0bc3ec3fa80854deb41daa221d12ed5bdc1aeaabed9dcbb850b47a98ab25649387ab11d7b205a07b9082b736c17f97d", 0x1004, 0x0) mount(&(0x7f0000000240), &(0x7f0000000140)='.', &(0x7f0000000340)='ext4\x00', 0x3002480, &(0x7f0000000700)) [ 467.083530] kmsan_memcpy_origins+0x13d/0x190 [ 467.083530] __msan_memcpy+0x6f/0x80 [ 467.083530] skb_copy_bits+0x1d2/0xc90 [ 467.116102] skb_copy+0x56c/0xba0 [ 467.116102] sctp_make_reassembled_event+0xcbe/0x1210 [ 467.116102] sctp_ulpq_partial_delivery+0x850/0xab0 [ 467.116102] sctp_do_sm+0x1cf3/0x9c50 [ 467.116102] sctp_assoc_bh_rcv+0x66a/0xd90 [ 467.116102] sctp_inq_push+0x300/0x420 [ 467.116102] sctp_rcv+0x42f2/0x4e40 [ 467.116102] sctp6_rcv+0x41/0x70 [ 467.116102] ip6_input_finish+0xb53/0x2450 [ 467.116102] ip6_input+0x29d/0x340 [ 467.116102] ip6_rcv_finish+0x4d2/0x710 [ 467.163652] ipv6_rcv+0x34b/0x3f0 [ 467.163652] process_backlog+0x82b/0x11e0 [ 467.163652] net_rx_action+0x98f/0x1d50 [ 467.163652] __do_softirq+0x721/0xc7f [ 467.163652] [ 467.163652] Uninit was stored to memory at: [ 467.163652] kmsan_internal_chain_origin+0x136/0x240 [ 467.163652] __msan_chain_origin+0x6d/0xb0 [ 467.163652] __save_stack_trace+0x8be/0xc60 [ 467.198692] save_stack_trace+0xc6/0x110 [ 467.198692] kmsan_internal_chain_origin+0x136/0x240 [ 467.198692] kmsan_memcpy_origins+0x13d/0x190 [ 467.198692] __msan_memcpy+0x6f/0x80 [ 467.198692] skb_copy_bits+0x1d2/0xc90 [ 467.220306] skb_copy+0x56c/0xba0 [ 467.220306] sctp_make_reassembled_event+0xcbe/0x1210 [ 467.220306] sctp_ulpq_partial_delivery+0x850/0xab0 [ 467.220306] sctp_do_sm+0x1cf3/0x9c50 [ 467.220306] sctp_assoc_bh_rcv+0x66a/0xd90 [ 467.220306] sctp_inq_push+0x300/0x420 [ 467.220306] sctp_rcv+0x42f2/0x4e40 [ 467.220306] sctp6_rcv+0x41/0x70 [ 467.220306] ip6_input_finish+0xb53/0x2450 [ 467.220306] ip6_input+0x29d/0x340 [ 467.220306] ip6_rcv_finish+0x4d2/0x710 [ 467.220306] ipv6_rcv+0x34b/0x3f0 [ 467.220306] process_backlog+0x82b/0x11e0 [ 467.220306] net_rx_action+0x98f/0x1d50 [ 467.220306] __do_softirq+0x721/0xc7f [ 467.220306] [ 467.220306] Uninit was stored to memory at: [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] __msan_chain_origin+0x6d/0xb0 [ 467.220306] __save_stack_trace+0x8be/0xc60 [ 467.220306] save_stack_trace+0xc6/0x110 [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] kmsan_memcpy_origins+0x13d/0x190 [ 467.220306] __msan_memcpy+0x6f/0x80 [ 467.220306] skb_copy_bits+0x1d2/0xc90 [ 467.220306] skb_copy+0x56c/0xba0 [ 467.220306] sctp_make_reassembled_event+0xcbe/0x1210 [ 467.220306] sctp_ulpq_partial_delivery+0x850/0xab0 [ 467.220306] sctp_do_sm+0x1cf3/0x9c50 [ 467.220306] sctp_assoc_bh_rcv+0x66a/0xd90 [ 467.220306] sctp_inq_push+0x300/0x420 [ 467.220306] sctp_rcv+0x42f2/0x4e40 [ 467.220306] sctp6_rcv+0x41/0x70 [ 467.220306] ip6_input_finish+0xb53/0x2450 [ 467.220306] ip6_input+0x29d/0x340 [ 467.220306] ip6_rcv_finish+0x4d2/0x710 [ 467.220306] ipv6_rcv+0x34b/0x3f0 [ 467.220306] process_backlog+0x82b/0x11e0 [ 467.220306] net_rx_action+0x98f/0x1d50 [ 467.220306] __do_softirq+0x721/0xc7f [ 467.220306] [ 467.220306] Uninit was stored to memory at: [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] __msan_chain_origin+0x6d/0xb0 [ 467.220306] __save_stack_trace+0x8be/0xc60 [ 467.220306] save_stack_trace+0xc6/0x110 [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] kmsan_memcpy_origins+0x13d/0x190 [ 467.220306] __msan_memcpy+0x6f/0x80 [ 467.220306] skb_copy_bits+0x1d2/0xc90 [ 467.220306] skb_copy+0x56c/0xba0 [ 467.220306] sctp_make_reassembled_event+0xcbe/0x1210 [ 467.220306] sctp_ulpq_partial_delivery+0x850/0xab0 [ 467.220306] sctp_do_sm+0x1cf3/0x9c50 [ 467.220306] sctp_assoc_bh_rcv+0x66a/0xd90 [ 467.220306] sctp_inq_push+0x300/0x420 [ 467.220306] sctp_rcv+0x42f2/0x4e40 [ 467.220306] sctp6_rcv+0x41/0x70 [ 467.220306] ip6_input_finish+0xb53/0x2450 [ 467.220306] ip6_input+0x29d/0x340 [ 467.220306] ip6_rcv_finish+0x4d2/0x710 [ 467.220306] ipv6_rcv+0x34b/0x3f0 [ 467.220306] process_backlog+0x82b/0x11e0 [ 467.220306] net_rx_action+0x98f/0x1d50 [ 467.220306] __do_softirq+0x721/0xc7f [ 467.220306] [ 467.220306] Uninit was stored to memory at: [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] __msan_chain_origin+0x6d/0xb0 [ 467.220306] __save_stack_trace+0x8be/0xc60 [ 467.220306] save_stack_trace+0xc6/0x110 [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] kmsan_memcpy_origins+0x13d/0x190 [ 467.220306] __msan_memcpy+0x6f/0x80 [ 467.220306] skb_copy_bits+0x1d2/0xc90 [ 467.220306] skb_copy+0x56c/0xba0 [ 467.220306] sctp_make_reassembled_event+0xcbe/0x1210 [ 467.220306] sctp_ulpq_partial_delivery+0x850/0xab0 [ 467.220306] sctp_do_sm+0x1cf3/0x9c50 [ 467.220306] sctp_assoc_bh_rcv+0x66a/0xd90 [ 467.220306] sctp_inq_push+0x300/0x420 [ 467.220306] sctp_rcv+0x42f2/0x4e40 [ 467.220306] sctp6_rcv+0x41/0x70 [ 467.220306] ip6_input_finish+0xb53/0x2450 [ 467.220306] ip6_input+0x29d/0x340 [ 467.220306] ip6_rcv_finish+0x4d2/0x710 [ 467.220306] ipv6_rcv+0x34b/0x3f0 [ 467.220306] process_backlog+0x82b/0x11e0 [ 467.220306] net_rx_action+0x98f/0x1d50 [ 467.220306] __do_softirq+0x721/0xc7f [ 467.220306] [ 467.220306] Uninit was stored to memory at: [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] __msan_chain_origin+0x6d/0xb0 [ 467.220306] __save_stack_trace+0x8be/0xc60 [ 467.220306] save_stack_trace+0xc6/0x110 [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] kmsan_memcpy_origins+0x13d/0x190 [ 467.220306] __msan_memcpy+0x6f/0x80 [ 467.220306] skb_copy_bits+0x1d2/0xc90 [ 467.220306] skb_copy+0x56c/0xba0 [ 467.220306] sctp_make_reassembled_event+0xcbe/0x1210 [ 467.220306] sctp_ulpq_partial_delivery+0x850/0xab0 [ 467.220306] sctp_do_sm+0x1cf3/0x9c50 [ 467.220306] sctp_assoc_bh_rcv+0x66a/0xd90 [ 467.220306] sctp_inq_push+0x300/0x420 [ 467.220306] sctp_rcv+0x42f2/0x4e40 [ 467.220306] sctp6_rcv+0x41/0x70 [ 467.220306] ip6_input_finish+0xb53/0x2450 [ 467.220306] ip6_input+0x29d/0x340 [ 467.220306] ip6_rcv_finish+0x4d2/0x710 [ 467.220306] ipv6_rcv+0x34b/0x3f0 [ 467.220306] process_backlog+0x82b/0x11e0 [ 467.220306] net_rx_action+0x98f/0x1d50 [ 467.220306] __do_softirq+0x721/0xc7f [ 467.220306] [ 467.220306] Uninit was stored to memory at: [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] __msan_chain_origin+0x6d/0xb0 [ 467.220306] __save_stack_trace+0x8be/0xc60 [ 467.220306] save_stack_trace+0xc6/0x110 [ 467.220306] kmsan_internal_chain_origin+0x136/0x240 [ 467.220306] kmsan_memcpy_origins+0x13d/0x190 [ 467.220306] __msan_memcpy+0x6f/0x80 [ 467.220306] skb_copy_bits+0x1d2/0xc90 [ 467.220306] skb_copy+0x56c/0xba0 [ 467.220306] sctp_make_reassembled_event+0xcbe/0x1210 [ 467.220306] sctp_ulpq_partial_delivery+0x850/0xab0 [ 467.220306] sctp_do_sm+0x1cf3/0x9c50 [ 467.220306] sctp_assoc_bh_rcv+0x66a/0xd90 [ 467.220306] sctp_inq_push+0x300/0x420 [ 467.220306] sctp_rcv+0x42f2/0x4e40 [ 467.220306] sctp6_rcv+0x41/0x70 [ 467.220306] ip6_input_finish+0xb53/0x2450 [ 467.220306] ip6_input+0x29d/0x340 [ 467.220306] ip6_rcv_finish+0x4d2/0x710 [ 467.220306] ipv6_rcv+0x34b/0x3f0 [ 467.220306] process_backlog+0x82b/0x11e0 [ 467.220306] net_rx_action+0x98f/0x1d50 [ 467.220306] __do_softirq+0x721/0xc7f [ 467.220306] [ 467.220306] Local variable description: ----oc.i.i@__alloc_pages_nodemask [ 467.220306] Variable was created at: [ 467.220306] __alloc_pages_nodemask+0x108/0x64d0 [ 467.220306] __kmalloc_node_track_caller+0x6db/0x14e0 00:34:26 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:26 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x26}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00003e3000/0x2000)=nil, 0x2000}, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r1, 0x0) read(r2, &(0x7f00000000c0)=""/1, 0x1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)) r3 = gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x12, 0x0, @thr={&(0x7f0000000180), &(0x7f0000000200)}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x1c9c380}}, &(0x7f0000040000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) tkill(r3, 0x1000000000016) prctl$intptr(0x29, 0x2) clone(0x0, &(0x7f0000000240), &(0x7f00000001c0), &(0x7f0000001000), &(0x7f0000000200)) read(r0, &(0x7f0000000400)=""/100, 0x64) 00:34:26 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17, 0x0, 0x0, 0x1000000}) 00:34:26 executing program 3: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKROSET(r0, 0x932, &(0x7f00000000c0)) 00:34:26 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f00000002c0)={@dev, @local}, 0xc) 00:34:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 00:34:26 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"626f6e643000000000f98b00"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:26 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2}, 0x1c) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='reno\x00', 0x5) setsockopt(r0, 0x1, 0x8, &(0x7f00000003c0)="00ebff00", 0x4) sendto$inet6(r0, &(0x7f0000f6f000), 0x1000000, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 00:34:27 executing program 2: r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x2) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000000)={0x80, 0x1, "636c69656e000000000000040002000000000000000000000000000000000000000000000800", 0xffffffff90000004, "7fd82d5e02ca3901", "88e7ed00007fff051eae961ef6c6992b7e6e560000f9fff77711be18a3d918e0"}) write$sndseq(r0, &(0x7f0000042f70)=[{0x5, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {0x6}, {}, @addr}], 0xffffffbd) 00:34:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:27 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:34:27 executing program 5: r0 = socket$unix(0x1, 0x1, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x100000000, 0x4000) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x4, 0x1, 0x2, 0x1000, &(0x7f00000dc000/0x1000)=nil}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/autofs\x00', 0x100, 0x0) accept4$alg(r2, 0x0, 0x0, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) listen(r0, 0x0) r3 = socket$inet6(0xa, 0x40000080806, 0x0) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff}) getsockopt$IPT_SO_GET_REVISION_TARGET(r4, 0x0, 0x43, &(0x7f0000000680)={'icmp\x00'}, &(0x7f00000006c0)=0x1e) listen(r3, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x80, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x10, &(0x7f0000000000)={'ipvs\x00'}, &(0x7f0000000040)=0x1e) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000040)) r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r7, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x2}) syz_open_pts(r7, 0x0) kexec_load(0x6, 0x0, &(0x7f0000002740), 0x0) write(r7, &(0x7f0000c34fff), 0xffffff0b) ioctl$TCSETS(r7, 0x5402, &(0x7f0000000140)={0x5, 0x5, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0xec0e}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000005, 0x5c831, r6, 0x0) r8 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x0, 0x1) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r8, 0x84, 0x72, &(0x7f0000000580)={0x0}, &(0x7f00000005c0)=0xc) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r8, 0x84, 0x22, &(0x7f0000000600)={0x0, 0x8001, 0x7fffffff, 0x0, r9}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xa, 0x14, &(0x7f00000003c0)=ANY=[@ANYBLOB="85000000020000008500000058000000547ea6eb627a1b2da6bc6c0cc204f751688deec021967ec41f84dfff2102072d4ffd76c0b94a9d373d79bfa83b8895710ef55d59fa46229effd3be3b9121cada74d9699142590a67d17249076e62ab700259ff890560b6eaae012d0f386bd26e7c78c97213320e004f61582aee3a01cd50f09620cc287447094d385f0a0e462cb42cf4c41054914e5e7b3f273f9c10aa57a04c7736"], &(0x7f0000000300)='GPL\x00', 0x400, 0x7d, &(0x7f0000000340)=""/125, 0x0, 0x1, [], 0x0, 0x6}, 0x48) 00:34:27 executing program 2: r0 = syz_open_dev$sndmidi(&(0x7f00000000c0)='/dev/snd/midiC#D#\x00', 0x2, 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000000)=""/54, 0x36}], 0x1) openat$sequencer(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/sequencer\x00', 0x6000, 0x0) 00:34:27 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x2000800e, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0x7000028]}, 0x10) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20100000008912, &(0x7f0000000140)="0a5c2d0240316285717070") setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000400)='vegas\x00', 0x6) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0xfffffffffffffd48, 0x120, 0x0, 0xfffffc85) 00:34:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060", 0x3f}], 0x1, 0x0, &(0x7f0000000100), 0x1000000000000011) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:28 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(0xffffffffffffffff, 0x1) [ 470.966293] kvm: SMP vm created on host with unstable TSC; guest TSC will not be reliable 00:34:29 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = creat(&(0x7f0000000a00)='./bus\x00', 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000040)=0x6) 00:34:29 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f00000001c0)='/dev/snd/timer\x00', 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x1, 0x0, 0x0, 0xfffffffffffffffd}}) 00:34:30 executing program 4: openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) 00:34:30 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(0xffffffffffffffff, 0x1) 00:34:30 executing program 2: mkdir(&(0x7f0000000600)='./file0\x00', 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000005c0), 0xffffffffffffffff) mount(&(0x7f0000000000)=@sr0='/dev/sr0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x10000, &(0x7f0000000140)='overlay\x00') 00:34:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 474.050204] ceph: device name is missing path (no : separator in /dev/sr0) [ 474.162883] ceph: device name is missing path (no : separator in /dev/sr0) 00:34:33 executing program 5: 00:34:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={'veth1_to_team\x00', {0x2, 0x0, @rand_addr}}) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000100)={'veth1_to_team\x00', {0x2, 0x0, @loopback}}) 00:34:33 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(0xffffffffffffffff, 0x1) 00:34:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:33 executing program 4: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) listen(r0, 0x2) io_setup(0x20, &(0x7f0000000940)) r1 = syz_open_dev$mouse(&(0x7f0000000a80)='/dev/input/mouse#\x00', 0x0, 0x10000) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000140)=0xc) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BLKRAGET(r1, 0x1263, &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0xa, 0x700, @dev, [0xf401000000000000, 0x300000003000000, 0x0, 0xe00000000000000, 0x4000000, 0x2000]}}, 0xff000000, 0x0, 0x0, 0x0, 0xd}, 0x98) write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000800)={0x0, 'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000780)=""/119, 0x77, 0x0, 0x6, 0xb95, 0xffffffffffffffff, 0x2}, 0x120) 00:34:33 executing program 3: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfffffef3) r2 = epoll_create(0x4000c) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000240)) ppoll(&(0x7f0000000140)=[{r0}], 0x1, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000040), 0x8) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 00:34:34 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f000039a000)=[{0x20, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000004500), 0x8aae4f1483aad4, 0x0) [ 476.202417] not chained 150000 origins [ 476.206365] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 476.211699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 476.211699] Call Trace: [ 476.211699] dump_stack+0x32d/0x480 [ 476.225829] kmsan_internal_chain_origin+0x222/0x240 [ 476.225829] ? _raw_spin_lock_irqsave+0x320/0x490 [ 476.225829] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 476.225829] ? depot_save_stack+0x398/0x4b0 [ 476.225829] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 476.225829] ? kmsan_internal_chain_origin+0x90/0x240 [ 476.225829] ? kmsan_internal_chain_origin+0x136/0x240 [ 476.225829] ? __msan_chain_origin+0x6d/0xb0 [ 476.225829] ? save_stack_trace+0xfa/0x110 [ 476.225829] ? kmsan_internal_chain_origin+0x136/0x240 [ 476.277332] ? kmsan_memcpy_origins+0x13d/0x190 [ 476.277332] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 476.277332] ? in_task_stack+0x12c/0x210 [ 476.277332] __msan_chain_origin+0x6d/0xb0 [ 476.277332] ? __do_softirq+0x721/0xc7f [ 476.277332] __save_stack_trace+0x8be/0xc60 [ 476.277332] ? __do_softirq+0x721/0xc7f [ 476.277332] save_stack_trace+0xc6/0x110 [ 476.277332] kmsan_internal_chain_origin+0x136/0x240 [ 476.277332] ? kmsan_internal_chain_origin+0x136/0x240 [ 476.277332] ? kmsan_memcpy_origins+0x13d/0x190 [ 476.277332] ? __msan_memcpy+0x6f/0x80 [ 476.332188] ? pskb_expand_head+0x436/0x1d20 [ 476.335432] ? __tcp_retransmit_skb+0xdf6/0x46c0 [ 476.335432] ? tcp_send_loss_probe+0x8fb/0xc00 [ 476.335432] ? tcp_write_timer_handler+0x691/0xe80 [ 476.335432] ? tcp_write_timer+0x139/0x250 [ 476.335432] ? call_timer_fn+0x356/0x7c0 [ 476.335432] ? __run_timers+0xe95/0x1300 [ 476.335432] ? run_timer_softirq+0x55/0xa0 [ 476.335432] ? __do_softirq+0x721/0xc7f [ 476.335432] ? run_ksoftirqd+0x37/0x60 [ 476.335432] ? smpboot_thread_fn+0x69c/0xb30 [ 476.335432] ? kthread+0x5e7/0x620 [ 476.335432] ? ret_from_fork+0x35/0x40 [ 476.335432] ? __msan_get_context_state+0x9/0x20 [ 476.335432] ? INIT_INT+0xc/0x30 [ 476.335432] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 476.335432] ? ipv4_dst_check+0x1aa/0x2a0 [ 476.402990] kmsan_memcpy_origins+0x13d/0x190 [ 476.402990] __msan_memcpy+0x6f/0x80 [ 476.402990] pskb_expand_head+0x436/0x1d20 [ 476.402990] __tcp_retransmit_skb+0xdf6/0x46c0 [ 476.402990] tcp_send_loss_probe+0x8fb/0xc00 [ 476.402990] tcp_write_timer_handler+0x691/0xe80 [ 476.402990] tcp_write_timer+0x139/0x250 [ 476.402990] call_timer_fn+0x356/0x7c0 [ 476.402990] ? tcp_init_xmit_timers+0x130/0x130 [ 476.402990] __run_timers+0xe95/0x1300 [ 476.445827] ? tcp_init_xmit_timers+0x130/0x130 [ 476.445827] run_timer_softirq+0x55/0xa0 [ 476.445827] ? timers_dead_cpu+0xb70/0xb70 [ 476.445827] __do_softirq+0x721/0xc7f [ 476.445827] ? ksoftirqd_should_run+0x50/0x50 [ 476.445827] run_ksoftirqd+0x37/0x60 [ 476.473825] smpboot_thread_fn+0x69c/0xb30 [ 476.473825] kthread+0x5e7/0x620 [ 476.473825] ? cpu_report_death+0x4a0/0x4a0 [ 476.473825] ? INIT_BOOL+0x30/0x30 [ 476.473825] ret_from_fork+0x35/0x40 [ 476.473825] Uninit was stored to memory at: [ 476.473825] kmsan_internal_chain_origin+0x136/0x240 [ 476.473825] __msan_chain_origin+0x6d/0xb0 [ 476.473825] __save_stack_trace+0x8be/0xc60 [ 476.473825] save_stack_trace+0xc6/0x110 [ 476.511902] kmsan_internal_chain_origin+0x136/0x240 [ 476.511902] kmsan_memcpy_origins+0x13d/0x190 [ 476.511902] __msan_memcpy+0x6f/0x80 [ 476.511902] pskb_expand_head+0x436/0x1d20 [ 476.511902] __tcp_retransmit_skb+0xdf6/0x46c0 [ 476.537787] tcp_send_loss_probe+0x8fb/0xc00 [ 476.537787] tcp_write_timer_handler+0x691/0xe80 [ 476.537787] tcp_write_timer+0x139/0x250 [ 476.537787] call_timer_fn+0x356/0x7c0 [ 476.537787] __run_timers+0xe95/0x1300 [ 476.537787] run_timer_softirq+0x55/0xa0 [ 476.537787] __do_softirq+0x721/0xc7f [ 476.537787] [ 476.537787] Uninit was stored to memory at: [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] __msan_chain_origin+0x6d/0xb0 [ 476.537787] __save_stack_trace+0x8be/0xc60 [ 476.537787] save_stack_trace+0xc6/0x110 [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] kmsan_memcpy_origins+0x13d/0x190 [ 476.537787] __msan_memcpy+0x6f/0x80 [ 476.537787] pskb_expand_head+0x436/0x1d20 [ 476.537787] __tcp_retransmit_skb+0xdf6/0x46c0 [ 476.537787] tcp_send_loss_probe+0x8fb/0xc00 [ 476.537787] tcp_write_timer_handler+0x691/0xe80 [ 476.537787] tcp_write_timer+0x139/0x250 [ 476.537787] call_timer_fn+0x356/0x7c0 [ 476.537787] __run_timers+0xe95/0x1300 [ 476.537787] run_timer_softirq+0x55/0xa0 [ 476.537787] __do_softirq+0x721/0xc7f [ 476.537787] [ 476.537787] Uninit was stored to memory at: [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] __msan_chain_origin+0x6d/0xb0 [ 476.537787] __save_stack_trace+0x8be/0xc60 [ 476.537787] save_stack_trace+0xc6/0x110 [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] kmsan_memcpy_origins+0x13d/0x190 [ 476.537787] __msan_memcpy+0x6f/0x80 [ 476.537787] pskb_expand_head+0x436/0x1d20 [ 476.537787] __tcp_retransmit_skb+0xdf6/0x46c0 [ 476.537787] tcp_send_loss_probe+0x8fb/0xc00 [ 476.537787] tcp_write_timer_handler+0x691/0xe80 [ 476.537787] tcp_write_timer+0x139/0x250 [ 476.537787] call_timer_fn+0x356/0x7c0 [ 476.537787] __run_timers+0xe95/0x1300 [ 476.537787] run_timer_softirq+0x55/0xa0 [ 476.537787] __do_softirq+0x721/0xc7f [ 476.537787] [ 476.537787] Uninit was stored to memory at: [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] __msan_chain_origin+0x6d/0xb0 [ 476.537787] __save_stack_trace+0x8be/0xc60 [ 476.537787] save_stack_trace+0xc6/0x110 [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] kmsan_memcpy_origins+0x13d/0x190 [ 476.537787] __msan_memcpy+0x6f/0x80 [ 476.537787] pskb_expand_head+0x436/0x1d20 [ 476.537787] __tcp_retransmit_skb+0xdf6/0x46c0 [ 476.537787] tcp_send_loss_probe+0x8fb/0xc00 [ 476.537787] tcp_write_timer_handler+0x691/0xe80 [ 476.537787] tcp_write_timer+0x139/0x250 [ 476.537787] call_timer_fn+0x356/0x7c0 [ 476.537787] __run_timers+0xe95/0x1300 [ 476.537787] run_timer_softirq+0x55/0xa0 [ 476.537787] __do_softirq+0x721/0xc7f [ 476.537787] [ 476.537787] Uninit was stored to memory at: [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] __msan_chain_origin+0x6d/0xb0 [ 476.537787] __save_stack_trace+0x8be/0xc60 [ 476.537787] save_stack_trace+0xc6/0x110 [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] kmsan_memcpy_origins+0x13d/0x190 [ 476.537787] __msan_memcpy+0x6f/0x80 [ 476.537787] pskb_expand_head+0x436/0x1d20 [ 476.537787] __tcp_retransmit_skb+0xdf6/0x46c0 [ 476.537787] tcp_send_loss_probe+0x8fb/0xc00 [ 476.537787] tcp_write_timer_handler+0x691/0xe80 [ 476.537787] tcp_write_timer+0x139/0x250 [ 476.537787] call_timer_fn+0x356/0x7c0 [ 476.537787] __run_timers+0xe95/0x1300 [ 476.537787] run_timer_softirq+0x55/0xa0 [ 476.537787] __do_softirq+0x721/0xc7f [ 476.537787] [ 476.537787] Uninit was stored to memory at: [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] __msan_chain_origin+0x6d/0xb0 [ 476.537787] __save_stack_trace+0x8be/0xc60 [ 476.537787] save_stack_trace+0xc6/0x110 [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] kmsan_memcpy_origins+0x13d/0x190 [ 476.537787] __msan_memcpy+0x6f/0x80 [ 476.537787] pskb_expand_head+0x436/0x1d20 [ 476.537787] __tcp_retransmit_skb+0xdf6/0x46c0 [ 476.537787] tcp_send_loss_probe+0x8fb/0xc00 [ 476.537787] tcp_write_timer_handler+0x691/0xe80 [ 476.537787] tcp_write_timer+0x139/0x250 [ 476.537787] call_timer_fn+0x356/0x7c0 [ 476.537787] __run_timers+0xe95/0x1300 [ 476.537787] run_timer_softirq+0x55/0xa0 [ 476.537787] __do_softirq+0x721/0xc7f [ 476.537787] [ 476.537787] Uninit was stored to memory at: [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] __msan_chain_origin+0x6d/0xb0 [ 476.537787] __save_stack_trace+0x8be/0xc60 [ 476.537787] save_stack_trace+0xc6/0x110 [ 476.537787] kmsan_internal_chain_origin+0x136/0x240 [ 476.537787] kmsan_memcpy_origins+0x13d/0x190 [ 476.537787] __msan_memcpy+0x6f/0x80 [ 476.537787] pskb_expand_head+0x436/0x1d20 [ 476.537787] __tcp_retransmit_skb+0xdf6/0x46c0 [ 476.537787] tcp_send_loss_probe+0x8fb/0xc00 [ 476.537787] tcp_write_timer_handler+0x691/0xe80 [ 476.537787] tcp_write_timer+0x139/0x250 [ 476.537787] call_timer_fn+0x356/0x7c0 [ 476.537787] __run_timers+0xe95/0x1300 [ 476.537787] run_timer_softirq+0x55/0xa0 [ 476.537787] __do_softirq+0x721/0xc7f [ 476.537787] [ 476.537787] Local variable description: ----_tcphdr.i@__dev_queue_xmit [ 476.537787] Variable was created at: [ 476.537787] __dev_queue_xmit+0xd0/0x3e00 [ 476.537787] dev_queue_xmit+0x4b/0x60 00:34:35 executing program 3: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = creat(&(0x7f0000000a00)='./bus\x00', 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)) 00:34:35 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x0) 00:34:35 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f00000001c0), 0xfffffef3) r3 = epoll_create(0x4000c) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) ppoll(&(0x7f0000000140)=[{r3}], 0x1, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000040), 0x8) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl(r0, 0x20000000008912, &(0x7f0000000080)="0a5c2d0240316285717070") 00:34:35 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x400000010, 0x802, 0x0) write(r0, &(0x7f0000000000)="fc0000001100071bab092500090007000aab08000a0000000000e293210001c000000000000000000000000009000000fa2c5ec28656aaa79bb94b46fe000000bc00020000036c6c256f1a272fdf0d11512fd633d44000000000008934d07302ade01720d7d5bbc91a3e2e80772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a463ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b176e83df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48f6f0000080548deac270e33429f3794dec896592d69d38a873cf1587c3b", 0xfc) execve(&(0x7f0000000640)='./bus\x00', &(0x7f00000008c0)=[&(0x7f0000000680)='/dev/vcs\x00'], &(0x7f0000000c40)) 00:34:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:36 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x0) [ 478.625674] netlink: 220 bytes leftover after parsing attributes in process `syz-executor3'. [ 478.700158] netlink: 220 bytes leftover after parsing attributes in process `syz-executor3'. 00:34:37 executing program 2: r0 = semget$private(0x0, 0x4007, 0x0) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000040)=""/223) 00:34:37 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17}) 00:34:37 executing program 4: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) listen(r0, 0x2) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 00:34:37 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:37 executing program 3: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xffff7ff6) mmap(&(0x7f00006fe000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) read(r0, &(0x7f0000000000)=""/110, 0x6e) 00:34:37 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x0) 00:34:37 executing program 5: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) listen(r0, 0x3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 00:34:37 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@local, @empty, @loopback, 0x0, 0x2, 0x1f, 0x0, 0x0, 0x1c0270}) 00:34:37 executing program 4: r0 = epoll_create1(0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x2) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000b0e000)) 00:34:37 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:37 executing program 2: [ 479.844621] not chained 160000 origins [ 479.848559] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 479.851659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 479.851659] Call Trace: [ 479.851659] dump_stack+0x32d/0x480 [ 479.851659] ? save_stack_trace+0xc6/0x110 [ 479.871832] kmsan_internal_chain_origin+0x222/0x240 [ 479.871832] ? kmsan_internal_chain_origin+0x136/0x240 [ 479.871832] ? __msan_chain_origin+0x6d/0xb0 [ 479.871832] ? __save_stack_trace+0x8be/0xc60 [ 479.871832] ? save_stack_trace+0xc6/0x110 [ 479.871832] ? kmsan_internal_chain_origin+0x136/0x240 [ 479.871832] ? kmsan_memcpy_origins+0x13d/0x190 [ 479.871832] ? __msan_memcpy+0x6f/0x80 [ 479.871832] ? skb_copy_bits+0x1d2/0xc90 [ 479.871832] ? skb_copy+0x56c/0xba0 [ 479.871832] ? sctp_make_reassembled_event+0xcbe/0x1210 [ 479.871832] ? sctp_ulpq_partial_delivery+0x850/0xab0 [ 479.871832] ? sctp_do_sm+0x1cf3/0x9c50 [ 479.871832] ? sctp_assoc_bh_rcv+0x66a/0xd90 [ 479.871832] ? sctp_inq_push+0x300/0x420 [ 479.871832] ? sctp_rcv+0x42f2/0x4e40 [ 479.871832] ? sctp6_rcv+0x41/0x70 [ 479.871832] ? ip6_input_finish+0xb53/0x2450 [ 479.871832] ? ip6_input+0x29d/0x340 [ 479.871832] ? ip6_rcv_finish+0x4d2/0x710 [ 479.871832] ? ipv6_rcv+0x34b/0x3f0 [ 479.871832] ? process_backlog+0x82b/0x11e0 [ 479.969245] ? net_rx_action+0x98f/0x1d50 [ 479.969245] ? __do_softirq+0x721/0xc7f [ 479.969245] ? run_ksoftirqd+0x37/0x60 [ 479.969245] ? smpboot_thread_fn+0x69c/0xb30 [ 479.969245] ? kthread+0x5e7/0x620 [ 479.969245] ? ret_from_fork+0x35/0x40 [ 479.969245] ? kmsan_internal_chain_origin+0x90/0x240 [ 479.969245] ? in_task_stack+0x12c/0x210 [ 479.969245] ? task_kmsan_context_state+0x51/0x90 [ 479.969245] ? __msan_get_context_state+0x9/0x20 [ 479.969245] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 479.969245] ? in_task_stack+0x12c/0x210 [ 479.969245] __msan_chain_origin+0x6d/0xb0 [ 479.969245] ? smpboot_thread_fn+0x69c/0xb30 [ 480.031899] __save_stack_trace+0x8be/0xc60 [ 480.031899] ? smpboot_thread_fn+0x69c/0xb30 [ 480.040892] pic_ioport_write: 2 callbacks suppressed [ 480.040914] kvm: pic: level sensitive irq not supported [ 480.043828] save_stack_trace+0xc6/0x110 [ 480.050831] kvm: pic: single mode not supported [ 480.043828] kmsan_internal_chain_origin+0x136/0x240 [ 480.063695] kvm: pic: single mode not supported [ 480.063814] kvm: pic: level sensitive irq not supported [ 480.043828] ? process_backlog+0x82b/0x11e0 [ 480.043828] ? kmsan_internal_chain_origin+0x136/0x240 [ 480.074695] ? kmsan_memcpy_origins+0x13d/0x190 [ 480.074695] ? __msan_memcpy+0x6f/0x80 [ 480.074695] ? skb_copy_bits+0x1d2/0xc90 [ 480.074695] ? skb_copy+0x56c/0xba0 [ 480.102104] ? sctp_make_reassembled_event+0xcbe/0x1210 [ 480.102104] ? sctp_ulpq_partial_delivery+0x850/0xab0 [ 480.102104] ? sctp_do_sm+0x1cf3/0x9c50 [ 480.102104] ? sctp_assoc_bh_rcv+0x66a/0xd90 [ 480.102104] ? sctp_inq_push+0x300/0x420 [ 480.123503] ? sctp_rcv+0x42f2/0x4e40 [ 480.123503] ? sctp6_rcv+0x41/0x70 [ 480.123503] ? ip6_input_finish+0xb53/0x2450 [ 480.123503] ? ip6_input+0x29d/0x340 [ 480.123503] ? ip6_rcv_finish+0x4d2/0x710 [ 480.123503] ? ipv6_rcv+0x34b/0x3f0 [ 480.148838] ? process_backlog+0x82b/0x11e0 [ 480.148838] ? net_rx_action+0x98f/0x1d50 [ 480.148838] ? __do_softirq+0x721/0xc7f [ 480.148838] ? run_ksoftirqd+0x37/0x60 [ 480.148838] ? smpboot_thread_fn+0x69c/0xb30 [ 480.167518] kvm: pic: level sensitive irq not supported [ 480.168950] kvm: pic: single mode not supported [ 480.148838] ? kthread+0x5e7/0x620 [ 480.148838] ? ret_from_fork+0x35/0x40 [ 480.176056] kvm: pic: level sensitive irq not supported [ 480.148838] ? __msan_get_context_state+0x9/0x20 [ 480.148838] ? INIT_INT+0xc/0x30 [ 480.148838] ? __kmalloc_node_track_caller+0x1226/0x14e0 [ 480.148838] ? INIT_INT+0xc/0x30 [ 480.148838] kmsan_memcpy_origins+0x13d/0x190 [ 480.148838] __msan_memcpy+0x6f/0x80 [ 480.148838] skb_copy_bits+0x1d2/0xc90 [ 480.148838] skb_copy+0x56c/0xba0 [ 480.148838] sctp_make_reassembled_event+0xcbe/0x1210 [ 480.148838] sctp_ulpq_partial_delivery+0x850/0xab0 [ 480.148838] ? sctp_ulpq_renege_list+0x870/0x870 [ 480.148838] sctp_do_sm+0x1cf3/0x9c50 [ 480.148838] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 480.148838] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 480.148838] ? skb_pull+0x13f/0x230 [ 480.148838] ? acpi_pm_read_slow+0x100/0x100 [ 480.148838] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 480.148838] ? ktime_get+0x2e6/0x420 [ 480.148838] sctp_assoc_bh_rcv+0x66a/0xd90 [ 480.148838] ? sctp_assoc_lookup_asconf_ack+0x2a0/0x2a0 [ 480.148838] sctp_inq_push+0x300/0x420 [ 480.148838] sctp_rcv+0x42f2/0x4e40 [ 480.148838] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 480.148838] sctp6_rcv+0x41/0x70 [ 480.148838] ? sctp_inet6addr_event+0xbd0/0xbd0 [ 480.148838] ip6_input_finish+0xb53/0x2450 [ 480.148838] ? ip6_input_finish+0x13e1/0x2450 [ 480.148838] ip6_input+0x29d/0x340 [ 480.148838] ? ip6_input+0x340/0x340 [ 480.148838] ? ip6_sublist_rcv+0x1ab0/0x1ab0 [ 480.148838] ip6_rcv_finish+0x4d2/0x710 [ 480.148838] ipv6_rcv+0x34b/0x3f0 [ 480.148838] ? dst_hold+0x5e0/0x5e0 [ 480.148838] process_backlog+0x82b/0x11e0 [ 480.148838] ? __msan_poison_alloca+0x1e0/0x270 [ 480.148838] ? ip6_rcv_finish+0x710/0x710 [ 480.148838] ? rps_trigger_softirq+0x2e0/0x2e0 [ 480.148838] net_rx_action+0x98f/0x1d50 [ 480.148838] ? net_tx_action+0xf20/0xf20 [ 480.148838] __do_softirq+0x721/0xc7f [ 480.148838] ? ksoftirqd_should_run+0x50/0x50 [ 480.148838] run_ksoftirqd+0x37/0x60 [ 480.148838] smpboot_thread_fn+0x69c/0xb30 [ 480.148838] kthread+0x5e7/0x620 [ 480.148838] ? cpu_report_death+0x4a0/0x4a0 [ 480.148838] ? INIT_BOOL+0x30/0x30 [ 480.148838] ret_from_fork+0x35/0x40 [ 480.148838] Uninit was stored to memory at: [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] __msan_chain_origin+0x6d/0xb0 [ 480.148838] __save_stack_trace+0x8be/0xc60 [ 480.148838] save_stack_trace+0xc6/0x110 [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] kmsan_memcpy_origins+0x13d/0x190 [ 480.148838] __msan_memcpy+0x6f/0x80 [ 480.148838] skb_copy_bits+0x1d2/0xc90 [ 480.148838] skb_copy+0x56c/0xba0 [ 480.148838] sctp_make_reassembled_event+0xcbe/0x1210 [ 480.148838] sctp_ulpq_partial_delivery+0x850/0xab0 [ 480.148838] sctp_do_sm+0x1cf3/0x9c50 [ 480.148838] sctp_assoc_bh_rcv+0x66a/0xd90 [ 480.148838] sctp_inq_push+0x300/0x420 [ 480.148838] sctp_rcv+0x42f2/0x4e40 [ 480.148838] sctp6_rcv+0x41/0x70 [ 480.148838] ip6_input_finish+0xb53/0x2450 [ 480.148838] ip6_input+0x29d/0x340 [ 480.148838] ip6_rcv_finish+0x4d2/0x710 [ 480.148838] ipv6_rcv+0x34b/0x3f0 [ 480.148838] process_backlog+0x82b/0x11e0 [ 480.148838] net_rx_action+0x98f/0x1d50 [ 480.148838] __do_softirq+0x721/0xc7f [ 480.148838] [ 480.148838] Uninit was stored to memory at: [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] __msan_chain_origin+0x6d/0xb0 [ 480.148838] __save_stack_trace+0x8be/0xc60 [ 480.148838] save_stack_trace+0xc6/0x110 [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] kmsan_memcpy_origins+0x13d/0x190 [ 480.148838] __msan_memcpy+0x6f/0x80 [ 480.148838] skb_copy_bits+0x1d2/0xc90 [ 480.148838] skb_copy+0x56c/0xba0 [ 480.148838] sctp_make_reassembled_event+0xcbe/0x1210 [ 480.148838] sctp_ulpq_partial_delivery+0x850/0xab0 [ 480.148838] sctp_do_sm+0x1cf3/0x9c50 [ 480.148838] sctp_assoc_bh_rcv+0x66a/0xd90 [ 480.148838] sctp_inq_push+0x300/0x420 [ 480.148838] sctp_rcv+0x42f2/0x4e40 [ 480.148838] sctp6_rcv+0x41/0x70 [ 480.148838] ip6_input_finish+0xb53/0x2450 [ 480.148838] ip6_input+0x29d/0x340 [ 480.148838] ip6_rcv_finish+0x4d2/0x710 [ 480.148838] ipv6_rcv+0x34b/0x3f0 [ 480.148838] process_backlog+0x82b/0x11e0 [ 480.148838] net_rx_action+0x98f/0x1d50 [ 480.148838] __do_softirq+0x721/0xc7f [ 480.148838] [ 480.148838] Uninit was stored to memory at: [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] __msan_chain_origin+0x6d/0xb0 [ 480.148838] __save_stack_trace+0x8be/0xc60 [ 480.148838] save_stack_trace+0xc6/0x110 [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] kmsan_memcpy_origins+0x13d/0x190 [ 480.148838] __msan_memcpy+0x6f/0x80 [ 480.148838] skb_copy_bits+0x1d2/0xc90 [ 480.148838] skb_copy+0x56c/0xba0 [ 480.148838] sctp_make_reassembled_event+0xcbe/0x1210 [ 480.148838] sctp_ulpq_partial_delivery+0x850/0xab0 [ 480.148838] sctp_do_sm+0x1cf3/0x9c50 [ 480.148838] sctp_assoc_bh_rcv+0x66a/0xd90 [ 480.148838] sctp_inq_push+0x300/0x420 [ 480.148838] sctp_rcv+0x42f2/0x4e40 [ 480.148838] sctp6_rcv+0x41/0x70 [ 480.148838] ip6_input_finish+0xb53/0x2450 [ 480.148838] ip6_input+0x29d/0x340 [ 480.148838] ip6_rcv_finish+0x4d2/0x710 [ 480.148838] ipv6_rcv+0x34b/0x3f0 [ 480.148838] process_backlog+0x82b/0x11e0 [ 480.148838] net_rx_action+0x98f/0x1d50 [ 480.148838] __do_softirq+0x721/0xc7f [ 480.148838] [ 480.148838] Uninit was stored to memory at: [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] __msan_chain_origin+0x6d/0xb0 [ 480.148838] __save_stack_trace+0x8be/0xc60 [ 480.148838] save_stack_trace+0xc6/0x110 [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] kmsan_memcpy_origins+0x13d/0x190 [ 480.148838] __msan_memcpy+0x6f/0x80 [ 480.148838] skb_copy_bits+0x1d2/0xc90 [ 480.148838] skb_copy+0x56c/0xba0 [ 480.148838] sctp_make_reassembled_event+0xcbe/0x1210 [ 480.148838] sctp_ulpq_partial_delivery+0x850/0xab0 [ 480.148838] sctp_do_sm+0x1cf3/0x9c50 [ 480.148838] sctp_assoc_bh_rcv+0x66a/0xd90 [ 480.148838] sctp_inq_push+0x300/0x420 [ 480.148838] sctp_rcv+0x42f2/0x4e40 [ 480.148838] sctp6_rcv+0x41/0x70 [ 480.148838] ip6_input_finish+0xb53/0x2450 [ 480.148838] ip6_input+0x29d/0x340 [ 480.148838] ip6_rcv_finish+0x4d2/0x710 [ 480.148838] ipv6_rcv+0x34b/0x3f0 [ 480.148838] process_backlog+0x82b/0x11e0 [ 480.148838] net_rx_action+0x98f/0x1d50 [ 480.148838] __do_softirq+0x721/0xc7f [ 480.148838] [ 480.148838] Uninit was stored to memory at: [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] __msan_chain_origin+0x6d/0xb0 [ 480.148838] __save_stack_trace+0x8be/0xc60 [ 480.148838] save_stack_trace+0xc6/0x110 [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] kmsan_memcpy_origins+0x13d/0x190 [ 480.148838] __msan_memcpy+0x6f/0x80 [ 480.148838] skb_copy_bits+0x1d2/0xc90 [ 480.148838] skb_copy+0x56c/0xba0 [ 480.148838] sctp_make_reassembled_event+0xcbe/0x1210 [ 480.148838] sctp_ulpq_partial_delivery+0x850/0xab0 [ 480.148838] sctp_do_sm+0x1cf3/0x9c50 [ 480.148838] sctp_assoc_bh_rcv+0x66a/0xd90 [ 480.148838] sctp_inq_push+0x300/0x420 [ 480.148838] sctp_rcv+0x42f2/0x4e40 [ 480.148838] sctp6_rcv+0x41/0x70 [ 480.148838] ip6_input_finish+0xb53/0x2450 [ 480.148838] ip6_input+0x29d/0x340 [ 480.148838] ip6_rcv_finish+0x4d2/0x710 [ 480.148838] ipv6_rcv+0x34b/0x3f0 [ 480.148838] process_backlog+0x82b/0x11e0 [ 480.148838] net_rx_action+0x98f/0x1d50 [ 480.148838] __do_softirq+0x721/0xc7f [ 480.148838] [ 480.148838] Uninit was stored to memory at: [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] __msan_chain_origin+0x6d/0xb0 [ 480.148838] __save_stack_trace+0x8be/0xc60 [ 480.148838] save_stack_trace+0xc6/0x110 [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] kmsan_memcpy_origins+0x13d/0x190 [ 480.148838] __msan_memcpy+0x6f/0x80 [ 480.148838] skb_copy_bits+0x1d2/0xc90 [ 480.148838] skb_copy+0x56c/0xba0 [ 480.148838] sctp_make_reassembled_event+0xcbe/0x1210 [ 480.148838] sctp_ulpq_partial_delivery+0x850/0xab0 [ 480.148838] sctp_do_sm+0x1cf3/0x9c50 [ 480.148838] sctp_assoc_bh_rcv+0x66a/0xd90 [ 480.148838] sctp_inq_push+0x300/0x420 [ 480.148838] sctp_rcv+0x42f2/0x4e40 [ 480.148838] sctp6_rcv+0x41/0x70 [ 480.148838] ip6_input_finish+0xb53/0x2450 [ 480.148838] ip6_input+0x29d/0x340 [ 480.148838] ip6_rcv_finish+0x4d2/0x710 [ 480.148838] ipv6_rcv+0x34b/0x3f0 [ 480.148838] process_backlog+0x82b/0x11e0 [ 480.148838] net_rx_action+0x98f/0x1d50 [ 480.148838] __do_softirq+0x721/0xc7f [ 480.148838] [ 480.148838] Uninit was stored to memory at: [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] __msan_chain_origin+0x6d/0xb0 [ 480.148838] __save_stack_trace+0x8be/0xc60 [ 480.148838] save_stack_trace+0xc6/0x110 [ 480.148838] kmsan_internal_chain_origin+0x136/0x240 [ 480.148838] kmsan_memcpy_origins+0x13d/0x190 [ 480.148838] __msan_memcpy+0x6f/0x80 [ 480.148838] skb_copy_bits+0x1d2/0xc90 [ 480.148838] skb_copy+0x56c/0xba0 [ 480.148838] sctp_make_reassembled_event+0xcbe/0x1210 [ 480.148838] sctp_ulpq_partial_delivery+0x850/0xab0 [ 480.148838] sctp_do_sm+0x1cf3/0x9c50 [ 480.148838] sctp_assoc_bh_rcv+0x66a/0xd90 [ 480.148838] sctp_inq_push+0x300/0x420 [ 480.148838] sctp_rcv+0x42f2/0x4e40 [ 480.148838] sctp6_rcv+0x41/0x70 [ 480.148838] ip6_input_finish+0xb53/0x2450 [ 480.148838] ip6_input+0x29d/0x340 [ 480.148838] ip6_rcv_finish+0x4d2/0x710 [ 480.148838] ipv6_rcv+0x34b/0x3f0 [ 480.148838] process_backlog+0x82b/0x11e0 [ 480.148838] net_rx_action+0x98f/0x1d50 [ 480.148838] __do_softirq+0x721/0xc7f [ 480.148838] [ 480.148838] Local variable description: ----oc.i.i@__alloc_pages_nodemask [ 480.148838] Variable was created at: [ 480.148838] __alloc_pages_nodemask+0x108/0x64d0 [ 480.148838] __kmalloc_node_track_caller+0x6db/0x14e0 00:34:39 executing program 2: 00:34:39 executing program 3: sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f00000014c0)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001480)={&(0x7f0000001380)={0x20, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x20}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = epoll_create(0x9) r3 = epoll_create(0x4) r4 = socket$rds(0x15, 0x5, 0x0) r5 = epoll_create(0x400100000001) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f000000e000)) r6 = socket$inet6(0xa, 0x5, 0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r1, &(0x7f0000000200)) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f000000d000)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f000000dff4)) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000140)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r5, &(0x7f0000001800)) 00:34:39 executing program 4: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) listen(r0, 0x3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) preadv(0xffffffffffffffff, &(0x7f0000000680)=[{&(0x7f0000000400)=""/193, 0xc1}, {&(0x7f00000005c0)=""/129, 0x81}, {&(0x7f0000000500)=""/53, 0x35}, {&(0x7f0000000a40)=""/4096, 0x1000}], 0x4, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0xa, 0x0, @dev={0xac, 0x14, 0x14, 0x1000000}, [0x0, 0x300000000000000, 0x0, 0x0, 0x4000000]}}, 0x0, 0x0, 0x40000004, 0x0, 0x14}, 0x98) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(0xffffffffffffffff, 0x40045730, &(0x7f0000000840)=0x8) ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f00000007c0)=0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) ptrace(0xffffffffffffffff, 0x0) r2 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0xffffffffffffffff, 0x2) ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f00000001c0)={'gre0\x00', 0xfffffffffffffffb}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x403e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000000) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000009c0)}}, 0x20) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x0) 00:34:39 executing program 0: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKROSET(r0, 0x922, &(0x7f00000000c0)) 00:34:39 executing program 5: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) listen(r0, 0x3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$EXT4_IOC_RESIZE_FS(0xffffffffffffffff, 0x40086610, &(0x7f00000007c0)) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000009c0)}}, 0x20) 00:34:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:39 executing program 2: [ 482.029641] kvm: pic: level sensitive irq not supported 00:34:40 executing program 3: 00:34:40 executing program 2: [ 482.030566] kvm: pic: single mode not supported [ 482.107503] kvm: pic: single mode not supported 00:34:40 executing program 0: [ 482.112513] kvm: pic: level sensitive irq not supported [ 482.244885] kvm: pic: level sensitive irq not supported [ 482.304080] kvm: pic: single mode not supported 00:34:40 executing program 5: [ 482.309545] kvm: pic: level sensitive irq not supported [ 482.365433] kvm: pic: level sensitive irq not supported 00:34:40 executing program 3: 00:34:40 executing program 0: 00:34:40 executing program 2: 00:34:41 executing program 4: 00:34:41 executing program 5: 00:34:41 executing program 3: 00:34:41 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:41 executing program 0: 00:34:41 executing program 2: 00:34:41 executing program 3: 00:34:41 executing program 5: 00:34:41 executing program 4: [ 482.388525] kvm: pic: level sensitive irq not supported [ 483.580407] kvm: pic: single mode not supported 00:34:41 executing program 0: [ 483.603726] kvm: pic: single mode not supported 00:34:41 executing program 2: 00:34:41 executing program 3: 00:34:42 executing program 5: 00:34:42 executing program 4: 00:34:42 executing program 0: 00:34:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:42 executing program 3: 00:34:42 executing program 2: 00:34:42 executing program 5: 00:34:42 executing program 0: 00:34:42 executing program 4: 00:34:42 executing program 3: 00:34:42 executing program 2: 00:34:43 executing program 5: 00:34:43 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$random(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/urandom\x00', 0x0, 0x0) add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000080)={'syz'}, &(0x7f00000000c0)="7ecdcfc80d10d81427", 0x9, 0xfffffffffffffffd) 00:34:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:43 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000009fe8)={0xfffb, 0x1a, 0x0, 0xffffffffffffffff}) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0xffffffffffffffff, 0x6012, r1, 0x0) 00:34:43 executing program 3: r0 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz'}, &(0x7f0000000100)="ca", 0x1, 0xfffffffffffffffd) keyctl$revoke(0x3, r0) 00:34:43 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r0, &(0x7f00000002c0)={&(0x7f0000000080), 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0101000000faffffffff10000000f98136d905b279386e81f20b75be40ae91f2130bfdcc073b1e150827596010456a381b158b8dc3ac01111e95"], 0x1}}, 0x0) [ 483.692889] kvm: pic: single mode not supported [ 485.540775] x86/PAT: syz-executor4:12506 map pfn RAM range req write-combining for [mem 0xb2720000-0xb2723fff], got write-back 00:34:43 executing program 5: 00:34:43 executing program 0: [ 485.747721] x86/PAT: syz-executor4:12512 map pfn RAM range req write-combining for [mem 0xb2720000-0xb2723fff], got write-back 00:34:43 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') preadv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x1, 0x200000000001f6) 00:34:44 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000380)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000001e1, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(0xffffffffffffffff, 0xc04c5349, &(0x7f00000003c0)={0x0, 0x0, 0x1}) 00:34:44 executing program 5: setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000280)={@loopback, @loopback, @dev}, &(0x7f00000002c0)=0xc) r0 = syz_open_procfs(0x0, &(0x7f0000000380)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000001e1, 0x0) mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x4}) 00:34:44 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x26}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00003e3000/0x2000)=nil, 0x2000}, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r1, 0x0) read(r2, &(0x7f00000000c0)=""/1, 0x1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)) r3 = gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x12, 0x0, @thr={&(0x7f0000000180), &(0x7f0000000200)}}, &(0x7f00009b1ffc)) mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4010, 0xffffffffffffffff, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x1c9c380}}, &(0x7f0000040000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) tkill(r3, 0x1000000000016) prctl$intptr(0x29, 0x2) clone(0x0, &(0x7f0000000240), &(0x7f00000001c0), &(0x7f0000001000), &(0x7f0000000200)) read(r0, &(0x7f0000000400)=""/100, 0x64) 00:34:44 executing program 0: clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x7e, 0x1, 0x5, 0x0, 0xffffffffffffffff, 0x9}, 0x2c) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x200002, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x800, 0x0) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40086436, &(0x7f00000002c0)={0x0, 0xffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0xcef, 0x0, r0, 0x0, [0x305f, 0xa]}, 0x2c) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0x10000000c) 00:34:44 executing program 2: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000000)=0x4) 00:34:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:44 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x26}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00003e3000/0x2000)=nil, 0x2000}, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r1, 0x0) read(r2, &(0x7f00000000c0)=""/1, 0x1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)) r3 = gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x12, 0x0, @thr={&(0x7f0000000180), &(0x7f0000000200)}}, &(0x7f00009b1ffc)) mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x1c9c380}}, &(0x7f0000040000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) tkill(r3, 0x1000000000016) prctl$intptr(0x29, 0x2) clone(0x0, &(0x7f0000000240), &(0x7f00000001c0), &(0x7f0000001000), &(0x7f0000000200)) read(r0, &(0x7f0000000400)=""/100, 0x64) 00:34:44 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000180)='p', 0x1, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c) recvmmsg(r0, &(0x7f0000003f00)=[{{&(0x7f0000002500)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000002780)=""/48, 0x30}}], 0x1, 0x2, &(0x7f0000003fc0)={0x77359400}) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 00:34:44 executing program 0: prctl$setname(0xf, &(0x7f0000000580)="21225cd318f05894450e2c090782ecb5009aaf4271e6c8b7e0c4ce14582378ead3c0d61fe57a222e3d904b0154ff8e6d75b09d8abbef35d31dff6b7773c58b9f51b2e7cfdb6ac443bde0ef8c4952d93e06dd107200775dc3c63cf4a5514fff1aff4effec41f94dcfbf792d99f326d818f775244c9ee42dbb5a2701ae34c0fa084f2a929c7c7adba09c8762b9546f3ccb76997c720dc6703091e81e59be51478d77094c4df21da148ef3385255bff9fecb19b1e8730b89a1fea91172d9fb8b5e24390df0624618ad113d89339437ffb5098a5f034ac4eea30846ffbe94cf03a657b8701818f86cb502d2426d6b49812bfcfa62680bd029b2d3c863f9f2b0d866fd671d941af8e0ee51f4f1798e7a88b71ad9f1ed3e1665f9a374e53c5d87f242b0abf61c1ef30c1") syz_genetlink_get_family_id$fou(&(0x7f0000000040)='fou\x00') 00:34:44 executing program 2: r0 = socket$bt_bnep(0x1f, 0x3, 0x4) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000000)=0x5, 0x2) r1 = socket(0x40000000015, 0x5, 0x0) connect$inet6(r1, &(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x11}, 0x6}, 0x1c) 00:34:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:45 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x26}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00003e3000/0x2000)=nil, 0x2000}, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r1, 0x0) read(r2, &(0x7f00000000c0)=""/1, 0x1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)) gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x12, 0x0, @thr={&(0x7f0000000180), &(0x7f0000000200)}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x1c9c380}}, &(0x7f0000040000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) tkill(0x0, 0x1000000000016) prctl$intptr(0x29, 0x2) clone(0x0, &(0x7f0000000240), &(0x7f00000001c0), &(0x7f0000001000), &(0x7f0000000200)) read(r0, &(0x7f0000000400)=""/100, 0x64) 00:34:45 executing program 2: io_setup(0x20, &(0x7f0000000180)=0x0) r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x0, 0x0) close(r1) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f0000000600)=""/246) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_submit(r0, 0x1, &(0x7f0000000b00)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 00:34:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:46 executing program 4: 00:34:46 executing program 2: 00:34:46 executing program 5: 00:34:46 executing program 2: 00:34:46 executing program 3: 00:34:46 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x2812, r1, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1081}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$tun(r1, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x1) mmap(&(0x7f0000004000/0x4000)=nil, 0x705000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 00:34:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:46 executing program 5: 00:34:47 executing program 0: 00:34:47 executing program 3: 00:34:47 executing program 2: 00:34:47 executing program 0: 00:34:47 executing program 5: 00:34:47 executing program 4: 00:34:47 executing program 3: 00:34:47 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 00:34:47 executing program 2: 00:34:48 executing program 5: 00:34:48 executing program 3: 00:34:48 executing program 4: 00:34:48 executing program 0: 00:34:48 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 00:34:48 executing program 2: 00:34:48 executing program 5: 00:34:48 executing program 3: 00:34:48 executing program 4: 00:34:48 executing program 0: 00:34:48 executing program 5: 00:34:49 executing program 2: 00:34:49 executing program 3: 00:34:49 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 00:34:49 executing program 4: 00:34:49 executing program 0: 00:34:49 executing program 5: 00:34:49 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000000)="0a5c2d0240316285717070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020a040007000000000013001254016205001a000551b3fcff00000094f600ffc1ee530a265fd53dffff0500000000000000000250ee06e474d9d86d20405718e3b6b5f5466a06468175011a673c9aad587655ec49b4a0c5961256e60614930abd8a4f2cd3a8fd1a06137c527abaf2a07e679ed62192ebd2c19b3585f75d80761cacafb20b9688"], 0x87}}, 0x0) sendmmsg(r1, &(0x7f0000000180), 0x20, 0x0) 00:34:49 executing program 2: openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, &(0x7f0000000340)=ANY=[]) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f00000000c0)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, &(0x7f0000000240)) chdir(&(0x7f0000000140)='./file0\x00') perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x14103e, 0x0) ftruncate(r0, 0x4000005) mmap(&(0x7f0000000000/0x600000)=nil, 0x600010, 0x800002, 0x4002011, r1, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) 00:34:49 executing program 4: 00:34:49 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:49 executing program 0: 00:34:49 executing program 4: 00:34:49 executing program 5: 00:34:50 executing program 2: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x1, 0x0) write$P9_RLERRORu(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="ff80"], 0x2) close(r0) 00:34:50 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:50 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000200)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r1, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r2 = fanotify_init(0x0, 0x0) fanotify_mark(r2, 0x11, 0x40000028, r1, &(0x7f0000000240)="2e2f66692e65318c00") r3 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x0) dup3(r1, r3, 0x0) 00:34:50 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x1) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x136a88c8311572c, 0x0) 00:34:50 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000100)=""/123, 0x7b}, 0x0) sendmmsg(r1, &(0x7f0000000e40)=[{{&(0x7f0000000340)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000c40), 0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="8800000000000000170100000300000043d3d4bd5bcc1438a64ffde9cadf54150fae786859a1324abd75ad0eae3ef182af7cf06584e7cf350a7fd12d4780dcd2931bd48a45a252f6e6060a62d2ee34350d9acc2c68e88a6c4b034572b84f39c472063f9ada02c5b529582eb2b822898dbb37c3bd8693ff20c30cbbfa60e3bcfa5c9e79d3425a0000f000000000000000010100000500000070b490108467ef1592813bf650277998a090058369491da1092afe2edf4f1d07be8903fb7d8b234f09ddac16943b3a3ca04883aa7ad68031425faaf6ce7b6f4de7aeb6f9d75dfc5479dbfe5e05e69d596a273e2bea21afd6e9fbbefc0efb3c218d846db203e4008d7840d0ad00ce5c6bb0619d25956943864257cfefb94d9026846cd06fd0952ce694c0bedc59985f4b6b687f3d2d509203ab54a49a36a7701f99c5853bc29fe1607045b8dacc722b06b2e47d58e598c91e72f5edccaf147f6756dcf2e2b5d1b0fdb2a95e4daad9be56b3216b8879e208de915e190000000000"], 0x178}}], 0x1, 0x0) 00:34:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000100)={0x0, 0x2}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0) ioctl$TIOCLINUX3(0xffffffffffffffff, 0x541c, &(0x7f00000002c0)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:50 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:50 executing program 2: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x1, 0x0) write$P9_RLERRORu(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="ff80"], 0x2) close(r0) 00:34:51 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="7f454c46047a0520010000000000000000003e0000100000cd020000380000007b2102d71203ba2eed155799aef1dcb2ace747ccdfb2b0b63d81a1eb00d73358af0d68167c674c7d73dac816eae6d844d70a9afc79c52e2a84c7c28b394eb070dd4e2f645aff8a8e51549e697a404f73664860d4400a9122233f8fe48d1d7a41cc63214a75eaed7a485a50013ae4273f33"], 0x91) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000013c0)=""/4096, 0xb003}], 0x1, &(0x7f0000000100)=""/123, 0x7b}, 0x0) 00:34:51 executing program 5: clone(0x802102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) io_setup(0x1, &(0x7f0000000100)=0x0) io_destroy(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) exit(0x0) 00:34:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000080)={0x7b, 0x0, [0x40000006]}) 00:34:51 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x2f, 0x0, 0x0) 00:34:51 executing program 5: clone(0x802182001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000340)={@in={{0x2, 0x0, @multicast1}}, 0x0, 0x2, 0x0, "c5c5153dd749aeb6db9b536ac6efb4882f7fddc443ce2d985cf79f48c21c3e0b6e7f8a06ed0cddfa3d4cc53b562eafc2a921de2bd1fb0e636971002b64bceb286364657595a20c224b9cfc7483989c0c"}, 0xd8) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d030100000000009500000000000000712600000000000035060000ff000000bf25000000000000070500000e0000000f65000000000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d43010000000000950000000000000061540000000000006b25000000000000070500000e0000000f0200000000000027050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095000000000000004d54000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) [ 493.691030] kvm [12748]: vcpu0, guest rIP: 0xfff0 Hyper-V uhandled wrmsr: 0x40000006 data 0x0 00:34:51 executing program 5: recvmsg$kcm(0xffffffffffffffff, &(0x7f00000025c0)={&(0x7f0000002240)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x1ff, &(0x7f0000000180), 0x0, &(0x7f00000024c0)=""/206, 0xce}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='projid_map\x00') preadv(r0, &(0x7f00000017c0), 0xef, 0x0) 00:34:52 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000005ac0)={0x0, 0x0, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0xf0, &(0x7f0000000400)=""/240}, 0x48) socket$inet6_udplite(0xa, 0x2, 0x88) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="66b9810000400f322ed30cbad104ec660f38df2b0fe21526660ff85e503ede1b0f20c06635000000800f22c0b800088ec00fae470b", 0x35}], 0x1, 0x51, &(0x7f00000001c0), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x129, 0x0, &(0x7f00000000c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:52 executing program 2: memfd_create(&(0x7f0000000080)=':cgroup#}:\'\x00', 0x0) clone(0x80002102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) setresuid(0x0, 0xee01, 0x0) r0 = memfd_create(&(0x7f0000000540)='/proc/self/net/pfkey\x00', 0x0) execveat(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f00000001c0), 0x1100) 00:34:52 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:52 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f00000000c0)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, &(0x7f0000000240)) chdir(&(0x7f0000000140)='./file0\x00') perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x14103e, 0x0) ftruncate(r0, 0x4000005) mmap(&(0x7f0000000000/0x600000)=nil, 0x600010, 0x800002, 0x4002011, r1, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) 00:34:52 executing program 0: syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x8, 0x202100) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001540)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000002900)}}], 0x1, 0x0, &(0x7f0000003280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp\x00') setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@int=0x4c, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) io_getevents(0x0, 0x0, 0x0, &(0x7f0000000040), 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000340)) preadv(r1, &(0x7f00000017c0), 0x1ce, 0x0) fcntl$getflags(0xffffffffffffffff, 0x0) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/dev/qat_adf_ctl\x00', 0x0, 0x0) open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000001040)={'filter\x00', 0x7e0, "d3e43cad63217b4cea9e8cf5f951f02e7e12a45494f44fa65d948836ea6cb670ec997c7b24f8bc751fb222024c75fd074153f3a6c69697c00cb72cc25a30f2abc1518de2749b3331f07f06e6098553fa82f5833fc92346bcf8e8375215866fa48df186a55f3a446c9b85c622999afe1f92e733896c440209b3948943cd3dc62b721161ae4e76353b7089a109eec65e93173d9f2a00ab9f2ca437f09a51bbd94051ab196a2fc5d931a20ce9be2ea45ce15da09824140eefc537aac8e473a30bc9591c10fecea43ee6dbe7ee80816de6c031c2322a6b78505eafe6e4a9fbf6320a311365ca97085807e8fcc8c2d92fa8a943e53a7d3bc91d6b737bf58f60fba5494e141490290047dbdb2bdcbce3fd3d3c759eac3345f73e5740eff7c6bc317e988213e282705d8cf409160649e0f761c588f07c876511bfbe080a2d646176dcc3e61271b95c2ba6dd76ac10830e18500d7c3e5e74ca23094085ab5a2e7997b2a005ecdc6cb3a65784da16c37d9c1db0b6f350ef5ce433dae32ffb2d3d7a8dd97b45aec444cf6ecb55131822c0021856c001645784264e3cc52f66a915bfac1cf4db3e279ca106e713cd699f8ebb22b48639318636f3c31d916d2120e19376b023eb4e795d51cd47cfcf27c3f6f557443719acb98edbb967d91c56c262aa4727299ce4661bcc7e156cb8622f4c3f42bc75bb7cecca742324a9b7a9caf4c84d9d5b4c89b58403e5e726b3813ec8b5160d6a2bb9cf279a52c396352b6e9ff65f21bf9ceea8ef752e06ec4f5d0c0d075b29fee9cfde50e7de10e23b7702d210c276d732a798dffa1d54280d50b4aceef52edd25adad74c6c11993663617076db5c523f1b9ebc2954570f3df12a0537f69c531b2aa407061034cb519624dadea538e9d5070cb1354a0a9f99652fd7ab278951acf38558bda662ed70d40db7cf1f4c418128e46cc1f5a802c45364db29b12a69fe95f7df1bfe7c3e0fc04bbb4152bc64177c0d7e6713830b9173444ba7c9195430a1fd7e5a154d7fa63596b9033bc83b7497b5b080510f5d862be60b02809da3f673b0f66c76baabaa4a9fd810818820e21d4e61c904d55c7b5a167f899242ffafce5adca92f2aa1ed17b65b16cc1df67863bb79ecbd9399e7e24acf00ddc205381cf191367c68db5d2330707043a665b114f9a75593fe5f8df0339dc02b96cb9bc6d25d3a81889c7a402e015a8943f7df2393dd7740e9df4be42f3fa05abf13ac29eed31b9d49db1e2d6d95d85fd014844952cb1ceedf756cb20ac2da54b19178dccf73025145fb104c3b65ff08f3b7c2d40f2b2b78143a5831ec4e99441014056700211ef299a06d89f64c64a4eb2ac8bc6cc3197176c9df6bf8257d2c6e1b992661cbb194b1b5fb54472be48550ddbf2cf63a6546daaea1385196ea8897d841ba0ff825741d5253e0cd41f5c45fdb67d8ed8b06cae7f77234338b8a3bc9fbc40a70bdadfaedfc2e8d683fb6e4a481b497542ff97d9c2794694725a09b1f9f9133fc9925833b255f5418657373406bc38e8eae6917d3246170280464ac1af21d7fe190f997de99da2aaf8022a9f14b84371f128b8903e3c48e3cb952bb6fe6b36c161d82a38a4d2202ce2ea59266a8e296a8d625fbfc0ec0eefe4e1b8affceb1823e61390ded033cdcef3bdf01b234bbe26abf24e793d6c01b970a5551f6c6029dab4b874d014a9dc9a25319f5964f3fa423398565f1c7a1978f3e32f0f7f6557cc362d35e3cc8500436d6caa606331295d7a715cc345b2b1b2be2536dd70dc14475a3e0d8344b72bee020a636ca18f12626c1fdcd76e1a5b8cbf703203e4e615fb7f9897308f7b7bdef74ee369fe177c178e7c131067f6f72c90ff8d048d523a205be4546ed425d2b224a5178d6842746f47cea24d0b151456f1af6012746ef8474eb2513b37d6ef1483895fcccfd0f6be1aa95dee449f3f09a392275a9a109df13b841b63af0fb8ad9538570b1d85a6ed602db163d723f6cc1defc77a7aec5d437df428ec74932016f7e81b1e0a0d3ab3983f5375d7af3707abf6765cd5dfb8e4f9540ad740e16fe2ce1839959d5e9a67b229c711c5d3ecd0952bdd91942791e773ec6cf410ff50f2d579e13158c3fb837e051a2d3a98a6ad7112b8c377f1fd218e9f86bb7549756812afb4715a9d1d06fa12c05029c8d5efd8974b64adf70015735c4977de46bac05209bee5b06face12c17af03cd853bfd36ca14c523907e99d2a8c72f6f1c3b69ebd8559adf80229ec7af51fe59e7abec20cd2e951183e374f19e1078724a21e8764ef45dc8f1fdd1f7bb61d0b25a1928cd2645fe890f780199fa583cb12d76c20511dd6f75e386e0f0d25eddddf6a32a089ee9500431c57080b86064b8cd647d235524cd37b2d448290e715b328c95a15d41a9cb40e20c53c232bd3d1379593009d5958b141850aa0db2e5481389c43a77face3800d320fb3fdc616be4e5ffcfbbef524820be911e49d2ac2de11fef34d48e28dd1c70e6e1970ee3ea600766996a612edb0f3617a913dd18c3287703e60d68cf20d28478d1bf6ee2d5fa0662fb2078f1b058a73a33adcabc65f1f7bfada482183d4b073ce30e61fb7c89cec9a96ae12a78f74deef80b2e6b0ce120cffa8e21b6c576f4c87ddcd53296b684d6aef6833ad02424e55093cd767f93ced6e058a952d844deed7d698febf04c2e391176b19044160627067dad0ac033a85a06c292166bc2b004e1c545413203afa8c7cf202b519379a00d3f23056c7acc23562c8467983b30fa23fa7b4aa93122a0192abc0e799b36a127fd1f2002dd5283fcc3302f309cb2098b2e28169558cc375972ce05ecbda7"}, &(0x7f0000000040)=0x804) 00:34:52 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000001c000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x15c) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3f}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 00:34:52 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000380)={@empty, @remote, 0x0}, &(0x7f0000000480)=0xfffffffffffffef1) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000008c0), 0xffffffffffffffff) r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)={&(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x8}, 0x10) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000540)=ANY=[@ANYBLOB="1e3bfb344f201163d9fbdd9ad3e42c7786c0020000000000f4ec612c9d96420699a2030cacc30c558a09ab62ffc569b00436ff8c90d2ffea2713be5180d1d252f8bb0c9f2049aab66d6ad64d046c85f3eed91b30aafa28925b5d358e063dfde17af08912e65628a811df103881ce3c8321ab6ad144a7268c7426585359f9b612ee7cad13179851"], 0x1) fcntl$getown(r2, 0x9) r3 = semget(0x1, 0x0, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, &(0x7f0000000700)=0x1) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x0, 0x0) semctl$SEM_INFO(r3, 0x5, 0x13, &(0x7f0000000080)=""/57) setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={r1, @local, @multicast1}, 0x187) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000740)=ANY=[@ANYBLOB="418f0140f9ffc3ba9c10e551cedbde4274"], &(0x7f0000000300)=0x1) fcntl$dupfd(0xffffffffffffffff, 0x406, r0) ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f00000003c0)={0x2, 0x401}) r4 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.sched_load_balance\x00', 0x2, 0x0) write$cgroup_int(r4, &(0x7f0000000040)=0x9000000000000000, 0xffffffffffffffcf) ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f0000000180)) faccessat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0, 0x1100) fcntl$setstatus(r4, 0x4, 0x400) 00:34:52 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-serpent-sse2\x00'}, 0x58) accept(r1, &(0x7f0000000640)=@ethernet={0x0, @broadcast}, &(0x7f0000000480)=0x80) 00:34:52 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:53 executing program 5: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f00000001c0), 0xfffffef3) pipe(&(0x7f0000000600)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tee(r1, r0, 0x3, 0x0) r3 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) fcntl$setstatus(r0, 0x4, 0x44800) tkill(r3, 0x1000000000013) 00:34:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:53 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020609100000000000004c9e0000000200130002000000000000000000000105000600200000000a00000000000000000500e50000070000001f000000000000030000000000000200010000000000000000020000000005000500000000000a00000000000000ff1700000000000000000000000000170000000000000000"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000002, 0x0) 00:34:53 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_elf32(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="7f454c46047a0520010000000000000000003e0000100000cd020000380000007b2102d71203ba2eed155799aef1dcb2ace747ccdfb2b0b63d81a1eb00d73358af0d68167c674c7d73dac816eae6d844d70a9afc79c52e2a84c7c28b394eb070dd4e2f645aff8a8e51549e697a404f73664860d4400a9122233f8fe48d1d7a41cc63214a75eaed7a485a50013ae4273f"], 0x90) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000013c0)=""/4096, 0xb003}], 0x1, &(0x7f0000000100)=""/123, 0x7b}, 0x0) 00:34:53 executing program 4: syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x808, {{0x6, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x6b6b6b, 0x8}}}}}}, 0x0) 00:34:53 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000005ac0)={0x0, 0x0, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0xf0, &(0x7f0000000400)=""/240}, 0x48) socket$inet6_udplite(0xa, 0x2, 0x88) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="66b9810000400f322ed30cbad104ec660f38df2b0fe21526660ff85e503ede1b0f20c06635000000800f22c0b800088ec00fae470b", 0x35}], 0x1, 0x51, &(0x7f00000001c0), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x129, 0x0, &(0x7f00000000c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:54 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000001c000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x15c) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 496.484428] *** Guest State *** [ 496.487914] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 496.497097] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 496.506419] CR3 = 0x0000000000000000 [ 496.510187] RSP = 0x0000000000000f80 RIP = 0x0000000000000045 [ 496.516467] RFLAGS=0x00000006 DR7 = 0x0000000000000400 [ 496.522648] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 496.529489] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 496.537690] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 496.545884] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 496.554068] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 496.562275] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 496.570321] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 00:34:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000080)={0x7b, 0x0, [0x40000002, 0x48]}) [ 496.578546] GDTR: limit=0x00000000, base=0x0000000000000000 [ 496.586754] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 496.594946] IDTR: limit=0x00000000, base=0x0000000000000000 [ 496.603130] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 496.611160] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 496.617763] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 496.625528] Interruptibility = 00000000 ActivityState = 00000000 00:34:54 executing program 4: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x40000, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000340)={@my=0x0}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000380)={0x0}, &(0x7f0000000400)=0x8) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000480)={r1}, 0x8) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a45320, &(0x7f0000000640)={{}, 'port0\x00', 0x0, 0x0, 0x2, 0x4, 0xffff, 0x1, 0xffffffff, 0x0, 0x3, 0x9}) accept4$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000300)=0x14, 0x800) gettid() process_vm_readv(0x0, &(0x7f0000000380), 0x0, &(0x7f0000000580), 0x0, 0x0) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x7fffffff) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000000c0)={r4, 0x1, 0x6, @link_local}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000540)=[@in={0x2, 0x0, @broadcast}], 0x10) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000600)=@flushsa={0x30, 0x1c, 0x2, 0x70bd28, 0x25dfdbfc, {0x3c}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x0, 0x1}}, @proto={0x8, 0x19, 0x32}, @replay_thresh={0x8, 0xb, 0x10001}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000094) recvfrom(r3, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) memfd_create(&(0x7f00000003c0)=' ', 0x0) [ 496.632393] *** Host State *** [ 496.635641] RIP = 0xffffffff812cf768 RSP = 0xffff8880b2fdf378 [ 496.641895] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 496.648417] FSBase=00007fc6cb877700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000 [ 496.656436] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 496.662531] CR0=0000000080050033 CR3=00000000b3e3e000 CR4=00000000001426f0 [ 496.669614] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260 [ 496.676495] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 00:34:54 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x34000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x18, 0x2e, 0x829, 0x0, 0x0, {0x3}, [@nested={0x4}]}, 0x18}}, 0x0) [ 496.682722] *** Control State *** [ 496.686236] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 496.693140] EntryControls=0000d1ff ExitControls=002fefff [ 496.698696] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 496.705828] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 496.712728] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005 [ 496.719368] reason=80000021 qualification=0000000000000000 [ 496.725889] IDTVectoring: info=00000000 errcode=00000000 [ 496.731389] TSC Offset = 0xfffffef0bf0f4558 [ 496.735914] EPT pointer = 0x000000019836b01e 00:34:54 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000380)={@empty, @remote}, &(0x7f0000000480)=0xfffffffffffffef1) r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x0, 0x4) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000008c0), 0xffffffffffffffff) r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)={&(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x8}, 0x10) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000540)=ANY=[], 0x0) fcntl$getown(r2, 0x9) r3 = semget(0x1, 0x0, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000700)=0x1) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x800, 0x0) semctl$SEM_INFO(r3, 0x5, 0x13, &(0x7f0000000080)=""/57) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000740)=ANY=[@ANYBLOB="418f0140f9ffc3ba9c10e551cedbde4274e0b1a4a1bcb7ec3f21696254fba606e23b1b0155f1"], &(0x7f0000000300)=0x1) fcntl$dupfd(0xffffffffffffffff, 0x406, r0) ioctl$IOC_PR_REGISTER(r4, 0x401870c8, &(0x7f00000003c0)={0x2, 0x401}) r5 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.sched_load_balance\x00', 0x2, 0x0) write$cgroup_int(r5, &(0x7f0000000040)=0x9000000000000000, 0xffffffffffffffcf) ioctl$BLKIOMIN(r1, 0x1278, &(0x7f0000000180)) faccessat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x8000000000000, 0x1100) 00:34:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:55 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000380)={@empty, @remote}, &(0x7f0000000480)=0xfffffffffffffef1) r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x0, 0x4) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000008c0), 0xffffffffffffffff) r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)={&(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x8}, 0x10) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000540)=ANY=[], 0x0) fcntl$getown(r2, 0x9) r3 = semget(0x1, 0x0, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000700)=0x1) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x800, 0x0) semctl$SEM_INFO(r3, 0x5, 0x13, &(0x7f0000000080)=""/57) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000740)=ANY=[@ANYBLOB="418f0140f9ffc3ba9c10e551cedbde4274e0b1a4a1bcb7ec3f21696254fba606e23b1b0155f1"], &(0x7f0000000300)=0x1) fcntl$dupfd(0xffffffffffffffff, 0x406, r0) ioctl$IOC_PR_REGISTER(r4, 0x401870c8, &(0x7f00000003c0)={0x2, 0x401}) r5 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.sched_load_balance\x00', 0x2, 0x0) write$cgroup_int(r5, &(0x7f0000000040)=0x9000000000000000, 0xffffffffffffffcf) ioctl$BLKIOMIN(r1, 0x1278, &(0x7f0000000180)) faccessat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x8000000000000, 0x1100) [ 497.073916] *** Guest State *** [ 497.077302] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 497.086489] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 497.095547] CR3 = 0x0000000000000000 [ 497.099316] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 497.105543] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 497.111812] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 497.119052] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 497.127361] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 497.135542] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 497.143803] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 497.152163] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 497.160217] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 00:34:55 executing program 2: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f00000000c0)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, &(0x7f0000000240)) chdir(&(0x7f0000000140)='./file0\x00') perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x14103e, 0x0) ftruncate(r0, 0x4000005) mmap(&(0x7f0000000000/0x600000)=nil, 0x600010, 0x800002, 0x4002011, r1, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) [ 497.168464] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 497.176646] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 497.184883] IDTR: limit=0x00000000, base=0x0000000000000000 [ 497.193057] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 497.201076] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 497.207832] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 497.215473] Interruptibility = 00000000 ActivityState = 00000000 [ 497.221911] *** Host State *** [ 497.225176] RIP = 0xffffffff812cf768 RSP = 0xffff8880b003f378 [ 497.231246] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 497.237948] FSBase=00007fc6cb856700 GSBase=ffff88821fd00000 TRBase=fffffe000003d000 [ 497.245940] GDTBase=fffffe000003b000 IDTBase=fffffe0000000000 [ 497.252026] CR0=0000000080050033 CR3=00000000b3e3e000 CR4=00000000001426e0 [ 497.259108] Sysenter RSP=fffffe000003c200 CS:RIP=0010:ffffffff8b001260 [ 497.265982] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 497.272188] *** Control State *** [ 497.275710] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 497.282824] EntryControls=0000d1ff ExitControls=002fefff [ 497.288357] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 497.295682] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 497.302584] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 497.309237] reason=80000021 qualification=0000000000000000 [ 497.315738] IDTVectoring: info=00000000 errcode=00000000 [ 497.321248] TSC Offset = 0xfffffef0bf0ecefd [ 497.325749] EPT pointer = 0x000000019836b01e 00:34:55 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x2812, r1, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1081}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$tun(r1, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x1) write$FUSE_DIRENTPLUS(r1, &(0x7f0000000300)=ANY=[@ANYBLOB='4'], 0x1) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 00:34:55 executing program 2: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="66b9810000400f322ed30cbad104ec660f38df2b0fe21526660ff85e503ede1b0f20c06635000000800f22c0b800088ec00fae470b", 0x35}], 0x1, 0x51, &(0x7f00000001c0), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x129, 0x0, &(0x7f00000000c0), 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:34:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:56 executing program 5: keyctl$session_to_parent(0x12) bind$alg(0xffffffffffffffff, &(0x7f0000001300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) recvmmsg(0xffffffffffffffff, &(0x7f0000006100), 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo\x00') getdents(r0, &(0x7f0000000240)=""/4096, 0x1000) 00:34:56 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f0000000040)=0x2000000, 0x10a0001ff) 00:34:56 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x8, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0xfefd}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000001c000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="6bae12ae00b880008ec8f30f2353660f6fea670f0fcfb6ba4200ec64f40f06ba420066b8df1301dc66efbad10466b8ca00000066ef", 0x35}], 0x1, 0x0, &(0x7f00000000c0), 0x15c) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x3f}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 00:34:56 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x34003}, 0xc, &(0x7f0000000100)={&(0x7f0000001e00)={0x14, 0x28, 0x40000000000829, 0x0, 0x0, {0x14}}, 0x14}}, 0x0) [ 498.118744] pic_ioport_write: 8 callbacks suppressed [ 498.118767] kvm: pic: level sensitive irq not supported [ 498.119688] kvm: pic: single mode not supported [ 498.141052] kvm: pic: single mode not supported [ 498.146358] kvm: pic: level sensitive irq not supported [ 498.158135] kvm: pic: level sensitive irq not supported [ 498.215016] kvm: pic: single mode not supported [ 498.220573] kvm: pic: level sensitive irq not supported [ 498.284037] kvm: pic: level sensitive irq not supported [ 498.306215] kvm: pic: level sensitive irq not supported [ 498.394545] kvm: pic: level sensitive irq not supported [ 498.401102] *** Guest State *** [ 498.410206] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 498.419380] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 498.428575] CR3 = 0x0000000000000000 [ 498.432563] RSP = 0x0000000000000f7a RIP = 0x0000000000008000 [ 498.438591] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 498.444849] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 498.451589] CS: sel=0x3000, attr=0x08093, limit=0xffffffff, base=0x0000000000030000 [ 498.459771] DS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 498.467970] SS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 498.476171] ES: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 498.484448] FS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 498.492630] GS: sel=0x0000, attr=0x08093, limit=0xffffffff, base=0x0000000000000000 [ 498.500694] GDTR: limit=0x00000000, base=0x0000000000000000 [ 498.508975] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 498.517167] IDTR: limit=0x00000000, base=0x0000000000000000 [ 498.525393] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 498.533563] EFER = 0x0000000000000000 PAT = 0x0007040600070406 00:34:56 executing program 5: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f00000004c0)='/dev/snd/seq\x00', 0x2) setxattr$trusted_overlay_redirect(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='trusted.overlay.redirect\x00', &(0x7f00000005c0)='./file0\x00', 0x8, 0x0) r1 = memfd_create(&(0x7f0000000400)="e83779d80efa45bb7f48bebc95870bd0cd39bd2830ee47afe7b33fc778bde252c50d2e", 0x0) r2 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) r3 = dup2(r2, r1) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, "7175657565310000000000000000313b0000000000000000000000000000000000000000060000000000ccbf7ddd00"}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r3, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) fstatfs(r0, &(0x7f0000005200)=""/4096) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x100, 0x0, 0x20}) [ 498.540030] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 498.547687] Interruptibility = 00000008 ActivityState = 00000000 [ 498.554107] *** Host State *** [ 498.557368] RIP = 0xffffffff812cf768 RSP = 0xffff8880b2f2f378 [ 498.564059] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 498.570584] FSBase=00007f4b20dba700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000 [ 498.578669] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 498.584769] CR0=0000000080050033 CR3=00000000afe9c000 CR4=00000000001426f0 [ 498.592044] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260 [ 498.598762] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 498.605012] *** Control State *** [ 498.608529] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 498.615461] EntryControls=0000d1ff ExitControls=002fefff [ 498.620979] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 498.628156] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 498.635039] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 00:34:56 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x3, "a0d229"}, &(0x7f0000000400)=0xb) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a45320, &(0x7f0000000640)={{}, 'port0\x00', 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9}) write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[], 0x7fffffff) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000540), 0x0) recvfrom(r1, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) [ 498.641938] reason=80000021 qualification=0000000000000000 [ 498.648309] IDTVectoring: info=00000000 errcode=00000000 [ 498.654028] TSC Offset = 0xfffffeefb9ae87de [ 498.658404] EPT pointer = 0x00000000b720601e 00:34:56 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000013c0)=""/4096, 0xb003}], 0x1, &(0x7f0000000100)=""/123, 0x7b}, 0x0) 00:34:57 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x4, "a0d229f7"}, &(0x7f0000000400)=0xc) setsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000480), 0x8) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a45320, &(0x7f0000000640)={{}, 'port0\x00', 0xd7ffb85c3231897d, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9}) accept4$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000300)=0x14, 0x0) process_vm_readv(0x0, &(0x7f0000000380), 0x0, &(0x7f0000000580), 0x0, 0x0) write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[], 0x7fffffff) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000000c0)={0x0, 0x1, 0x6, @link_local}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000540)=[@in={0x2, 0x0, @broadcast}], 0x10) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000600)=@flushsa={0x1c, 0x1c, 0x2, 0x0, 0x25dfdbfc, {}, [@proto={0x8, 0x19, 0x32}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) recvfrom(r1, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) memfd_create(&(0x7f00000003c0)=' ', 0x0) 00:34:57 executing program 0: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x1, 0x0) write$P9_RLERRORu(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="ff80"], 0x2) 00:34:58 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000480), 0x8) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a45320, &(0x7f0000000640)={{}, 'port0\x00', 0xd7ffb85c3231897d, 0x40000, 0x0, 0x4, 0xffff, 0x1, 0xffffffff}) write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[], 0x7fffffff) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000540), 0x0) recvfrom(r1, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) memfd_create(&(0x7f00000003c0)=' ', 0x0) 00:34:58 executing program 0: recvmsg$kcm(0xffffffffffffffff, &(0x7f00000025c0)={&(0x7f0000002240)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x1ff, &(0x7f0000000180), 0x0, &(0x7f00000024c0)=""/206, 0xce}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='projid_map\x00') preadv(r0, &(0x7f00000017c0), 0xef, 0x0) [ 501.076882] *** Guest State *** [ 501.080389] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 501.089588] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 501.098631] CR3 = 0x0000000000000000 [ 501.102570] RSP = 0x0000000000000f80 RIP = 0x0000000000000045 [ 501.108590] RFLAGS=0x00000006 DR7 = 0x0000000000000400 [ 501.114778] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 501.121758] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 501.129826] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 501.138285] SS: sel=0x0000, attr=0x00085, limit=0x00000000, base=0x0000000000000000 [ 501.146632] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 501.154898] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 501.163096] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 501.171119] GDTR: limit=0x00000000, base=0x0000000000000000 [ 501.179384] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 501.187567] IDTR: limit=0x00000000, base=0x0000000000000000 [ 501.195755] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 501.203922] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 501.210380] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 501.218035] Interruptibility = 00000000 ActivityState = 00000000 [ 501.224465] *** Host State *** [ 501.227711] RIP = 0xffffffff812cf768 RSP = 0xffff8880b2f2f378 [ 501.233938] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 501.240410] FSBase=00007f4b20dba700 GSBase=ffff88821fc00000 TRBase=fffffe0000003000 [ 501.248428] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 501.254530] CR0=0000000080050033 CR3=00000000afe9c000 CR4=00000000001426f0 [ 501.261799] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8b001260 [ 501.268515] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 501.274836] *** Control State *** [ 501.278345] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000ca [ 501.285233] EntryControls=0000d1ff ExitControls=002fefff [ 501.290738] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 501.297880] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 501.304760] VMExit: intr_info=00000000 errcode=00000000 ilen=00000005 [ 501.311393] reason=80000021 qualification=0000000000000000 [ 501.317923] IDTVectoring: info=00000000 errcode=00000000 [ 501.323560] TSC Offset = 0xfffffeee466643a1 [ 501.327930] EPT pointer = 0x000000011afd901e 00:34:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:34:59 executing program 0: syz_extract_tcp_res$synack(&(0x7f0000000040), 0x1, 0x0) 00:34:59 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x34, &(0x7f0000000000)=ANY=[@ANYBLOB="b7020000ff000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7030000000000006a0a00fe000000008500000026000000b70000000000000095000000000000009e842a43125c6818c6b42752d2df3f0e33976654b1c1faac6ca57b340000000039e2505aae59642ede882a2fd020f83b86bef2ebfe41c0457401e9c65000c6b16b21d5de8bf9589cea3d504fe50198fc743a29a5f5b3c69c8f7d7981cd1010d7b383fe92360c27edae4077a0a9a5a42121b941347a2d09b5f801580820638da0c4fdef59e85ff84f64b5f5ac5a817bc7992dc74d39c80449f293f35ea5bed86512e3518bcd02afbbebe6636e7d2c7b5d923acb7ae069df084c4815c5705899c423b8c769b8dde2d7812d236aa8d010fde8f8ee07acb752b0563bb2807c328fa4f6c76270908b58d3e1f468ef20ce77f07a861817ad9af27e9f1651888425ed4f6decc7c0473df90e5a037f00dd040584afb16c1acd0136b5fc1b971abba8c97f7c5fc7987e664ee1054d2f7f3d30f947a5a9"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r1, 0x0, 0x81, 0xd7, &(0x7f0000000500)="161e204aec0c3c5d40ff00e100432faf583fec4978c60c5f959f1365ab43b5e707ebf96b2e8c1e0df7d586d7197f7b69e4b8abcc82fc1f42332cb172505581194f3af0f081ee9065f70510213144a968e07472afcc39aaf7a81df7d40d06ffff40d0324280e2f86e7b291889d14417f417e00d1854ece57733fc40576fa9a92e52", &(0x7f0000000640)=""/215, 0x8000000000004000}, 0x28) 00:34:59 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0xe) syz_kvm_setup_cpu$x86(r4, r3, &(0x7f000000d000/0x18000)=nil, &(0x7f00000003c0)=[@text64={0x40, &(0x7f0000000300)="c4e12dfbf60f3066bad00466edb8010000000f01d9b97b0a0000b80e640000ba000000000f3066baf80cb8f4fbbe86ef66bafc0c66ed66b87a008ec80f01c3410f30660ffa8e08fcfdff", 0x4a}], 0xaaaaaaaaaaaaabc, 0x0, &(0x7f0000000400), 0x1029) 00:34:59 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-simd\x00'}, 0x58) r2 = accept4(r1, 0x0, &(0x7f00000000c0)=0x141, 0x0) sendmsg$rds(r2, &(0x7f0000001f00)={&(0x7f00000003c0)={0x10, 0x0, @multicast2}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000500)=""/73, 0x7ffff000}, {&(0x7f0000000580)=""/11, 0xb}, {&(0x7f00000005c0)=""/30, 0x1e}, {&(0x7f0000000600)=""/127, 0x7f}], 0x4, &(0x7f0000001bc0)}, 0x0) [ 506.902395] not chained 170000 origins [ 506.906335] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.20.0-rc2+ #85 [ 506.911691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 506.911691] Call Trace: [ 506.911691] [ 506.911691] dump_stack+0x32d/0x480 [ 506.911691] kmsan_internal_chain_origin+0x222/0x240 [ 506.911691] ? kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] ? __msan_chain_origin+0x6d/0xb0 [ 506.911691] ? __save_stack_trace+0x8be/0xc60 [ 506.911691] ? save_stack_trace+0xc6/0x110 [ 506.911691] ? kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] ? kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] ? __msan_memcpy+0x6f/0x80 [ 506.911691] ? pskb_expand_head+0x436/0x1d20 [ 506.911691] ? __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] ? tcp_retransmit_skb+0xa4/0x430 [ 506.911691] ? tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] ? tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] ? tcp_write_timer+0x139/0x250 [ 506.911691] ? call_timer_fn+0x356/0x7c0 [ 506.911691] ? __run_timers+0xe95/0x1300 [ 506.911691] ? run_timer_softirq+0x55/0xa0 [ 506.911691] ? __do_softirq+0x721/0xc7f [ 506.911691] ? irq_exit+0x305/0x340 [ 506.911691] ? exiting_irq+0xe/0x10 [ 506.911691] ? smp_apic_timer_interrupt+0x64/0x90 [ 506.911691] ? apic_timer_interrupt+0xf/0x20 [ 506.911691] ? default_idle+0x3f/0x80 [ 506.911691] ? arch_cpu_idle+0x26/0x30 [ 506.911691] ? do_idle+0x3e4/0x9b0 [ 506.911691] ? cpu_startup_entry+0x45/0x50 [ 506.911691] ? x86_64_start_kernel+0x4b/0x87 [ 506.911691] ? x86_64_start_kernel+0x84/0x87 [ 506.911691] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 506.911691] ? __module_address+0x6a/0x5f0 [ 506.911691] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 506.911691] ? in_task_stack+0x12c/0x210 [ 506.911691] ? get_stack_info+0x206/0x220 [ 506.911691] __msan_chain_origin+0x6d/0xb0 [ 506.911691] ? default_idle+0x3f/0x80 [ 506.911691] __save_stack_trace+0x8be/0xc60 [ 506.911691] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 506.911691] ? default_idle+0x3f/0x80 [ 506.911691] save_stack_trace+0xc6/0x110 [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] ? default_idle+0x3f/0x80 [ 506.911691] ? kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] ? kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] ? __msan_memcpy+0x6f/0x80 [ 506.911691] ? pskb_expand_head+0x436/0x1d20 [ 506.911691] ? __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] ? tcp_retransmit_skb+0xa4/0x430 [ 506.911691] ? tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] ? tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] ? tcp_write_timer+0x139/0x250 [ 506.911691] ? call_timer_fn+0x356/0x7c0 [ 506.911691] ? __run_timers+0xe95/0x1300 [ 506.911691] ? run_timer_softirq+0x55/0xa0 [ 506.911691] ? __do_softirq+0x721/0xc7f [ 506.911691] ? irq_exit+0x305/0x340 [ 506.911691] ? exiting_irq+0xe/0x10 [ 506.911691] ? smp_apic_timer_interrupt+0x64/0x90 [ 506.911691] ? apic_timer_interrupt+0xf/0x20 [ 506.911691] ? default_idle+0x3f/0x80 [ 506.911691] ? arch_cpu_idle+0x26/0x30 [ 506.911691] ? do_idle+0x3e4/0x9b0 [ 506.911691] ? cpu_startup_entry+0x45/0x50 [ 506.911691] ? rest_init+0x1d7/0x200 [ 506.911691] ? arch_call_rest_init+0x13/0x15 [ 506.911691] ? start_kernel+0xa5f/0xc5a [ 506.911691] ? x86_64_start_reservations+0x1e/0x34 [ 506.911691] ? x86_64_start_kernel+0x84/0x87 [ 506.911691] ? secondary_startup_64+0xa4/0xb0 [ 506.911691] ? __msan_get_context_state+0x9/0x20 [ 506.911691] ? INIT_INT+0xc/0x30 [ 506.911691] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 506.911691] ? ipv4_dst_check+0x1aa/0x2a0 [ 506.911691] kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] __msan_memcpy+0x6f/0x80 [ 506.911691] pskb_expand_head+0x436/0x1d20 [ 506.911691] __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] ? acpi_pm_read_slow+0x100/0x100 [ 506.911691] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 506.911691] ? ktime_get_with_offset+0x344/0x4e0 [ 506.911691] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 506.911691] ? tcp_enter_loss+0x14f6/0x15b0 [ 506.911691] tcp_retransmit_skb+0xa4/0x430 [ 506.911691] tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 506.911691] tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] tcp_write_timer+0x139/0x250 [ 506.911691] call_timer_fn+0x356/0x7c0 [ 506.911691] ? tcp_init_xmit_timers+0x130/0x130 [ 506.911691] __run_timers+0xe95/0x1300 [ 506.911691] ? tcp_init_xmit_timers+0x130/0x130 [ 506.911691] run_timer_softirq+0x55/0xa0 [ 506.911691] ? timers_dead_cpu+0xb70/0xb70 [ 506.911691] __do_softirq+0x721/0xc7f [ 506.911691] irq_exit+0x305/0x340 [ 506.911691] exiting_irq+0xe/0x10 [ 506.911691] smp_apic_timer_interrupt+0x64/0x90 [ 506.911691] apic_timer_interrupt+0xf/0x20 [ 506.911691] [ 506.911691] RIP: 0010:default_idle+0x3f/0x80 [ 506.911691] Code: 04 00 00 00 e8 72 2c 1f f7 65 8b 34 25 20 a1 02 00 c7 03 00 00 00 00 c7 43 08 00 00 00 00 bf 01 00 00 00 e8 b3 2b 57 f6 fb f4 <48> c7 c7 20 a1 02 00 be 04 00 00 00 e8 40 2c 1f f7 65 8b 34 25 20 [ 506.911691] RSP: 0018:ffffffff8be0fda0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 506.911691] RAX: 504c5b1cf42b3800 RBX: ffffffff8be36c08 RCX: 0000000000000000 [ 506.911691] RDX: ffff8881fbb60d88 RSI: 0000160000000000 RDI: 0000000000000000 [ 506.911691] RBP: ffffffff8be0fda8 R08: ffff888000000000 R09: 0000000000000002 [ 506.911691] R10: 0000000000000000 R11: ffffffff8aea5010 R12: ffffffff8be36280 [ 506.911691] R13: 0000000000000000 R14: ffffffff8be36c08 R15: ffffffff8be0fe00 [ 506.911691] ? __cpuidle_text_start+0x8/0x8 [ 506.911691] ? __cpuidle_text_start+0x8/0x8 [ 506.911691] arch_cpu_idle+0x26/0x30 [ 506.911691] do_idle+0x3e4/0x9b0 [ 506.911691] cpu_startup_entry+0x45/0x50 [ 506.911691] rest_init+0x1d7/0x200 [ 506.911691] arch_call_rest_init+0x13/0x15 [ 506.911691] start_kernel+0xa5f/0xc5a [ 506.911691] x86_64_start_reservations+0x1e/0x34 [ 506.911691] x86_64_start_kernel+0x84/0x87 [ 506.911691] secondary_startup_64+0xa4/0xb0 [ 506.911691] Uninit was stored to memory at: [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] __msan_chain_origin+0x6d/0xb0 [ 506.911691] __save_stack_trace+0x8be/0xc60 [ 506.911691] save_stack_trace+0xc6/0x110 [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] __msan_memcpy+0x6f/0x80 [ 506.911691] pskb_expand_head+0x436/0x1d20 [ 506.911691] __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] tcp_retransmit_skb+0xa4/0x430 [ 506.911691] tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] tcp_write_timer+0x139/0x250 [ 506.911691] call_timer_fn+0x356/0x7c0 [ 506.911691] __run_timers+0xe95/0x1300 [ 506.911691] run_timer_softirq+0x55/0xa0 [ 506.911691] __do_softirq+0x721/0xc7f [ 506.911691] [ 506.911691] Uninit was stored to memory at: [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] __msan_chain_origin+0x6d/0xb0 [ 506.911691] __save_stack_trace+0x8be/0xc60 [ 506.911691] save_stack_trace+0xc6/0x110 [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] __msan_memcpy+0x6f/0x80 [ 506.911691] pskb_expand_head+0x436/0x1d20 [ 506.911691] __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] tcp_retransmit_skb+0xa4/0x430 [ 506.911691] tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] tcp_write_timer+0x139/0x250 [ 506.911691] call_timer_fn+0x356/0x7c0 [ 506.911691] __run_timers+0xe95/0x1300 [ 506.911691] run_timer_softirq+0x55/0xa0 [ 506.911691] __do_softirq+0x721/0xc7f [ 506.911691] [ 506.911691] Uninit was stored to memory at: [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] __msan_chain_origin+0x6d/0xb0 [ 506.911691] __save_stack_trace+0x8be/0xc60 [ 506.911691] save_stack_trace+0xc6/0x110 [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] __msan_memcpy+0x6f/0x80 [ 506.911691] pskb_expand_head+0x436/0x1d20 [ 506.911691] __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] tcp_retransmit_skb+0xa4/0x430 [ 506.911691] tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] tcp_write_timer+0x139/0x250 [ 506.911691] call_timer_fn+0x356/0x7c0 [ 506.911691] __run_timers+0xe95/0x1300 [ 506.911691] run_timer_softirq+0x55/0xa0 [ 506.911691] __do_softirq+0x721/0xc7f [ 506.911691] [ 506.911691] Uninit was stored to memory at: [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] __msan_chain_origin+0x6d/0xb0 [ 506.911691] __save_stack_trace+0x8be/0xc60 [ 506.911691] save_stack_trace+0xc6/0x110 [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] __msan_memcpy+0x6f/0x80 [ 506.911691] pskb_expand_head+0x436/0x1d20 [ 506.911691] __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] tcp_retransmit_skb+0xa4/0x430 [ 506.911691] tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] tcp_write_timer+0x139/0x250 [ 506.911691] call_timer_fn+0x356/0x7c0 [ 506.911691] __run_timers+0xe95/0x1300 [ 506.911691] run_timer_softirq+0x55/0xa0 [ 506.911691] __do_softirq+0x721/0xc7f [ 506.911691] [ 506.911691] Uninit was stored to memory at: [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] __msan_chain_origin+0x6d/0xb0 [ 506.911691] __save_stack_trace+0x8be/0xc60 [ 506.911691] save_stack_trace+0xc6/0x110 [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] __msan_memcpy+0x6f/0x80 [ 506.911691] pskb_expand_head+0x436/0x1d20 [ 506.911691] __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] tcp_retransmit_skb+0xa4/0x430 [ 506.911691] tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] tcp_write_timer+0x139/0x250 [ 506.911691] call_timer_fn+0x356/0x7c0 [ 506.911691] __run_timers+0xe95/0x1300 [ 506.911691] run_timer_softirq+0x55/0xa0 [ 506.911691] __do_softirq+0x721/0xc7f [ 506.911691] [ 506.911691] Uninit was stored to memory at: [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] __msan_chain_origin+0x6d/0xb0 [ 506.911691] __save_stack_trace+0x8be/0xc60 [ 506.911691] save_stack_trace+0xc6/0x110 [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] __msan_memcpy+0x6f/0x80 [ 506.911691] pskb_expand_head+0x436/0x1d20 [ 506.911691] __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] tcp_retransmit_skb+0xa4/0x430 [ 506.911691] tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] tcp_write_timer+0x139/0x250 [ 506.911691] call_timer_fn+0x356/0x7c0 [ 506.911691] __run_timers+0xe95/0x1300 [ 506.911691] run_timer_softirq+0x55/0xa0 [ 506.911691] __do_softirq+0x721/0xc7f [ 506.911691] [ 506.911691] Uninit was stored to memory at: [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] __msan_chain_origin+0x6d/0xb0 [ 506.911691] __save_stack_trace+0x8be/0xc60 [ 506.911691] save_stack_trace+0xc6/0x110 [ 506.911691] kmsan_internal_chain_origin+0x136/0x240 [ 506.911691] kmsan_memcpy_origins+0x13d/0x190 [ 506.911691] __msan_memcpy+0x6f/0x80 [ 506.911691] pskb_expand_head+0x436/0x1d20 [ 506.911691] __tcp_retransmit_skb+0xdf6/0x46c0 [ 506.911691] tcp_retransmit_skb+0xa4/0x430 [ 506.911691] tcp_retransmit_timer+0x341b/0x4910 [ 506.911691] tcp_write_timer_handler+0x51d/0xe80 [ 506.911691] tcp_write_timer+0x139/0x250 [ 506.911691] call_timer_fn+0x356/0x7c0 [ 506.911691] __run_timers+0xe95/0x1300 [ 506.911691] run_timer_softirq+0x55/0xa0 [ 506.911691] __do_softirq+0x721/0xc7f [ 506.911691] [ 506.911691] Local variable description: ----v.addr.i.i.i.i.i@memcg_kmem_put_cache [ 506.911691] Variable was created at: [ 506.911691] memcg_kmem_put_cache+0x73/0x460 [ 506.911691] __kmalloc+0x3e2/0x4d0 00:35:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:35:23 executing program 5: 00:35:23 executing program 2: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0xaf01, &(0x7f00001e3000)) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f00000000c0)=0xffffffffffffff9c) 00:35:23 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:35:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 525.905676] kvm: pic: level sensitive irq not supported [ 525.907006] kvm: pic: single mode not supported [ 525.924026] kvm: pic: single mode not supported 00:35:24 executing program 5: [ 525.928999] kvm: pic: level sensitive irq not supported [ 525.970272] kvm: pic: level sensitive irq not supported [ 525.993557] kvm: pic: single mode not supported [ 525.998997] kvm: pic: level sensitive irq not supported 00:35:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:35:24 executing program 2: [ 526.035301] kvm: pic: level sensitive irq not supported [ 526.064244] kvm: pic: level sensitive irq not supported 00:35:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:24 executing program 5: 00:35:24 executing program 2: 00:35:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:35:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:35:24 executing program 5: 00:35:24 executing program 4: 00:35:25 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x0) write$FUSE_OPEN(r0, &(0x7f0000000780)={0x20, 0x0, 0x0, {0x0, 0x4}}, 0x20) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}], r3}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x0, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r5, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="a56a8df0ff24be188529f003e0", 0xd, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={[], [], @multicast2}}, 0x1c) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xffffffffffffffff]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x0, r3}, {0x2, 0x2, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x5c, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:35:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x10000000000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4040aea0, &(0x7f0000000200)=ANY=[@ANYBLOB="06000000000000000b00004000000000bb43000007"]) 00:35:25 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x7, &(0x7f0000000100)) setpriority(0x0, r1, 0x10000) r2 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x81) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000500)=@v3, 0x18, 0x2) write$FUSE_OPEN(r0, &(0x7f0000000780)={0x20, 0x0, 0x0, {0x0, 0x4}}, 0x20) setxattr$security_capability(&(0x7f0000000600)='./file0\x00', &(0x7f0000000d00)='security.capability\x00', &(0x7f0000000c40)=@v3={0x3000000, [{}, {0x90c, 0x3f5d}], r3}, 0x18, 0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f00000002c0)=r1) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='./file0\x00') ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000ac0)=[&(0x7f0000000b00)='z@\x00', &(0x7f0000000a80)='\x00'], &(0x7f0000000ac0)) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000a40)={0x0, 0x9}, &(0x7f0000000b40)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000b80)={r4, @in={{0x2, 0x0, @local}}}, 0x84) r5 = socket(0x2000000011, 0x3, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000600)=[0xfd, 0x8000000000000006]) setsockopt$sock_int(r5, 0x1, 0xc, &(0x7f00000005c0)=0x7, 0xffffffffffffffe4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="a56a8df0ff24be188529f003e0", 0xd, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={[], [], @multicast2}}, 0x1c) getgroups(0x2, &(0x7f0000000840)=[0x0, 0xffffffffffffffff]) setxattr$system_posix_acl(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r3}, {0x2, 0x0, r3}, {0x2, 0x1, r3}, {0x2, 0x0, r3}, {0x2, 0x7, r3}, {0x2, 0x0, r3}, {0x2, 0x2, r3}], {0x4, 0x7}, [], {0x10, 0x2}}, 0x5c, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x40000) 00:35:25 executing program 2: perf_event_open(&(0x7f0000000d40)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x15, 0xa, 0x7fffffff) bind$inet(r0, &(0x7f0000000080)={0x2, 0x20, @local}, 0x10) getsockopt$inet_mreqsrc(r0, 0x0, 0x2f, &(0x7f0000000180)={@empty, @multicast2, @local}, &(0x7f00000001c0)=0xc) r1 = socket$inet(0x2, 0x80006, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000440)={'filter\x00', 0x4}, 0x68) r2 = syz_open_dev$amidi(&(0x7f0000000400)='/dev/amidi#\x00', 0x9b2, 0x10103f) setsockopt$bt_BT_SNDMTU(r2, 0x112, 0xc, &(0x7f0000000380), 0x2) r3 = dup(r0) r4 = accept$inet6(r2, 0x0, &(0x7f0000000000)) getsockopt$inet6_udp_int(r4, 0x11, 0x65, &(0x7f0000000040), &(0x7f00000000c0)=0x4) ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000340)='dummy0\x00') fsetxattr$security_smack_entry(r3, &(0x7f0000000200)='security.SMACK64MMAP\x00', &(0x7f0000000500)='dummy0\x00', 0x7, 0x3) getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000240)=@assoc_value, &(0x7f0000000280)=0x8) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000300), 0x4) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000002c0), 0x8) connect$inet(0xffffffffffffffff, &(0x7f00000004c0)={0x2, 0x0, @remote}, 0x10) write(0xffffffffffffffff, &(0x7f0000000200), 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000003c0)) bind$inet(r1, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000080)=0x2, 0x4) connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 00:35:25 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000e4c000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) r3 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) lseek(r2, 0x0, 0x3) timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000080)) tkill(r3, 0x1004000000016) close(r1) 00:35:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:35:26 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000740)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20-simd\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f00000001c0)=ANY=[@ANYRESHEX], 0xfc85) openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2200, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000040)={0x1, 0x10000000000007, 0x8dfa}) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000001d80)=""/4096, 0xfc85}], 0x1) 00:35:26 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") clock_adjtime(0x0, &(0x7f0000000080)={0x7bc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xff, 0x0, 0x401, 0x5, 0x1, 0x7, 0x4, 0x54a1, 0x6, 0x9, 0x1, 0x237, 0xfffffffffffffffa, 0x200, 0x9, 0x6, 0x3, 0x1, 0x4b}) 00:35:26 executing program 3: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xa17a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)) r0 = socket(0x10, 0x2, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000140)=0x7b, 0x4) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast}, 0x10) getxattr(&(0x7f0000000100)='./file0\x00', &(0x7f00000036c0)=ANY=[], &(0x7f0000000340)=""/140, 0x8c) sendto$inet(r1, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000003a80)={&(0x7f0000f2b000/0x1000)=nil, 0x1000}, &(0x7f0000000440)=0xfffffffffffffdde) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f0000001800)=[{&(0x7f0000000600)="80f17a0b8c8970cad4e7c2198c830f262255157995a738328a6ea456e2363942b6223ced8e1d157847f0c1b27a6f790486384b94faefd0dfba2444691133054cc3c8e8e0c3448446a3c2b9f6f110a48d3902d829438729dc7496c17992daebf777fcec616e2ab5ee4386fc35ddb3c5be77d95c0fffaf93cd81c953d311d52830de1d0e9e0df27d08c3fd370198119340781d16aafdfe831593becee6a47cb0fc059d70333ded95e2eb745ff068798a7f26f16839020454432ad0db8fad8c6f345d112e5a6324307d2828ab93a8466da7e80f1a9a4e52857001931223755f7cfb153a98e80cf6b91cf3b9d6634bb2a11f78cc4b3e54a5ac1f17ba23f8eae550c41ab7fcfb549b1791b61093ef140b2b4974e454654ecf5d28797058e196c632fe4f8b71816b2e3c766121499ac4ccdabdbb8c2c57d4a2b5a2e123d0eba31d36285709a22bbdd00e1da947b486f23cdf7453fb1ea5a4775d4dd315e6555ca87c6326efe9bf74b8daecd441eec2ac284d3c062ca8db46acd4e54eafd2cfe5871feac2ba09f31813b44eb3de3515a7b702ee6e0858841ebaddbc8a01d8bfc444c7c0d5d9829a7f61063e31f4fbdef237ff9d4809dcb115c5ffd86af35d1d2edadae8d793a6a0b37adff41ba5a7188e3d46764a5f242fc20b3f44ec5d18ff251b231135c066b9ab5b889b0774613a5dc7a6d6ad5e2d6d095b610f674be6ac519c7d19be29ddccdfe3bf7ea744230ff61d1f3657407d2cc64a4a432cb843d91f98e39f96f47fbd513a12d4a40bd7e15b5910792bea8f197731950245000a99787b4d267c70852d07c94c280f17934214c64677bb5c3c6a996f4d20fbf54f520ed7575f66cd07aa2e14423134962f73d86bce9eb93c697f66adeb655b7898d1f9e66a045f421937f85c251cd510614d3f5f8ca6230d4e04e3e9f36f73f8484749ac03c6b657e81cc9a201817e44f8cad068d100c2ae02c521a83d7bd5f26d8eb9de2f769a356a4adbcbb4425f66293ad1f49851c233a3a64f474860bd6e78b9edb66e259358fd322140140341245fb111b95c9b2e4b6b63b82e711b59d65b06b70ec3ac731d916a5b9f3d4c84c63c4e25db1ca40b2662e0d03327ea4f82d4d19b65527d48859ae051f6c7726bd84ceb1f8c40cbaeb08ecd0fd6aa1367b62f4c41d85525b4c4d39c0f314d88bb1c63554c199bc5f2c8aed9d2b4e864e232107e28658a612fb8589105b00004308fe4635e3a20cc44ba33557a8c3dbba28d78c5390b6a1e292bbdd4ada2244c87a4135c9dd3a426908b9aeed9adff063fa6fc056b7587e3afc5390bd5f1069db6277e3a84282157c1d4fc8c9326efd496659955724cccf7f0ac6d767dfc9511bcc3b51ab7061a35a24310b1f7b0b003f132360fc2f0df5a0ccc27bcba0395fc3ff3842071f0a4dc2debdc1becfffc9f0519e323f5d9793274b0e5eac4be6da21055b44e3db6ab0bb550cfa7305a78a840e1e46b29ffc4f337b1c6165aaf284290f69a620fe2dc9cdc6db45dec913ab4d083d77207439e758c156a39299872b288c9f18d13e8ae0284e132ddf77140b4d4a1c8b5f2c93359efcf948dbd92338fa90641069b479ce2a2ade41edb50f32dbc746903fc41d9b6c0c478848f8c60e1c77a6fd41f4a859609b944350543a4694c913d8cd8ebf9209615b9a1b726d50e1ed2e810ccb2ed4340eb30d27b22120292057a8c11dc888825c97f2ba1d558246bc5d972c141eb8633592bd3246962f08a5595ae01220b7a78bc7a090d1ccc8613537f766e4e9602685bd00aa5ad7309f5883bcecd75b65b341508a5beee817be3fde4b38cc6da3be077760693023a4295", 0x519}], 0x1, 0x0, 0x0, 0x800}, 0x44804) r2 = syz_open_dev$sndtimer(&(0x7f00000001c0)='/dev/snd/timer\x00', 0x0, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x1000, 0x0) rt_sigprocmask(0x0, &(0x7f0000000240), &(0x7f0000000280), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000000)={{0x1, 0x0, 0x0, 0xfffffffffffffffd}}) bind$inet(r1, &(0x7f0000000300)={0x2, 0x4e23, @local}, 0xc7bb8b5be4aa9d1c) read(r1, &(0x7f0000000200)=""/225, 0xe1) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shutdown(r1, 0x1) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000003b40)=ANY=[@ANYBLOB="ac1414bb00000000ff000000000000ff69705f76746930000000000000000000626f6e645f736c6176655f3100000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007b00000600000000000000000000000000009800d00000000000000000000000000000000000000000000000000038004d41535155455241444500000000000000000000000000000000000000000100000001000000ac1414aaffffffff4e20ffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800e0000000000000000000000000000000000000000000000000004800444e41540000000000000000000000000000000000000000000000000001080000007f000001000000000000000000000000ff0100000000000000000000000000014e214e24000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d0000000000000000000000000000000000000000000000000003800534e415400000000000000000000000000000000000000000000000000000100000000000000e0000001ffffffff006701000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000f800000000000000000000000000000000000000000000000000280064736370000000000000000000000000000000000000000000000000000001010000000000003800534e415400000000000000000000000000000000000000000000000000000100000008000000ac141419e00000010064040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x1) ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0) ioctl$sock_proto_private(r1, 0x89e8, &(0x7f0000003880)="de743a257cc1de0f1c046f7032316ca3c6b3d6128f76") getresuid(&(0x7f0000003fc0), &(0x7f0000000bc0), &(0x7f0000003f80)) r3 = add_key$user(&(0x7f0000000b40)='user\x00', &(0x7f0000000b80)={'syz', 0x1}, &(0x7f0000004000)="c2ca8f1af51189d9c651206f49a5dba143532173972f6a78676c62e8460e0bc550966d8e7f8970828da2a3c018bc4be55c57042835df7761708ba49cabaf0801f72f68dc970f8eaa94a10eecc0819fabe79250889f184dd08cf7816df47fe603445489e3eafce6e267f7aceb1bb19d69628bbd9529bf5119d5253856f15013da17c81dd4549b6b2c98eea4770c93d4f667f1bbd925616803df0f67403538cf404bc563861d6609ee5e16", 0xaa, 0xfffffffffffffffe) r4 = request_key(&(0x7f0000004780)='id_resolver\x00', &(0x7f00000047c0)={'syz', 0x2}, &(0x7f0000004800)='proc+\x00', 0xfffffffffffffff8) keyctl$instantiate_iov(0x14, r3, &(0x7f00000046c0)=[{&(0x7f0000004640)="5dbdddfd40fd033fffb65a6b6cab6cd9b465aa8b5372404713f4cd7235524fa6b5d71ff96d9fb0c54eff5ce5feee9673f36fae342d15e0ac0d4956228dbedb795a10afcdb24eee475775feff98ad1affe87cfc8bc6fa", 0x56}], 0x1, r4) setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, &(0x7f00000038c0)={0xff, @multicast2, 0x4e21, 0x2, 'rr\x00', 0x8, 0xff, 0xb}, 0x2c) lstat(&(0x7f0000000c40)='./file0\x00', &(0x7f0000000c80)) 00:35:26 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240)='/dev/net/tun\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='wlan1-\x00'}, 0x10) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffff9c, 0xc00c642e, &(0x7f0000000380)) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000540)={0x0, 0xffffffffffffffff}, 0xc) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080), 0xc) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000280)) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x18, &(0x7f0000000c00)=ANY=[@ANYBLOB="bf1600000000000085100000050000006d00000000000000bf610000000000008510000002000000bf0100000000000095000000000000001501000000000000b700000040000000950000000000000031c437ac4696e15962e46f53ccc25148c13bb65bcea7aed5b7e939599c2824af045665301d9f8f40e14575f5365778b74360b25d108b9521f6a9364d77de4689af69e6d3884b4bcc84015ade6453139f2803e337d3e8644e6b3da6f69ccde136f9f0f8d746b3da106a54e302d664f2725c"], &(0x7f0000000100)='GPL\x00'}, 0x48) syz_open_dev$evdev(&(0x7f0000000400)='/dev/input/event#\x00', 0x7, 0x0) close(r0) mkdirat(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x100) perf_event_open(&(0x7f00000004c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480)}, 0x20, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x5, 0xffffffffffffffff, 0x0) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x6, 0x400000) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000640)=ANY=[@ANYBLOB="040000000000000002004e21ac141412000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000002004e20ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200bf97ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e217f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e230000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e20e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e21e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065e8efb1a83efb85c97e3918aaded6a5b6a5fce9a671aa6dac16bb5b75259067e5d3c765e7e2a0bb271c8f921fdc8aa19d6bc442838cf204272649d2fe12d438901751ffdbfa09806dc820496948e39df7e76fef5f8fd8983a3c6937b0a6aeae99e877b67d90a991bb6772480ceb27cbaea8347eb86a2893437727049258504e34da8e222d4058"], 0x1) 00:35:26 executing program 0: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = gettid() wait4(0x0, &(0x7f00000003c0), 0x80000000, &(0x7f0000000340)) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1b) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0xa, 0x11}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 526.126344] kvm: pic: level sensitive irq not supported [ 528.676008] IPVS: set_ctl: invalid protocol: 255 224.0.0.2:20001 00:35:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:26 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) get_mempolicy(&(0x7f0000000180), &(0x7f0000000280), 0xa1d, &(0x7f0000ffd000/0x3000)=nil, 0x3) 00:35:27 executing program 0: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x7b, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f0000001800)=[{&(0x7f0000000600)="80f17a0b8c8970cad4e7c2198c830f262255157995a738328a6ea456e2363942b6223ced8e1d157847f0c1b27a6f790486384b94faefd0dfba2444691133054cc3c8e8e0c3448446a3c2b9f6f110a48d3902d829438729dc7496c17992daebf777fcec616e2ab5ee4386fc35ddb3c5be77d95c0fffaf93cd81c953d311d52830de1d0e9e0df27d08c3fd370198119340781d16aafdfe831593becee6a47cb0fc059d70333ded95e2eb745ff068798a7f26f16839020454432ad0db8fad8c6f345d112e5a6324307d2828ab93a8466da7e80f1a9a4e52857001931223755f7cfb153a98e80cf6b91cf3b9d6634bb2a11f78cc4b3e54a5ac1f17ba23f8eae550c41ab7fcfb549b1791b61093ef140b2b4974e454654ecf5d28797058e196c632fe4f8b71816b2e3c766121499ac4ccdabdbb8c2c57d4a2b5a2e123d0eba31d36285709a22bbdd00e", 0x147}], 0x1, 0x0, 0x0, 0x800}, 0x44804) 00:35:27 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000f97000/0x1000)=nil, 0x1000, 0xc) clone(0x0, &(0x7f0000000040), &(0x7f00000001c0), &(0x7f0000000000), &(0x7f0000000240)) 00:35:27 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000f97000/0x1000)=nil, 0x1000, 0xc) 00:35:27 executing program 3: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x7b, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f0000001800)=[{&(0x7f0000000600)="80f17a0b8c8970cad4e7c2198c830f262255157995a738328a6ea456e2363942b6223ced8e1d157847f0c1b27a6f790486384b94faefd0dfba2444691133054cc3c8e8e0c3448446a3c2b9f6f110a48d3902d829438729dc7496c17992daebf777fcec616e2ab5ee4386fc35ddb3c5be77d95c0fffaf93cd81c953d311d52830de1d0e9e0df27d08c3fd370198119340781d16aafdfe831593becee6a47cb0fc059d70333ded95e2eb745ff068798a7f26f16839020454432ad0db8fad8c6f345d112e5a6324307d2828ab93a8466da7e80f1a9a4e52857001931223755f7cfb153a98e80cf6b91cf3b9d6634bb2a11f78cc4b3e54a5ac1f17ba23f8eae550c41ab7fcfb549b1791b61093ef140b2b4974e454654ecf5d28797058e196c632fe4f8b71816b2e3c766121499ac4ccdabdbb8c2c57d4a2b5a2e123d0eba31d36285709a22bbdd00e1da947b486f23cdf7453fb1ea5a4775d4dd315e6555ca87c6326efe9bf74b8daecd441eec2ac284d3c062ca8db46acd4e54eafd2cfe5871feac2ba09f31813b44eb3de3515a7b702ee6e0858841ebaddbc8a01d8bfc444c7c0d5d9829a7f61063e31f4fbdef237ff9d4809dcb115c5ffd86af35d1d2edadae8d793a6a0b37adff41ba5a7188e3d46764a5f242fc20b3f44ec5d18ff251b231135c066b9ab5b889b0774613a5dc7a6d6ad5e2d6d095b610f674be6ac519c7d19be29ddccdfe3bf7ea744230ff61d1f3657407d2cc64a4a432cb843d91f98e39f96f47fbd513a12d4a40bd7e1", 0x22c}], 0x1}, 0x44804) 00:35:27 executing program 5: syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x4, 0x0, @local, @local, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f0000000000)) 00:35:27 executing program 0: memfd_create(&(0x7f0000000280)="2da5c0bd54fbcb170b76ce102b2727242c5b7586657273656c662a6d696d655f74797065402600", 0x4000020000005) 00:35:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:27 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 00:35:28 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x10000000000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000a40)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10010174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c888c9ff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4040aea0, &(0x7f0000000200)=ANY=[@ANYBLOB="06000000000000000b00004000000000bb43000007"]) dup2(r2, r3) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") 00:35:28 executing program 3: creat(&(0x7f0000000080)='./file0\x00', 0x0) link(&(0x7f0000000180)='./file0/file0/file0\x00', &(0x7f0000000100)='./file0/file0/file0\x00') lchown(&(0x7f00000000c0)='./file0/file0/file0\x00', 0x0, 0x0) 00:35:28 executing program 0: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000440), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000000), 0x10, &(0x7f0000000040)={&(0x7f00000000c0)={0x5, 0x0, 0x0, {0x0, 0x2710}, {0x77359400}, {}, 0x8, @can={{}, 0x0, 0x0, 0x0, 0x0, "c4d981ae211e6951"}}, 0x20000108}}, 0x0) sendmsg$can_bcm(r0, &(0x7f00000002c0)={&(0x7f0000000080), 0x10, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0000000401000000001d5b0e00"], 0x1}}, 0x0) [ 530.222440] kvm: pic: level sensitive irq not supported [ 530.226530] kvm: pic: single mode not supported [ 530.269912] kvm: pic: single mode not supported 00:35:28 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @local}, {0x0, @broadcast}, 0x18, {0x2, 0x0, @multicast2}, 'lo\x00'}) [ 530.274936] kvm: pic: level sensitive irq not supported 00:35:28 executing program 2: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000100)="120000001200e7ef007b000056f4afddaa98", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000020c0), 0x320, 0x0, &(0x7f0000003700)={0x77359400}) [ 530.337179] kvm: pic: level sensitive irq not supported 00:35:28 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008011, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback, [0x2, 0x7000028]}, 0x10) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20100000008912, &(0x7f0000000140)="0a5c2d0240316285717070") setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000400)='vegas\x00', 0x6) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0xfffffffffffffd48, 0x120, 0x0, 0xfffffc85) 00:35:28 executing program 3: 00:35:28 executing program 4: 00:35:28 executing program 5: 00:35:29 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000080)={r2, 0x3, 0x6, @remote}, 0x4bdc) close(r1) 00:35:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:29 executing program 3: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x10, 0x3, 0x0) pipe(&(0x7f0000000100)) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'team0\x00'}) sendmsg(r1, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000006000)="1b0000005200030f07fffd946fa283bc04eee6d87986c497271d85", 0x1b}], 0x1}, 0x0) recvfrom$inet6(r1, &(0x7f0000000000)=""/179, 0xb3, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0) 00:35:29 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x4) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000300)={@loopback, 0x2c}) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, 0x1c) socket$l2tp(0x18, 0x1, 0x1) socket$l2tp(0x18, 0x1, 0x1) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0) write(r0, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27) 00:35:29 executing program 5: 00:35:29 executing program 2: 00:35:29 executing program 4: 00:35:29 executing program 3: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x10, 0x3, 0x0) pipe(&(0x7f0000000100)) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'team0\x00'}) sendmsg(r1, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000006000)="1b0000005200030f07fffd946fa283bc04eee6d87986c497271d85", 0x1b}], 0x1}, 0x0) recvfrom$inet6(r1, &(0x7f0000000000)=""/179, 0xb3, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0) 00:35:29 executing program 2: 00:35:29 executing program 0: 00:35:30 executing program 5: 00:35:30 executing program 4: 00:35:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:30 executing program 3: 00:35:30 executing program 0: 00:35:30 executing program 2: 00:35:30 executing program 5: 00:35:30 executing program 4: 00:35:30 executing program 3: 00:35:30 executing program 0: 00:35:31 executing program 2: 00:35:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:31 executing program 3: 00:35:31 executing program 4: 00:35:31 executing program 5: 00:35:31 executing program 0: 00:35:31 executing program 3: 00:35:31 executing program 2: 00:35:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:31 executing program 4: 00:35:31 executing program 5: 00:35:31 executing program 3: 00:35:31 executing program 0: 00:35:32 executing program 2: 00:35:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:32 executing program 5: 00:35:32 executing program 3: 00:35:32 executing program 0: 00:35:32 executing program 4: 00:35:32 executing program 3: 00:35:32 executing program 0: 00:35:32 executing program 5: 00:35:32 executing program 4: 00:35:32 executing program 2: 00:35:33 executing program 3: 00:35:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:33 executing program 0: 00:35:33 executing program 4: 00:35:33 executing program 5: 00:35:33 executing program 3: 00:35:33 executing program 2: 00:35:33 executing program 0: 00:35:33 executing program 4: 00:35:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:33 executing program 5: 00:35:34 executing program 3: 00:35:34 executing program 2: 00:35:34 executing program 4: 00:35:34 executing program 2: 00:35:34 executing program 0: 00:35:34 executing program 3: 00:35:34 executing program 5: 00:35:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:34 executing program 3: 00:35:34 executing program 4: 00:35:34 executing program 2: 00:35:34 executing program 0: 00:35:35 executing program 5: 00:35:35 executing program 2: 00:35:35 executing program 3: 00:35:35 executing program 4: 00:35:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:35 executing program 0: 00:35:35 executing program 5: 00:35:35 executing program 2: 00:35:35 executing program 4: 00:35:35 executing program 3: 00:35:35 executing program 0: 00:35:36 executing program 5: 00:35:36 executing program 2: 00:35:36 executing program 4: 00:35:36 executing program 0: 00:35:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:36 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000200), &(0x7f0000000240)=[0x0]}}], 0x0, 0x0, &(0x7f0000000580)}) 00:35:36 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x8, 0x202100) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001540)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000002900)}}], 0x1, 0x0, &(0x7f0000003280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp\x00') setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@int=0x4c, 0x4) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) io_getevents(0x0, 0x0, 0x0, &(0x7f0000000040), 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000340)) preadv(r2, &(0x7f00000017c0), 0x1ce, 0x0) fcntl$getflags(0xffffffffffffffff, 0x0) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$TIOCGSOFTCAR(r4, 0x5419, &(0x7f00000003c0)) getsockopt$ARPT_SO_GET_ENTRIES(r4, 0x0, 0x61, &(0x7f0000001040)={'filter\x00', 0x762, "d3e43cad63217b4cea9e8cf5f951f02e7e12a45494f44fa65d948836ea6cb670ec997c7b24f8bc751fb222024c75fd074153f3a6c69697c00cb72cc25a30f2abc1518de2749b3331f07f06e6098553fa82f5833fc92346bcf8e8375215866fa48df186a55f3a446c9b85c622999afe1f92e733896c440209b3948943cd3dc62b721161ae4e76353b7089a109eec65e93173d9f2a00ab9f2ca437f09a51bbd94051ab196a2fc5d931a20ce9be2ea45ce15da09824140eefc537aac8e473a30bc9591c10fecea43ee6dbe7ee80816de6c031c2322a6b78505eafe6e4a9fbf6320a311365ca97085807e8fcc8c2d92fa8a943e53a7d3bc91d6b737bf58f60fba5494e141490290047dbdb2bdcbce3fd3d3c759eac3345f73e5740eff7c6bc317e988213e282705d8cf409160649e0f761c588f07c876511bfbe080a2d646176dcc3e61271b95c2ba6dd76ac10830e18500d7c3e5e74ca23094085ab5a2e7997b2a005ecdc6cb3a65784da16c37d9c1db0b6f350ef5ce433dae32ffb2d3d7a8dd97b45aec444cf6ecb55131822c0021856c001645784264e3cc52f66a915bfac1cf4db3e279ca106e713cd699f8ebb22b48639318636f3c31d916d2120e19376b023eb4e795d51cd47cfcf27c3f6f557443719acb98edbb967d91c56c262aa4727299ce4661bcc7e156cb8622f4c3f42bc75bb7cecca742324a9b7a9caf4c84d9d5b4c89b58403e5e726b3813ec8b5160d6a2bb9cf279a52c396352b6e9ff65f21bf9ceea8ef752e06ec4f5d0c0d075b29fee9cfde50e7de10e23b7702d210c276d732a798dffa1d54280d50b4aceef52edd25adad74c6c11993663617076db5c523f1b9ebc2954570f3df12a0537f69c531b2aa407061034cb519624dadea538e9d5070cb1354a0a9f99652fd7ab278951acf38558bda662ed70d40db7cf1f4c418128e46cc1f5a802c45364db29b12a69fe95f7df1bfe7c3e0fc04bbb4152bc64177c0d7e6713830b9173444ba7c9195430a1fd7e5a154d7fa63596b9033bc83b7497b5b080510f5d862be60b02809da3f673b0f66c76baabaa4a9fd810818820e21d4e61c904d55c7b5a167f899242ffafce5adca92f2aa1ed17b65b16cc1df67863bb79ecbd9399e7e24acf00ddc205381cf191367c68db5d2330707043a665b114f9a75593fe5f8df0339dc02b96cb9bc6d25d3a81889c7a402e015a8943f7df2393dd7740e9df4be42f3fa05abf13ac29eed31b9d49db1e2d6d95d85fd014844952cb1ceedf756cb20ac2da54b19178dccf73025145fb104c3b65ff08f3b7c2d40f2b2b78143a5831ec4e99441014056700211ef299a06d89f64c64a4eb2ac8bc6cc3197176c9df6bf8257d2c6e1b992661cbb194b1b5fb54472be48550ddbf2cf63a6546daaea1385196ea8897d841ba0ff825741d5253e0cd41f5c45fdb67d8ed8b06cae7f77234338b8a3bc9fbc40a70bdadfaedfc2e8d683fb6e4a481b497542ff97d9c2794694725a09b1f9f9133fc9925833b255f5418657373406bc38e8eae6917d3246170280464ac1af21d7fe190f997de99da2aaf8022a9f14b84371f128b8903e3c48e3cb952bb6fe6b36c161d82a38a4d2202ce2ea59266a8e296a8d625fbfc0ec0eefe4e1b8affceb1823e61390ded033cdcef3bdf01b234bbe26abf24e793d6c01b970a5551f6c6029dab4b874d014a9dc9a25319f5964f3fa423398565f1c7a1978f3e32f0f7f6557cc362d35e3cc8500436d6caa606331295d7a715cc345b2b1b2be2536dd70dc14475a3e0d8344b72bee020a636ca18f12626c1fdcd76e1a5b8cbf703203e4e615fb7f9897308f7b7bdef74ee369fe177c178e7c131067f6f72c90ff8d048d523a205be4546ed425d2b224a5178d6842746f47cea24d0b151456f1af6012746ef8474eb2513b37d6ef1483895fcccfd0f6be1aa95dee449f3f09a392275a9a109df13b841b63af0fb8ad9538570b1d85a6ed602db163d723f6cc1defc77a7aec5d437df428ec74932016f7e81b1e0a0d3ab3983f5375d7af3707abf6765cd5dfb8e4f9540ad740e16fe2ce1839959d5e9a67b229c711c5d3ecd0952bdd91942791e773ec6cf410ff50f2d579e13158c3fb837e051a2d3a98a6ad7112b8c377f1fd218e9f86bb7549756812afb4715a9d1d06fa12c05029c8d5efd8974b64adf70015735c4977de46bac05209bee5b06face12c17af03cd853bfd36ca14c523907e99d2a8c72f6f1c3b69ebd8559adf80229ec7af51fe59e7abec20cd2e951183e374f19e1078724a21e8764ef45dc8f1fdd1f7bb61d0b25a1928cd2645fe890f780199fa583cb12d76c20511dd6f75e386e0f0d25eddddf6a32a089ee9500431c57080b86064b8cd647d235524cd37b2d448290e715b328c95a15d41a9cb40e20c53c232bd3d1379593009d5958b141850aa0db2e5481389c43a77face3800d320fb3fdc616be4e5ffcfbbef524820be911e49d2ac2de11fef34d48e28dd1c70e6e1970ee3ea600766996a612edb0f3617a913dd18c3287703e60d68cf20d28478d1bf6ee2d5fa0662fb2078f1b058a73a33adcabc65f1f7bfada482183d4b073ce30e61fb7c89cec9a96ae12a78f74deef80b2e6b0ce120cffa8e21b6c576f4c87ddcd53296b684d6aef6833ad02424e550"}, &(0x7f0000000040)=0x786) 00:35:36 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(0xffffffffffffffff, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:35:36 executing program 2 (fault-call:6 fault-nth:0): r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) [ 530.401322] kvm: pic: single mode not supported [ 538.766664] binder: 13411:13415 got transaction with invalid offset (0, min 0 max 0) or object. [ 538.780837] binder: 13411:13415 transaction failed 29201/-22, size 0-8 line 3036 [ 539.357080] binder: undelivered TRANSACTION_ERROR: 29201 00:35:37 executing program 0 (fault-call:2 fault-nth:0): r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:37 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 00:35:37 executing program 3: r0 = socket$inet(0x2, 0x5, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="071f080000000000970600c6fe76cff3e26def23000200000811000013", 0x1d) getsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000001000)=""/4096, &(0x7f00000001c0)=0x1000) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000040)={0x0, 0x2, 0x6d, 0xce}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000000c0)={r1, 0x6}, &(0x7f0000000100)=0xfffffffffffffeb3) accept4$inet(r0, &(0x7f0000000180)={0x2, 0x0, @rand_addr}, &(0x7f0000000200)=0x10, 0x80800) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f0000002000)=""/4096, &(0x7f0000000140)=0x1000) 00:35:37 executing program 4: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r1 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r0, 0x6) ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0x6) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x3) recvmmsg(r1, &(0x7f0000001b80)=[{{&(0x7f00000000c0)=@hci, 0x80, &(0x7f0000000040), 0x0, &(0x7f00000002c0)=""/220, 0x8}}], 0x1, 0x0, &(0x7f00000005c0)={0x77359400}) close(r0) 00:35:37 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x9) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) ioctl$VIDIOC_DQEVENT(r0, 0x80885659, &(0x7f00000000c0)={0x0, @frame_sync}) shutdown(r2, 0x1) 00:35:38 executing program 3: r0 = socket$inet(0x2, 0x5, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="071f080000000000970600c6fe76cff3e26def23000200000811000013", 0x1d) getsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000001000)=""/4096, &(0x7f00000001c0)=0x1000) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000040)={0x0, 0x2, 0x6d, 0xce}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000000c0)={r1, 0x6}, &(0x7f0000000100)=0xfffffffffffffeb3) accept4$inet(r0, &(0x7f0000000180)={0x2, 0x0, @rand_addr}, &(0x7f0000000200)=0x10, 0x80800) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f0000002000)=""/4096, &(0x7f0000000140)=0x1000) 00:35:38 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 00:35:38 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000180)={0x410000007}) r3 = epoll_create1(0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000040)={0x11}) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000001c0)={0xfffbffff80000013}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x60000001}) epoll_pwait(r1, &(0x7f0000dc7fc4)=[{}], 0x1, 0x0, &(0x7f0000000100), 0x8) r4 = socket(0xf, 0x5, 0x9e) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000240)={0x0, 0xf1, "13fa74f2d3faafa63dbb2b6a84de0964ac44fa97e6d98018d5a7accbfbdb893162e585d26f723e71a2880d3722f63a2021e1bc39ddedfbd01cb2156fe5b546c9be9bedcf9ae01b2ed6335b59cdecba539f11d758a8fdc7b0c5e2c17f12a847b9952e8d81c626fd1f34b63da5c54c2b8431d2cc601ae3992f7ca2dce0f5d9278918214912a9f327f5fb3377b1126b73d9a2f6f74781914b480fcfd1c72b367035c659eeafb9828c2e93fdca627055d35e3dd687134e7c8e8e5f0e1e6bc6b84d58af079034b4d5ad5bbce48e212c9e66bbd424c5fb8183dd66722ad878093dbf207688bb482ff332658314735774c56b6b78"}, &(0x7f0000000080)=0xf9) getsockopt$inet_sctp6_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f00000000c0)={r5, 0xfffffffffffffff7, 0x8001, 0xffff}, &(0x7f0000000140)=0x10) [ 540.166816] QAT: Invalid ioctl 00:35:38 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x46) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x40200, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000200)=0x1) r2 = accept$alg(r0, 0x0, 0x0) getsockopt$sock_timeval(r2, 0x1, 0x15, &(0x7f0000000000), &(0x7f0000000040)=0x10) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/54, 0x36}, {&(0x7f0000000200)}], 0x2, &(0x7f00000013c0)=""/4096, 0x1000, 0xffffffffffffffff}, 0x0) recvmmsg(r2, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x34e, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x11, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400}) 00:35:38 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000000040)={0x2b, @empty, 0x4e24, 0x4, 'lc\x00', 0x30, 0x4, 0x37}, 0x2c) pipe(&(0x7f0000000680)) pselect6(0x40, &(0x7f00000000c0), &(0x7f00000004c0), &(0x7f0000000140)={0x8}, &(0x7f0000000200), &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) 00:35:38 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0xbe) accept4(r0, 0x0, &(0x7f0000000080), 0x0) lseek(r0, 0x0, 0x3) [ 540.531495] FAULT_INJECTION: forcing a failure. [ 540.531495] name failslab, interval 1, probability 0, space 0, times 1 [ 540.543119] CPU: 0 PID: 13436 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #85 [ 540.550470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.552973] Call Trace: [ 540.552973] dump_stack+0x32d/0x480 [ 540.552973] should_fail+0x11e5/0x13c0 [ 540.552973] __should_failslab+0x278/0x2a0 [ 540.552973] should_failslab+0x29/0x70 [ 540.552973] kmem_cache_alloc_node+0x164/0xec0 [ 540.552973] ? __alloc_skb+0x32e/0xeb0 [ 540.552973] ? __msan_poison_alloca+0x1e0/0x270 [ 540.552973] __alloc_skb+0x32e/0xeb0 [ 540.552973] ? __local_bh_enable_ip+0x46/0x260 [ 540.552973] tipc_buf_acquire+0x97/0x290 [ 540.552973] tipc_named_withdraw+0x34a/0x8c0 [ 540.552973] tipc_nametbl_withdraw+0x37a/0x880 [ 540.613667] QAT: Invalid ioctl [ 540.552973] tipc_release+0xa27/0x1a20 [ 540.552973] ? tipc_sock_destruct+0x390/0x390 [ 540.552973] sock_close+0x13f/0x400 [ 540.552973] ? sock_mmap+0x130/0x130 [ 540.552973] __fput+0x4d8/0xdf0 [ 540.552973] ? fput+0x420/0x420 [ 540.552973] ____fput+0x37/0x40 [ 540.552973] task_work_run+0x48e/0x520 [ 540.647206] QAT: Invalid ioctl [ 540.552973] get_signal+0x21c6/0x2330 [ 540.552973] ? ___sys_recvmsg+0x9bb/0xae0 [ 540.552973] ? __msan_poison_alloca+0x1e0/0x270 [ 540.552973] ? do_signal+0x1dd/0x2fc0 [ 540.552973] ? prepare_exit_to_usermode+0x2c9/0x4c0 [ 540.552973] do_signal+0x1f3/0x2fc0 [ 540.552973] ? task_work_add+0x550/0x590 [ 540.552973] ? kmsan_set_origin+0x7f/0x100 [ 540.552973] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 540.552973] prepare_exit_to_usermode+0x2c9/0x4c0 [ 540.552973] syscall_return_slowpath+0xed/0x730 [ 540.552973] do_syscall_64+0xf5/0x110 [ 540.552973] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 540.552973] RIP: 0033:0x457569 [ 540.552973] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 540.552973] RSP: 002b:00007fc6cb876c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 540.552973] RAX: fffffffffffffe00 RBX: 00007fc6cb876c90 RCX: 0000000000457569 [ 540.552973] RDX: 0000000000000000 RSI: 0000000020001240 RDI: 0000000000000003 [ 540.552973] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 540.552973] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6cb8776d4 [ 540.552973] R13: 00000000004c3549 R14: 00000000004d54c0 R15: 0000000000000004 [ 540.776685] Withdrawal distribution failure 00:35:38 executing program 4: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = memfd_create(&(0x7f00000000c0)='#em1#+\x00', 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x800, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r5) write(r4, &(0x7f0000000040)='\b', 0x1) ppoll(&(0x7f0000000180)=[{r0, 0x100}, {r4, 0x1}, {r0, 0xc049}, {r2, 0x8000}, {r1, 0x8}, {r0, 0x8}], 0x6, &(0x7f00000001c0)={0x0, 0x1c9c380}, &(0x7f0000000200)={0x20}, 0x8) sendfile(r4, r4, &(0x7f0000000140), 0x1) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x100000000000000) ioctl$KVM_GET_VCPU_EVENTS(r3, 0xc080aebe, &(0x7f0000000000)) 00:35:39 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000300)=0x5, 0x4) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000240)={&(0x7f0000000180)=""/129, 0x1000000}, 0x18) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) mq_open(&(0x7f0000000280)=']securityself%,wlan0\x00', 0x0, 0x6, &(0x7f00000002c0)={0x80000000, 0x3f, 0x3f, 0x2ba, 0x2, 0x4, 0x3ff, 0x2}) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x20000000001e, 0x800, 0x6) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:39 executing program 3: r0 = socket(0xa, 0x3, 0x1) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f00000000c0)={0x0, "6e72303db4862c67c3da87001900", 0x1}, 0x18) ioctl(r0, 0x8916, &(0x7f0000000000)) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000340)=ANY=[@ANYBLOB="7dbbd152730ed007fc8d6cef2ea06d78d20d67c02c01fbed70e8d8efe5f0a54273c894e32b12b8111bd74df15c738c776864e1bf01b3caa13f9325ea7e6262f3eb46a7c66537e5294a"], 0x4) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x8000, 0x0) write$P9_RFSYNC(r1, &(0x7f0000000080)={0x7, 0x33, 0x2}, 0x7) ioctl(r1, 0xffffffffffffffff, &(0x7f0000000240)="e18e48e500a7") ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f0000000180)=0x81) bind$rds(r1, &(0x7f0000000100)={0x2, 0x4e22, @remote}, 0x10) write$P9_RREMOVE(r1, &(0x7f0000000000)={0x7, 0x7b, 0x42}, 0x7) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000280)={'ip6gre0\x00'}) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r1, 0x40485404, &(0x7f00000001c0)={{0xffffffffffffffff, 0x1, 0x7ff, 0x2, 0x7f}, 0x0, 0xffffffffffffffff}) [ 541.158643] QAT: Invalid ioctl [ 541.171441] QAT: Invalid ioctl 00:35:39 executing program 5: r0 = dup(0xffffffffffffff9c) ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f00000002c0)={0x3, [0x4, 0x8001, 0x6, 0x80, 0x30ca, 0x1, 0x6, 0x0, 0x260b, 0x3f, 0xffff, 0x800, 0x800, 0x3000000000000000, 0x7fff, 0xffe, 0xad07, 0x0, 0x1, 0x74a86850, 0x98cb, 0xfff, 0x0, 0xdc, 0x2, 0x3f, 0x3, 0x0, 0x4, 0x2, 0x2, 0xbc0c, 0xffff, 0x50d, 0x3, 0xffffffff80000000, 0x70d409d6, 0x5, 0x8000000000000, 0x8, 0x5, 0xbf9, 0x401, 0x7, 0x80000001, 0x3, 0x3, 0x1], 0x5}) r1 = syz_open_procfs(0x0, &(0x7f0000000080)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424ab9b3f8683ecf89dee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca9fcf03cbf82bd13534737339245d3c70641be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf3ad8882947ffa1fb4c050727beb12c57e06ff590000000000000000000000000000008924578ad49ea1144c7448d640aa88a66a71b77d73a924ff027fdcb550161653d4cb57088385248286f5be9d8766c70c29e6f5063dfe74a1b0b52079159048210b4d271ac94c889b063ca34a09579af03631f128e6dd2c966daecd7c6f7e0f4ebcaf80250cfab07184838078c71d809d06dc0bac75db814525d1d1acaf4cb6f4890f397382ae636697f688094e38db5c22770f53076c630df9bb4c149189ffa975f52087311c5baafc11c90bdc25fc803b71153ddc3995b2df49cdd784bc5bea40861070dadb395e85c93cdfa08e") fstat(r0, &(0x7f0000000340)) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffc, 0x12, r1, 0x0) r2 = socket$inet_dccp(0x2, 0x6, 0x0) fstat(r2, &(0x7f0000000240)) getsockopt$inet_int(r2, 0x10d, 0xda, &(0x7f0000000000), &(0x7f0000000080)=0x4) openat(r0, &(0x7f0000000040)='./file0\x00', 0x101000, 0x105) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000003c0)={{0x8001, 0x8}, 'port1\x00', 0xc6, 0x80000, 0x400, 0x100, 0x7a, 0x200, 0x8, 0x0, 0x2, 0x4}) 00:35:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 541.242990] QAT: Invalid ioctl [ 541.255186] QAT: Invalid ioctl 00:35:39 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = socket$nl_route(0x10, 0x3, 0x0) recvfrom(r1, &(0x7f0000000000)=""/64, 0x40, 0x2000, &(0x7f0000000080)=@generic={0x3, "06f3cdfc2b2ca4366843b382790d96439254766b9af4b07989b15e65fc2e60a84ec0c04f918054da48c6c2125bbf7f96d78609bd7de8c458846e8c2b720eb6182c6f6641cd4ecb990881adf7663dc2b9e8c6d7f9f21f3a435fc6f0d3d76041b1840bf5dcfe128f21e4221cbf048e0e900d8817077753ef37dca26cbe7519"}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x1a3, 0x4, 0x101000001, 0x0, r0}, 0x2c) 00:35:39 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @loopback}}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, &(0x7f00000001c0)=0x100) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f00000000c0)="2e78b3660f754b100f32b8e1008ee8f30f005480d18fdb00baf80c66b84e61448066efbafc0cb80000ef0f3266b9ad0300000f320f01d1", 0x37}], 0x1, 0x0, &(0x7f00000001c0), 0x0) socket$inet_smc(0x2b, 0x1, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x5000aea5, &(0x7f0000000140)) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f0000000080)="0a5c2d0240316285717070") mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x6, 0x31, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000000880)) 00:35:39 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) setsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f00000001c0)={@loopback, r2}, 0x14) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000040)) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x20000, 0x0) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r4 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r4, 0x1) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x6, 0xffff, 0x9f, 0x5, 0x0, 0x565, 0x100, 0x1, 0x8, 0x0, 0x3, 0x1, 0x6, 0x400, 0x3, 0x6, 0x200, 0x8, 0x7ff, 0x6, 0x8001, 0x10001, 0x8, 0x3, 0x6, 0x3f, 0x7, 0x7f, 0x4, 0x7fffffff, 0xfffffffffffffff9, 0x400, 0x5, 0x8853, 0x2, 0x0, 0x0, 0x3ff, 0x5, @perf_config_ext={0x6, 0xffff}, 0x808, 0x10000, 0x7, 0x6, 0x5}, r5, 0xf, r3, 0xb) 00:35:40 executing program 5: perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r1, 0x10d, 0xaf, &(0x7f0000000140), &(0x7f0000000040)=0x137) [ 542.238465] Unknown ioctl 21519 00:35:40 executing program 1 (fault-call:9 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:40 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x805, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:40 executing program 5: r0 = semget$private(0x0, 0x20000000103, 0x0) semop(r0, &(0x7f0000000300)=[{0x4, 0xffffffff}], 0x1) r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x5, 0x40a01) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000180)={0xa, &(0x7f0000000100)=[{}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$DRM_IOCTL_DMA(r1, 0xc0406429, &(0x7f00000002c0)={r2, 0x1, &(0x7f00000001c0)=[0x4], &(0x7f0000000200)=[0x5, 0x9, 0x401, 0x0, 0x6], 0x42, 0x7, 0x7, &(0x7f0000000240)=[0x9, 0xa90f, 0x0, 0x80, 0x7, 0x1000, 0x3], &(0x7f0000000280)=[0x5, 0x80000000, 0x8, 0x2, 0x1000]}) semop(r0, &(0x7f0000000080)=[{0x1}, {0x0, 0xffffffff}], 0x2) semop(r0, &(0x7f0000000000)=[{0x0, 0x7}], 0x1) 00:35:40 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x71, 0x800000242000) ioctl$SNDRV_TIMER_IOCTL_STOP(r1, 0x54a1) r2 = gettid() process_vm_writev(r2, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1}], 0x1, &(0x7f0000c22fa0)=[{&(0x7f00007a9000)=""/1, 0x1}], 0x1, 0x0) close(r0) [ 542.573281] FAULT_INJECTION: forcing a failure. [ 542.573281] name failslab, interval 1, probability 0, space 0, times 0 [ 542.584764] CPU: 1 PID: 13517 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 542.592114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.594598] Call Trace: [ 542.601822] dump_stack+0x32d/0x480 [ 542.601822] should_fail+0x11e5/0x13c0 [ 542.601822] __should_failslab+0x278/0x2a0 [ 542.601822] should_failslab+0x29/0x70 [ 542.601822] kmem_cache_alloc+0x146/0xe20 [ 542.601822] ? mmu_topup_memory_caches+0x119/0x900 [ 542.601822] mmu_topup_memory_caches+0x119/0x900 [ 542.601822] ? kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040 [ 542.601822] kvm_mmu_load+0xb3/0x3510 [ 542.601822] ? kvm_lapic_enabled+0x3c3/0x440 [ 542.601822] kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040 [ 542.601822] ? kmsan_set_origin+0x7f/0x100 [ 542.601822] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 542.601822] ? kstrtoull+0x6fe/0x7e0 [ 542.601822] ? kmsan_set_origin+0x7f/0x100 [ 542.671814] ? __msan_poison_alloca+0x1e0/0x270 [ 542.671814] ? kmsan_set_origin+0x7f/0x100 [ 542.671814] ? put_pid+0x71/0x410 [ 542.671814] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 542.671814] ? put_pid+0x330/0x410 [ 542.671814] ? get_task_pid+0x19d/0x290 [ 542.671814] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 542.671814] ? do_vfs_ioctl+0x184/0x2f70 [ 542.671814] ? __se_sys_ioctl+0x1da/0x270 [ 542.671814] ? kvm_vm_release+0x90/0x90 [ 542.671814] do_vfs_ioctl+0xfbc/0x2f70 [ 542.671814] ? security_file_ioctl+0x92/0x200 [ 542.671814] __se_sys_ioctl+0x1da/0x270 [ 542.671814] __x64_sys_ioctl+0x4a/0x70 [ 542.671814] do_syscall_64+0xcf/0x110 [ 542.671814] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 542.671814] RIP: 0033:0x457569 [ 542.671814] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 542.671814] RSP: 002b:00007ff70411fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 00:35:40 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000000), &(0x7f0000000040)=0x4) [ 542.671814] RAX: ffffffffffffffda RBX: 00007ff70411fc90 RCX: 0000000000457569 [ 542.671814] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 542.671814] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 542.671814] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff7041206d4 [ 542.671814] R13: 00000000004c028e R14: 00000000004d06d8 R15: 0000000000000008 00:35:41 executing program 3: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2000005, 0x8100000000000033, 0xffffffffffffffff, 0x4) r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x7, 0x40101) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000000240)={0x0, @rand_addr, @multicast1}, &(0x7f0000000280)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f00000002c0)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40080}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@mpls_getroute={0x54, 0x1a, 0x8, 0x70bd2a, 0x25dfdbfb, {0x1c, 0xb0, 0x10, 0xffff, 0xfe, 0x1, 0xff, 0x7, 0x400}, [@RTA_OIF={0x8, 0x4, r1}, @RTA_TTL_PROPAGATE={0x8, 0x1a, 0x3}, @RTA_OIF={0x8, 0x4, r2}, @RTA_OIF={0x8, 0x4, r3}, @RTA_TTL_PROPAGATE={0x8, 0x1a, 0x3}, @RTA_OIF={0x8, 0x4, r4}, @RTA_TTL_PROPAGATE={0x8, 0x1a, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x0) listxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=""/56, 0x38) r5 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$eventfd(r5, &(0x7f0000000080)=0x9, 0x8) 00:35:41 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x71, 0x800000242000) ioctl$SNDRV_TIMER_IOCTL_STOP(r1, 0x54a1) r2 = gettid() process_vm_writev(r2, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1}], 0x1, &(0x7f0000c22fa0)=[{&(0x7f00007a9000)=""/1, 0x1}], 0x1, 0x0) close(r0) 00:35:41 executing program 1 (fault-call:9 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:41 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000314f8c)='smaps_rollup\x00') r1 = socket$inet6(0xa, 0x808, 0x0) dup2(r1, r0) 00:35:41 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x5) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r0, &(0x7f0000000200)={'syz1', "01aa1095b23485a98bcc3b65b087cd619be3a91e2396447a59755e12e7150170056b7380de4043de30"}, 0xfffffc43) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:35:41 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x20000, 0x0) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f00000000c0)={0x0, 0x4}, &(0x7f0000000080)=0x8) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r1, &(0x7f00000002c0)="3a58ec963721332450a164e89f2db767518e84bbc722d127d0678d461df9c0d1869afd1a92c87e93fed38e66799708454cd7eb05420f715502dcece5735a54d6076827726c422502386a61ef65381836d9b3317014843343466b2b0cca348623a7116008cc574202aeffb60281a8f14cb1efddfb055b33c903a511b955a55dae54dc142b1fe97312f3e37b80fbec72378981763e37c8171c6ab61732d22e5af25a64907fba4fa26eb1445264c9af85ee2ee30cd4af0ac68fa2600449b1ce90bf9e1bcbf240373511ee9175ba01673e8d30"}, 0x10) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000100)="c3b61ee50a72b80960b72b1acd344f1c2f857234d2fc02a00476eebfedc6416d13f2a46a25af33045eda38bfad5b0900d761f32a4b469e667f8643bc87e7701481fe4e2c50f75f4d2b51fd855b", 0x4d) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000001c0)=@assoc_value={r2, 0xfffffffffffffff7}, 0xfffffffffffffeda) [ 543.824072] FAULT_INJECTION: forcing a failure. [ 543.824072] name failslab, interval 1, probability 0, space 0, times 0 [ 543.835689] CPU: 0 PID: 13557 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 543.843033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.845407] Call Trace: [ 543.845407] dump_stack+0x32d/0x480 [ 543.845407] should_fail+0x11e5/0x13c0 [ 543.845407] __should_failslab+0x278/0x2a0 [ 543.845407] should_failslab+0x29/0x70 [ 543.845407] kmem_cache_alloc+0x146/0xe20 [ 543.845407] ? mmu_topup_memory_caches+0x119/0x900 [ 543.845407] mmu_topup_memory_caches+0x119/0x900 [ 543.845407] kvm_mmu_load+0xb3/0x3510 [ 543.845407] ? kvm_lapic_enabled+0x3c3/0x440 [ 543.845407] kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040 [ 543.845407] ? kmsan_set_origin+0x7f/0x100 [ 543.845407] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 543.845407] ? kstrtoull+0x6fe/0x7e0 [ 543.845407] ? kmsan_set_origin+0x7f/0x100 [ 543.845407] ? __msan_poison_alloca+0x1e0/0x270 [ 543.845407] ? kmsan_set_origin+0x7f/0x100 [ 543.845407] ? put_pid+0x71/0x410 [ 543.928205] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 543.928205] ? put_pid+0x330/0x410 [ 543.928205] ? get_task_pid+0x19d/0x290 [ 543.928205] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 543.928205] ? do_vfs_ioctl+0x184/0x2f70 [ 543.928205] ? __se_sys_ioctl+0x1da/0x270 [ 543.928205] ? kvm_vm_release+0x90/0x90 [ 543.928205] do_vfs_ioctl+0xfbc/0x2f70 [ 543.928205] ? security_file_ioctl+0x92/0x200 [ 543.928205] __se_sys_ioctl+0x1da/0x270 [ 543.928205] __x64_sys_ioctl+0x4a/0x70 [ 543.974555] do_syscall_64+0xcf/0x110 [ 543.974555] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 543.984365] RIP: 0033:0x457569 [ 543.984365] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 544.004624] RSP: 002b:00007ff70411fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 544.004624] RAX: ffffffffffffffda RBX: 00007ff70411fc90 RCX: 0000000000457569 00:35:42 executing program 5: syz_emit_ethernet(0x0, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)) [ 544.004624] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 544.029022] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 544.029022] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff7041206d4 [ 544.029022] R13: 00000000004c028e R14: 00000000004d06d8 R15: 0000000000000008 00:35:42 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x5e, 0x200) write$P9_RREADLINK(r1, &(0x7f00000001c0)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) ioctl(r1, 0x20000000008912, &(0x7f0000000200)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:42 executing program 2: r0 = socket$inet6(0xa, 0xfbfffffffffffffe, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:35:42 executing program 3: unshare(0x20400) r0 = socket$inet_dccp(0x2, 0x6, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x400000) write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000040)={0xe, 0x5, 0x4, 0x7fff, 0xa6, "a9e83c255fed9714a0a60e1510b41ca82db2f0c25901fc8a6b4f8303f53e1eea50119584536149b9b6debe7e572cfac3f503db69ec78ec6be69c5bb261e50f48c515573ca3b84127eaa217e33840cbfac492e4e77bfe1c95e8776221c5e5c2757d85f632ab7f1ed0f7eb43fc282168474b823a82396e5298bb185e8ae1df19f33051129a421bbae123db5593a304a99b33f3fe8ed034466361eae7a98c85c4bc2727814b1eeb"}, 0xb2) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'nat\x00'}, 0x78) 00:35:42 executing program 4: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=""/3) mount(&(0x7f00000000c0)=ANY=[@ANYBLOB="2f646505000000640000"], &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000180)='&.em07,\x00') open(&(0x7f0000000280)='./file0\x00', 0x10080, 0x24) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f00000001c0), &(0x7f0000000240)=0x68) 00:35:42 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x9, 0x4000) r1 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x400000000032, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x91b, 0x2) write$selinux_attr(r2, &(0x7f00000000c0)='system_u:object_r:root_t:s0\x00', 0x1c) r3 = dup2(r1, r0) write$FUSE_OPEN(r3, &(0x7f00000001c0)={0x20}, 0x20) [ 544.652450] 9pnet_virtio: no channels available for device /de [ 544.687437] 9pnet_virtio: no channels available for device ÿ 00:35:42 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="53797a4737fe6409cdaffb31"], 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000000)=@req={0x1, 0x6, 0x400, 0x7}, 0x10) shutdown(r2, 0x1) 00:35:42 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) r2 = memfd_create(&(0x7f0000000040)='\x00', 0x3) ioctl$EVIOCSMASK(r2, 0x40104593, &(0x7f0000000180)={0x4, 0xb9, &(0x7f0000000080)="17f793cfd4e979cfae080564499ddbfea3d5103833bedf6e55723c774e8f4237713e6313e6c7b3f5eaa3a3f037604356478b4fcd8bc1e8963cd1c6aa5fa915af6cfc6fd6f646e6e4efa31acae1ec48031632c4f855512a190aecb22f384e9713de19058b98fb5d0b1bfcb671d988ed37f111d662b25a45e18db6602fde1d6a317c6587294249d14bfec6f7e254c227078478a3654efa4c21294ccd3a9283604e03c71c5f0fefb68c3868d46c8caca57cae07a71ece8a42945c"}) dup2(r1, r0) shutdown(r1, 0x0) 00:35:43 executing program 1 (fault-call:9 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:43 executing program 4: openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)) 00:35:43 executing program 5: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = memfd_create(&(0x7f0000000000)='net/wireless\x00', 0x2) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000040)={0xff, @broadcast, 0x4e21, 0x2, 'lblcr\x00', 0x5, 0x8000, 0x3c}, 0x2c) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/wireless\x00') ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f00000000c0)={r1}) preadv(r1, &(0x7f0000000480), 0x10000000000001ea, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000100)={0x0, 0x0}) getpriority(0x0, r2) 00:35:43 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="73793a91788ea4d199c68fd6e6f45550b30031efe8068179e60784819c5cefd92a6e5dd6a8c42fedee9e447ec099f37b7036fb32718692542918f853a18f3156e2e03ebbe02ffc1b03f70e1ea18885f80b607eccfba35aa741eb4cbead017c97a80595de519136c624c1f56dfed6e4a202ffce1f04d424784a899f20e0bfc50a4736c830108bd0b8b88e7ef9777d6036c9690edaa5b9f1db1008cab41fff1ac91db113911d2641e767e44a0b921e860dd6d607c59dc0dcfd3350cdd0a5a194778fee27548afe16e0159a8fb5707ca90bb2470c2aaf0a1bba31ee1c7c6ef8ec6db4db8e6ea401543bd127ac9584638301e1"], 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:35:43 executing program 0: r0 = socket(0x1e, 0x0, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000280)='/dev/null\x00', 0x10002, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x10000, 0x0) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000300)) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0x8, 0x4, 0x1, 0x3, 0x8001, 0x2, 0xffff, 0x8001, 0x0, 0x9, 0x7, 0x81, 0x3f, 0x401, 0x11, 0x10}}) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r3 = socket(0x1e, 0x5, 0x0) ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000000340)) openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0) sendmsg(r3, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) [ 545.502996] FAULT_INJECTION: forcing a failure. [ 545.502996] name failslab, interval 1, probability 0, space 0, times 0 [ 545.514626] CPU: 1 PID: 13616 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 545.521981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.524397] Call Trace: [ 545.524397] dump_stack+0x32d/0x480 [ 545.524397] should_fail+0x11e5/0x13c0 [ 545.524397] __should_failslab+0x278/0x2a0 [ 545.524397] should_failslab+0x29/0x70 [ 545.524397] kmem_cache_alloc+0x146/0xe20 [ 545.524397] ? mmu_topup_memory_caches+0x119/0x900 [ 545.524397] mmu_topup_memory_caches+0x119/0x900 [ 545.524397] kvm_mmu_load+0xb3/0x3510 [ 545.524397] ? kvm_lapic_enabled+0x3c3/0x440 [ 545.524397] kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040 [ 545.524397] ? kmsan_set_origin+0x7f/0x100 [ 545.524397] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 545.524397] ? kstrtoull+0x6fe/0x7e0 [ 545.524397] ? kmsan_set_origin+0x7f/0x100 [ 545.524397] ? __msan_poison_alloca+0x1e0/0x270 [ 545.524397] ? kmsan_set_origin+0x7f/0x100 [ 545.524397] ? put_pid+0x71/0x410 [ 545.524397] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 545.524397] ? put_pid+0x330/0x410 [ 545.524397] ? get_task_pid+0x19d/0x290 [ 545.524397] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 545.524397] ? do_vfs_ioctl+0x184/0x2f70 [ 545.524397] ? __se_sys_ioctl+0x1da/0x270 [ 545.524397] ? kvm_vm_release+0x90/0x90 [ 545.524397] do_vfs_ioctl+0xfbc/0x2f70 [ 545.524397] ? security_file_ioctl+0x92/0x200 [ 545.524397] __se_sys_ioctl+0x1da/0x270 [ 545.524397] __x64_sys_ioctl+0x4a/0x70 [ 545.524397] do_syscall_64+0xcf/0x110 [ 545.524397] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 545.524397] RIP: 0033:0x457569 [ 545.524397] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 545.672066] RSP: 002b:00007ff70411fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 545.693984] RAX: ffffffffffffffda RBX: 00007ff70411fc90 RCX: 0000000000457569 [ 545.693984] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 545.693984] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 545.693984] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff7041206d4 [ 545.693984] R13: 00000000004c028e R14: 00000000004d06d8 R15: 0000000000000008 00:35:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair(0xf, 0x7, 0x3, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x10, 0xff, 0x2, 0x9, 0x4, r2, 0x1}, 0x2c) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="fdc2"]) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000d40)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000f80)=""/90, 0x5a}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) tee(r3, r2, 0x7, 0x7) ioctl$KVM_NMI(r4, 0xae9a) epoll_wait(r0, &(0x7f0000000080)=[{}, {}, {}, {}], 0x4, 0xc9c) ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f0000000180)=""/200) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) 00:35:43 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r0, &(0x7f0000000300)='.', 0x1, 0x800, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000040)) 00:35:43 executing program 4: open(&(0x7f0000000040)='./file0\x00', 0x18000, 0x8) unshare(0x24020400) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x200440, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000100)=0x7ff) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000080), 0x4) set_tid_address(&(0x7f00000000c0)) 00:35:44 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) r2 = memfd_create(&(0x7f0000000040)='\x00', 0x3) ioctl$EVIOCSMASK(r2, 0x40104593, &(0x7f0000000180)={0x4, 0xb9, &(0x7f0000000080)="17f793cfd4e979cfae080564499ddbfea3d5103833bedf6e55723c774e8f4237713e6313e6c7b3f5eaa3a3f037604356478b4fcd8bc1e8963cd1c6aa5fa915af6cfc6fd6f646e6e4efa31acae1ec48031632c4f855512a190aecb22f384e9713de19058b98fb5d0b1bfcb671d988ed37f111d662b25a45e18db6602fde1d6a317c6587294249d14bfec6f7e254c227078478a3654efa4c21294ccd3a9283604e03c71c5f0fefb68c3868d46c8caca57cae07a71ece8a42945c"}) dup2(r1, r0) shutdown(r1, 0x0) 00:35:44 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x8, 0x101000) r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:44 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) recvfrom$inet6(r0, &(0x7f0000000000)=""/60, 0x3c, 0x22, &(0x7f0000000040)={0xa, 0x4e21, 0x3, @mcast1, 0x71}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r1, 0x0, &(0x7f0000000080), 0x200000000000) shutdown(r2, 0x1) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f0000000200)={&(0x7f00000000c0), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r3, 0x802, 0x70bd2c, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1, 0x2}}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}]}, @IPVS_CMD_ATTR_DEST={0x18, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000010}, 0x40040) 00:35:44 executing program 4: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000440)='/dev/mixer\x00', 0x101000, 0x0) r1 = gettid() prctl$seccomp(0x16, 0x1, &(0x7f0000000080)={0x150, &(0x7f0000000100)}) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e20, @loopback}}}, &(0x7f0000000000)=0x84) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000240)={r2, @in={{0x2, 0x4e24, @remote}}, 0xee, 0x8, 0x2, 0x3f, 0xffffffffffff7fff}, &(0x7f00000000c0)=0x98) fcntl$setownex(r0, 0xf, &(0x7f0000000040)={0x0, r1}) 00:35:44 executing program 1 (fault-call:9 fault-nth:3): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 546.732991] kauditd_printk_skb: 3 callbacks suppressed [ 546.733034] audit: type=1326 audit(1542242144.771:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13646 comm="syz-executor4" exe="/root/syz-executor4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0 [ 546.995773] FAULT_INJECTION: forcing a failure. [ 546.995773] name failslab, interval 1, probability 0, space 0, times 0 [ 547.007666] CPU: 0 PID: 13656 Comm: syz-executor1 Not tainted 4.20.0-rc2+ #85 [ 547.015001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.017478] Call Trace: [ 547.017478] dump_stack+0x32d/0x480 [ 547.017478] should_fail+0x11e5/0x13c0 [ 547.017478] __should_failslab+0x278/0x2a0 [ 547.017478] should_failslab+0x29/0x70 [ 547.017478] kmem_cache_alloc+0x146/0xe20 [ 547.017478] ? mmu_topup_memory_caches+0x119/0x900 [ 547.017478] mmu_topup_memory_caches+0x119/0x900 [ 547.017478] kvm_mmu_load+0xb3/0x3510 [ 547.017478] ? kvm_lapic_enabled+0x3c3/0x440 [ 547.017478] kvm_arch_vcpu_ioctl_run+0x8fb5/0x12040 [ 547.017478] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 547.017478] ? kmsan_set_origin+0x7f/0x100 [ 547.017478] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 547.017478] ? kstrtoull+0x6fe/0x7e0 [ 547.017478] ? kmsan_set_origin+0x7f/0x100 [ 547.017478] ? __msan_poison_alloca+0x1e0/0x270 [ 547.096432] ? kmsan_set_origin+0x7f/0x100 [ 547.103119] ? put_pid+0x71/0x410 [ 547.104687] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 547.104687] ? put_pid+0x330/0x410 [ 547.104687] ? get_task_pid+0x19d/0x290 [ 547.104687] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 547.104687] ? do_vfs_ioctl+0x184/0x2f70 [ 547.104687] ? __se_sys_ioctl+0x1da/0x270 [ 547.104687] ? kvm_vm_release+0x90/0x90 [ 547.104687] do_vfs_ioctl+0xfbc/0x2f70 [ 547.104687] ? security_file_ioctl+0x92/0x200 [ 547.104687] __se_sys_ioctl+0x1da/0x270 [ 547.104687] __x64_sys_ioctl+0x4a/0x70 [ 547.104687] do_syscall_64+0xcf/0x110 [ 547.104687] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 547.104687] RIP: 0033:0x457569 [ 547.104687] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 547.104687] RSP: 002b:00007ff70411fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 00:35:45 executing program 5: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) unshare(0x20400) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000040)=0xffffffffffffff7f) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x200000, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000100)={0x0, 0x0, 0x200}) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffff9c, 0xc008640a, &(0x7f0000000080)={0x0, r2}) ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f00000000c0)={r3}) 00:35:45 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) [ 547.187181] RAX: ffffffffffffffda RBX: 00007ff70411fc90 RCX: 0000000000457569 [ 547.187181] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 547.187181] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 547.208045] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff7041206d4 [ 547.208045] R13: 00000000004c028e R14: 00000000004d06d8 R15: 0000000000000008 00:35:45 executing program 3: mkdir(&(0x7f0000000740)='./file0\x00', 0x1) mount(&(0x7f00000001c0)=ANY=[], &(0x7f000001c000)='./file0\x00', &(0x7f0000982ff9)='mqueue\x00', 0x0, &(0x7f0000ebcffe)) chmod(&(0x7f0000000000)='./file0\x00', 0x0) 00:35:45 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000200)=0xfff, 0x4) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x80000) ioctl$EVIOCSCLOCKID(r2, 0x400445a0, &(0x7f00000001c0)=0x4) r3 = socket(0x1e, 0x4, 0x3) sendmsg(r3, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) [ 547.468802] audit: type=1326 audit(1542242145.511:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13646 comm="syz-executor4" exe="/root/syz-executor4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0 00:35:45 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="02eb656dcf0014e9c30b0e7b000007000000030000002d5403620d009a934d4fe61a001000e0c99f3d65f48546e34f2b21ef3c00f0ff9d86e4df00486dd600284abbfe97f5c01cdfcd7bb56d405b2504aa12b036998ad07f98f1791e4f31e953f437a5d606d69985d65e71a44decd5a3ea5b0c768750d8c9c85f7e4059f0c12de352ec64d6e2b48ea9726eb3060ac47fe3271b6fd3154bb9c1d3f68bcbed1223ca0a5bbe6b2cc028f61dc06833168f712b6ed4f2966864a2b84f885eaeaeb43f78280e779aef171b67ccfcd38c971182388beb0c55caf891e6c3d469debc6caddc05453fb0ba6d50d348"], 0x38}}, 0x0) r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x40b1, 0x0) ioctl$BLKROTATIONAL(r3, 0x127e, &(0x7f0000000200)) getsockopt$inet_buf(r3, 0x0, 0x3f, &(0x7f00000003c0)=""/73, &(0x7f0000000340)=0x49) sendmmsg(r2, &(0x7f0000000180), 0x20, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0xc98, 0x4) r4 = accept4(r0, &(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000080)=0x80, 0x80800) getsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, &(0x7f00000001c0), 0x4) recvmmsg(r2, &(0x7f00000009c0)=[{{&(0x7f0000000440)=@ax25, 0x80, &(0x7f0000000580)}}], 0x4000000000002cb, 0x22, &(0x7f0000000a80)={0x0, 0x1c9c380}) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="e000e7ff", @ANYRES16=r5, @ANYBLOB="270725bd7000fedbdf250d0000001c00030008000800ff0000000800080004000000080007004e2200000800040000f8ffff5800020008000400ffff00000800060008000000080008000000010014000100ac14141b00000000000000000000000008000400010000000800060004000000080002004e240000080007000100000008000b000200000024000100080001000200000008000b00736970000800090054000000080009000f0000000c0001000800090049000000080004000400000008000600b027000008000500020000000800060000800000"], 0xe0}, 0x1, 0x0, 0x0, 0x5}, 0x84) 00:35:45 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x10001) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000280), 0xa5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x8000, 0x0) write$P9_RSTATFS(r2, &(0x7f0000000140)={0x43, 0x9, 0x2, {0xfffffffffffffff8, 0x1409, 0x8, 0xffffffffffffffff, 0x38, 0x9, 0x8, 0x401, 0x6}}, 0x43) r3 = socket$netlink(0x10, 0x3, 0x4) bind$netlink(r3, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r4, &(0x7f0000000040), 0x113, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x200000, 0x0) setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x7, 0xffff, 0x5}]}, 0x10) close(r0) 00:35:45 executing program 1 (fault-call:9 fault-nth:4): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4004ae86, &(0x7f0000000000)) socket$nl_xfrm(0x10, 0x3, 0x6) 00:35:46 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffefffffffffff80) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000004256408b91d1c3995141570ea031fd1fc152006db49b84005599ca7885c56407b115d52eb565c6993f0a522d6bab7e72873aa9dfaa04b4f250c4130a56591868a30bb02d83213ad3ebb57ecf779ba7533b04bc83e9486bdbbbfc3ebfa32e69d4cdd812ef640ac52d9fe31b1d22557aefdf23af2b678090074ee5f7c62ef48ca6b3301ec3a1fd4ca94417878c678be92701231f57f31024e774faab834f6d402c5519aa6630ded98975e73e477ed5e8a95190eda9c428ccdd8875c16d3c983ebcb61394b0db6993845af120275d0f02d1d0665fe78018dd5ede0f0653615dd11fd787f3c5ff7e3d1cf43dd432569a2f7d974f3"], 0x34000) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x280000, 0x0) setsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f00000001c0)=0x9, 0x2) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r3 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r3, 0x1) 00:35:46 executing program 4: pkey_mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x5, 0xffffffffffffffff) r0 = syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x400, 0x80000) ioctl$SG_NEXT_CMD_LEN(r0, 0x2283, &(0x7f0000000180)=0xcc) r1 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80800) setsockopt$RDS_CONG_MONITOR(r1, 0x114, 0x6, &(0x7f0000000040), 0x4) write$evdev(r0, &(0x7f0000001fdc)=[{}, {{0x77359400}}], 0x11a) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x1ff) flock(r0, 0x8) 00:35:46 executing program 3: r0 = syz_open_dev$sndseq(&(0x7f0000000600)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f00000001c0)={{0x6}}) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x140, 0x0) ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000340)='\t\x00\x00\x00\x00\x00\x00\x00') setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x78) getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000240)=""/241, &(0x7f0000000100)=0xf1) 00:35:46 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000180)=@nl=@proc, 0x80, &(0x7f0000000200)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000000380)=""/186, 0xba}, 0x4) r1 = fcntl$getown(r0, 0x9) process_vm_writev(r1, &(0x7f0000000a40)=[{&(0x7f00000002c0)=""/133, 0x85}, {&(0x7f0000000580)=""/195, 0xc3}, {&(0x7f0000000040)=""/64, 0x40}, {&(0x7f0000000740)=""/193, 0xc1}, {&(0x7f0000000840)=""/219, 0xdb}, {&(0x7f0000001280)=""/4096, 0x1000}, {&(0x7f0000000940)=""/255, 0xff}, {&(0x7f0000000440)=""/55, 0x37}, {&(0x7f0000000480)=""/70, 0x46}, {&(0x7f0000000680)=""/82, 0x52}], 0xa, &(0x7f0000000c40)=[{&(0x7f0000000b00)=""/6, 0x6}, {&(0x7f0000000b40)=""/73, 0x49}, {&(0x7f0000000bc0)=""/63, 0x3f}, {&(0x7f0000000c00)=""/11, 0xb}], 0x4, 0x0) socket$kcm(0x29, 0x5, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r3 = socket(0x1e, 0x5, 0x0) sendmsg(r3, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) r4 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r4, 0xc05c5340, &(0x7f0000000240)={0x7f, 0x0, 0x1ff, {0x0, 0x1c9c380}, 0x4, 0x3}) r5 = semget(0x1, 0x4, 0x8) semctl$IPC_RMID(r5, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, &(0x7f0000000c80)={0x6, [0x40, 0x3, 0x0, 0x40, 0x3, 0x1]}) 00:35:46 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="73797a93"], 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:35:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) readlink(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=""/4096, 0x1000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) r4 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x0, 0x2) symlinkat(&(0x7f0000000080)='./file0\x00', r4, &(0x7f00000001c0)='./file0\x00') ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:47 executing program 4: r0 = socket(0xa, 0x806, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, &(0x7f0000000040), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000000000000000007465616d300000000000000000000000766c616e30000000000000000000000076657468305f746f5f7465c1233b276d974a24aaaabb000000000000aaaaaaaaaabb0000000000000000a0000000a0000000d0000000766c616e00000000000000000000000000000000000000000000000000000000080000000000000001000000000007004e465155455545000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff010000000b000000000000000000626f6e643000000000000000000000007465616d300000000000000000000000626f6e6430000000000000000000000076657468315f746f5f62726964676500aaaaaaaaaabb000000000000ffffffffffff00000000000000007000000070000000a0000000434f4e4e5345434d41524b00000000000000000000000000000000000000000008000000000000000000000000000000"]}, 0x26b) recvfrom(r0, &(0x7f0000000000)=""/59, 0x3b, 0x2021, &(0x7f0000000080)=@nfc_llcp={0x27, 0x1, 0x1, 0x7, 0x6, 0x6, "8ff2fd8798e752d3cdb19936af3bdf2a89819817cc15e4375f195688e880933961446b44552f0ae18efbfd9447cf66b3b7f8f824a691bee4aae61b911b9a98", 0x30}, 0x80) 00:35:47 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000080)) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xfffffffffffffffc, 0x32, 0xffffffffffffffff, 0x0) r1 = socket$key(0xf, 0x3, 0x2) getsockopt$sock_buf(r1, 0x1, 0x1c, &(0x7f0000000200)=""/4096, &(0x7f0000000040)=0x1000) 00:35:47 executing program 3: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x5e, 0x0, 0x1}, 0xb) sendto$inet6(r0, &(0x7f0000925000)="e0", 0x1, 0x0, &(0x7f0000bb6000)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000080)={'security\x00'}, &(0x7f0000000000)=0x54) close(r0) [ 549.281454] kernel msg: ebtables bug: please report to author: Wrong len argument [ 549.327773] kernel msg: ebtables bug: please report to author: Wrong len argument 00:35:47 executing program 4: r0 = socket$inet(0x10, 0x40000000000003, 0xc) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="24000000010407031dfffd946fa283000a200a0009000100030000000c1baba60400817e", 0x24}], 0x1}, 0x0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000080)={'ifb0\x00', {0x2, 0x4e22, @loopback}}) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000200)={'team0\x00', 0x5}) r1 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x100000001, 0x0) flistxattr(r1, &(0x7f0000000240)=""/34, 0x22) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{}]}) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000180)={0x9, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]}) 00:35:47 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt(r0, 0x6, 0x3, &(0x7f00000000c0)="a3b889f03d12697400cdede4580895b9fcbaf0c3f9640cf76c4161da0db86c5651f80bab84ffa8325d36626ce91adf0cab41ea99284286f13d88f06e1807a01090a5201ca3d5c28bf0b6a5026a495aff344575c8ff1df54b07ba2e40bab5d443062e3c9c622b2850da761ca31afc57c0fb1cf2feebae5b72cefe676b4cdfddf7a02efc3ad2e509568ba73d23524b816870bede", 0x93) write$binfmt_misc(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="06000000"], 0x34000) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r0, 0x111, 0x5, 0xfffffffffffffffa, 0x4) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:35:47 executing program 3: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x10000, 0x0) write(r0, &(0x7f0000000080)="2e32b8172005db8903e64dc402e66828a9fec31b3280356707dc4331", 0x1c) r1 = socket(0x20000000000000a, 0x2, 0x0) r2 = socket$inet6(0xa, 0x3, 0x800000000000004) ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d5c6070") getsockopt$sock_buf(r1, 0x1, 0x10, &(0x7f0000e530e9)=""/16, &(0x7f0000000000)=0x10) 00:35:47 executing program 5: unshare(0x4000000000404) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x1, 0x0) pread64(r0, &(0x7f0000000080)=""/165, 0xa5, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x2070, r0, 0x0) read(r0, &(0x7f0000000000)=""/21, 0x15) 00:35:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x0, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r3, 0x117, 0x5, 0x0, 0x80000000) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$sock_timeval(r3, 0x1, 0x15, &(0x7f00000000c0), &(0x7f00000001c0)=0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 00:35:48 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x21}, 0x5}}, 0x5, 0x7, 0xd1, 0x292b, 0x2}, &(0x7f0000000280)=0x98) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000002c0)=@assoc_value={r1, 0x7ff}, 0x8) prctl$setendian(0x14, 0x3) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) bind(r0, &(0x7f0000000380)=@pppoe={0x18, 0x0, {0x4, @local, 'tunl0\x00'}}, 0x80) syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x101000) ioctl(r2, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r3 = socket(0x1e, 0x5, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000340)={0xffffffff}, 0x4) sendmsg(r3, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:48 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x800000000004, 0x20011, r0, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000680)) socket$inet_tcp(0x2, 0x1, 0x0) [ 550.198583] pic_ioport_write: 4 callbacks suppressed [ 550.198624] kvm: pic: level sensitive irq not supported 00:35:48 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x8000000000000, @mcast2, 0x6}, 0x2d4) listen(r0, 0x3f) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000380), 0x8) setrlimit(0x2, &(0x7f0000e63ff0)={0x2000000, 0x20080000000}) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) 00:35:48 executing program 4: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) ioctl$DRM_IOCTL_IRQ_BUSID(r0, 0xc0106403, &(0x7f0000000000)={0x3dd, 0x480000, 0x0, 0x80000001}) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e20, 0x2, @mcast2}}}, 0x84) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000100)={0x0, 0x14, [0x6, 0x10000, 0xf5d, 0x4a, 0x101]}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000180)={0x1, 0x0, [{0xbb7, 0x0, 0x10000}]}) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f00000001c0)="a83e71f5b724e4066bf8d072cd80a0bf54cacfaa964dcf58d768188d6173b87a32eac6e1df24c2c182471edcd6cda6d71a155b5cded9cb0ff8a2b4d0de412d428f4c86bae6a400590864af106655c9a4e8f1814e2baea446ab7eac202dbf48ac73d468118d8d47a1042e5c6fefcfffc1b7ae") fremovexattr(r1, &(0x7f0000000240)=@known='system.sockprotoname\x00') setsockopt$inet6_opts(r0, 0x29, 0x0, &(0x7f0000000280)=@hopopts={0x0, 0x21, [], [@enc_lim={0x4, 0x1, 0x4}, @hao={0xc9, 0x10, @remote}, @hao={0xc9, 0x10, @mcast2}, @calipso={0x7, 0x18, {0xffffffff, 0x4, 0x78f, 0x3, [0x800, 0x1]}}, @generic={0x8, 0xb6, "5a0d20a68ea75dfafb8e8779540b14c6defcda817d6a91f4b94a194d9aad723ecbb4f2b926be2998c4e509fdd0e819aa1a5a89887d532944d9dd3a98d42bb3c23766a05bb4f366d048beccf9915af3049a25f91ddaa35017417087b12258ebe49c95d4b70936bcb50d9fba9317faa8884ef28f4b2bdd37f166b602cad219b5add55cf83182fe07604e3eefe72b40933df22198e023480940859986e47b909c75a0feed4f3415c31e4ec1c88e833f32d694bfd7c61945"}, @enc_lim={0x4, 0x1, 0x401}, @hao={0xc9, 0x10, @loopback}]}, 0x118) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000003c0)="ec6160529da6dc0d974c29d04cba47ad533bd6cfdb4c4f4d9d3e32afd3dd28b655431548c4e3409c85ef2d90d7c91ae66bc5ebc795c2989c1e48dd87dec92338c74cd1e8f9ac17ee30eb") write$P9_RLOPEN(r1, &(0x7f0000000440)={0x18, 0xd, 0x2, {{0x8, 0x3, 0x2}}}, 0x18) setns(r0, 0x26000000) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000480)={0x0, 0x800, 0x1, 0x2, 0x2, 0x5, 0x4, 0xc0, 0x0}, &(0x7f00000004c0)=0x20) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000500)={r2, 0x6d, "61bc3c3952121d56b58cf8903ad9baa99d8fed93dab27689d50b8d1b4190d3d308565c70fab40b78a706e5061c9116cb30f9c11979b22ed7f7da33b5807c0cf7bdc1029563dda28b98381a8c022e6c27ef547ab8b004434d1935f45bef3648297f4ea01892387a67f802bbe662"}, &(0x7f0000000580)=0x75) ioctl$EVIOCGABS3F(r0, 0x8018457f, &(0x7f00000005c0)=""/125) r4 = syz_open_dev$mice(&(0x7f0000000640)='/dev/input/mice\x00', 0x0, 0x40000) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000680)=0x8) ioctl$EVIOCGUNIQ(r0, 0x80404508, &(0x7f00000006c0)=""/216) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f00000007c0)={r2, 0x8}, 0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000800)={r2, 0x800, 0x30}, 0xc) ioctl$BLKTRACESTOP(r4, 0x1275, 0x0) fcntl$setlease(r1, 0x400, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r4, 0xc0105303, &(0x7f0000000840)={0x4, 0x6, 0x2}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000880)={r3, 0x1ff, 0x7fffffff, 0x88e0, 0x0, 0x100000000}, &(0x7f00000008c0)=0x14) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000900)="ea53d987b07880622327445109623b9420e5d4fe381b1b279da5a2ab94624226f0b9326db7ec0e5e01be4f53a7302f88fcbd2db9b981050901f9eaa0418b33a6d34ad85aea39e0fa50c517521650c300f47eb7a3039835a392e1a2dbf4beb853cd8c6b1e67070e2033eba1314b2e7aac7d550066d02862933895f9d984f30296489566741b044a97f2a3ab939d85894898b0ac5ae0b18bbd856442dfe90d9f27c8e2d2b716c5b2b035ff9aef494a53808525736819ab2f73ce77fc4da48dd53a2a1f0cc228550d7e0c3b364ead31caa2b9e5685ddec63990c332de4be73d40e41c3365741204b5f3c5337ba9c1c59d3ef0576122da12e29916dcdc91b22cfd35") syz_open_dev$swradio(&(0x7f0000000a00)='/dev/swradio#\x00', 0x1, 0x2) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f0000000a40)={r2, @in6={{0xa, 0x4e20, 0x3, @mcast2, 0x4}}, 0x5, 0x7c, 0x100000000, 0x1ff, 0x27}, &(0x7f0000000b00)=0x98) ioctl$BLKTRACETEARDOWN(r4, 0x1276, 0x0) 00:35:48 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x40980, 0x0) ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f00000000c0)={0x2, 0xc000000, [], {0x0, @reserved}}) listen(r0, 0xffffffffffffff7f) r2 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r2, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r2, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r3 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r3, 0x1) [ 550.199585] kvm: pic: single mode not supported [ 550.328124] kvm: pic: single mode not supported [ 550.333126] kvm: pic: level sensitive irq not supported [ 550.425724] kvm: pic: level sensitive irq not supported [ 550.457095] kvm: pic: single mode not supported [ 550.462739] kvm: pic: level sensitive irq not supported [ 550.493435] kvm: pic: level sensitive irq not supported [ 550.516396] kvm: pic: level sensitive irq not supported [ 550.555215] mmap: syz-executor3 (13768): VmData 35131392 exceed data ulimit 33554432. Update limits or use boot option ignore_rlimit_data. 00:35:48 executing program 5: getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @local}}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc]}, &(0x7f0000000000)=0x100) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="5fb88c750196077aa3214bebc13f7d74ad4d9320611cf5a33f2a3f09e1c926359dcfe20001c781cb67f79cb0c6f5f4bf8ed60dce2176c22a20b22b9b24172b5569ec67906e7df93b05b19ba5360f2eab62812070fc181a2483366595113b240804d882a7dcd7ac4ba53e06d02558968b978122716d1823dcc7d40155c1bc1e8433f5ba15f5ee48c0ca941fce872e497d1377e2a5bde956f003caaf58c7520f82d7346c266e8ea70dab3bb7af6d78602a31ab8d232b07f6e3ef524b552ed88a1b1c02bc89f4f671855d40a2c1c173d4bb121bc86270c32d39c4c0d09a29b8983169914d8df86417a802b772bb638f72ccdcbb46267b5751816c77b6739f484292d5ca5e1bc4efee06f4e07e6a795faee2af27a8f21298055806494ee0e961cd5bd077bd7756f9e39dd3abdbe5c598cc5cbd44c5c319af923fbc4731545ff134749c2f42ee8454bf33ef309a6323dc847676d5be2fcb9abc717fc1e29396943ec0e264a80d64ca66ef2c42a57112a8a146097d9f4256ef6e6fd73be26e9a5f79b21dae42066d9cf4441021d64a2d6fd61c7ea709948d4be380e0fa4b76dff6aeef45", 0xffffffffffffff8b, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0xffffffffffffff31) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ifreq(r0, 0x89f3, &(0x7f00000001c0)={'tunl0\x00', @ifru_data=&(0x7f0000000180)="d61a072afa6a2e6e9105a65cf0b08be4d57565e1a85eff283ee23d954743a2e3"}) 00:35:48 executing program 3: r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@remote, 0x800, 0x0, 0xff, 0x100000000000001}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x88d9, @loopback}, 0x1c) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000002c0)={@mcast2, 0x800, 0x1}, 0x20) r1 = dup(r0) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000040)={@in={{0x2, 0x4e20, @multicast2}}, 0x2, 0x8001, 0x73fd, "3dbf4ad93b26a4f6751ef85585883da0447962f81c5ba981b8300af21157768979d435c8481d4da4e816dd29c1bbdfa3a9a446017f912261f2d3fbaa85cdd889143a0c2493121b06cb69b2d99c3cccb1"}, 0xd8) 00:35:49 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff83) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x34000) sendto$inet6(r1, &(0x7f0000000040)="2eca31c002c7ce145e811c0465d094647d77e7", 0x1, 0x4880, 0x0, 0x1b9) r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x9, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000200)={r2, &(0x7f0000000180)="5ce84db79c55a5cd64c23065571596161581b90acb76a1fc0015d93be02fe6518898e15ea57e1b873eb9c4c79a2f7f7af82462d5633635c474783739ac80e053555b34dbfc2e5c4a2624bdb6283b4f1a9d5b038b6fa3d7976a8f1b738e31abd051682e753295d5d202dd665c71b3f6c0c4d32d7d70"}, 0x10) r3 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r3, 0x1) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000), 0x2fc) setsockopt$inet6_opts(r3, 0x29, 0x37, &(0x7f00000000c0)=@dstopts={0x0, 0x15, [], [@pad1, @ra={0x5, 0x2, 0x3}, @pad1, @generic={0x7, 0xb, "edf2f5b2bccf01b5e1c111"}, @calipso={0x7, 0x40, {0x5c87, 0xe, 0x6, 0x5, [0x3, 0x2, 0x6, 0x7, 0x7, 0x1, 0xff]}}, @hao={0xc9, 0x10, @loopback}, @calipso={0x7, 0x40, {0x100000001, 0xe, 0x1, 0x4, [0x400, 0x2, 0x2, 0x5, 0xfff, 0x8, 0x1000]}}]}, 0xb8) 00:35:49 executing program 4: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000240)='/dev/snd/midiC#D#\x00', 0x200, 0x2) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") readv(r1, &(0x7f0000000500)=[{&(0x7f0000000400)=""/217, 0xd9}], 0x1) r3 = dup3(r0, r1, 0x0) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x2, 0x8040) r4 = gettid() setsockopt$IP6T_SO_SET_ADD_COUNTERS(r3, 0x29, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="736563757269747900000000000000000000000000000000000000000035cdbba800000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000000000000000000000000"], 0x58) timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000000100)) tkill(r4, 0x1000000000013) ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f0000000140)={0x1f, 0xc39}) 00:35:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e22, 0x7, @mcast1, 0xfe7}, {0xa, 0x4e22, 0xfff, @ipv4={[], [], @loopback}, 0x7ff}, 0x5, [0x0, 0x9, 0xffffffffffffff01, 0x8, 0x1, 0x1, 0x100000001, 0xea6]}, 0x5c) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000380)=0x3ff, 0x4) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000280)={0x1000000000077, 0x0, [0xd90, 0x0, 0x5], [0xc1]}) msgget(0x2, 0xa0) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x10100, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f00000000c0)={0x0, 0xeb, "ecb6af22754f1e6502f77cd2c3ec4df3d19df3ccf22dc10c4ec0b15c10284b3e3dc1175c1c7517968322c1e20e1a13b0a5378288490c4a9098475e9194655a8901a763e23bc58a9b6700e354deb52d90a666d6b69fe3fdff2a64fe86180f1156e74d75eae68477d14762098dc87c40e90db04b580b705561cbc20a2a88efccb4eb1b173d7d1dc352aa9e03ce7fee206f7998bb7886ca88e9f56973a6c3e1909de625d53d7778b483f9edb6b2ea0225645b9fd1c8b30b9791380af275a53ffa922513fa0a637d82173ee773004dfbbe17425408ce9dae4e67db35cb40be5c435ca590c7ecff0b78bcdc2666"}, &(0x7f00000001c0)=0xf3) getsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000200)=@assoc_value={r4, 0x4}, &(0x7f0000000240)=0x8) 00:35:49 executing program 3: r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000100)=0x1c, 0x800) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000140)={0x6, [0x3, 0x9, 0x0, 0x101, 0x200, 0xb769]}, 0x10) r1 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r1, 0x9204, &(0x7f0000000040)) 00:35:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x55, 0x202) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000400)='/dev/video1\x00', 0x2, 0x0) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r3, 0x111, 0x5, 0x9, 0x4) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000001c0)={0xffffffffffffffff}, 0x13f, 0x1}}, 0x20) ioctl$KVM_PPC_GET_SMMU_INFO(r0, 0x8250aea6, &(0x7f0000000340)=""/43) write$RDMA_USER_CM_CMD_DESTROY_ID(r3, &(0x7f0000000300)={0x1, 0x10, 0xfa00, {&(0x7f00000000c0), r4}}, 0x18) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000380)={0x81, 0x4, 0x1000}, 0x4) ioctl$KVM_RUN(r5, 0xae80, 0x0) 00:35:49 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000001c0)='nbd\x00') sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400002c}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x8c, r2, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x100}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x7}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3ff}, @NBD_ATTR_SOCKETS={0x1c, 0x7, [{0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8, 0x1, r0}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x26}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x17}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4}, 0x4) r3 = socket(0x1e, 0x5, 0x0) sendmsg(r3, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:49 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) shutdown(r0, 0x1) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000000)) 00:35:49 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000240)='net/ptype\x00') sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000540), 0x0, &(0x7f00000002c0)=ANY=[]}, 0x0) socket$packet(0x11, 0x3, 0x300) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000004c0)={0x0, 0x22, "c071e5972d56d1b1cbcc88e7552635de119a302501cc0e3074878a67accc13472be0"}, &(0x7f0000000500)=0x2a) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000540)={r1, @in6={{0xa, 0x4e24, 0x1b, @dev={0xfe, 0x80, [], 0x1c}, 0xfffffffffffffff9}}, 0xfff, 0x4}, &(0x7f0000000600)=0x90) preadv(r0, &(0x7f00000017c0), 0x1fe, 0x400000000000) getresuid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)=0x0) getresgid(&(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000280)=0x0) stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x2000, &(0x7f0000000380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r3}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}, {@blksize={'blksize', 0x3d, 0x200}}, {@max_read={'max_read', 0x3d, 0xffffffffffff9108}}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x15}}, {@max_read={'max_read', 0x3d, 0x1000}}], [{@euid_eq={'euid', 0x3d, r4}}]}}) 00:35:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:50 executing program 4: syz_emit_ethernet(0xffe8, &(0x7f0000000000)={@local, @empty, [{[], {0x8100, 0x400000007fff, 0x9}}], {@ipv4={0x800, {{0x7, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @remote, {[@rr={0xffffff94, 0x7, 0x0, [@loopback]}]}}, @icmp=@timestamp_reply}}}}, &(0x7f0000000100)={0x2}) 00:35:50 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snapshot\x00', 0x381000, 0x0) listen(r0, 0x200) r2 = fcntl$dupfd(r1, 0x406, r0) writev(r2, &(0x7f0000000200)=[{&(0x7f0000000000)="9d9609669e3fe0aaed02d8a376b6fb89ec91c8a644971288172c0eab34f0ee5216b0e9e548ef01babe2ea5705b", 0x2d}, {&(0x7f0000000480)="066ec4d314d93956de929eaab9bfec9bd822c1c0dd82bc9df87f5c8751dc755b615b4ad1af31dc909c8ec1f81153f66df008b2c7e15680ba57e877d36641e823c1c6f75040f6869b21adb80471f6cfc5f42859d45d6623489ebfbd65d5e563791171c2b8b48df7cf8bb716dc344d6ca0ff4b5d9d5235dec4299e6d43bac76030f7b7271428e527028dfbcad7b0745220089a35a7a48c829cced44e8e72a89963eb1e62b0a8bdd7e5ca0e11e259bdf7d4acdf945d571afcdeebd398f344a183784b1e89d835e73d096a589bd055ddc7125c26a16ee14b1c5d910fc52afc7054880facb01d1644776233360e", 0x72c}, {&(0x7f0000000180)="fe591b81f6222f4602000000f29947", 0x371}, {&(0x7f00000002c0)="a6f5651776ee56d8715d11a26f85a28b711f7ed52afc27af41c516167b0121f528a09f02aaeb3307f603efb1e81d9e8086ea4b17859a4cf4ce1aac854abbf2f93b70f6d3375bef3c32ddb3ffbc5baa5bc985a887ed261b5cd898266d876ae38578df2a7e39b905f41052cb54f60eef55efb6b0bd4adaa0f2daef3498f37234e0a04c461cb4948ae693c74cbcaa95fd2b71b5136b70ce75efef8c0643948d9ab974bc328ce200411cecffcf149f354866f48f12114c9e34c2fa431291e8871b69e0a59b058094d23c6a321ee1c760658724", 0xd1}, {&(0x7f00000003c0)="1e0390cfa5143e06f6bcc9d4d966a064e3a55ab52496fc8d2ec0701b18d3255ca14d6ee243dee29663fd36cced1ced24695e0f9cbe3f32912443154b6e31377bb88b8cbc4681a6a1a9d085b80494c28b3070311aff542b0348422ebf8b32073e418b952009cfa76668e4a68b114e908faf98236421dcc5e176390e09a925553ec23816ad6ad84d0e3d4946b1c98e58bd61277dfaee7742e02d7306bba8399f08", 0xa0}], 0x5) 00:35:50 executing program 4: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x3f, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0xae, 0x24c, 0x0, 0x80000001, 0x6, 0x80000001, 0x2, 0x579c934b, 0x0}, &(0x7f0000000100)=0x20) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x6}, 0x8) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f0000000080)={0x0, 0x33424752, 0x500, 0x0, 0x0, @stepwise}) [ 550.598845] kvm: pic: level sensitive irq not supported [ 552.379362] kvm: pic: level sensitive irq not supported [ 552.444461] kvm: pic: single mode not supported [ 552.504795] kvm: pic: single mode not supported 00:35:50 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x400000, 0x0) write$FUSE_GETXATTR(r1, &(0x7f0000000740)={0x18, 0xfffffffffffffff5, 0x8, {0x7ffffffb}}, 0x18) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f00000001c0)={0x20, 0x2, 'client1\x00', 0x0, "cecf38db469d2401", "76682f9cb956e1dbe3f1f0895a5a35b071a4184f43e31579483a741a969d3606", 0xfffffffffffffffa, 0x6}) poll(&(0x7f0000000780)=[{r1, 0x200}, {r2, 0x110}, {r0, 0x200}, {r2, 0x40}, {r0, 0x4}, {r1, 0xf067a4306063d085}, {r2, 0x1160}], 0x7, 0x2e991f69) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000800)=ANY=[@ANYBLOB="f8ffffff000000000a004e2296000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000001000000050000000a004e2109000000fe80000000000000000000000000000108000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e2102000000fe80000000000000000000cd000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e207f0000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e2301010000fe80000000000000000000000000001405000000000000000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000a004e23ffa204000000fe80000000e8000000000000000000bb04000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008d4f3d8e56176b6ae49ae33cf6aca64879cede55ca5526ae179e1689ec049bc8e55c62973a60274ff8c93bbdb2d729457a88711e652d9460a3047a89e17c56a328b6319fa4e55745228179f1e4d9ded75f5611f7d927b2642b4d25eff240ed557af37f34072ac87c256252e88d939cf7b0add072baeb526a3081d5513b0c9cbfb41dfb9ea9c7fd176b82418e6a8e727285775ce2845497262756702563feaa104fad7fc1e67235b35a94"], 0x310) socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000580)={{{@in6=@remote, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f00000004c0)=0xe8) bind$packet(r0, &(0x7f0000000680)={0x11, 0x10, r3, 0x1, 0x8000, 0x6, @random="943a3331a281"}, 0x14) ioctl(r2, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r4 = socket(0x800009, 0x5, 0x3) pipe2$9p(&(0x7f00000007c0), 0x80000) sendmsg(r4, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:50 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x3f) r1 = socket$packet(0x11, 0x3, 0x300) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000140)}, 0xc100) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000000)=0xe2b, 0x4) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x401}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000140)={r2, 0x3}, &(0x7f0000000180)=0x8) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x4000, 0x0) write$P9_RCLUNK(r3, &(0x7f0000000280)={0x7, 0x79, 0x1}, 0x7) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x80, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000001c0)=r4, 0x4) open$dir(&(0x7f0000000200)='./file0\x00', 0x400, 0x100) openat$null(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/null\x00', 0x1, 0x0) r5 = fcntl$dupfd(r0, 0x0, r1) write$P9_RRENAMEAT(r5, &(0x7f0000001bc0)={0x7}, 0x7) 00:35:50 executing program 3: pipe(&(0x7f00003fe000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000080)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000000c0)=0x20) tee(r0, r3, 0x80007385, 0x0) r4 = dup2(r2, r3) ioctl$int_in(r4, 0x5452, &(0x7f0000e35ff8)=0x45) write(r1, &(0x7f0000000000)='#', 0x1) [ 552.509542] kvm: pic: level sensitive irq not supported [ 552.604550] kvm: pic: level sensitive irq not supported 00:35:50 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem\x00', 0x4000, 0x0) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) r2 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x1000, 0x200) write$P9_RFSYNC(r2, &(0x7f0000000040)={0x7, 0x33, 0x2}, 0x7) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r3 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r3, 0x1) 00:35:50 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x8, &(0x7f00000002c0)=0x8, 0x4) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c) sendto$inet6(r0, &(0x7f0000000300)="f80fbd5da1b3c0f09d3d94815745711bc76fe5db01b2fc2212e65d8952d0e6c6a78d9f733c0b2e6e682851541ccb5deb7457e151cc1b5b5f36b48923af79e3e31d74d21dc9276ec6f239daf8840b23b84d41ef4054d550e46cfccfc13cb3a98b0115acdeb9a444078b26402b41c98ab137b29323385056b60a526b3761a836df03793a0d70bc210cdffb72830619e25a176e9093cd2f7638c729ff1729c356aa239337240d338a81f3518edc86ef1b5c6cd42d1cb29af9759c30b7c23ffae4fecf251357f1393e3a0323f95bd74bbf0ef60ffaf5f145b6f799b8b78adeefd3fdd5e5c640aeef43a440e9ff23509a446d6fa8496d4d073d1b98352d9ad48c32cc08b80ddf39dd47ed07b16dc93e526db098de8a840c9c65cbdbae98c40da0ef48e76429d4a74a2b228bfba5ed2eaf754154621255f65595ffaa2d79c49efd77849986e5dc12189002f11145da3d56c1ce8cac370b43b3cee8e8071c44f54f94f17368586f53dbaf3be6e5aba47cccac708235c3d6f75e18d397fd167aee63522153e59d14fc28996fae0c2ee0a6c582146530547829808681f6f631ece598d63118a08a4550534ac8ad228c05182eb2fee2a304b6d27db943307578e78c68b2b3889abf3158ec7fd4603aa7a6b601769724e669c4a3dc74afaeba1ed37b00ec985b1553e3452de574312e12114412bbefa695ac9d613fe505421f835f8c3a17aa04f20be028c321f176205f7da29dd81393125e99b68832a2", 0x218, 0x8000, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}, 0x1c) close(r0) [ 552.632582] kvm: pic: single mode not supported [ 553.107859] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 00:35:51 executing program 3: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x4000, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000015c0)={&(0x7f0000000280)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000300)=""/155, 0x9b}, {&(0x7f00000003c0)=""/248, 0xf8}, {&(0x7f00000004c0)=""/238, 0xee}], 0x3, &(0x7f00000005c0)=""/4096, 0x1000, 0x7}, 0x2002) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000100)={0x0, 0x7fff, 0x101, {0x0, 0x1c9c380}, 0xd30, 0x2}) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000001600)={r1, 0x1, 0x6, @dev={[], 0xb}}, 0x10) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000040)) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000001640)) sendmsg$nl_route(r2, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="280000001c00070f000000000000000007000000", @ANYRES32=r3, @ANYBLOB="ffffff000a000200aaa2aaaaaaaa0000"], 0xff8e}}, 0x0) 00:35:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) syz_extract_tcp_res$synack(&(0x7f0000000580), 0x1, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) syz_kvm_setup_cpu$x86(r1, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f00000002c0)="66b9800000c00f326635000400000f30d9f3440f20c0663503000000440f22c0baf80c66b8e4c7778166efbafc0ced0f320f23ba66b9510300000f3266b96108000066b80078000066ba000000000f3026670ff9e9b893000f00d8", 0x5b}], 0x1, 0x0, &(0x7f00000001c0)=[@efer={0x2, 0x1}], 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00", 0x0}) r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000340)={'team0\x00', r6}) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r5, 0x84, 0x15, &(0x7f0000000380)={0x587991a0}, 0x1) fcntl$getownex(r4, 0x10, &(0x7f00000003c0)={0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r5, 0xc1105518, &(0x7f0000000440)={{0x2, 0x3, 0x2, 0x10000, 'syz1\x00', 0x2}, 0x0, 0x140, 0x6, r8, 0x1, 0x2802cdeb, 'syz1\x00', &(0x7f0000000400)=['\x00'], 0x1, [], [0x7, 0x8, 0x1f, 0x3]}) setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f00000005c0)={{0xaf, @local, 0x4e21, 0x1, 'wrr\x00', 0x5, 0x101, 0x47}, {@multicast2, 0x4e21, 0x0, 0x1, 0xfffffffffffffe01}}, 0x44) ioctl$KVM_RUN(r7, 0xae80, 0x0) 00:35:51 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d0240316285717070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) munmap(&(0x7f000000d000/0x1000)=nil, 0x1000) mremap(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil) 00:35:51 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="73f8cb797735a2fc5bf7d2b3eac25af28ba8a784"], 0x34000) accept4(r0, 0x0, &(0x7f0000000080), 0x0) 00:35:51 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, 0xfffffffffffffffd, 0x1d1) clock_adjtime(0x7, &(0x7f0000000000)={0x1, 0x10001, 0x7fff, 0x9, 0x4, 0x744c, 0x39a, 0x1f, 0x8, 0x5, 0x80000001, 0x25, 0x100000000, 0x6, 0x7ff, 0x7, 0x100000000, 0xffffffff, 0x1, 0x80, 0x3, 0x1ff, 0x6, 0x33, 0x2, 0x81}) 00:35:51 executing program 3: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000140)={0x1, 0x8, [@local, @local, @remote, @broadcast, @empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={[], 0x19}]}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000000000)={{0x81, 0x3}}) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 00:35:52 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000000380)=@nfc_llcp={0x27, 0x1, 0x0, 0x7, 0x101, 0xf02, "b97c4f8ef7850c03039b1bcba069ffd4609d4af580e7925dd550c49256b4221715c78238d21c495d42c72bef6353542f7996afc1726252e2b426914c02832c", 0x38}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dlm-control\x00', 0x40, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000580)={0xffffffffffffffff}, 0x0, 0x8}}, 0x20) r4 = syz_open_dev$sndpcmc(&(0x7f0000000600)='/dev/snd/pcmC#D#c\x00', 0x80, 0x2000) write$RDMA_USER_CM_CMD_MIGRATE_ID(r2, &(0x7f0000000640)={0x12, 0x10, 0xfa00, {&(0x7f00000004c0), r3, r4}}, 0x18) getsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000200)={@ipv4={[], [], @dev}, 0x0}, &(0x7f0000000240)=0x14) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000440)={&(0x7f0000000280)={0x1d, r5}, 0x10, &(0x7f0000000400)={&(0x7f0000000300)={0x3, 0x10, 0x3, {0x77359400}, {r6, r7/1000+10000}, {0x2, 0x60000000000000, 0xfff, 0x8}, 0x1, @can={{0x1, 0x0, 0x0, 0x4}, 0x8, 0x3, 0x0, 0x0, "89d18afef22f223c"}}, 0x48}}, 0x4050) ioctl(r1, 0x7, &(0x7f0000000700)="0a5c2d0240316285717070") r8 = socket(0x1e, 0x5, 0x0) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r8, 0x84, 0x7, &(0x7f0000000180), &(0x7f00000001c0)=0x4) sendmsg(r8, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:52 executing program 5: r0 = gettid() r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x0, 0x0) readv(r1, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/45, 0x2d}], 0x1) timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000044000)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) timer_settime(0x0, 0x2, &(0x7f0000000000)={{r2, r3+30000000}, {0x77359400}}, &(0x7f0000000240)) r4 = syz_open_dev$sndpcmp(&(0x7f00000001c0)='/dev/snd/pcmC#D#p\x00', 0x7, 0x800) bind$vsock_dgram(r4, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) tkill(r0, 0x1000000000014) ioctl$sock_SIOCGIFCONF(r4, 0x8912, &(0x7f0000000280)) 00:35:52 executing program 4: r0 = socket$inet(0x2, 0x80000, 0x5) pwritev(r0, &(0x7f0000000240)=[{&(0x7f0000000100)="73dba9b86092775312094d68dd20e401e7d691d03eed4421c31e890cfe7afd9d855f3888b3dfe2b1dff886fbc361371adae4a23a468754ac82dfd4e8138a9702365289b2c90cc14f01c9cedf33e681d8495e2b9631ec5617028c0530273d6c43e4a3c707496504eea17177aae1e9159e1bd9d1e6b60c570f93e04878a0c1e414acdbbd5ba1c4bc79127a7903591e", 0x8e}, {&(0x7f00000001c0)="7297ea339006d6203057df364c81e1a57772f4a96de77fa0433a9574768cb0688be003225f4e1758d39bd3d0f268491361316a93be58f121188499f66849ab021aed22046acebe2ae3d1669bcb927271f5acfec0f683f98b4ca42be52c35ebbb223260ff78c659", 0x67}, {&(0x7f0000000000)="3546d777d1a4ae8d1b79b27eaf706c063805df32af8a98a552dc88320b965d547b7c681e504aabaea4", 0x29}, {&(0x7f0000000b80)="551fb6c00b9fd575627c6d04c8778317557b801924b37045b8be0c1358149ef66c3ae33fee8a9db3dbba4b07888c97958304b9fa94e2834299e5b45a39f245114cd82db9c917ff101a466dbdb7a1aff17cee78c170c951958672de220b96d5b9fcb85ce710e84deab890236e7b6fbffbe38f0c4602a66b2e7709cbc537590d52aebf1ef22038757c31e37a452e37d2701a06f3c401d000afcb6b72655ca804f5f984bb41f51227c6a7655843ab79f9672b2a1762eac2561857c0d6d8324b2854ddd5fc48e293a4b16ff45d5debcd70d55bbed74e17fa0337d83a99fb2f02d3dbfa0068105fdd4f0dee237610f0fb6cc8a1a768b237f4fe32b69dd682884c160196a0cf28564c958b51602650299293df3eb9ea36cfab99b37fe78e404b8bb282c875c2773b283c458bcd9bd33ae673ea661a11d9057d462c27b66404681b04eba78d5121d7b5c7842970768598273767d56b613ab843159c967a7ef671968360d074757385d1016b706a15186893eb813bdb8d45fb9b7f50200a19d63888310ffcad5eeb79e8274477d63562f624af24553bc44f1a5da4b861d5aa818e943cc0128c7d9ea6ebe69fcaa43d591c68ff1388dacd33e1b7f63b728323b3e46f357379a5a41abc096bf880c957c00bc252fe740e2ddb7e2e148657e767510658b5ef769ff86dc38d86b4a0641b9d1d8e51ea34ce9b3be1524699214f54e0a3af545ee9ba2b02a8a03daa35d18af987f21ad42b797135c322df07fd460d251020158d6b8b5d161bfce1846fa119ef40c4510cb74b9ef8bd129f0de93a5bb74ded65235bd32149dee5b0f6b6c05cb6e0f04d0f8205e1cc9e3fd317cfd41f1bbc48618d868b2c6dd98db97719047f476ef5add9db518d9927f616ba2a7c7d6d2c078957bc1e1a7ccf984f5b0a6c11a262cf1db513b5a7f2cefd2bc1292c316e553c36fbfd82f48e66196ebffecf9261233e86b8af8a4eed68f7816c12a8c749eff121fbcce4c2de1b2fa1aecc96f19f23a36b180286eca6c02837e2014c8f8f1a191501bd92004d14f4ab4669d12c9689d8c9d0f66a64fa3ec33c511f13c9774622834a6fef0f914d0918edfe799200599d168089001d15c5ffb9956b0baabc45b047f8aa28c253c968d34efc5aa3f8f381f6714b43d974101f34b9be099d49f2139f4c0c1f5cfdd60d1f8e315f4a4bb2bab506cbc386593ddd1866938d43e402f7f2e3b0512d381933cb2478f52449ad5027a04671c1fb187341385fa745cbd22077764e9ec8c8c1633ba287c550b854a0f2f072cdf720fa16c576116e707abd67bbc54365d77ea895825431a0b1c9968da30b675fbdacd17cb6043a7dc504f8a69f562c24fed4bf6a63f1d627c030dcdb735dd65a29bd799b7fc2b8e66c2a2855b267c66071658fe76caeb837af86b4c93e6a3d82e11babb9ac0c1c1453bb2bc698db5c73090ae6246306f65d6ce5e046350c253c23f04943448b71222d77708e1090262e1bd91e30f7395fc3ccb67f98afbb06d7034082deee2a3564aca951a8706c1144b19d0196d3d51edaa6bad743fdd31aa85b3e4f1ca641de8640eefa07189fc1f6c62ffa7b884e381e87cbd71dcb1d5d2187f15af83ac86b851a356ac2dd932ca487ddf7f9f8b1da7997858f242d2ec2ec9686db617024dce37d9ea5b9c44dc39416d606aa0d7c376d24516b0a763dca253275be7bad512851bb6e12f71a2a9793cc973a8bf4cf09bac434f9a57f7ba8babd25cad6248e6e5394ed3765322f7bf1d7f956c8f68a2fca88cffa450ac61d6d534063baa996dae9a504c2eac53bed321048341978abdbaf7676fab17e4865aa617101679075afbea65cd7024102f0e71a3f1febf1112163c2511bdba7131612d4db015612f985ee53e6cf95996d4e072518352d2458fc61fa36821a7867d6753eef603ee8f3e8e751eddc5b8e6cc3293aa947680aa5bb7086998b1187a2a0de0c8b2eb310f45ae2dbcc7b1f1676451f7450592e4637230e7e0db6603428d6061897fc2cb3b6ba77c28a992e70394e1ee96c94faefa284262e30585ac08f1149ee53b41e11a0097a5227485dee278ef85d4ca889a025474d9a68be3998619b588ee50a7cc453774e859654701ccd1a71837f890578ac53bf0be98e2955a5fd7311d1101b3f08f8a0444536b50a4e2cf4ecfbd6e50edb378cb33c9265f52c9aaadfe2c5eb1eb328a1b36e1d9908ab6c637f21db6559669c70ee82374a5f185d1aa493db9fadaaf78d8deaa6cd436d73887764c36e04cb30347407af0d00d6f02f22d0d1e13a406d4f1d25fc1bf6d5dadf7f2514c445df5055cd31331267b4a9e61a83ed8cf47bc8e8e8f7289ca1add0bbb72bbb25ec6fb726985a642ada1c4e495ff72e48597c9bcfb8cfb627cc466c87a31a2ecf01d19160319ace96028be2aa5d39883a3ccd28c414293771fa8186d778e8ce3d6d49bf90452a45147b4b4815e9b844e3520bab6182042b9bccc405223686de022d9ecc0ed414ba829fdebab0f75ee0fa2a558fd05db0a252761939134a177c1d9776761df1af50adf2d5735f6aaa768337372cf2fac534ac908dbf6641196eb9ba276dedd5ac139d15b066298949f7fff3c7ba315e25e76a7ada093414fa5cd129dc75805d8730b19461dbc7c8db1f6c04dfb5d63936f27549ed08007857e94a8d16efe3c617d77b635c7f3c51818da439f49df6b1a5337415589bc3263a6edf9d15de8a3a03d3d0afb7bfa597b981ce1e725d0a0d68f0fe9729247362942553a155de96053be92e8ea3bbab77035817c3e9b9e24d0ef65c03c6b51c53a4a292dff73eaf5ea03abf139a5f9362a79bdf31c72c9a5dc1495b8ac16abd6543e68b1b751a296f396460c4a3ca1eba32b292b9e7168e996d432bbbeefca31d8b59d09caf7bbe01b50b62e288622767fe368dbea0f0c8453a0d3fd480ced1ab123417a97e84c65bb9ffcc0e2be54d4b4c96320d3176f2832a1d2f6b2f21e9a8124f70ac4786c51bec4e3d0f774e1b0624159bda227cb9c6933c3affc156c7c29ec02e473c6b6812cb9ce8a1e398e7e33d4307fdb6b7a251e3b1e027cfc0ff5e2ce6e60bd6658b78e8f0938d7273405701d91c8995a36c75e1d1163d2340370a5a27869a4fa7d212bd76f0d48758474433765f930ea5fbbc0156e00369823bd18bc89df7133f871481205d10acaccfa04130960ea7df26a6873ddc6ce45616be1ecc884ee9edc5f5c2eb2478d80acab4948b4008b744d3f8256131a6312a6d38e902b3644a484829670445b69e985adda6c6959dc47390e7382706e3695fdb10363ca3d77d3136f38a4e888a1c95b789eff6862254e007cb8755cc91134e1cd42a4ec3d1d9404b073eacbd0e25e01948890d79c53b18e476bd3fc556498b98328241ac1250406e6916402f107320c0723922f865732e652e46782c75614ada0152f6fd2f6ba38d4f6580c6918df94948552cd9aec608c3b160526b6d97a7873bb4d303f9fe1500f3a592657818ea081329c72c654f25e0090532bfdedd88d19f2e7d047683f16b13947db93c83a6d4bd5e3001929409f02d48f535b6ac70d30a0f20ceacec321a2a7957ed942c8aedcf40edebfbacf3fb2de5c0834d9d4c6d5fd9e72c95e64d4a0ee254f0d462dda1719100c59d1e2d96561fc4070b6bbbecfe7f39a58cdc73d23122f73aa042fcc282ac156d6a04178ef73ce6d949f5dafbfa6f7b11fb3d7e4f412fe719705b31084f86bd08abe868d9b84a6968ab0bc9fda5a159a92841f9199a8220224db971f2976910ff4d021985a9775615afde44cbd3a650cb76ea3a8a1e2e1286575bae96269885032fa65d27b76d95ecf6b377a25c97c6d920348c23afff9e62e2bcb2aeab504fad2576b8db9430e09226cee0ada7d4580f68d0b837aba5edd4a377c56c0ee2357bbb2d26424fc474a488fc820401a3443bd8f72082d81ddb83a829ecc7d4e32ca9634f58a7fbfb909410d4649448f7c6873ba27e06b8a4d6950ba6e490a0d6397b3b3be2094c64c35859579eae2d3a2ef7d9dca64117777dd5b4b83b5c2d2f15474d6c031a596efe641ff659bbe14f35635658c90d51e3615fb254bf8e8f86af83c840107775a2608e4b9bc96af1513a2252f4309141bd901f064465a6a36b37f76e9cd2e151c188048bad948129d30ce87d7f390c10f8ffe1324596cdbbc92c732056f2051173fba499a67783c0755c56dd70f16465632aa311d6ccc02b6a118b14381902e1efc5f5ab6e54e531edfd61fe65e422f2d55ff006478e52e6c9ccbd839735e77e23d26335ed51c7be05e065e65eba76a7d08a05328246cb5a2e7df201e1bad1e32b88491a4fb1277ba7e725a878504c4c8d6108adfbdd77be0f232bd66083870bea64b573947784be1edaaffe2ca6f59dc91effdc002b5b0c5d3bc18ce2cdd3890dac3381248c456b4dfdc23480862d94b05c9291a9e429fbce3b300f4a53f7f21166aefcfec11f6876b24569168a1e5ac99235f0283d3bfbf217d8407f8a86b105c59c8bc1306326dc11c3d3e26f030349fc29478870172d3e4076ec950e3049f6d149d60c40903d36db28b09fa63335f88d6b00cbaec60a7e7d073e464aaaafcecbd5aedad3726284133acd0e51b385011112ae1d61eb4e41ed4b6417eb8e9948ea0fcf4a1261f8379543a8bd21541691aa29bee483785f4309100b448572e33cbc81b8aa24a36320079e278d046ad1828d6b05cdfe5d78cb550d9c6154e57d2d2087d68ea8854b161e8cfc8e982e2df9be072c38008567f49a96dd246ff6ba126ea6fc5e042cfe519814b8ad65a5f06590545d6eec602998f761118c28812824456c66f53e2c20c25576d38e510b9bc9a67154e18f62f5a2f2ed804c20d6831d21ec8c8ed66a752aeaf0b5e6c0a2fd2eda7955c71d5e933c235f2fd6fcc87201ad1b20a043516763a297cfb5a25f13aa56849e969bd016edb9a468c1161bd69686d806c935a01844a0cffc6fd88b673feed219138177dd997c82d79ff0a3740e059dbf439e8abe5a296aca9d24fb8699291c556518cd2b25aab6999bc332c8113543d0366744edbb9ae780fda9ebd60de0ce57856a500d74ac1cd74090e659967739da59b22f4a762d5373818447badd1d26cf65e08f4e18d4a12332761652ff5cf3f57effbf8b475a80f4989a16c64517a029422a5e5a7c449af5737e49d179aeaba40e96680810bea0d962d9750f892df368446dfc3b44ed2cd756155cf6ff7e1906cb654e80d051f01a2742bea0a11dfdecb7eae3c7b1eb76d382ba4aafaa615c9de10c89ac90fe57dfb6039079ce943ec504c93e20a293b1e222ad94707a59528260b50447c93323baf3df70e569cb7700430531932f1de14f86f689902cdb7a944a77a753ef5c4f6446a3f3ec70374c252f5bccc9ffd115ffd8ce6ef257e3002895f55504074d5b5540cff82a557d350f7ffc71c36bc3d92dcaa758b9a1e28ea82af8ccd521af792b29f416e86ba926563b45017038c1926b5e0f1e8fa4ecec71e1c7d9c6e45b7d5f44868ca7fc291ad879f75f03945766c57a0a7e5383c6d04a4de68d7f621a6b28fadd50cb5ee5b378a26c0f335e1e5a022e4756a22f11048110c9b9135ad0eabb70844255b507aa520651cd421a662f15891efcd00e48195cf0e4e93460c6a4243928abaf40ffbfca89423522a3f20fe408372cb5bf3bfb340430ea0076196640332e495d17ecad3412c2aba639b7b46fdac9638e07555706d7ae7b5c7e20d3c71028f4b76ba63141b1a80ae3774e8c26610e15f59a8c57ed68", 0x1000}, {&(0x7f0000000080)}], 0x5, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000b40)='attr\x00') renameat2(r1, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00', 0x0) 00:35:52 executing program 3: pipe(&(0x7f0000000080)) r0 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x4c, 0x0, &(0x7f0000000340)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000280)}}}], 0x0, 0x0, &(0x7f00000003c0)}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100)={0x20}, &(0x7f0000000140), &(0x7f0000000200), &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) bind$unix(0xffffffffffffffff, &(0x7f0000000540)=@abs, 0xffffffe2) 00:35:52 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x6, 0x101000) ioctl$BLKIOMIN(r1, 0x1278, &(0x7f0000000040)) r2 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x4d, 0x20008000, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @mcast2, 0x6}, 0x1c) write$binfmt_misc(r2, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r2, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r3 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r3, 0x1) 00:35:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x7ff) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 554.529672] binder: 13905:13906 transaction failed 29189/-22, size 0-0 line 2834 [ 554.613422] binder: 13905:13911 transaction failed 29189/-22, size 0-0 line 2834 [ 554.630822] binder: undelivered TRANSACTION_ERROR: 29189 [ 554.672004] binder: undelivered TRANSACTION_ERROR: 29189 00:35:52 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$unix(0x1, 0x801, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='attr/fscreate\x00') ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4068aea3, &(0x7f0000000080)={0x7b, 0x0, [0xebd, 0x5, 0x8, 0x7f]}) bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8) listen(r2, 0x0) connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8) write$binfmt_aout(r1, &(0x7f0000000000), 0xfffffdef) readahead(r3, 0x6, 0x8) 00:35:53 executing program 4: r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f00000002c0)=ANY=[@ANYRESHEX], 0x1, 0x0) msgsnd(r0, &(0x7f0000000000)={0x2}, 0x8, 0x0) msgrcv(r0, &(0x7f0000000180)={0x0, ""/163}, 0xab, 0x1, 0x0) msgsnd(r0, &(0x7f0000000340)={0x1}, 0x8, 0x0) execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000400)=[&(0x7f0000000080)="7d8400", &(0x7f00000000c0)='vboxnet1\x00', &(0x7f0000000100)='wlan1em1[lo\x00', &(0x7f0000000140)='\x00', &(0x7f0000000240)='@}eth1$vboxnet0\\\x00', &(0x7f0000000280)="182873797374656d6c6f6367726f75702d40776c616e305b00", &(0x7f0000000300)='user\x00', &(0x7f0000000380)='([bdev%\x00', &(0x7f00000003c0)='trustedlonodev})]:A]\x00'], &(0x7f0000000680)=[&(0x7f0000000480)='\x00', &(0x7f00000004c0)='$-eth1\'vboxnet0trusted%\'Ucpuset\x00', &(0x7f0000000500)='eth0\x00', &(0x7f0000000540)='selinux,\x00', &(0x7f0000000580)='\x00', &(0x7f00000005c0)='wlan0]\x00', &(0x7f0000000600)='bdev^\x00', &(0x7f0000000640)='(\'{-wlan1vboxnet0%vboxnet1selinux\\$&\x00']) 00:35:53 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="7379fa25"], 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x0) 00:35:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) r4 = dup(r0) getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f00000002c0)={0x0, 0x5, 0x1, 0x60d, 0x2, 0x93c, 0x4, 0x0, {0x0, @in={{0x2, 0x4e21, @rand_addr=0x1}}, 0x7, 0x4, 0xcc6, 0x1, 0xffffffff}}, &(0x7f0000000080)=0xb0) setsockopt$inet_sctp_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f00000000c0)={r5}, 0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:53 executing program 3: r0 = socket$inet6(0xa, 0x6, 0x0) listen(r0, 0x0) 00:35:53 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000000000000000010000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000ff03000000800000ffffffff0000000006000000000000000300000000000000010000000100000000000000000000000000000000000000000000000000000006000000000000008100000000000001040000c40a0000000000007f00000000ffff0000000000000000310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"]) [ 555.524743] not chained 180000 origins [ 555.528682] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 4.20.0-rc2+ #85 [ 555.531647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 555.531647] Call Trace: [ 555.531647] dump_stack+0x32d/0x480 [ 555.549552] ? save_stack_trace+0xc6/0x110 [ 555.549552] kmsan_internal_chain_origin+0x222/0x240 [ 555.549552] ? kmsan_internal_chain_origin+0x136/0x240 [ 555.561974] ? __msan_chain_origin+0x6d/0xb0 [ 555.561974] ? __save_stack_trace+0x8be/0xc60 00:35:53 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)={0x16, 0x0, 0x4, 0x6, 0x0, 0x1}, 0x2c) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x120) bpf$MAP_UPDATE_ELEM(0x15, &(0x7f0000000040)={r0, &(0x7f00000000c0)}, 0x3) [ 555.561974] ? save_stack_trace+0xc6/0x110 [ 555.561974] ? kmsan_internal_chain_origin+0x136/0x240 [ 555.561974] ? kmsan_memcpy_origins+0x13d/0x190 [ 555.586346] ? __msan_memcpy+0x6f/0x80 [ 555.586346] ? skb_copy_bits+0x1d2/0xc90 [ 555.586346] ? skb_copy+0x56c/0xba0 [ 555.586346] ? sctp_make_reassembled_event+0xcbe/0x1210 [ 555.586346] ? sctp_ulpq_partial_delivery+0x850/0xab0 [ 555.607653] ? sctp_do_sm+0x1cf3/0x9c50 [ 555.607653] ? sctp_assoc_bh_rcv+0x66a/0xd90 [ 555.607653] ? sctp_inq_push+0x300/0x420 [ 555.607653] ? sctp_rcv+0x42f2/0x4e40 [ 555.607653] ? sctp6_rcv+0x41/0x70 [ 555.607653] ? ip6_input_finish+0xb53/0x2450 [ 555.632054] ? ip6_input+0x29d/0x340 [ 555.632054] ? ip6_rcv_finish+0x4d2/0x710 [ 555.632054] ? ipv6_rcv+0x34b/0x3f0 [ 555.632054] ? process_backlog+0x82b/0x11e0 [ 555.632054] ? net_rx_action+0x98f/0x1d50 [ 555.632054] ? __do_softirq+0x721/0xc7f [ 555.632054] ? run_ksoftirqd+0x37/0x60 [ 555.632054] ? smpboot_thread_fn+0x69c/0xb30 [ 555.632054] ? kthread+0x5e7/0x620 [ 555.632054] ? ret_from_fork+0x35/0x40 [ 555.632054] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 555.632054] ? in_task_stack+0x12c/0x210 [ 555.632054] ? task_kmsan_context_state+0x51/0x90 [ 555.632054] ? __msan_get_context_state+0x9/0x20 [ 555.632054] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 555.632054] ? in_task_stack+0x12c/0x210 [ 555.702889] __msan_chain_origin+0x6d/0xb0 [ 555.702889] ? sctp_do_sm+0x1cf3/0x9c50 [ 555.702889] __save_stack_trace+0x8be/0xc60 [ 555.702889] ? sctp_do_sm+0x1cf3/0x9c50 [ 555.702889] save_stack_trace+0xc6/0x110 [ 555.702889] kmsan_internal_chain_origin+0x136/0x240 [ 555.702889] ? process_backlog+0x82b/0x11e0 [ 555.702889] ? kmsan_internal_chain_origin+0x136/0x240 [ 555.702889] ? kmsan_memcpy_origins+0x13d/0x190 [ 555.702889] ? __msan_memcpy+0x6f/0x80 [ 555.702889] ? skb_copy_bits+0x1d2/0xc90 [ 555.702889] ? skb_copy+0x56c/0xba0 [ 555.702889] ? sctp_make_reassembled_event+0xcbe/0x1210 [ 555.702889] ? sctp_ulpq_partial_delivery+0x850/0xab0 [ 555.702889] ? sctp_do_sm+0x1cf3/0x9c50 [ 555.702889] ? sctp_assoc_bh_rcv+0x66a/0xd90 [ 555.702889] ? sctp_inq_push+0x300/0x420 [ 555.702889] ? sctp_rcv+0x42f2/0x4e40 [ 555.702889] ? sctp6_rcv+0x41/0x70 [ 555.702889] ? ip6_input_finish+0xb53/0x2450 [ 555.702889] ? ip6_input+0x29d/0x340 [ 555.702889] ? ip6_rcv_finish+0x4d2/0x710 [ 555.702889] ? ipv6_rcv+0x34b/0x3f0 [ 555.702889] ? process_backlog+0x82b/0x11e0 [ 555.702889] ? net_rx_action+0x98f/0x1d50 [ 555.702889] ? __do_softirq+0x721/0xc7f [ 555.702889] ? run_ksoftirqd+0x37/0x60 [ 555.702889] ? smpboot_thread_fn+0x69c/0xb30 [ 555.702889] ? kthread+0x5e7/0x620 [ 555.702889] ? ret_from_fork+0x35/0x40 [ 555.702889] ? __msan_get_context_state+0x9/0x20 [ 555.831816] ? INIT_INT+0xc/0x30 [ 555.831816] ? __kmalloc_node_track_caller+0x1226/0x14e0 [ 555.831816] ? INIT_INT+0xc/0x30 [ 555.831816] kmsan_memcpy_origins+0x13d/0x190 [ 555.848917] __msan_memcpy+0x6f/0x80 [ 555.848917] skb_copy_bits+0x1d2/0xc90 [ 555.848917] skb_copy+0x56c/0xba0 [ 555.848917] sctp_make_reassembled_event+0xcbe/0x1210 [ 555.848917] sctp_ulpq_partial_delivery+0x850/0xab0 [ 555.848917] ? sctp_ulpq_renege_list+0x870/0x870 [ 555.848917] sctp_do_sm+0x1cf3/0x9c50 [ 555.848917] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 555.884627] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 555.891334] ? skb_pull+0x13f/0x230 [ 555.891334] ? acpi_pm_read_slow+0x100/0x100 [ 555.902347] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 555.902347] ? ktime_get+0x2e6/0x420 [ 555.902347] sctp_assoc_bh_rcv+0x66a/0xd90 [ 555.902347] ? sctp_assoc_lookup_asconf_ack+0x2a0/0x2a0 [ 555.902347] sctp_inq_push+0x300/0x420 [ 555.902347] sctp_rcv+0x42f2/0x4e40 [ 555.902347] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 555.902347] sctp6_rcv+0x41/0x70 [ 555.902347] ? sctp_inet6addr_event+0xbd0/0xbd0 [ 555.902347] ip6_input_finish+0xb53/0x2450 [ 555.902347] ? ip6_input_finish+0x13e1/0x2450 [ 555.947800] ip6_input+0x29d/0x340 [ 555.947800] ? ip6_input+0x340/0x340 [ 555.947800] ? ip6_sublist_rcv+0x1ab0/0x1ab0 [ 555.947800] ip6_rcv_finish+0x4d2/0x710 [ 555.947800] ipv6_rcv+0x34b/0x3f0 [ 555.947800] ? dst_hold+0x5e0/0x5e0 [ 555.972921] process_backlog+0x82b/0x11e0 [ 555.972921] ? __msan_poison_alloca+0x1e0/0x270 [ 555.972921] ? ip6_rcv_finish+0x710/0x710 [ 555.972921] ? rps_trigger_softirq+0x2e0/0x2e0 [ 555.972921] net_rx_action+0x98f/0x1d50 [ 555.972921] ? net_tx_action+0xf20/0xf20 [ 555.972921] __do_softirq+0x721/0xc7f [ 555.972921] ? ksoftirqd_should_run+0x50/0x50 [ 555.972921] run_ksoftirqd+0x37/0x60 [ 556.010980] smpboot_thread_fn+0x69c/0xb30 [ 556.010980] kthread+0x5e7/0x620 [ 556.010980] ? cpu_report_death+0x4a0/0x4a0 [ 556.010980] ? INIT_BOOL+0x30/0x30 [ 556.010980] ret_from_fork+0x35/0x40 [ 556.010980] Uninit was stored to memory at: [ 556.010980] kmsan_internal_chain_origin+0x136/0x240 [ 556.010980] __msan_chain_origin+0x6d/0xb0 [ 556.041904] __save_stack_trace+0x8be/0xc60 [ 556.041904] save_stack_trace+0xc6/0x110 [ 556.041904] kmsan_internal_chain_origin+0x136/0x240 [ 556.041904] kmsan_memcpy_origins+0x13d/0x190 [ 556.059064] __msan_memcpy+0x6f/0x80 [ 556.059064] skb_copy_bits+0x1d2/0xc90 [ 556.059064] skb_copy+0x56c/0xba0 [ 556.059064] sctp_make_reassembled_event+0xcbe/0x1210 [ 556.059064] sctp_ulpq_partial_delivery+0x850/0xab0 [ 556.059064] sctp_do_sm+0x1cf3/0x9c50 [ 556.059064] sctp_assoc_bh_rcv+0x66a/0xd90 [ 556.059064] sctp_inq_push+0x300/0x420 [ 556.059064] sctp_rcv+0x42f2/0x4e40 [ 556.059064] sctp6_rcv+0x41/0x70 [ 556.059064] ip6_input_finish+0xb53/0x2450 [ 556.059064] ip6_input+0x29d/0x340 [ 556.059064] ip6_rcv_finish+0x4d2/0x710 [ 556.059064] ipv6_rcv+0x34b/0x3f0 [ 556.059064] process_backlog+0x82b/0x11e0 [ 556.059064] net_rx_action+0x98f/0x1d50 [ 556.059064] __do_softirq+0x721/0xc7f [ 556.059064] [ 556.059064] Uninit was stored to memory at: [ 556.059064] kmsan_internal_chain_origin+0x136/0x240 [ 556.059064] __msan_chain_origin+0x6d/0xb0 [ 556.059064] __save_stack_trace+0x8be/0xc60 [ 556.059064] save_stack_trace+0xc6/0x110 [ 556.059064] kmsan_internal_chain_origin+0x136/0x240 [ 556.059064] kmsan_memcpy_origins+0x13d/0x190 [ 556.059064] __msan_memcpy+0x6f/0x80 [ 556.059064] skb_copy_bits+0x1d2/0xc90 [ 556.059064] skb_copy+0x56c/0xba0 [ 556.059064] sctp_make_reassembled_event+0xcbe/0x1210 [ 556.059064] sctp_ulpq_partial_delivery+0x850/0xab0 [ 556.059064] sctp_do_sm+0x1cf3/0x9c50 [ 556.059064] sctp_assoc_bh_rcv+0x66a/0xd90 [ 556.059064] sctp_inq_push+0x300/0x420 [ 556.059064] sctp_rcv+0x42f2/0x4e40 [ 556.059064] sctp6_rcv+0x41/0x70 [ 556.059064] ip6_input_finish+0xb53/0x2450 [ 556.059064] ip6_input+0x29d/0x340 [ 556.059064] ip6_rcv_finish+0x4d2/0x710 [ 556.059064] ipv6_rcv+0x34b/0x3f0 [ 556.059064] process_backlog+0x82b/0x11e0 [ 556.059064] net_rx_action+0x98f/0x1d50 [ 556.059064] __do_softirq+0x721/0xc7f [ 556.059064] [ 556.059064] Uninit was stored to memory at: [ 556.059064] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] __msan_chain_origin+0x6d/0xb0 [ 556.241810] __save_stack_trace+0x8be/0xc60 [ 556.241810] save_stack_trace+0xc6/0x110 [ 556.241810] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] kmsan_memcpy_origins+0x13d/0x190 [ 556.241810] __msan_memcpy+0x6f/0x80 [ 556.241810] skb_copy_bits+0x1d2/0xc90 [ 556.241810] skb_copy+0x56c/0xba0 [ 556.241810] sctp_make_reassembled_event+0xcbe/0x1210 [ 556.241810] sctp_ulpq_partial_delivery+0x850/0xab0 [ 556.241810] sctp_do_sm+0x1cf3/0x9c50 [ 556.241810] sctp_assoc_bh_rcv+0x66a/0xd90 [ 556.241810] sctp_inq_push+0x300/0x420 [ 556.241810] sctp_rcv+0x42f2/0x4e40 [ 556.241810] sctp6_rcv+0x41/0x70 [ 556.241810] ip6_input_finish+0xb53/0x2450 [ 556.241810] ip6_input+0x29d/0x340 [ 556.241810] ip6_rcv_finish+0x4d2/0x710 [ 556.241810] ipv6_rcv+0x34b/0x3f0 [ 556.241810] process_backlog+0x82b/0x11e0 [ 556.241810] net_rx_action+0x98f/0x1d50 [ 556.241810] __do_softirq+0x721/0xc7f [ 556.241810] [ 556.241810] Uninit was stored to memory at: [ 556.241810] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] __msan_chain_origin+0x6d/0xb0 [ 556.241810] __save_stack_trace+0x8be/0xc60 [ 556.241810] save_stack_trace+0xc6/0x110 [ 556.241810] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] kmsan_memcpy_origins+0x13d/0x190 [ 556.241810] __msan_memcpy+0x6f/0x80 [ 556.241810] skb_copy_bits+0x1d2/0xc90 [ 556.241810] skb_copy+0x56c/0xba0 [ 556.241810] sctp_make_reassembled_event+0xcbe/0x1210 [ 556.241810] sctp_ulpq_partial_delivery+0x850/0xab0 [ 556.241810] sctp_do_sm+0x1cf3/0x9c50 [ 556.241810] sctp_assoc_bh_rcv+0x66a/0xd90 [ 556.241810] sctp_inq_push+0x300/0x420 [ 556.241810] sctp_rcv+0x42f2/0x4e40 [ 556.241810] sctp6_rcv+0x41/0x70 [ 556.241810] ip6_input_finish+0xb53/0x2450 [ 556.241810] ip6_input+0x29d/0x340 [ 556.241810] ip6_rcv_finish+0x4d2/0x710 [ 556.241810] ipv6_rcv+0x34b/0x3f0 [ 556.241810] process_backlog+0x82b/0x11e0 [ 556.241810] net_rx_action+0x98f/0x1d50 [ 556.241810] __do_softirq+0x721/0xc7f [ 556.241810] [ 556.241810] Uninit was stored to memory at: [ 556.241810] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] __msan_chain_origin+0x6d/0xb0 [ 556.241810] __save_stack_trace+0x8be/0xc60 [ 556.241810] save_stack_trace+0xc6/0x110 [ 556.241810] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] kmsan_memcpy_origins+0x13d/0x190 [ 556.241810] __msan_memcpy+0x6f/0x80 [ 556.241810] skb_copy_bits+0x1d2/0xc90 [ 556.241810] skb_copy+0x56c/0xba0 [ 556.241810] sctp_make_reassembled_event+0xcbe/0x1210 [ 556.241810] sctp_ulpq_partial_delivery+0x850/0xab0 [ 556.241810] sctp_do_sm+0x1cf3/0x9c50 [ 556.241810] sctp_assoc_bh_rcv+0x66a/0xd90 [ 556.241810] sctp_inq_push+0x300/0x420 [ 556.241810] sctp_rcv+0x42f2/0x4e40 [ 556.241810] sctp6_rcv+0x41/0x70 [ 556.241810] ip6_input_finish+0xb53/0x2450 [ 556.241810] ip6_input+0x29d/0x340 [ 556.241810] ip6_rcv_finish+0x4d2/0x710 [ 556.241810] ipv6_rcv+0x34b/0x3f0 [ 556.241810] process_backlog+0x82b/0x11e0 [ 556.241810] net_rx_action+0x98f/0x1d50 [ 556.241810] __do_softirq+0x721/0xc7f [ 556.241810] [ 556.241810] Uninit was stored to memory at: [ 556.241810] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] __msan_chain_origin+0x6d/0xb0 [ 556.241810] __save_stack_trace+0x8be/0xc60 [ 556.241810] save_stack_trace+0xc6/0x110 [ 556.241810] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] kmsan_memcpy_origins+0x13d/0x190 [ 556.241810] __msan_memcpy+0x6f/0x80 [ 556.241810] skb_copy_bits+0x1d2/0xc90 [ 556.241810] skb_copy+0x56c/0xba0 [ 556.241810] sctp_make_reassembled_event+0xcbe/0x1210 [ 556.241810] sctp_ulpq_partial_delivery+0x850/0xab0 [ 556.241810] sctp_do_sm+0x1cf3/0x9c50 [ 556.241810] sctp_assoc_bh_rcv+0x66a/0xd90 [ 556.241810] sctp_inq_push+0x300/0x420 [ 556.241810] sctp_rcv+0x42f2/0x4e40 [ 556.241810] sctp6_rcv+0x41/0x70 [ 556.241810] ip6_input_finish+0xb53/0x2450 [ 556.241810] ip6_input+0x29d/0x340 [ 556.241810] ip6_rcv_finish+0x4d2/0x710 [ 556.241810] ipv6_rcv+0x34b/0x3f0 [ 556.241810] process_backlog+0x82b/0x11e0 [ 556.241810] net_rx_action+0x98f/0x1d50 [ 556.241810] __do_softirq+0x721/0xc7f [ 556.241810] [ 556.241810] Uninit was stored to memory at: [ 556.241810] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] __msan_chain_origin+0x6d/0xb0 [ 556.241810] __save_stack_trace+0x8be/0xc60 [ 556.241810] save_stack_trace+0xc6/0x110 [ 556.241810] kmsan_internal_chain_origin+0x136/0x240 [ 556.241810] kmsan_memcpy_origins+0x13d/0x190 [ 556.241810] __msan_memcpy+0x6f/0x80 [ 556.241810] skb_copy_bits+0x1d2/0xc90 [ 556.241810] skb_copy+0x56c/0xba0 [ 556.241810] sctp_make_reassembled_event+0xcbe/0x1210 [ 556.241810] sctp_ulpq_partial_delivery+0x850/0xab0 [ 556.241810] sctp_do_sm+0x1cf3/0x9c50 [ 556.241810] sctp_assoc_bh_rcv+0x66a/0xd90 [ 556.241810] sctp_inq_push+0x300/0x420 [ 556.241810] sctp_rcv+0x42f2/0x4e40 [ 556.241810] sctp6_rcv+0x41/0x70 [ 556.241810] ip6_input_finish+0xb53/0x2450 [ 556.241810] ip6_input+0x29d/0x340 [ 556.241810] ip6_rcv_finish+0x4d2/0x710 [ 556.241810] ipv6_rcv+0x34b/0x3f0 [ 556.241810] process_backlog+0x82b/0x11e0 [ 556.241810] net_rx_action+0x98f/0x1d50 [ 556.241810] __do_softirq+0x721/0xc7f [ 556.241810] [ 556.241810] Local variable description: ----oc.i.i@__alloc_pages_nodemask [ 556.241810] Variable was created at: [ 556.241810] __alloc_pages_nodemask+0x108/0x64d0 [ 556.241810] __kmalloc_node_track_caller+0x6db/0x14e0 [ 556.845568] pic_ioport_write: 5 callbacks suppressed [ 556.845591] kvm: pic: level sensitive irq not supported [ 556.846508] kvm: pic: single mode not supported [ 556.865983] kvm: pic: single mode not supported [ 556.870714] kvm: pic: level sensitive irq not supported [ 556.882184] kvm: pic: level sensitive irq not supported [ 556.889015] kvm: pic: single mode not supported [ 556.894698] kvm: pic: level sensitive irq not supported [ 556.904402] kvm: pic: level sensitive irq not supported [ 556.913320] kvm: pic: level sensitive irq not supported 00:35:55 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x2000000008912, &(0x7f0000000080)="153f6234488dd25d766070") r1 = creat(&(0x7f00000000c0)='\x00', 0x0) ftruncate(r1, 0x8200) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) mlock(&(0x7f0000001000/0x2000)=nil, 0x2000) creat(&(0x7f0000000180)='./bus\x00', 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000000)={0x0, 0x2, 0x5, [0x1, 0x8001, 0x19, 0x0, 0x8]}, &(0x7f0000000040)=0x12) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000100)={r3, 0x1, 0x4, [0x0, 0x7, 0x2, 0x4]}, 0x10) 00:35:55 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000900)=ANY=[@ANYBLOB="0024ade3c90400000054db4f00000000bb6818218e5a0800000000009fff2286fd1b0779fbd593af5645500108d1aa36113ecc6ab366e7b7819960eb9e501ff574869fa6b8ce269474907d765dcd3666a035934b7b2377a7bff1670dc14f1449c468420e545210d431dd91a78cb734d1a484aeec55ccc714506f84390000000000736eaffbf483a812fb4b3be9b2871ce0f3534576b635ea8a6e56f3d989a087717bd0e6ce8ecec24c3bd08b275567a2f4ac5e3da1343f2c91f89146aabbc61843e1750f89b918925a014a50d125ed9a87314530d9678c010071e339e297d366bde3cc5643a2a270347f3f8a2a2e159d03e2993966b385f411084ea7a7a132fd3c252021b00ab3cd6863edbe8ef83e269fff6a8e6e2adce8b6be1e5c27e5ce45f17c89ac8c8e3db3e4cc682bf2d7e63cd0c7502b40eed07ccc50f5311196e266428d9fd242e095c60be0a9fda82c455d7818346b94fbd21e5480431e3f33e7ff48c045b206beee871eba174556950a1f4792b9b6d6d39225e22c5541874956"], &(0x7f00000002c0)=0x1) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000380)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@mcast2}}, &(0x7f0000000200)=0xfffffffffffffd6d) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000340)={@dev={0xfe, 0x80, [], 0x16}, 0x59, r1}) setsockopt$inet6_int(r0, 0x29, 0x1000000f9, &(0x7f0000000540)=0x7, 0xfffffffffffffeef) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'bond_slave_0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x28c, 0x3ef, 0x200000000000000, 0x30c, 0x0, 0x0, 0xe003, 0x33c, 0x0, 0x0, 0x3603, 0x252, 0x8]}, 0x75, r2}) r3 = socket$l2tp(0x18, 0x1, 0x1) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000300)='/dev/rtc0\x00', 0x101002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@local, @empty, @loopback, 0x3, 0x0, 0x1f, 0x0, 0x100000000, 0x0, r2}) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f00000006c0)=ANY=[@ANYBLOB="210000004dc3bff6a3d819d4caffffff7f27b369c0cc545640afff9af97288ee0bb983881a4d5271b477752b2332869f8df76ac8a5cffba513d97cc2d108efcf86a162af492933a098526f"], &(0x7f0000000880)=0x1) rename(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='./file0\x00') setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f00000008c0)=@sack_info={0x0, 0x2e75, 0x815}, 0xc) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000640)={@remote, @ipv4={[], [], @loopback}, @mcast2, 0x12c, 0x8, 0x3, 0x400, 0x4, 0x20, r1}) ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000180)) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000040)={0x0, 0x2}, &(0x7f0000000280)=0x8) getsockname(r4, &(0x7f00000007c0)=@pptp={0x18, 0x2, {0x0, @dev}}, &(0x7f0000000600)=0x80) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r3, 0x84, 0x1a, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00\x00\b\x00'], &(0x7f00000005c0)=0x1) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x509000, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(r5, 0x5382, &(0x7f0000000480)) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = inotify_init1(0x20000) r7 = dup2(r6, r6) fcntl$getownex(r7, 0x10, &(0x7f0000000240)) capset(&(0x7f00000fc000)={0x19980330}, &(0x7f000047efe8)) mq_open(&(0x7f0000000000)="2e1f05", 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x1, 0x2}) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x400080, 0x0) getresgid(&(0x7f00000004c0), &(0x7f00000001c0), &(0x7f0000000280)) 00:35:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000080)=0x0) fcntl$lock(r0, 0x0, &(0x7f00000000c0)={0x2, 0x1, 0x5, 0x5ed3, r2}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 00:35:55 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") r2 = socket(0x1e, 0x5, 0x0) sendmsg(r2, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) ioctl$ASHMEM_PURGE_ALL_CACHES(r1, 0x770a, 0x0) 00:35:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) r4 = dup(r0) getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f00000002c0)={0x0, 0x5, 0x1, 0x60d, 0x2, 0x93c, 0x4, 0x0, {0x0, @in={{0x2, 0x4e21, @rand_addr=0x1}}, 0x7, 0x4, 0xcc6, 0x1, 0xffffffff}}, &(0x7f0000000080)=0xb0) setsockopt$inet_sctp_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f00000000c0)={r5}, 0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:55 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:ld_so_t:s0\x00', 0x1d, 0x1) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) openat$userio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/userio\x00', 0x8241, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) [ 556.929770] kvm: pic: level sensitive irq not supported [ 557.485506] kvm: pic: level sensitive irq not supported [ 557.526583] kvm: pic: single mode not supported [ 557.540681] capability: warning: `syz-executor3' uses 32-bit capabilities (legacy support in use) [ 557.548183] kvm: pic: single mode not supported [ 557.548203] kvm: pic: level sensitive irq not supported [ 557.630246] kvm: pic: level sensitive irq not supported 00:35:55 executing program 4: r0 = open(&(0x7f0000000140)='./file0\x00', 0x14104a, 0x0) io_setup(0x401, &(0x7f0000000040)=0x0) io_cancel(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000080)="98e6d9508683f9ca67a35ee2273f5af9ad69774dc56232f3d9eed6f2ec192c7f2c0a199ed991cd54835df88df2b4367956a6471f850d558ca1a8177d295dacf2c2", 0x41, 0x10001, 0x0, 0x0, r0}, &(0x7f0000000180)) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000200)=0x7, 0x100000000, 0x4) remap_file_pages(&(0x7f0000008000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0) mremap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f000000a000/0x3000)=nil) remap_file_pages(&(0x7f0000007000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f00000001c0)) 00:35:55 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) geteuid() r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000040)='.', 0xffa5, 0x20000000, 0x0, 0x0) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) shutdown(r2, 0x1) 00:35:56 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @remote}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)="6970365f767469300000000200", 0x10) r1 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video2\x00', 0x2, 0x0) ioctl$VIDIOC_G_CROP(r1, 0xc014563b, &(0x7f00000000c0)={0xf, {0x2, 0xffffffff, 0x1, 0xfff}}) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x13, &(0x7f0000000140), 0xc) close(r0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x101000, 0x82) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f0000000180)) [ 557.648165] kvm: pic: single mode not supported [ 558.086719] mmap: syz-executor4 (13989) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. 00:35:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x9, 0x40500) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 00:35:56 executing program 0: r0 = socket(0x1e, 0x2, 0x0) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000300)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x2000) r1 = socket$inet(0x2, 0x5, 0x5) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$packet(r2, &(0x7f00000001c0)={0x11, 0x17, r3, 0x1, 0xc6, 0x6, @broadcast}, 0x14) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e22, 0xfffffffeffffffff, @dev={0xfe, 0x80, [], 0x17}, 0xcd}}, 0x2, 0x1, 0x5, "405e27b6dc6517e1faccd068ee3bf602f23cd39319b0fb1a5331f725c713f188e9bf1c8a69aa7d3ca14aec850e20da97e6dc451c8a5bd1dd2fc5600885d1d049412345fc16879f6fea363f8915492093"}, 0xd8) r4 = socket(0x1e, 0x5, 0x0) sendmsg(r4, &(0x7f0000316000)={&(0x7f0000000500)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000180)}, 0x0) 00:35:56 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff961, 0x101000) write$P9_RWSTAT(r1, &(0x7f0000000200)={0x7, 0x7f, 0x2}, 0x7) r2 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r2, &(0x7f0000000000)={'syz0'}, 0xffffffffffffff85) sendto$inet6(r2, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) r3 = accept4(r0, 0x0, &(0x7f00000001c0), 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000000040)={0x0, 0x0}) sched_getparam(r4, &(0x7f00000000c0)) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x28000, 0x0) ioctl$TCGETA(r5, 0x5405, &(0x7f0000000080)) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r5, 0xc034564b, &(0x7f0000000140)={0xd5f, 0x41416770, 0x0, 0x8, 0x3, @discrete={0x0, 0xfc97}}) shutdown(r3, 0x1) 00:35:56 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$inet(0x10, 0x3, 0x1c) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000040607031dfffd946fa2830020200a0009000100061d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x4000) 00:35:56 executing program 4: lremovexattr(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000740)=ANY=[]) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0x0) r0 = syz_open_dev$mice(&(0x7f00000002c0)='/dev/input/mice\x00', 0x0, 0x101000) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000300)={0x0, 0x2, 0x0, 0x1000, &(0x7f0000f3b000/0x1000)=nil}) socket$pppoe(0x18, 0x1, 0x0) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x241, 0x0) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000500)={0x10000009, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x200400, 0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000025bd7000fddbdf251000050063ae00000800040003000000"], 0x24}}, 0x10) setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000280)={{0x0, 0x2}, 0x14}, 0x10) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14) mmap(&(0x7f0000bfe000/0x400000)=nil, 0x400000, 0x0, 0x811, r2, 0x4000) mmap(&(0x7f0000f96000/0x2000)=nil, 0x2000, 0x2000000, 0x110012, r2, 0x49) 00:35:56 executing program 3: unshare(0x8000400) r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x2, 0x90200) ioctl$LOOP_GET_STATUS64(r0, 0x4c02, &(0x7f00000004c0)) socket$inet6_udp(0xa, 0x2, 0x0) [ 558.950141] Unknown ioctl 21509 00:35:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x0, 0x1, &(0x7f00000000c0), 0x10000000000000ff) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:35:57 executing program 5: openat$sequencer(0xffffffffffffff9c, &(0x7f0000000580)='/dev/sequencer\x00', 0x0, 0x0) r0 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000240)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000000c0)={'syz'}, &(0x7f00000002c0)="52b74d20fb34f4aad0b2817c1501508ea19af04532822e285987c4a47d2f19ea4c8cd16c4e3b2d7b03e5a9c370c4b2884687fad910a2a72d8e38fad79730e02a93982870f3c53a0c53e847b84844bc477f0ae5493103f2592551aee8e3b9e3129198f06bf09b30a83aaf56d9ac322bdefa2cda1fe58acdcde8a49b5093b279e7378bf557bad55708b11e248d1998d84c93d495f3eaa3d514ea09d601100df46163867ed58955071ba9ca87a6e15afd3ecc8d01a61e9f3d161d0f986b10e88d3fea1ee984990fdd590c9148a0555ab8109c58511af87742ba73a3438be9d892050e144dc09ff66ec70cc52fc61c98e864ba0b7cb8e597f495fe98371f1c7c24ce2dd1a715f65ddb91b32664466a17a619448a93d19c4d48ebe5cfa4e21e20318df68f125fd88cfe81c853d706d132132a15da0eb53d9b49c4ffeb8b79f1ca34c359320c7d7fa366e12267f46f2c06e51e6e76108faaf8426390941bb3cb55c4fb4b8b5a8d65", 0xfffffffffffffd6c, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000080)={r0, r1, r1}, &(0x7f0000000140)=""/83, 0x53, &(0x7f00000001c0)={&(0x7f0000000040)={'crct10dif\x00'}, &(0x7f00000001c0)}) [ 559.283782] Unknown ioctl -1070311861 [ 559.348013] Unknown ioctl 21509 [ 559.374418] Unknown ioctl -1070311861 00:35:57 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000000)={0x7, [0x0, 0x1, 0x3, 0x1, 0x8, 0x5, 0x8]}, &(0x7f0000000040)=0x12) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet_sctp(0x2, 0x1, 0x84) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x2000000000000001, 0x84) rt_sigreturn() sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x34000) sendto$inet6(r1, &(0x7f0000000300)='.', 0x1, 0x4880, 0x0, 0x0) fsetxattr$trusted_overlay_upper(r0, &(0x7f00000000c0)='trusted.overlay.upper\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="00fb230107d6666ca2c572ae60c56d1ef5f626958326856276e9e720c0fdd8f8be9208bffbfed2309f02532bf29e2153276692940562473826846e4eef47095fa6e34e736eb556bb229301b3a923644295cde732ec9a6041482bea9823ce748e71a49752d5fc8d77b9bd8423558c964debf795fbe032c4a231b6ad66e4078d3861b3ea6de85342efeb46cede1f1f9dd6819d8603c3a29a436b1d07d24c792cc1d49e59230258f2c8ad20b14e94c4560ad5536566f63db0f6c1cc9d5e316410e16bcace07a23aaf89a81d2069a99b092929c137ab4d6d27173e2e6065bec16b903ca99f29cf3f07d0eb25b0c52ef42ea7061732d703dacb074b1e356b23954dff2eb6929a752a41e2279daa704c9aa1d9289ce611ce0da04fb92fefd21f1b8e495ef31eefada689d3c994706c6ae50ace6b1a3fe16a14d5b1413ad7b82695fe6e7dd7bb08b11bbc395c379cdc5e1a743e2743f289a1ebfb561704c90000000000000000"], 0x23, 0x3) r2 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) r3 = memfd_create(&(0x7f0000000140)='trusted.overlay.upper\x00', 0x3) fanotify_mark(r2, 0x2, 0x0, r3, &(0x7f0000000180)='./file0\x00') shutdown(r2, 0x1) 00:35:58 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(aegis128-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000), 0x0) r1 = accept$alg(r0, 0x0, 0x0) r2 = dup(r1) setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req={0x4, 0xa4c4, 0xff}, 0x10) write$P9_RATTACH(r2, &(0x7f0000000000)={0x14}, 0x14) recvmmsg(r1, &(0x7f00000000c0)=[{{&(0x7f0000000300)=@xdp, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000001b80)}}, {{&(0x7f0000000380)=@rc, 0x80, &(0x7f0000000140)=[{&(0x7f0000000200)=""/156, 0x9c}], 0x1, &(0x7f0000004040)=""/224, 0xe0}}], 0x2, 0x0, &(0x7f00000002c0)={0x77359400}) 00:35:58 executing program 0: r0 = socket(0x1e, 0x2, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000580)=ANY=[@ANYBLOB="f0000000", @ANYRES16=r1, @ANYBLOB="000827bd7000fddbdf2507000000080005000100000008000600ffff000008000500020000006c00010008000b0073697000080004004e23000024a03e77c9080001000a000000080008000600000014000300000000000000000000000000000000000c000700120000000600000008000b00736970000c000700100000002800000014000300fe8000000000000000000000000000bb5400010008000b0073697000080008000600000008000500030000000c0007003d0000000200000014000300ffffffff00000000000000000000000008000800080000000800010002000000080004004e21000004000200"], 0xf0}, 0x1, 0x0, 0x0, 0x44001}, 0x4) bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0101000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cd184a"}, 0x80) recvmsg(r0, &(0x7f0000001240)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000080)=""/213, 0xd5}], 0x1, &(0x7f0000001300)=""/186, 0xba}, 0x0) getxattr(&(0x7f0000000480)='./file0\x00', &(0x7f00000001c0)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000200)=""/76, 0x4c) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000700)="0a5c2d0240316285717070") syslog(0x4, &(0x7f0000000740)=""/230, 0xe6) r3 = socket(0x1e, 0x5a8307709ea1bab8, 0xeaad) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000300)={{0x2, 0x4e22}, {0x6, @broadcast}, 0x0, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x17}}, 'sit0\x00'}) ioctl$sock_SIOCOUTQ(r3, 0x5411, &(0x7f0000000180)) setsockopt$IP_VS_SO_SET_EDITDEST(r3, 0x0, 0x489, &(0x7f00000004c0)={{0xff, @multicast1, 0x4e22, 0x2, 'dh\x00', 0x1, 0x7, 0x6e}, {@rand_addr=0x5, 0x4e21, 0x10002, 0x8, 0x1380000000000000, 0x7}}, 0x44) 00:35:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000200)="c4c17c53f066baf80cb832d08b83ef66bafc0c66b8000066ef480fc71bc74424002a010000c744240200380000ff1c2466b8ec008ed026363e2e360fc72dd8f787b63646d03d00800000f344235686490fc7584648b8f32f0000000000000f23c00f21f835030001000f23f8", 0x6c}], 0x1, 0x0, &(0x7f00000003c0), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"74756e6c300042b5abd3a915edee00"}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 560.429090] PANIC: double fault, error_code: 0x0 [ 560.431659] CPU: 1 PID: 14052 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 560.431659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 560.446573] ================================================================== [ 560.446573] BUG: KMSAN: uninit-value in do_raw_spin_lock+0x130/0x410 [ 560.446573] CPU: 1 PID: 14052 Comm: syz-executor2 Not tainted 4.20.0-rc2+ #85 [ 560.446573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 560.446573] Call Trace: [ 560.446573] <#DF> [ 560.446573] dump_stack+0x32d/0x480 [ 560.446573] ? do_raw_spin_lock+0x130/0x410 [ 560.446573] kmsan_report+0x19f/0x300 [ 560.446573] kmsan_internal_check_memory+0x35b/0x3b0 [ 560.446573] ? __msan_poison_alloca+0x1e0/0x270 [ 560.446573] kmsan_check_memory+0xd/0x10 [ 560.446573] do_raw_spin_lock+0x130/0x410 [ 560.446573] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 560.446573] _raw_spin_lock+0x27/0x30 [ 560.446573] vprintk_emit+0x1d9/0x8a0 [ 560.446573] vprintk_default+0x90/0xa0 [ 560.446573] vprintk_func+0x26b/0x2a0 [ 560.446573] printk+0x1a3/0x1f0 [ 560.446573] ? kmsan_get_origin_address+0x212/0x360 [ 560.446573] ? kmsan_get_shadow_origin_ptr+0x2c0/0x410 [ 560.446573] show_iret_regs+0x13c/0x540 [ 560.446573] ? kmsan_get_origin_address+0x212/0x360 [ 560.446573] ? __show_regs+0xb2/0x1350 [ 560.446573] ? show_regs+0xaf/0x170 [ 560.446573] __show_regs+0xc9/0x1350 [ 560.446573] ? get_cpu_entry_area+0xc/0x30 [ 560.446573] ? kmsan_get_shadow_origin_ptr+0x2c0/0x410 [ 560.446573] show_regs+0xaf/0x170 [ 560.446573] df_debug+0x86/0xb0 [ 560.446573] do_double_fault+0x362/0x480 [ 560.446573] double_fault+0x1e/0x30 [ 560.446573] RIP: 0010:kmsan_get_origin_address+0x212/0x360 [ 560.446573] Code: 2d 01 00 00 e9 fe 00 00 00 65 44 8b 34 25 20 a1 02 00 48 b8 00 00 00 00 00 02 00 00 48 01 d8 48 3d ff 0f e8 00 77 38 44 89 f7 19 30 4a ff 48 89 d9 48 29 c1 85 c9 78 26 48 63 c1 48 3d ff 9f [ 560.446573] RSP: 0018:fffffe000003c000 EFLAGS: 00010093 [ 560.446573] RAX: 000000000003c150 RBX: fffffe000003c150 RCX: 000000000000002e [ 560.446573] RDX: 0000000000000001 RSI: 0000000000000088 RDI: 0000000000000001 [ 560.446573] RBP: fffffe000003c038 R08: 0000000000000000 R09: 0000000000000000 [ 560.446573] R10: 0000000000000000 R11: 0000000000000000 R12: 0000778000000000 [ 560.446573] R13: 0000000000000000 R14: 0000000000000001 R15: fffffe008003c150 [ 560.446573] [ 560.446573] [ 560.446573] kmsan_memmove_origins+0xbd/0x1c0 [ 560.446573] ? kmsan_memmove_shadow+0xad/0xd0 [ 560.446573] __msan_memmove+0x6c/0x80 [ 560.446573] fixup_bad_iret+0x63/0xc0 [ 560.446573] error_entry+0xad/0xc0 [ 560.446573] RIP: 0000: (null) [ 560.446573] Code: Bad RIP value. [ 560.446573] RSP: a3fb7f:00007fedb96ab9c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 560.446573] RAX: 0000000000000000 RBX: ffffffff8b000e58 RCX: 000000000040393c [ 560.446573] RDX: d44f01c6b1766300 RSI: 0000000000000000 RDI: 0000000000000000 [ 560.446573] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08 [ 560.446573] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000 [ 560.446573] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c [ 560.446573] ? general_protection+0x8/0x30 [ 560.446573] ? general_protection+0x8/0x30 [ 560.446573] [ 560.446573] [ 560.446573] Local variable description: ----v.addr.i.i@do_raw_spin_lock [ 560.446573] Variable was created at: [ 560.446573] do_raw_spin_lock+0x62/0x410 [ 560.446573] _raw_spin_lock+0x27/0x30 [ 560.446573] [ 560.446573] Bytes 0-7 of 8 are uninitialized [ 560.446573] Memory access of size 8 starts at fffffe00000439f8 [ 560.446573] ================================================================== [ 560.446573] Disabling lock debugging due to kernel taint [ 560.446573] Kernel panic - not syncing: panic_on_warn set ... [ 560.446573] CPU: 1 PID: 14052 Comm: syz-executor2 Tainted: G B 4.20.0-rc2+ #85 [ 560.446573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 560.446573] Call Trace: [ 560.446573] <#DF> [ 560.446573] dump_stack+0x32d/0x480 [ 560.446573] panic+0x624/0xc08 [ 560.446573] kmsan_report+0x300/0x300 [ 560.446573] kmsan_internal_check_memory+0x35b/0x3b0 [ 560.446573] ? __msan_poison_alloca+0x1e0/0x270 [ 560.446573] kmsan_check_memory+0xd/0x10 [ 560.446573] do_raw_spin_lock+0x130/0x410 [ 560.446573] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 560.446573] _raw_spin_lock+0x27/0x30 [ 560.446573] vprintk_emit+0x1d9/0x8a0 [ 560.446573] vprintk_default+0x90/0xa0 [ 560.446573] vprintk_func+0x26b/0x2a0 [ 560.446573] printk+0x1a3/0x1f0 [ 560.446573] ? kmsan_get_origin_address+0x212/0x360 [ 560.446573] ? kmsan_get_shadow_origin_ptr+0x2c0/0x410 [ 560.446573] show_iret_regs+0x13c/0x540 [ 560.446573] ? kmsan_get_origin_address+0x212/0x360 [ 560.446573] ? __show_regs+0xb2/0x1350 [ 560.446573] ? show_regs+0xaf/0x170 [ 560.446573] __show_regs+0xc9/0x1350 [ 560.446573] ? get_cpu_entry_area+0xc/0x30 [ 560.446573] ? kmsan_get_shadow_origin_ptr+0x2c0/0x410 [ 560.446573] show_regs+0xaf/0x170 [ 560.446573] df_debug+0x86/0xb0 [ 560.446573] do_double_fault+0x362/0x480 [ 560.446573] double_fault+0x1e/0x30 [ 560.446573] RIP: 0010:kmsan_get_origin_address+0x212/0x360 [ 560.446573] Code: 2d 01 00 00 e9 fe 00 00 00 65 44 8b 34 25 20 a1 02 00 48 b8 00 00 00 00 00 02 00 00 48 01 d8 48 3d ff 0f e8 00 77 38 44 89 f7 19 30 4a ff 48 89 d9 48 29 c1 85 c9 78 26 48 63 c1 48 3d ff 9f [ 560.446573] RSP: 0018:fffffe000003c000 EFLAGS: 00010093 [ 560.446573] RAX: 000000000003c150 RBX: fffffe000003c150 RCX: 000000000000002e [ 560.446573] RDX: 0000000000000001 RSI: 0000000000000088 RDI: 0000000000000001 [ 560.446573] RBP: fffffe000003c038 R08: 0000000000000000 R09: 0000000000000000 [ 560.446573] R10: 0000000000000000 R11: 0000000000000000 R12: 0000778000000000 [ 560.446573] R13: 0000000000000000 R14: 0000000000000001 R15: fffffe008003c150 [ 560.446573] [ 560.446573] [ 560.446573] kmsan_memmove_origins+0xbd/0x1c0 [ 560.446573] ? kmsan_memmove_shadow+0xad/0xd0 [ 560.446573] __msan_memmove+0x6c/0x80 [ 560.446573] fixup_bad_iret+0x63/0xc0 [ 560.446573] error_entry+0xad/0xc0 [ 560.446573] RIP: 0000: (null) [ 560.446573] Code: Bad RIP value. [ 560.446573] RSP: a3fb7f:00007fedb96ab9c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 560.446573] RAX: 0000000000000000 RBX: ffffffff8b000e58 RCX: 000000000040393c [ 560.446573] RDX: d44f01c6b1766300 RSI: 0000000000000000 RDI: 0000000000000000 [ 560.446573] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08 [ 560.446573] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000 [ 560.446573] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c [ 560.446573] ? general_protection+0x8/0x30 [ 560.446573] ? general_protection+0x8/0x30 [ 560.446573] [ 560.446573] Kernel Offset: disabled