[ 52.276551] audit: type=1800 audit(1542801156.315:27): pid=6411 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 52.296140] audit: type=1800 audit(1542801156.325:28): pid=6411 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 53.967615] audit: type=1800 audit(1542801158.015:29): pid=6411 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 53.987161] audit: type=1800 audit(1542801158.015:30): pid=6411 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.79' (ECDSA) to the list of known hosts. 2018/11/21 11:52:51 fuzzer started 2018/11/21 11:52:55 dialing manager at 10.128.0.26:34653 2018/11/21 11:52:55 syscalls: 1 2018/11/21 11:52:55 code coverage: enabled 2018/11/21 11:52:55 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/11/21 11:52:55 setuid sandbox: enabled 2018/11/21 11:52:55 namespace sandbox: enabled 2018/11/21 11:52:55 Android sandbox: /sys/fs/selinux/policy does not exist 2018/11/21 11:52:55 fault injection: enabled 2018/11/21 11:52:55 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/11/21 11:52:55 net packet injection: enabled 2018/11/21 11:52:55 net device setup: enabled 11:55:12 executing program 0: accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, &(0x7f00000000c0)=0x1c) setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x400000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, r0, 0x0) dup2(r0, 0xffffffffffffffff) accept$inet(0xffffffffffffffff, &(0x7f0000000540)={0x2, 0x0, @loopback}, &(0x7f0000000100)=0x10) timer_gettime(0x0, &(0x7f0000000280)) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) getpgrp(0x0) getpgid(0x0) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xd76a) syz_genetlink_get_family_id$team(&(0x7f00000002c0)='team\x00') ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) getcwd(&(0x7f0000000600)=""/191, 0xbf) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f00000001c0), 0xfffffef3) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000faeff4)) fcntl$getown(r2, 0x9) syzkaller login: [ 208.907101] IPVS: ftp: loaded support on port[0] = 21 [ 210.879585] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.886310] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.894885] device bridge_slave_0 entered promiscuous mode [ 211.049242] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.055814] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.064254] device bridge_slave_1 entered promiscuous mode [ 211.261618] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 211.373471] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 211.709432] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 211.826073] bond0: Enslaving bond_slave_1 as an active interface with an up link 11:55:16 executing program 1: r0 = socket(0x10, 0x3, 0x0) recvmsg(r0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000900)=@getroute={0x14, 0x1a, 0x1c974209d04c2781}, 0x14}}, 0x20000000) [ 212.523806] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 212.531596] team0: Port device team_slave_0 added [ 212.696379] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 212.704362] team0: Port device team_slave_1 added [ 212.724112] IPVS: ftp: loaded support on port[0] = 21 [ 212.958851] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 212.967148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 212.975727] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 213.122679] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 213.282970] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 213.290641] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 213.299531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 213.443270] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 213.451158] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 213.459962] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 215.380914] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.387445] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.394503] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.400949] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.409505] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 215.637294] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.643936] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.652526] device bridge_slave_0 entered promiscuous mode [ 215.770261] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.776819] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.785197] device bridge_slave_1 entered promiscuous mode [ 215.896423] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 215.942882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 216.124760] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 216.669481] bond0: Enslaving bond_slave_0 as an active interface with an up link 11:55:20 executing program 2: r0 = getpgid(0x0) capset(&(0x7f0000000040)={0x20071026, r0}, 0x0) [ 216.901387] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 217.177632] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 217.184783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 217.466431] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 217.473591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 217.655883] IPVS: ftp: loaded support on port[0] = 21 [ 218.273215] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 218.281145] team0: Port device team_slave_0 added [ 218.511352] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 218.519255] team0: Port device team_slave_1 added [ 218.767789] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 218.775008] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 218.783454] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 219.042190] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 219.049598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 219.058063] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 219.261006] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 219.268807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 219.277565] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 219.468301] not chained 10000 origins [ 219.472245] CPU: 0 PID: 6799 Comm: ip Not tainted 4.20.0-rc3+ #91 [ 219.478474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 219.487824] Call Trace: [ 219.490435] dump_stack+0x32d/0x480 [ 219.494090] kmsan_internal_chain_origin+0x222/0x240 [ 219.499232] ? save_stack_trace+0xc6/0x110 [ 219.503476] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 219.508589] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 219.513874] ? kmsan_internal_chain_origin+0x136/0x240 [ 219.519162] ? __msan_chain_origin+0x6d/0xb0 [ 219.523572] ? save_stack_trace+0xfa/0x110 [ 219.527807] ? kmsan_internal_chain_origin+0x136/0x240 [ 219.533085] ? kmsan_memcpy_origins+0x13d/0x190 [ 219.537763] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 219.543215] ? in_task_stack+0x12c/0x210 [ 219.547561] __msan_chain_origin+0x6d/0xb0 [ 219.551800] ? __msan_memcpy+0x6f/0x80 [ 219.555695] __save_stack_trace+0x8be/0xc60 [ 219.560034] ? __msan_memcpy+0x6f/0x80 [ 219.563934] save_stack_trace+0xc6/0x110 [ 219.568000] kmsan_internal_chain_origin+0x136/0x240 [ 219.573114] ? kmsan_internal_chain_origin+0x136/0x240 [ 219.578409] ? kmsan_memcpy_origins+0x13d/0x190 [ 219.583098] ? __msan_memcpy+0x6f/0x80 [ 219.586985] ? nla_put+0x20a/0x2d0 [ 219.590532] ? br_port_fill_attrs+0x366/0x1ea0 [ 219.595123] ? br_port_fill_slave_info+0xff/0x120 [ 219.599973] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 219.604471] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 219.608970] ? netlink_dump+0xc79/0x1c90 [ 219.613039] ? netlink_recvmsg+0xec2/0x19d0 [ 219.617367] ? sock_recvmsg+0x1d1/0x230 [ 219.621341] ? ___sys_recvmsg+0x444/0xae0 [ 219.625495] ? __se_sys_recvmsg+0x2fa/0x450 [ 219.629827] ? __x64_sys_recvmsg+0x4a/0x70 [ 219.634066] ? do_syscall_64+0xcf/0x110 [ 219.638046] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 219.643417] ? __msan_poison_alloca+0x1e0/0x270 [ 219.648353] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 219.653713] ? find_next_bit+0x25b/0x2a0 [ 219.657773] ? vmalloc_to_page+0x585/0x6c0 [ 219.662014] ? kmsan_set_origin+0x7f/0x100 [ 219.666263] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 219.671635] kmsan_memcpy_origins+0x13d/0x190 [ 219.676142] __msan_memcpy+0x6f/0x80 [ 219.679879] nla_put+0x20a/0x2d0 [ 219.683273] br_port_fill_attrs+0x42b/0x1ea0 [ 219.687698] br_port_fill_slave_info+0xff/0x120 [ 219.692374] ? br_port_get_slave_size+0x30/0x30 [ 219.697048] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 219.701398] rtnl_dump_ifinfo+0x18b5/0x2140 [ 219.705795] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 219.711170] ? rtnl_getlink+0xec0/0xec0 [ 219.715158] netlink_dump+0xc79/0x1c90 [ 219.719071] netlink_recvmsg+0xec2/0x19d0 [ 219.723262] sock_recvmsg+0x1d1/0x230 [ 219.727071] ? netlink_sendmsg+0x1440/0x1440 [ 219.731487] ___sys_recvmsg+0x444/0xae0 [ 219.736003] ? __msan_poison_alloca+0x1e0/0x270 [ 219.740687] ? __se_sys_recvmsg+0xca/0x450 [ 219.744943] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 219.750634] ? __fdget+0x23c/0x440 [ 219.754201] __se_sys_recvmsg+0x2fa/0x450 [ 219.758379] __x64_sys_recvmsg+0x4a/0x70 [ 219.762444] do_syscall_64+0xcf/0x110 [ 219.766256] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 219.771448] RIP: 0033:0x7fcc90730210 [ 219.775172] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24 [ 219.794162] RSP: 002b:00007ffc9c20b0a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 219.801876] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcc90730210 [ 219.809158] RDX: 0000000000000000 RSI: 00007ffc9c20b0f0 RDI: 0000000000000003 [ 219.816434] RBP: 0000000000001fe4 R08: 00007fcc909d9ec8 R09: 0000000000000000 [ 219.823709] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006395c0 [ 219.830981] R13: 00007ffc9c20f180 R14: 0000000000001fe4 R15: 00007ffc9c20d114 [ 219.838267] Uninit was stored to memory at: [ 219.842609] kmsan_internal_chain_origin+0x136/0x240 [ 219.848062] __msan_chain_origin+0x6d/0xb0 [ 219.852299] __save_stack_trace+0x8be/0xc60 [ 219.856622] save_stack_trace+0xc6/0x110 [ 219.860681] kmsan_internal_chain_origin+0x136/0x240 [ 219.865783] kmsan_memcpy_origins+0x13d/0x190 [ 219.870289] __msan_memcpy+0x6f/0x80 [ 219.874020] nla_put+0x20a/0x2d0 [ 219.877388] br_port_fill_attrs+0x366/0x1ea0 [ 219.881797] br_port_fill_slave_info+0xff/0x120 [ 219.886465] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 219.891764] rtnl_dump_ifinfo+0x18b5/0x2140 [ 219.896085] netlink_dump+0xc79/0x1c90 [ 219.899969] netlink_recvmsg+0xec2/0x19d0 [ 219.904261] sock_recvmsg+0x1d1/0x230 [ 219.908078] ___sys_recvmsg+0x444/0xae0 [ 219.912064] __se_sys_recvmsg+0x2fa/0x450 [ 219.916210] __x64_sys_recvmsg+0x4a/0x70 [ 219.920272] do_syscall_64+0xcf/0x110 [ 219.924078] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 219.929260] [ 219.930879] Uninit was stored to memory at: [ 219.935243] kmsan_internal_chain_origin+0x136/0x240 [ 219.940370] __msan_chain_origin+0x6d/0xb0 [ 219.944606] __save_stack_trace+0x8be/0xc60 [ 219.949223] save_stack_trace+0xc6/0x110 [ 219.953387] kmsan_internal_chain_origin+0x136/0x240 [ 219.958494] kmsan_memcpy_origins+0x13d/0x190 [ 219.962993] __msan_memcpy+0x6f/0x80 [ 219.966707] nla_put+0x20a/0x2d0 [ 219.970077] br_port_fill_attrs+0x366/0x1ea0 [ 219.974512] br_port_fill_slave_info+0xff/0x120 [ 219.979183] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 219.983508] rtnl_dump_ifinfo+0x18b5/0x2140 [ 219.987827] netlink_dump+0xc79/0x1c90 [ 219.991712] netlink_recvmsg+0xec2/0x19d0 [ 219.995864] sock_recvmsg+0x1d1/0x230 [ 219.999670] ___sys_recvmsg+0x444/0xae0 [ 220.003655] __se_sys_recvmsg+0x2fa/0x450 [ 220.007807] __x64_sys_recvmsg+0x4a/0x70 [ 220.011870] do_syscall_64+0xcf/0x110 [ 220.015702] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 220.020885] [ 220.022528] Uninit was stored to memory at: [ 220.026851] kmsan_internal_chain_origin+0x136/0x240 [ 220.031953] __msan_chain_origin+0x6d/0xb0 [ 220.036191] __save_stack_trace+0x8be/0xc60 [ 220.040524] save_stack_trace+0xc6/0x110 [ 220.044585] kmsan_internal_chain_origin+0x136/0x240 [ 220.050045] kmsan_memcpy_origins+0x13d/0x190 [ 220.054543] __msan_memcpy+0x6f/0x80 [ 220.058262] nla_put+0x20a/0x2d0 [ 220.061632] br_port_fill_attrs+0x366/0x1ea0 [ 220.066042] br_port_fill_slave_info+0xff/0x120 [ 220.070710] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 220.075033] rtnl_dump_ifinfo+0x18b5/0x2140 [ 220.079359] netlink_dump+0xc79/0x1c90 [ 220.083265] netlink_recvmsg+0xec2/0x19d0 [ 220.087427] sock_recvmsg+0x1d1/0x230 [ 220.091227] ___sys_recvmsg+0x444/0xae0 [ 220.095203] __se_sys_recvmsg+0x2fa/0x450 [ 220.099358] __x64_sys_recvmsg+0x4a/0x70 [ 220.103431] do_syscall_64+0xcf/0x110 [ 220.107238] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 220.112416] [ 220.114038] Uninit was stored to memory at: [ 220.118363] kmsan_internal_chain_origin+0x136/0x240 [ 220.123488] __msan_chain_origin+0x6d/0xb0 [ 220.127722] __save_stack_trace+0x8be/0xc60 [ 220.132064] save_stack_trace+0xc6/0x110 [ 220.136127] kmsan_internal_chain_origin+0x136/0x240 [ 220.141231] kmsan_memcpy_origins+0x13d/0x190 [ 220.145721] __msan_memcpy+0x6f/0x80 [ 220.149776] nla_put+0x20a/0x2d0 [ 220.153149] br_port_fill_attrs+0x366/0x1ea0 [ 220.157558] br_port_fill_slave_info+0xff/0x120 [ 220.162227] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 220.166549] rtnl_dump_ifinfo+0x18b5/0x2140 [ 220.170875] netlink_dump+0xc79/0x1c90 [ 220.174777] netlink_recvmsg+0xec2/0x19d0 [ 220.178943] sock_recvmsg+0x1d1/0x230 [ 220.182759] ___sys_recvmsg+0x444/0xae0 [ 220.186734] __se_sys_recvmsg+0x2fa/0x450 [ 220.190883] __x64_sys_recvmsg+0x4a/0x70 [ 220.194961] do_syscall_64+0xcf/0x110 [ 220.198777] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 220.203968] [ 220.205608] Uninit was stored to memory at: [ 220.209941] kmsan_internal_chain_origin+0x136/0x240 [ 220.215168] __msan_chain_origin+0x6d/0xb0 [ 220.219415] __save_stack_trace+0x8be/0xc60 [ 220.223738] save_stack_trace+0xc6/0x110 [ 220.227799] kmsan_internal_chain_origin+0x136/0x240 [ 220.232916] kmsan_memcpy_origins+0x13d/0x190 [ 220.237414] __msan_memcpy+0x6f/0x80 [ 220.241129] nla_put+0x20a/0x2d0 [ 220.244497] br_port_fill_attrs+0x366/0x1ea0 [ 220.249297] br_port_fill_slave_info+0xff/0x120 [ 220.253970] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 220.258293] rtnl_dump_ifinfo+0x18b5/0x2140 [ 220.262611] netlink_dump+0xc79/0x1c90 [ 220.266500] netlink_recvmsg+0xec2/0x19d0 [ 220.270649] sock_recvmsg+0x1d1/0x230 [ 220.274452] ___sys_recvmsg+0x444/0xae0 [ 220.278428] __se_sys_recvmsg+0x2fa/0x450 [ 220.282576] __x64_sys_recvmsg+0x4a/0x70 [ 220.286638] do_syscall_64+0xcf/0x110 [ 220.290444] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 220.295625] [ 220.297267] Uninit was stored to memory at: [ 220.301603] kmsan_internal_chain_origin+0x136/0x240 [ 220.306717] __msan_chain_origin+0x6d/0xb0 [ 220.310970] __save_stack_trace+0x8be/0xc60 [ 220.315292] save_stack_trace+0xc6/0x110 [ 220.319354] kmsan_internal_chain_origin+0x136/0x240 [ 220.324458] kmsan_memcpy_origins+0x13d/0x190 [ 220.328956] __msan_memcpy+0x6f/0x80 [ 220.332677] nla_put+0x20a/0x2d0 [ 220.336048] br_port_fill_attrs+0x366/0x1ea0 [ 220.340460] br_port_fill_slave_info+0xff/0x120 [ 220.345129] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 220.349777] rtnl_dump_ifinfo+0x18b5/0x2140 [ 220.354106] netlink_dump+0xc79/0x1c90 [ 220.357990] netlink_recvmsg+0xec2/0x19d0 [ 220.362136] sock_recvmsg+0x1d1/0x230 [ 220.365939] ___sys_recvmsg+0x444/0xae0 [ 220.369920] __se_sys_recvmsg+0x2fa/0x450 [ 220.374065] __x64_sys_recvmsg+0x4a/0x70 [ 220.378131] do_syscall_64+0xcf/0x110 [ 220.381946] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 220.387126] [ 220.388748] Uninit was stored to memory at: [ 220.393074] kmsan_internal_chain_origin+0x136/0x240 [ 220.398188] __msan_chain_origin+0x6d/0xb0 [ 220.402450] __save_stack_trace+0x8be/0xc60 [ 220.406770] save_stack_trace+0xc6/0x110 [ 220.410830] kmsan_internal_chain_origin+0x136/0x240 [ 220.415958] kmsan_memcpy_origins+0x13d/0x190 [ 220.420469] __msan_memcpy+0x6f/0x80 [ 220.424189] nla_put+0x20a/0x2d0 [ 220.427563] br_port_fill_attrs+0x366/0x1ea0 [ 220.431972] br_port_fill_slave_info+0xff/0x120 [ 220.436661] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 220.440988] rtnl_dump_ifinfo+0x18b5/0x2140 [ 220.445315] netlink_dump+0xc79/0x1c90 [ 220.449507] netlink_recvmsg+0xec2/0x19d0 [ 220.453673] sock_recvmsg+0x1d1/0x230 [ 220.457473] ___sys_recvmsg+0x444/0xae0 [ 220.461445] __se_sys_recvmsg+0x2fa/0x450 [ 220.465596] __x64_sys_recvmsg+0x4a/0x70 [ 220.469662] do_syscall_64+0xcf/0x110 [ 220.473475] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 220.478655] [ 220.480276] Local variable description: ----c.i.i@should_fail [ 220.486151] Variable was created at: [ 220.489888] should_fail+0x162/0x13c0 [ 220.493704] __alloc_pages_nodemask+0x73f/0x63e0 [ 220.519958] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 220.527512] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 220.536318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 11:55:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) seccomp(0x1, 0x2, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f00000001c0), 0x0) select(0x40, &(0x7f0000000080)={0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x0, 0x2}, 0x0, 0x0, &(0x7f0000000180)) openat$audio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) prctl$PR_SET_DUMPABLE(0x4, 0x0) [ 222.277688] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.284397] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.292509] device bridge_slave_0 entered promiscuous mode [ 222.563016] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.569590] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.577855] device bridge_slave_1 entered promiscuous mode [ 222.832712] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 223.053686] IPVS: ftp: loaded support on port[0] = 21 [ 223.091405] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 223.107913] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.114422] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.121223] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.127776] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.136356] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 223.602023] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 223.797159] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 224.074710] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 224.315960] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 224.323119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 224.619846] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 224.627371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 225.561873] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 225.569654] team0: Port device team_slave_0 added [ 225.833521] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 225.841286] team0: Port device team_slave_1 added [ 226.136188] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 226.143587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 226.152486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 226.234430] 8021q: adding VLAN 0 to HW filter on device bond0 [ 226.467134] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 226.474379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 226.482881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 226.790814] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 226.802368] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 226.811290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.066867] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 227.074485] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.083399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 227.464251] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 227.864012] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.870576] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.879023] device bridge_slave_0 entered promiscuous mode [ 228.106607] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.113282] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.121329] device bridge_slave_1 entered promiscuous mode [ 228.399328] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 228.617062] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 228.623670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 228.631509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 228.671829] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 229.544088] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 229.741099] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.887878] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 230.232939] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 230.240045] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 230.493850] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.500341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.507336] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.513820] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.522440] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 230.538525] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 230.547137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.712155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 231.373838] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 231.382248] team0: Port device team_slave_0 added [ 231.653327] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 231.661191] team0: Port device team_slave_1 added 11:55:35 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)="2e00000018008109e00f80ecdb4cb9c00a480e181e0cd300e8bd6efb120009000e00da1b0200000006000500fe80", 0x2e}], 0x1}, 0x0) [ 231.974569] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 231.991877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 232.000598] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 232.367594] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 232.374931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 232.383521] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.827504] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 232.835211] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 232.844186] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 233.116066] IPVS: ftp: loaded support on port[0] = 21 [ 233.181294] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 233.197472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 233.206500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 235.586158] 8021q: adding VLAN 0 to HW filter on device bond0 [ 236.987135] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 237.179869] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.186556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 237.193529] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.199992] bridge0: port 1(bridge_slave_0) entered forwarding state [ 237.208549] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 238.102364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 238.447445] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 238.454846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 238.462758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 11:55:43 executing program 0: accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, &(0x7f00000000c0)=0x1c) setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x400000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, r0, 0x0) dup2(r0, 0xffffffffffffffff) accept$inet(0xffffffffffffffff, &(0x7f0000000540)={0x2, 0x0, @loopback}, &(0x7f0000000100)=0x10) timer_gettime(0x0, &(0x7f0000000280)) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) getpgrp(0x0) getpgid(0x0) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xd76a) syz_genetlink_get_family_id$team(&(0x7f00000002c0)='team\x00') ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) getcwd(&(0x7f0000000600)=""/191, 0xbf) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f00000001c0), 0xfffffef3) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000faeff4)) fcntl$getown(r2, 0x9) [ 239.035342] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.041932] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.051053] device bridge_slave_0 entered promiscuous mode [ 239.509689] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.516364] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.524867] device bridge_slave_1 entered promiscuous mode [ 239.691052] 8021q: adding VLAN 0 to HW filter on device team0 [ 239.914376] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 11:55:44 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) seccomp(0x1, 0x2, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="0fc7f43e650f01c80f060fae8600000f01eeba410066ed66b9b70900000f320fc76cf6b876028ed8b84e0c8ed0"}], 0x0, 0x0, &(0x7f00000001c0), 0x100000000000023e) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x0, 0x0) select(0x40, &(0x7f0000000080)={0x80000000, 0x0, 0x7, 0x3, 0x2, 0x1, 0x401, 0x2}, &(0x7f00000000c0)={0xdcb, 0x5, 0x266, 0x0, 0x3, 0xff, 0x2, 0x401}, 0x0, &(0x7f0000000180)) add_key(&(0x7f0000000840)='.dead\x00', 0x0, &(0x7f0000000980), 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x414080, 0x0) socket$alg(0x26, 0x5, 0x0) prctl$PR_SET_DUMPABLE(0x4, 0x1) modify_ldt$write(0x1, &(0x7f00000002c0)={0x0, 0xffffffffffffffff, 0x4400, 0x8, 0x6, 0x80, 0x0, 0x80000001, 0x9, 0xab9}, 0x10) [ 240.253147] audit: type=1326 audit(1542801344.305:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x50000 [ 240.336010] audit: type=1326 audit(1542801344.345:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 240.347002] not chained 20000 origins [ 240.357784] audit: type=1326 audit(1542801344.345:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 240.361425] CPU: 1 PID: 7360 Comm: ip Not tainted 4.20.0-rc3+ #91 [ 240.382750] audit: type=1326 audit(1542801344.345:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 240.388815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.388837] Call Trace: [ 240.410018] audit: type=1326 audit(1542801344.345:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 240.419288] dump_stack+0x32d/0x480 [ 240.419313] ? save_stack_trace+0xc6/0x110 [ 240.419336] kmsan_internal_chain_origin+0x222/0x240 [ 240.419365] ? kmsan_internal_chain_origin+0x136/0x240 [ 240.422040] audit: type=1326 audit(1542801344.345:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 240.443033] ? __msan_chain_origin+0x6d/0xb0 [ 240.443050] ? __save_stack_trace+0x833/0xc60 [ 240.443066] ? save_stack_trace+0xc6/0x110 [ 240.443083] ? kmsan_internal_chain_origin+0x136/0x240 [ 240.443109] ? kmsan_memcpy_origins+0x13d/0x190 [ 240.446762] audit: type=1326 audit(1542801344.345:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 240.451823] ? __msan_memcpy+0x6f/0x80 [ 240.451841] ? nla_put+0x20a/0x2d0 [ 240.451861] ? br_port_fill_attrs+0x366/0x1ea0 [ 240.451878] ? br_port_fill_slave_info+0xff/0x120 [ 240.451924] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.457059] audit: type=1326 audit(1542801344.345:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 240.462298] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 240.462314] ? netlink_dump+0xc79/0x1c90 [ 240.462330] ? netlink_recvmsg+0xec2/0x19d0 [ 240.462347] ? sock_recvmsg+0x1d1/0x230 [ 240.462375] ? ___sys_recvmsg+0x444/0xae0 [ 240.483562] audit: type=1326 audit(1542801344.345:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 240.488055] ? __se_sys_recvmsg+0x2fa/0x450 [ 240.488079] ? __x64_sys_recvmsg+0x4a/0x70 [ 240.492654] audit: type=1326 audit(1542801344.345:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7357 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 240.496803] ? do_syscall_64+0xcf/0x110 [ 240.496831] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.653310] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 240.658448] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 240.663762] ? kmsan_internal_chain_origin+0x136/0x240 [ 240.669188] ? __msan_chain_origin+0x6d/0xb0 [ 240.673615] ? save_stack_trace+0xfa/0x110 [ 240.677870] ? kmsan_internal_chain_origin+0x136/0x240 [ 240.683183] ? kmsan_memcpy_origins+0x13d/0x190 [ 240.687875] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 240.693363] ? in_task_stack+0x12c/0x210 [ 240.697458] __msan_chain_origin+0x6d/0xb0 [ 240.701827] ? kmsan_internal_chain_origin+0x136/0x240 [ 240.707144] __save_stack_trace+0x8be/0xc60 [ 240.711507] ? kmsan_internal_chain_origin+0x136/0x240 [ 240.716811] save_stack_trace+0xc6/0x110 [ 240.721000] kmsan_internal_chain_origin+0x136/0x240 [ 240.726135] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 240.731525] ? __msan_poison_alloca+0x1e0/0x270 [ 240.736229] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 240.741615] ? find_next_bit+0x25b/0x2a0 [ 240.745698] ? vmalloc_to_page+0x585/0x6c0 [ 240.750707] ? kmsan_set_origin+0x7f/0x100 [ 240.754980] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 240.760481] kmsan_memcpy_origins+0x13d/0x190 [ 240.765007] __msan_memcpy+0x6f/0x80 [ 240.768851] nla_put+0x20a/0x2d0 [ 240.772348] br_port_fill_attrs+0x366/0x1ea0 [ 240.776791] br_port_fill_slave_info+0xff/0x120 [ 240.781484] ? br_port_get_slave_size+0x30/0x30 [ 240.786176] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.790551] rtnl_dump_ifinfo+0x18b5/0x2140 [ 240.794984] ? kmsan_internal_unpoison_shadow+0x83/0xd0 [ 240.800376] ? rtnl_getlink+0xec0/0xec0 [ 240.804367] netlink_dump+0xc79/0x1c90 [ 240.808397] netlink_recvmsg+0xec2/0x19d0 [ 240.812591] sock_recvmsg+0x1d1/0x230 [ 240.816420] ? netlink_sendmsg+0x1440/0x1440 [ 240.820850] ___sys_recvmsg+0x444/0xae0 [ 240.824876] ? __msan_poison_alloca+0x1e0/0x270 [ 240.829584] ? __se_sys_recvmsg+0xca/0x450 [ 240.833843] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 240.839225] ? __fdget+0x23c/0x440 [ 240.842789] __se_sys_recvmsg+0x2fa/0x450 [ 240.847089] __x64_sys_recvmsg+0x4a/0x70 [ 240.852012] do_syscall_64+0xcf/0x110 [ 240.855840] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.861049] RIP: 0033:0x7f0a63412210 [ 240.864781] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24 [ 240.883697] RSP: 002b:00007fffa9d9c278 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 240.891432] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0a63412210 [ 240.898717] RDX: 0000000000000000 RSI: 00007fffa9d9c2c0 RDI: 0000000000000003 [ 240.906005] RBP: 0000000000001fe4 R08: 00007f0a636bbec8 R09: 0000000000000000 [ 240.913288] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006395c0 [ 240.920576] R13: 00007fffa9da0350 R14: 0000000000001fe4 R15: 00007fffa9d9e2e4 [ 240.927873] Uninit was stored to memory at: [ 240.932243] kmsan_internal_chain_origin+0x136/0x240 [ 240.937361] __msan_chain_origin+0x6d/0xb0 [ 240.941618] __save_stack_trace+0x8be/0xc60 [ 240.946074] save_stack_trace+0xc6/0x110 [ 240.951013] kmsan_internal_chain_origin+0x136/0x240 [ 240.956164] kmsan_memcpy_origins+0x13d/0x190 [ 240.960680] __msan_memcpy+0x6f/0x80 [ 240.964411] nla_put+0x20a/0x2d0 [ 240.967801] br_port_fill_attrs+0x366/0x1ea0 [ 240.972227] br_port_fill_slave_info+0xff/0x120 [ 240.976928] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.981353] rtnl_dump_ifinfo+0x18b5/0x2140 [ 240.985688] netlink_dump+0xc79/0x1c90 [ 240.989597] netlink_recvmsg+0xec2/0x19d0 [ 240.993771] sock_recvmsg+0x1d1/0x230 [ 240.997687] ___sys_recvmsg+0x444/0xae0 [ 241.001672] __se_sys_recvmsg+0x2fa/0x450 [ 241.005839] __x64_sys_recvmsg+0x4a/0x70 [ 241.009929] do_syscall_64+0xcf/0x110 [ 241.013743] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 241.018943] [ 241.020570] Uninit was stored to memory at: [ 241.024897] kmsan_internal_chain_origin+0x136/0x240 [ 241.030029] __msan_chain_origin+0x6d/0xb0 [ 241.034273] __save_stack_trace+0x8be/0xc60 [ 241.038601] save_stack_trace+0xc6/0x110 [ 241.042665] kmsan_internal_chain_origin+0x136/0x240 [ 241.047771] kmsan_memcpy_origins+0x13d/0x190 [ 241.053029] __msan_memcpy+0x6f/0x80 [ 241.056745] nla_put+0x20a/0x2d0 [ 241.060118] br_port_fill_attrs+0x366/0x1ea0 [ 241.064641] br_port_fill_slave_info+0xff/0x120 [ 241.069315] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 241.073638] rtnl_dump_ifinfo+0x18b5/0x2140 [ 241.077960] netlink_dump+0xc79/0x1c90 [ 241.081847] netlink_recvmsg+0xec2/0x19d0 [ 241.085996] sock_recvmsg+0x1d1/0x230 [ 241.089800] ___sys_recvmsg+0x444/0xae0 [ 241.093773] __se_sys_recvmsg+0x2fa/0x450 [ 241.097935] __x64_sys_recvmsg+0x4a/0x70 [ 241.102002] do_syscall_64+0xcf/0x110 [ 241.105808] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 241.110991] [ 241.112619] Uninit was stored to memory at: [ 241.116951] kmsan_internal_chain_origin+0x136/0x240 [ 241.122059] __msan_chain_origin+0x6d/0xb0 [ 241.126313] __save_stack_trace+0x8be/0xc60 [ 241.130636] save_stack_trace+0xc6/0x110 [ 241.134698] kmsan_internal_chain_origin+0x136/0x240 [ 241.139807] kmsan_memcpy_origins+0x13d/0x190 [ 241.144307] __msan_memcpy+0x6f/0x80 [ 241.148036] nla_put+0x20a/0x2d0 [ 241.152354] br_port_fill_attrs+0x366/0x1ea0 [ 241.156765] br_port_fill_slave_info+0xff/0x120 [ 241.161434] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 241.165757] rtnl_dump_ifinfo+0x18b5/0x2140 [ 241.170076] netlink_dump+0xc79/0x1c90 [ 241.173971] netlink_recvmsg+0xec2/0x19d0 [ 241.178120] sock_recvmsg+0x1d1/0x230 [ 241.181939] ___sys_recvmsg+0x444/0xae0 [ 241.185930] __se_sys_recvmsg+0x2fa/0x450 [ 241.190106] __x64_sys_recvmsg+0x4a/0x70 [ 241.194168] do_syscall_64+0xcf/0x110 [ 241.198014] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 241.203197] [ 241.204818] Uninit was stored to memory at: [ 241.209141] kmsan_internal_chain_origin+0x136/0x240 [ 241.214248] __msan_chain_origin+0x6d/0xb0 [ 241.218483] __save_stack_trace+0x8be/0xc60 [ 241.222805] save_stack_trace+0xc6/0x110 [ 241.226871] kmsan_internal_chain_origin+0x136/0x240 [ 241.231976] kmsan_memcpy_origins+0x13d/0x190 [ 241.236499] __msan_memcpy+0x6f/0x80 [ 241.240213] nla_put+0x20a/0x2d0 [ 241.243585] br_port_fill_attrs+0x366/0x1ea0 [ 241.248001] br_port_fill_slave_info+0xff/0x120 [ 241.253465] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 241.257791] rtnl_dump_ifinfo+0x18b5/0x2140 [ 241.262117] netlink_dump+0xc79/0x1c90 [ 241.266008] netlink_recvmsg+0xec2/0x19d0 [ 241.270156] sock_recvmsg+0x1d1/0x230 [ 241.273964] ___sys_recvmsg+0x444/0xae0 [ 241.277951] __se_sys_recvmsg+0x2fa/0x450 [ 241.282101] __x64_sys_recvmsg+0x4a/0x70 [ 241.286165] do_syscall_64+0xcf/0x110 [ 241.289971] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 241.295158] [ 241.296781] Uninit was stored to memory at: [ 241.301108] kmsan_internal_chain_origin+0x136/0x240 [ 241.306210] __msan_chain_origin+0x6d/0xb0 [ 241.310465] __save_stack_trace+0x8be/0xc60 [ 241.314791] save_stack_trace+0xc6/0x110 [ 241.318854] kmsan_internal_chain_origin+0x136/0x240 [ 241.323963] kmsan_memcpy_origins+0x13d/0x190 [ 241.328479] __msan_memcpy+0x6f/0x80 [ 241.332196] nla_put+0x20a/0x2d0 [ 241.335566] br_port_fill_attrs+0x366/0x1ea0 [ 241.339977] br_port_fill_slave_info+0xff/0x120 [ 241.344650] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 241.349003] rtnl_dump_ifinfo+0x18b5/0x2140 [ 241.354165] netlink_dump+0xc79/0x1c90 [ 241.358052] netlink_recvmsg+0xec2/0x19d0 [ 241.362201] sock_recvmsg+0x1d1/0x230 [ 241.366001] ___sys_recvmsg+0x444/0xae0 [ 241.369973] __se_sys_recvmsg+0x2fa/0x450 [ 241.374125] __x64_sys_recvmsg+0x4a/0x70 [ 241.378190] do_syscall_64+0xcf/0x110 [ 241.381992] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 241.387177] [ 241.388803] Uninit was stored to memory at: [ 241.393131] kmsan_internal_chain_origin+0x136/0x240 [ 241.398233] __msan_chain_origin+0x6d/0xb0 [ 241.402471] __save_stack_trace+0x8be/0xc60 [ 241.406796] save_stack_trace+0xc6/0x110 [ 241.410876] kmsan_internal_chain_origin+0x136/0x240 [ 241.415996] kmsan_memcpy_origins+0x13d/0x190 [ 241.420492] __msan_memcpy+0x6f/0x80 [ 241.424229] nla_put+0x20a/0x2d0 [ 241.427666] br_port_fill_attrs+0x366/0x1ea0 [ 241.432078] br_port_fill_slave_info+0xff/0x120 [ 241.436746] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 241.441068] rtnl_dump_ifinfo+0x18b5/0x2140 [ 241.445388] netlink_dump+0xc79/0x1c90 [ 241.449972] netlink_recvmsg+0xec2/0x19d0 [ 241.454126] sock_recvmsg+0x1d1/0x230 [ 241.457938] ___sys_recvmsg+0x444/0xae0 [ 241.461927] __se_sys_recvmsg+0x2fa/0x450 [ 241.466074] __x64_sys_recvmsg+0x4a/0x70 [ 241.470141] do_syscall_64+0xcf/0x110 [ 241.473984] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 241.479167] [ 241.480793] Uninit was stored to memory at: [ 241.485225] kmsan_internal_chain_origin+0x136/0x240 [ 241.490331] __msan_chain_origin+0x6d/0xb0 [ 241.494570] __save_stack_trace+0x8be/0xc60 [ 241.498890] save_stack_trace+0xc6/0x110 [ 241.502968] kmsan_internal_chain_origin+0x136/0x240 [ 241.508070] kmsan_memcpy_origins+0x13d/0x190 [ 241.512568] __msan_memcpy+0x6f/0x80 [ 241.516288] nla_put+0x20a/0x2d0 [ 241.519709] br_port_fill_attrs+0x366/0x1ea0 [ 241.524124] br_port_fill_slave_info+0xff/0x120 [ 241.528796] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 241.533220] rtnl_dump_ifinfo+0x18b5/0x2140 [ 241.537541] netlink_dump+0xc79/0x1c90 [ 241.541435] netlink_recvmsg+0xec2/0x19d0 [ 241.545586] sock_recvmsg+0x1d1/0x230 [ 241.550168] ___sys_recvmsg+0x444/0xae0 [ 241.554142] __se_sys_recvmsg+0x2fa/0x450 [ 241.558291] __x64_sys_recvmsg+0x4a/0x70 [ 241.562351] do_syscall_64+0xcf/0x110 [ 241.566154] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 241.571338] [ 241.572963] Local variable description: ----c.i.i@should_fail [ 241.578837] Variable was created at: [ 241.582552] should_fail+0x162/0x13c0 [ 241.586358] __alloc_pages_nodemask+0x73f/0x63e0 11:55:46 executing program 0: ioctl$VT_WAITACTIVE(0xffffffffffffffff, 0x5607) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vcs\x00', 0x8080, 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$l2tp(r1, &(0x7f0000000480)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e22, @multicast2}, 0x1, 0x3, 0x4, 0x1}}, 0x2e) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000440)=0xc) io_setup(0x3, &(0x7f0000000200)=0x0) io_destroy(r3) r4 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x3, 0x182) r5 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r5, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81805) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000180)={0x0, 0x0, 0x7}) getsockopt$inet6_mreq(r5, 0x29, 0x0, &(0x7f0000000300)={@ipv4={[], [], @broadcast}, 0x0}, &(0x7f0000002c40)=0x14) sendmsg$can_raw(r5, &(0x7f0000002d40)={&(0x7f0000002c80)={0x1d, r6}, 0x10, &(0x7f0000002d00)={&(0x7f0000002cc0)=@can={{0x4, 0xfffffffffffffff7, 0xfffffffffffffeff, 0x5}, 0x3, 0x2, 0x0, 0x0, "44e7d677848f5e67"}, 0x10}, 0x1, 0x0, 0x0, 0x8c0}, 0x4000) fsetxattr$security_smack_transmute(r0, &(0x7f0000000280)='security.SMACK64TRANSMUTE\x00', &(0x7f00000002c0)='TRUE', 0x4, 0x0) fsetxattr$security_smack_transmute(r5, &(0x7f00000004c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000640)='TRUE', 0x4, 0x3) ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5) sendfile(r4, r4, &(0x7f0000000000), 0x2000005) fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file1\x00', 0x8, 0x2) ioctl$LOOP_CLR_FD(r4, 0x4c01) fcntl$getown(r0, 0x9) write$P9_RRENAMEAT(r5, &(0x7f00000001c0)={0x7, 0x4b, 0x1}, 0x7) socket(0x0, 0x2, 0x10001) ioctl$LOOP_SET_FD(r4, 0x4c00, r5) [ 242.617222] print_req_error: I/O error, dev loop3, sector 0 [ 242.623209] Buffer I/O error on dev loop3, logical block 0, lost async page write [ 242.631043] print_req_error: I/O error, dev loop3, sector 8 [ 242.637043] Buffer I/O error on dev loop3, logical block 1, lost async page write [ 242.644949] print_req_error: I/O error, dev loop3, sector 16 [ 242.651834] Buffer I/O error on dev loop3, logical block 2, lost async page write [ 242.659624] print_req_error: I/O error, dev loop3, sector 24 [ 242.665772] Buffer I/O error on dev loop3, logical block 3, lost async page write [ 242.673647] print_req_error: I/O error, dev loop3, sector 32 [ 242.679516] Buffer I/O error on dev loop3, logical block 4, lost async page write [ 242.687438] print_req_error: I/O error, dev loop3, sector 40 [ 242.693384] Buffer I/O error on dev loop3, logical block 5, lost async page write [ 242.701157] print_req_error: I/O error, dev loop3, sector 48 [ 242.707264] Buffer I/O error on dev loop3, logical block 6, lost async page write [ 242.715132] print_req_error: I/O error, dev loop3, sector 56 [ 242.721018] Buffer I/O error on dev loop3, logical block 7, lost async page write [ 242.728942] print_req_error: I/O error, dev loop3, sector 64 [ 242.734936] Buffer I/O error on dev loop3, logical block 8, lost async page write [ 242.742846] print_req_error: I/O error, dev loop3, sector 72 [ 242.748711] Buffer I/O error on dev loop3, logical block 9, lost async page write 11:55:47 executing program 0: ioctl$VT_WAITACTIVE(0xffffffffffffffff, 0x5607) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vcs\x00', 0x8080, 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$l2tp(r1, &(0x7f0000000480)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e22, @multicast2}, 0x1, 0x3, 0x4, 0x1}}, 0x2e) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000440)=0xc) io_setup(0x3, &(0x7f0000000200)=0x0) io_destroy(r3) r4 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x3, 0x182) r5 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r5, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81805) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000180)={0x0, 0x0, 0x7}) getsockopt$inet6_mreq(r5, 0x29, 0x0, &(0x7f0000000300)={@ipv4={[], [], @broadcast}, 0x0}, &(0x7f0000002c40)=0x14) sendmsg$can_raw(r5, &(0x7f0000002d40)={&(0x7f0000002c80)={0x1d, r6}, 0x10, &(0x7f0000002d00)={&(0x7f0000002cc0)=@can={{0x4, 0xfffffffffffffff7, 0xfffffffffffffeff, 0x5}, 0x3, 0x2, 0x0, 0x0, "44e7d677848f5e67"}, 0x10}, 0x1, 0x0, 0x0, 0x8c0}, 0x4000) fsetxattr$security_smack_transmute(r0, &(0x7f0000000280)='security.SMACK64TRANSMUTE\x00', &(0x7f00000002c0)='TRUE', 0x4, 0x0) fsetxattr$security_smack_transmute(r5, &(0x7f00000004c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000640)='TRUE', 0x4, 0x3) ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5) sendfile(r4, r4, &(0x7f0000000000), 0x2000005) fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file1\x00', 0x8, 0x2) ioctl$LOOP_CLR_FD(r4, 0x4c01) fcntl$getown(r0, 0x9) write$P9_RRENAMEAT(r5, &(0x7f00000001c0)={0x7, 0x4b, 0x1}, 0x7) socket(0x0, 0x2, 0x10001) ioctl$LOOP_SET_FD(r4, 0x4c00, r5) [ 243.433988] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 11:55:48 executing program 5: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x410800, 0x0) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x14, &(0x7f0000000040)={@dev, 0x0}, &(0x7f0000000080)=0x14) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000000c0)={@empty, 0x68, r1}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f0000000100)={0x3, 0x3, {0x2, 0x3, 0xfffffffffffffffa, 0x0, 0x7}}) ioctl$KDSKBLED(r0, 0x4b65, 0x2) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000180)='trusted.overlay.nlink\x00', &(0x7f00000001c0)={'L+', 0x6}, 0x28, 0x1) setxattr$security_smack_transmute(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000280)='TRUE', 0x4, 0x3) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000002c0)={0x40, 0xb, 0x1}) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x4, 0x30}, &(0x7f0000000340)=0xc) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000380)={r2, @in={{0x2, 0x4e21, @broadcast}}}, &(0x7f0000000440)=0x84) getsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000480)=0x5, &(0x7f00000004c0)=0x1) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000500)) ioctl$SG_GET_LOW_DMA(r0, 0x227a, &(0x7f0000000600)) ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0x78) pipe(&(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r5, 0x84, 0x71, &(0x7f0000000680)={r3, 0x7387}, &(0x7f00000006c0)=0x8) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)={0x0, r5, 0x7, 0x1}, 0x14) modify_ldt$write(0x1, &(0x7f0000000740)={0x4f8f, 0x0, 0x0, 0x40, 0x21, 0x100000000, 0xf81a, 0x4, 0x8, 0x2f}, 0x10) r6 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000780)='/dev/dlm-control\x00', 0xc8400, 0x0) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000007c0)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000800)={r3, @in={{0x2, 0x4e21, @rand_addr=0x3}}, 0x20, 0x401, 0x9e, 0x3, 0x64}, 0x98) getsockopt$inet6_mreq(r6, 0x29, 0x15, &(0x7f00000008c0)={@remote}, &(0x7f0000000900)=0x14) sched_yield() lgetxattr(&(0x7f0000000940)='./file0\x00', &(0x7f0000000980)=@known='security.apparmor\x00', &(0x7f00000009c0)=""/168, 0xa8) fcntl$getownex(r6, 0x10, &(0x7f0000000a80)={0x0, 0x0}) wait4(r8, &(0x7f0000000ac0), 0xf, &(0x7f0000000b00)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r4, 0x50, &(0x7f0000000bc0)}, 0x10) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r6, 0x6, 0x21, &(0x7f0000000c80)="2609dec76b7fff074f501d7016b05c79", 0x10) prctl$PR_GET_DUMPABLE(0x3) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r6, 0x84, 0x65, &(0x7f0000000cc0)=[@in6={0xa, 0x4e24, 0x90, @mcast2, 0x5}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e22, @local}, @in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e24, @multicast2}, @in={0x2, 0x4e24, @multicast1}], 0x7c) 11:55:48 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0xc, &(0x7f0000000040)=""/4, &(0x7f00000000c0)) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0x424000, 0x0) ioctl$EVIOCSABS20(r1, 0x401845e0, &(0x7f0000000080)={0x8, 0x4, 0x0, 0x9, 0x5, 0xc000000000000000}) [ 244.491301] bond0: Enslaving bond_slave_0 as an active interface with an up link 11:55:48 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x2000000000890f, &(0x7f00000001c0)="0a5c2d0240316285717070") getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000000)=""/217, &(0x7f0000000100)=0xd9) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x2000, 0x0) ioctl$sock_proto_private(r0, 0x89e5, &(0x7f0000000180)="c1dc452eec8453746527c670023983ec73b3a0ea320f394f0e26ba43134299a8fa41c56953c02b78e534fe1368c3409745178413c9b2") ioctl$UI_SET_MSCBIT(r1, 0x40045568, 0xc) r2 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000023000)={&(0x7f0000024000), 0xc, &(0x7f0000023ff0)={&(0x7f0000010ec4)={0x20, 0x27, 0xaff, 0x0, 0x0, {0x3}, [@nested={0xc, 0x3, [@typed={0x8, 0x0, @binary}]}]}, 0x1fd}}, 0x0) [ 244.734285] IPVS: length: 217 != 24 [ 244.754330] IPVS: length: 217 != 24 [ 244.904388] bond0: Enslaving bond_slave_1 as an active interface with an up link 11:55:49 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0xc4c85513, &(0x7f0000000040)={0xb, 0x2, 0x0, 0x0, "1059493481b639195a8a2dd9ee3ff7e9c50e58fe75430138d7f00cfe322bea8af5c4de2e32bb0a6e99f963f4", 0x100000}) [ 245.220650] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 245.227962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 245.292948] IPVS: ftp: loaded support on port[0] = 21 [ 245.650054] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 245.657293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 246.297774] 8021q: adding VLAN 0 to HW filter on device bond0 [ 246.603064] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 246.610974] team0: Port device team_slave_0 added [ 246.909167] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 246.917344] team0: Port device team_slave_1 added [ 247.268275] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 247.275681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 247.284303] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 247.442158] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 247.590133] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 247.597387] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 247.605840] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 247.855930] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 247.863942] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 247.872959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 248.153175] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 248.160644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 248.169472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 248.607208] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 248.613668] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 248.621195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 11:55:52 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x4000, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x80, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x5) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000010, &(0x7f0000013ff4)={@local, @rand_addr}, 0xc) setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, &(0x7f0000000240)={0x2, 'gre0\x00', 0x1}, 0x18) close(r3) dup3(r1, r2, 0x0) [ 249.106261] IPVS: sync thread started: state = BACKUP, mcast_ifn = gre0, syncid = 1, id = 0 [ 249.711052] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.981020] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.987713] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.996163] device bridge_slave_0 entered promiscuous mode [ 250.189186] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.195836] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.204078] device bridge_slave_1 entered promiscuous mode [ 250.421477] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 250.626520] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 250.954093] 8021q: adding VLAN 0 to HW filter on device bond0 [ 251.193390] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.199924] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.206841] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.213322] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.221205] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 251.289368] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 251.516254] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 251.660590] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 251.667900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 251.726511] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 251.994728] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 252.001933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 252.123053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 252.551858] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 252.558200] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 252.565820] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 252.674078] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 252.682182] team0: Port device team_slave_0 added [ 252.940519] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 252.948411] team0: Port device team_slave_1 added [ 253.165132] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 253.172219] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 253.180662] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 253.370506] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.399800] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 253.406948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 253.415397] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 253.599955] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 253.607668] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 253.616474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 253.782151] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 253.789754] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 253.798307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 254.712225] capability: warning: `syz-executor2' uses deprecated v2 capabilities in a way that may be insecure 11:55:58 executing program 2: bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000140), 0x7}, 0x20) r0 = socket$kcm(0xa, 0x122000000003, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000100)="035db86376863a68fe800000000000004208c349d7c40346d59be131ad18d92c2bca9d7f6e6a6ac7d6", 0x29}], 0x1}, 0x0) [ 256.267019] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.273649] bridge0: port 2(bridge_slave_1) entered forwarding state [ 256.280503] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.287210] bridge0: port 1(bridge_slave_0) entered forwarding state [ 256.295516] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 256.302322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 258.028675] not chained 30000 origins [ 258.029160] kauditd_printk_skb: 96 callbacks suppressed [ 258.029192] audit: type=1326 audit(1542801362.075:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x50000 [ 258.032518] CPU: 0 PID: 7949 Comm: syz-executor3 Not tainted 4.20.0-rc3+ #91 [ 258.032529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.032536] Call Trace: [ 258.032564] dump_stack+0x32d/0x480 [ 258.032590] ? save_stack_trace+0xc6/0x110 [ 258.032615] kmsan_internal_chain_origin+0x222/0x240 [ 258.032632] ? audit_log_d_path_exe+0xd7/0x160 [ 258.032683] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 258.038075] audit: type=1326 audit(1542801362.075:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 258.059455] ? __module_address+0x6a/0x5f0 [ 258.059475] ? is_bpf_text_address+0x3e5/0x4d0 [ 258.059493] ? is_bpf_text_address+0x3e5/0x4d0 [ 258.059519] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 258.059533] ? __module_address+0x6a/0x5f0 [ 258.059556] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 258.059570] ? is_bpf_text_address+0x49e/0x4d0 [ 258.059601] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 258.161337] ? in_task_stack+0x12c/0x210 [ 258.165451] __msan_chain_origin+0x6d/0xb0 [ 258.169714] ? __msan_memcpy+0x6f/0x80 [ 258.173613] __save_stack_trace+0x8be/0xc60 [ 258.177974] ? __msan_memcpy+0x6f/0x80 [ 258.181870] save_stack_trace+0xc6/0x110 [ 258.185954] kmsan_internal_chain_origin+0x136/0x240 [ 258.191087] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 258.196195] ? kmsan_internal_chain_origin+0x136/0x240 [ 258.201480] ? kmsan_memcpy_origins+0x13d/0x190 [ 258.206158] ? __msan_memcpy+0x6f/0x80 [ 258.210055] ? audit_log_n_string+0x537/0x720 [ 258.214565] ? audit_log_d_path+0x4dd/0x510 [ 258.218898] ? audit_log_d_path_exe+0xd7/0x160 [ 258.223516] ? audit_log_task+0x3c1/0x400 [ 258.227679] ? audit_seccomp+0x11f/0x3b0 [ 258.231760] ? __seccomp_filter+0x1480/0x19d0 [ 258.236271] ? __secure_computing+0x20b/0x3a0 [ 258.240780] ? syscall_trace_enter+0x962/0x12b0 [ 258.245465] ? do_syscall_64+0x64/0x110 [ 258.249791] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.255161] ? audit_log_d_path_exe+0xd7/0x160 [ 258.259750] ? audit_log_task+0x3c1/0x400 [ 258.263935] ? audit_seccomp+0x11f/0x3b0 [ 258.268021] ? __seccomp_filter+0x1480/0x19d0 [ 258.272541] ? __secure_computing+0x20b/0x3a0 [ 258.277058] ? syscall_trace_enter+0x962/0x12b0 [ 258.281739] ? do_syscall_64+0x64/0x110 [ 258.285723] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.291104] ? __msan_poison_alloca+0x1e0/0x270 [ 258.295792] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 258.301246] ? prepend_path+0xd23/0xe50 [ 258.305241] kmsan_memcpy_origins+0x13d/0x190 [ 258.309744] __msan_memcpy+0x6f/0x80 [ 258.313463] audit_log_n_string+0x537/0x720 [ 258.317799] audit_log_d_path+0x4dd/0x510 [ 258.321968] audit_log_d_path_exe+0xd7/0x160 [ 258.326389] audit_log_task+0x3c1/0x400 [ 258.330509] audit_seccomp+0x11f/0x3b0 [ 258.334419] ? kmsan_get_shadow_origin_ptr+0x142/0x410 [ 258.339713] __seccomp_filter+0x1480/0x19d0 [ 258.344063] ? __msan_poison_alloca+0x1e0/0x270 [ 258.348744] __secure_computing+0x20b/0x3a0 [ 258.353443] syscall_trace_enter+0x962/0x12b0 [ 258.357988] do_syscall_64+0x64/0x110 [ 258.361806] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.367005] RIP: 0033:0x457569 [ 258.370209] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 258.389124] RSP: 002b:00007f897f2bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 258.396834] RAX: 0000000000000000 RBX: 000000000072bf08 RCX: 0000000000457569 [ 258.404111] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08 [ 258.411396] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 258.418670] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c [ 258.425951] R13: 0000000000a3fb7f R14: 00007f897f2be9c0 R15: 0000000000000000 [ 258.433233] Uninit was stored to memory at: [ 258.437566] kmsan_internal_chain_origin+0x136/0x240 [ 258.442686] __msan_chain_origin+0x6d/0xb0 [ 258.446946] __save_stack_trace+0x8be/0xc60 [ 258.451568] save_stack_trace+0xc6/0x110 [ 258.455644] kmsan_internal_chain_origin+0x136/0x240 [ 258.460753] kmsan_memcpy_origins+0x13d/0x190 [ 258.465257] __msan_memcpy+0x6f/0x80 [ 258.468978] audit_log_n_string+0x537/0x720 [ 258.473310] audit_log_d_path+0x4dd/0x510 [ 258.477469] audit_log_d_path_exe+0xd7/0x160 [ 258.481888] audit_log_task+0x3c1/0x400 [ 258.485926] audit_seccomp+0x11f/0x3b0 [ 258.489837] __seccomp_filter+0x1480/0x19d0 [ 258.494166] __secure_computing+0x20b/0x3a0 [ 258.498491] syscall_trace_enter+0x962/0x12b0 [ 258.502988] do_syscall_64+0x64/0x110 [ 258.506792] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.511972] [ 258.513593] Uninit was stored to memory at: [ 258.517935] kmsan_internal_chain_origin+0x136/0x240 [ 258.523065] __msan_chain_origin+0x6d/0xb0 [ 258.527308] __save_stack_trace+0x8be/0xc60 [ 258.531642] save_stack_trace+0xc6/0x110 [ 258.535725] kmsan_internal_chain_origin+0x136/0x240 [ 258.540845] kmsan_memcpy_origins+0x13d/0x190 [ 258.545352] __msan_memcpy+0x6f/0x80 [ 258.549079] audit_log_n_string+0x537/0x720 [ 258.553669] audit_log_d_path+0x4dd/0x510 [ 258.557826] audit_log_d_path_exe+0xd7/0x160 [ 258.562246] audit_log_task+0x3c1/0x400 [ 258.566247] audit_seccomp+0x11f/0x3b0 [ 258.570153] __seccomp_filter+0x1480/0x19d0 [ 258.574486] __secure_computing+0x20b/0x3a0 [ 258.578842] syscall_trace_enter+0x962/0x12b0 [ 258.583347] do_syscall_64+0x64/0x110 [ 258.587245] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.592429] [ 258.594065] Uninit was stored to memory at: [ 258.598412] kmsan_internal_chain_origin+0x136/0x240 [ 258.603521] __msan_chain_origin+0x6d/0xb0 [ 258.607762] __save_stack_trace+0x8be/0xc60 [ 258.612087] save_stack_trace+0xc6/0x110 [ 258.616155] kmsan_internal_chain_origin+0x136/0x240 [ 258.621278] kmsan_memcpy_origins+0x13d/0x190 [ 258.625796] __msan_memcpy+0x6f/0x80 [ 258.629517] audit_log_n_string+0x537/0x720 [ 258.633840] audit_log_d_path+0x4dd/0x510 [ 258.637991] audit_log_d_path_exe+0xd7/0x160 [ 258.642400] audit_log_task+0x3c1/0x400 [ 258.646378] audit_seccomp+0x11f/0x3b0 [ 258.650621] __seccomp_filter+0x1480/0x19d0 [ 258.654963] __secure_computing+0x20b/0x3a0 [ 258.659297] syscall_trace_enter+0x962/0x12b0 [ 258.663797] do_syscall_64+0x64/0x110 [ 258.667619] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.672806] [ 258.674433] Uninit was stored to memory at: [ 258.678763] kmsan_internal_chain_origin+0x136/0x240 [ 258.683875] __msan_chain_origin+0x6d/0xb0 [ 258.688128] __save_stack_trace+0x8be/0xc60 [ 258.692461] save_stack_trace+0xc6/0x110 [ 258.696530] kmsan_internal_chain_origin+0x136/0x240 [ 258.701641] kmsan_memcpy_origins+0x13d/0x190 [ 258.706160] __msan_memcpy+0x6f/0x80 [ 258.709874] audit_log_n_string+0x537/0x720 [ 258.714197] audit_log_d_path+0x4dd/0x510 [ 258.718342] audit_log_d_path_exe+0xd7/0x160 [ 258.722750] audit_log_task+0x3c1/0x400 [ 258.726725] audit_seccomp+0x11f/0x3b0 [ 258.730616] __seccomp_filter+0x1480/0x19d0 [ 258.734947] __secure_computing+0x20b/0x3a0 [ 258.739735] syscall_trace_enter+0x962/0x12b0 [ 258.744239] do_syscall_64+0x64/0x110 [ 258.748041] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.753521] [ 258.755172] Uninit was stored to memory at: [ 258.759513] kmsan_internal_chain_origin+0x136/0x240 [ 258.764626] __msan_chain_origin+0x6d/0xb0 [ 258.768885] __save_stack_trace+0x8be/0xc60 [ 258.773246] save_stack_trace+0xc6/0x110 [ 258.777316] kmsan_internal_chain_origin+0x136/0x240 [ 258.782426] kmsan_memcpy_origins+0x13d/0x190 [ 258.786938] __msan_memcpy+0x6f/0x80 [ 258.790659] audit_log_n_string+0x537/0x720 [ 258.794996] audit_log_d_path+0x4dd/0x510 [ 258.799159] audit_log_d_path_exe+0xd7/0x160 [ 258.803592] audit_log_task+0x3c1/0x400 [ 258.807576] audit_seccomp+0x11f/0x3b0 [ 258.811468] __seccomp_filter+0x1480/0x19d0 [ 258.815803] __secure_computing+0x20b/0x3a0 [ 258.820133] syscall_trace_enter+0x962/0x12b0 [ 258.824632] do_syscall_64+0x64/0x110 [ 258.828450] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.833634] [ 258.835265] Uninit was stored to memory at: [ 258.839591] kmsan_internal_chain_origin+0x136/0x240 [ 258.844708] __msan_chain_origin+0x6d/0xb0 [ 258.848988] __save_stack_trace+0x8be/0xc60 [ 258.853664] save_stack_trace+0xc6/0x110 [ 258.857739] kmsan_internal_chain_origin+0x136/0x240 [ 258.862853] kmsan_memcpy_origins+0x13d/0x190 [ 258.867361] __msan_memcpy+0x6f/0x80 [ 258.871082] audit_log_n_string+0x537/0x720 [ 258.875407] audit_log_d_path+0x4dd/0x510 [ 258.879557] audit_log_d_path_exe+0xd7/0x160 [ 258.883972] audit_log_task+0x3c1/0x400 [ 258.887964] audit_seccomp+0x11f/0x3b0 [ 258.891876] __seccomp_filter+0x1480/0x19d0 [ 258.896234] __secure_computing+0x20b/0x3a0 [ 258.900576] syscall_trace_enter+0x962/0x12b0 [ 258.905079] do_syscall_64+0x64/0x110 [ 258.908888] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.914101] [ 258.915746] Uninit was stored to memory at: [ 258.920077] kmsan_internal_chain_origin+0x136/0x240 [ 258.925191] __msan_chain_origin+0x6d/0xb0 [ 258.929430] __save_stack_trace+0x8be/0xc60 [ 258.933752] save_stack_trace+0xc6/0x110 [ 258.937820] kmsan_internal_chain_origin+0x136/0x240 [ 258.942935] kmsan_memcpy_origins+0x13d/0x190 [ 258.947436] __msan_memcpy+0x6f/0x80 [ 258.951483] audit_log_n_string+0x537/0x720 [ 258.955817] audit_log_d_path+0x4dd/0x510 [ 258.959998] audit_log_d_path_exe+0xd7/0x160 [ 258.964418] audit_log_task+0x3c1/0x400 [ 258.968404] audit_seccomp+0x11f/0x3b0 [ 258.972297] __seccomp_filter+0x1480/0x19d0 [ 258.976630] __secure_computing+0x20b/0x3a0 [ 258.980964] syscall_trace_enter+0x962/0x12b0 [ 258.985473] do_syscall_64+0x64/0x110 [ 258.989297] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 258.994484] [ 258.996117] Local variable description: ----alias_cpa.i@__change_page_attr_set_clr [ 258.999987] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.003814] Variable was created at: [ 259.003833] __change_page_attr_set_clr+0x6f/0x5080 [ 259.003847] __change_page_attr_set_clr+0x4b70/0x5080 [ 259.029798] audit: type=1326 audit(1542801362.075:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x50000 [ 259.072536] audit: type=1326 audit(1542801363.125:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x50000 [ 259.093971] audit: type=1326 audit(1542801363.125:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x4573d7 code=0x50000 [ 259.115348] audit: type=1326 audit(1542801363.125:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x4573d7 code=0x50000 [ 259.136601] audit: type=1326 audit(1542801363.125:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x4573d7 code=0x50000 [ 259.159117] audit: type=1326 audit(1542801363.125:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x4573d7 code=0x50000 [ 259.180427] audit: type=1326 audit(1542801363.125:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x4573d7 code=0x50000 [ 259.201751] audit: type=1326 audit(1542801363.125:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7948 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x4573d7 code=0x50000 11:56:03 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x100000002, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000180)={{0x3, 0x6, 0xc6, 0x7fff, 'syz0\x00', 0x80000001}, 0x0, 0x1, 0x6, r1, 0x2, 0x20000000000, 'syz0\x00', &(0x7f0000000140)=['-{\x00', '-/selinux\x00'], 0xd, [], [0x7, 0x7, 0x40, 0x7f]}) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x4f0, 0x0, 0x0, @tick, {}, {}, @time=@tick=0x5}], 0x408) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x400, 0x0) [ 259.730257] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 260.158469] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 260.164967] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 260.172936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 260.605759] 8021q: adding VLAN 0 to HW filter on device team0 [ 262.800635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 263.218590] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 263.377491] IPv6: NLM_F_CREATE should be specified when creating new route [ 263.384939] IPv6: Can't replace route, no match found 11:56:07 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="021000000a00000000040000000007000800120000004000000061e64dd73b1594cb849af3b40602a9ac31b700001f00050000fc0040005fffffffff002000000000000000400200200000004494f3ec"], 0x50}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400000000000187, 0x0) 11:56:07 executing program 1: r0 = open(&(0x7f0000000080)='./file0\x00', 0x40000, 0x14) ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000000140)={0x0, 0x0, @ioapic}) write$binfmt_script(r0, &(0x7f0000000500)={'#! ', './file0', [{0x20, 'trustedsecurity\\-GPL{'}, {0x20, '/dev/bus/usb/00#/00#\x00'}, {0x20, '/dev/bus/usb/00#/00#\x00'}, {0x20, ':&vmnet1-!]6'}, {0x20, '#'}, {0x20, '!'}], 0xa, "ee0b9ead741bf08d55139bb0bf753320b80e84c12f01654f67b92743e04de5625c3640dc6f0a15097a70837f78"}, 0x8b) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000240)={0x0, 0x1f}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000002c0)={r1, 0xd9, "1830e191216c75f867266e0e3140521aff3c61cd5ac8986d1a63975ae0079c4e75fa1245be0a7732636ccbc4cae7323bb677b7b8ecc0d138f30046986c0676075352bf23f4a2854e4da4708e182f904247bbb58c9d66a8a372bd12bdd974e0302d615a747874d3eb15921cb78c876218be9eddfb1aeee8c339e575336dff74ab2559c1cf1d5376180f80758dd9b0b09bf7bc0ea3f9c24bd828b468442c61c5d463a938af23d6755127f5fd03e673165cc2cd8aab18fbfec14d67aac3a6c6b44b56d166875c30fc5358999ce531c45d66f7ec6c3e7b625f4993"}, &(0x7f00000003c0)=0xe1) r2 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x800000010007a) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000400)={r1, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x7}}}}, &(0x7f00000004c0)=0x84) ioctl$KVM_SET_CPUID(r2, 0x4004551e, &(0x7f0000000080)=ANY=[]) ioctl$sock_inet_SIOCRTMSG(r2, 0x5514, &(0x7f00000000c0)={0x0, {0x2, 0x0, @dev}, {}, {0x2, 0x0, @multicast1=0xe0000300}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='ip6gre0\x00'}) 11:56:07 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x4000, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x80, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x5) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000010, &(0x7f0000013ff4)={@local, @rand_addr}, 0xc) setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, &(0x7f0000000240)={0x2, 'gre0\x00', 0x1}, 0x18) close(r3) dup3(r1, r2, 0x0) 11:56:07 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f00000004c0)='_', 0x1) bind(r0, &(0x7f0000000080)=@in={0x2, 0x4e20}, 0x80) sendto$inet(r0, &(0x7f00000004c0), 0x0, 0x0, &(0x7f0000000140)={0x2, 0x18004e20, @loopback}, 0x10) recvmmsg(r0, &(0x7f0000000180), 0x400000000000370, 0x0, &(0x7f0000000100)={0x77359400}) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x1, 0x3}, 0x8) 11:56:07 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") sendmsg(r0, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000280)="f5f53b265814f0e5a5dbed091d56608bf8ed4baa2295a42ed9bda3de810c55bef6e34039ccc9e95ee4729acc12f32dd9005cdd7eec76a0dd2c341b2b9987837bc97d2dad24187f871e3b00927b33ac2c1a4c3aa70578b3d71add46289a1dca8e8b77638147dd91129a1f74bf9ab7063c956167a3be9dfc1e0e10604e69d1b8cf6d5e70e218bc913c504c856bda454648d01ff11870b1e5817ddaf2e07c7fb7", 0x9f}, {&(0x7f00000000c0)="676613fda3dc499f234c7ba4e8d776deb2beab0466b88f9e55419cb6947bd87be67ccd75abfc7d8c8c6658fdf15d0c325fcadbba6044340845c546ce1eda98c2d94a641384115739a44674e4fbbc6e4f1d39c61fe1875fdc2e0df173b0d97b23987e", 0x62}, {&(0x7f00000001c0)="94ecf2d1f5c99ff8d6edf5d3937720a9a288548ed86f11636d5aec46bd0a92799c2d807e245019a6bae5ac5a0d", 0x2d}, {&(0x7f0000000340)="4e01e5e3e05704cb6aaad0430d9a3cb64ef7833cff8da35d43130f6bc134b210abc16fd6ea949f85041d4dd1c032a49a8386db03539b2cc43df9a70c1cce7928a6dc67a6e8", 0x45}, {&(0x7f00000003c0)="8d50279c0690e3b1b51dc466e29074757647de386b5661554d787fc662d435312c834e916274c8371ba65e47b492c5c6b2c6e84e42582ce2", 0x38}, {&(0x7f0000000400)="faec9c8c21b8abd7e1571610927abbe6415f73b8500d3935209db84ef94d", 0x1e}, {&(0x7f0000000440)="8922e1b55994e5214ba1572971d070a65cc01724f760ca8ad61e7e5edc991f798320ac0db9f7d18bdfd28309d4548abf763830e7f12a3f28e7637ead6c45d29901cdaa7f83ce060fc171460a19735ec4c7cb4a67c8a352617943ca4ed968f014d6dec74624c565451fac869a19ccc1c660990bbed1f34534b8c9c6c23b5ca8a1a749b34352384f36c3d62498b687af78f441f52a7ef168f8f456d7d374412ab98560f0ebbb203ae0d8e6b8d70d187733b8dccd4238ea2ea6887c30c1deea38ef006913ef3ff3758b5d83d6e974897811429580624c79bdf597db28a051f9ed", 0xdf}, {&(0x7f0000000540)="5c54522a2a6a9520e93e7df7ddde95a3a3c9b719137a9ff4132fa08b1c35aa302c88bd6baa1839594a8a4a9aea77b9ce692a857985fd92fd87d8a64bc35022dc7706fd59c8309ed4c25aa77cbc6cf42709838397a99036e3383c9972aacb5b2dcdabc06d11bbf65c0f7b2af9d138f1ffbe078cb52ed0eb7bd18a3e21b8230b95e924ff8b7c9dc68cc8dca6120c3789bbda83b574e39f0c3e8d0ef9f5fbceb8d349e539f48bc401d6f65baf2d2e9e6a47428930480ce2ade480c7200a1588e805a563856a37250286cf7300f4c04f099e06ab", 0xd2}], 0x8, &(0x7f0000000b40)=ANY=[@ANYBLOB="48000000000000000000000057f90000ed082d3b41c5327fb96126387da3c757034f5e36c0109482aae36063a6e11b85809a4a7e273b76ab272dfd40220d979a4df93646380e4800480000000000000007721d6c959e32049954fdb3b0010000070000001adeb5190a83a6c84c64f1fec51ea6a2d09ba4156e9baf9802c9614c4cef0095add40be8720a6e9ac3059278e3e8a229cc00000000000000d8000000000000003a0000000500000077a9098148c12f5b7901a64775b3f87fb30a3f147ddae5f58dae7445565de037d85b5bd3b5189c72d77a7242a4425bafc815e422bae085c91653bb44eaa575c58c8f5735c8947a87ffc2719047626284b57107e8ba3b0f791d73287f8363a081c7306b14c7c5583658cd54f4ee993a7fcedc53336c6e06d8ccb169cdd5a8dbf009972dd1e52b7035ad9af457e545d39ab85bf1967a792b323ce60408876edc6202ce8230e619905385210de4a84a095a5c54a59c0c9976e9923fd4fe0eeaed52e782a012f9530000b8000000000000000000000009000000921856a24b41131b48843e963b4584b28554f268d90ee59545270199448423217bdaa3e1cc514c0e6bc9a2c39afb859c6c8b734b403cf554f6503d2a72093492a1a40d4cac4a00da42d519f6b977153e14b45e3b6b9d3a468f0ec707becfa0f7caaf9229c4fe3b9221706977f91a4b8e1fffeaf15b28b73a4dfab4277d9f9222323281b760b94c2c241736a5aacde1d40c50119fd5937aa9213414cf37fbae5c72bab9302a1c547a98000000000000009f0100001f00000075923d31a97bbbe827925208549b9f53d4bad98265de3ace68702f3b7bb46db6f63ebcfb63369c0b006d16c4b916629c3633058dacc8541fe244594aff9204ae0e95c6a3720fdeada1f120a7bec9bb36d0aa5958f7bf48a4eaa4124a832e1c4883c603c8bafee6d9bdd1952f301235f37ce7112ec72f0782de8185fd52d1e659e9f0de000000000038000000000000009f01000000040000192f67220c28dd64de905ce09c9c82c47a30137a7de10d6dd5eaa57c62b756d26a5916fb00000000d8000000000000000000000009000000ab9c99502098e3d29485f59de358837edf18635899db3b020021e8a7a525be7e1a5dc56088168f261caf797036cfa9592695dbe535cd158ce642b8c651017985ed68dadc830786fd2d1ddd360fd631d728d71f4147787fc71b9ccf229f16464a21e4c863f0407058ea778b2d8a2a1ebd405e03b8633c6b82de89124dba6a8a27f427e64723fc3578c6b8056ad05f78629b4c4effe844cfc206d32eff69d1c5023f9dcbb60000dc3a8dc3ae60582e88ce8b379760e9a73f027c49c166ba1589ccba78d0890000000012c899697a33c9aab731860a6e4d3cf9ac63cff21ce1213449cf227b538bc7a2b2fdeb3fc1e7da784e45fdf8c8d37768167dbf313805dc94e3230f89d9ebee2083f68713aa05fda728e84c00fc2b7dbe1b78f5309cda15e651fbc357f5097efed66728c68da595c8f7da8a21d5da36ba7972a039f6fadc6df9e225e4582b30c4feaf76baf95273c92fdf8068c8f33ad5bb"], 0x3c8, 0x80}, 0x40000) r1 = socket$netlink(0x10, 0x3, 0x16) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x80000001, @mcast2, 0x1}, 0x1c) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0xc602, 0x3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, &(0x7f0000000740)={'icmp\x00'}, &(0x7f0000000780)=0x1e) shutdown(r0, 0x4) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f00000006c0), &(0x7f0000000700)=0x4) [ 263.546502] usb usb3: usbfs: interface 0 claimed by hub while 'syz-executor1' resets device [ 263.575323] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 263.619857] usb usb3: usbfs: interface 0 claimed by hub while 'syz-executor1' resets device [ 263.965124] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 263.971494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 263.979240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 264.271835] 8021q: adding VLAN 0 to HW filter on device team0 11:56:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000000040)) umount2(&(0x7f00000000c0)='./file0\x00', 0x4) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x4) 11:56:09 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000380)='/dev/audio\x00', 0x8041, 0x0) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000000040)=0xe135) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x520d0000, 0x18, 0xfa00, {0x0, &(0x7f0000000300)}}, 0xfffffea9) write$input_event(r0, &(0x7f0000000080), 0x18) 11:56:09 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) splice(r0, 0x0, r1, 0x0, 0x18, 0x0) 11:56:09 executing program 4: r0 = socket$inet6(0xa, 0x80002, 0x88) sendto$inet6(r0, 0x0, 0x0, 0x400806e, &(0x7f00000000c0)={0xa, 0x20004e23, 0x0, @mcast1}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:56:09 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x4000, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x80, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x5) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000010, &(0x7f0000013ff4)={@local, @rand_addr}, 0xc) setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, &(0x7f0000000240)={0x2, 'gre0\x00', 0x1}, 0x18) close(r3) dup3(r1, r2, 0x0) 11:56:09 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/igmp6\x00') sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000002bc0)={0x0, 0x989680}) preadv(r0, &(0x7f00000017c0), 0x1a1, 0x0) [ 266.089778] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 11:56:10 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r0, 0x800000c0045009, &(0x7f0000000100)=0x10) ioctl$int_in(r0, 0x80000040045010, &(0x7f0000000080)) 11:56:10 executing program 4: socket$inet6_udplite(0xa, 0x2, 0x88) r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) clone(0x802182001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) r1 = dup(0xffffffffffffff9c) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000080)=0x0) sched_rr_get_interval(r2, &(0x7f00000000c0)) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f00000000c0)=ANY=[]) ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, 0x0) ioctl$EVIOCGBITSW(r1, 0x80404525, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x10000000}, 0x48) fallocate(0xffffffffffffffff, 0x0, 0x1e, 0x1000) ioctl$TUNSETQUEUE(r1, 0x400454d9, 0x0) ioctl$TIOCLINUX2(r1, 0x541c, &(0x7f0000000240)={0x2, 0xf800000000000000, 0xeb2, 0x5, 0xb8c8, 0x8}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x22, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0000000000000000a408c5e183a8cc4a8b30ed906ae67d307ce1fd9fbc796b4c14d0"], 0x0, 0x0, 0x0}) 11:56:10 executing program 3: r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$P9_RMKDIR(r0, &(0x7f0000000380)={0x14, 0x49, 0x1, {0x0, 0x0, 0x8}}, 0x14) 11:56:10 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x4000, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x80, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x5) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000010, &(0x7f0000013ff4)={@local, @rand_addr}, 0xc) setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, &(0x7f0000000240)={0x2, 'gre0\x00', 0x1}, 0x18) close(r3) dup3(r1, r2, 0x0) [ 266.525794] hrtimer: interrupt took 53076 ns [ 266.539957] binder: 8248:8255 unknown command 0 [ 266.545278] binder: 8248:8255 ioctl c0306201 200002c0 returned -22 11:56:10 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x6) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") syz_emit_ethernet(0x1, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaa9baa00080040000000000000000011010000000000000000018800907800000000c0d3a6933ff4d1538a4bd08fb06ea4ce8836cf62"], 0x0) 11:56:10 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r0, 0x0) write$P9_RWALK(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="8d"], 0x1) perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) [ 266.724035] binder: 8248:8255 unknown command 0 [ 266.731577] binder: 8248:8255 ioctl c0306201 200002c0 returned -22 11:56:10 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) 11:56:11 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000380)='/dev/audio\x00', 0x8041, 0x0) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000000040)=0xe135) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x520d0000, 0x18, 0xfa00, {0x0, &(0x7f0000000300)}}, 0xfffffea9) write$input_event(r0, &(0x7f0000000080), 0x18) 11:56:11 executing program 0: futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000a00)={0x0, 0x989680}, &(0x7f0000048000), 0x0) 11:56:11 executing program 4: setsockopt$inet6_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x29, 0x2d, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6001, 0xffffffffffffffff) creat(&(0x7f00000007c0)='./file0\x00', 0x0) unlink(&(0x7f0000000000)='./file0\x00') 11:56:11 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x40000000806, 0x0) write$P9_RRENAME(r0, &(0x7f0000000000)={0xffffffffffffffad}, 0x2) close(r0) 11:56:11 executing program 3: mlockall(0x2) shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0x4000) 11:56:11 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x40000000806, 0x0) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000000040)=0xe135) 11:56:11 executing program 3: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000540)="66660f3882811344bd85b87f7800000f23c80f21f8350000f0000f23f866ba2100b0faee0f01f70f20c035040000000f22c0360f00d6660f3801a7627a33460f234cb83e0000000f23d00f21f835100000020f23f866baa10066ed", 0x5b}], 0x1, 0x1, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000000)="f3430f1bc866b8be000f00d066b829018ec04c0fc71cd7f3f0440fc05f1f0fefe4c7442400cc830000c744240200000080c7442406000000000f0114248fa870cc546d0f4466baf80cb87c167d81ef66bafc0cb800200000ef47ddc1", 0x5c}], 0x1, 0x0, &(0x7f0000000000), 0x0) syz_open_dev$usbmon(&(0x7f00000003c0)='/dev/usbmon#\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 11:56:11 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000dfdfee)='/dev/input/event#\x00', 0x0, 0x0) readv(r0, &(0x7f0000019fe0), 0x363) 11:56:11 executing program 2: 11:56:11 executing program 4: 11:56:11 executing program 2: 11:56:12 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f000002c000)='./file0\x00', &(0x7f0000000500)='ramfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000903000)='./file0\x00', 0x0, 0x100000, 0x0) mount(0x0, &(0x7f0000000080)='.', 0x0, 0x0, 0x0) mount(&(0x7f0000000000), &(0x7f00000000c0)='.', 0x0, 0x3080, 0x0) mount(&(0x7f0000000080), &(0x7f0000187ff8)='.', 0x0, 0x5010, 0x0) mount(&(0x7f0000000080), &(0x7f0000187ff8)='.', 0x0, 0x5010, 0x0) mount(0x0, &(0x7f0000000cc0)='./file0\x00', &(0x7f0000000d00)='proc\x00', 0x0, 0x0) 11:56:12 executing program 1: 11:56:12 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000140)=@nat={'nat\x00', 0x3c1, 0x2, 0x90, [0x20000660], 0x11, &(0x7f0000000000), &(0x7f0000000600)=[{}, {}, {}]}, 0x108) 11:56:12 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 'syz0\x00', 0x0, 0x0, [], [0x1]}) [ 268.526106] kernel msg: ebtables bug: please report to author: Chains don't start at beginning [ 268.553676] kernel msg: ebtables bug: please report to author: Chains don't start at beginning 11:56:12 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000140)=@nat={'nat\x00', 0x3c1, 0x2, 0x90, [0x20000660], 0x11, &(0x7f0000000000), &(0x7f0000000600)=[{}, {}, {}]}, 0x108) 11:56:12 executing program 1: 11:56:12 executing program 2: 11:56:12 executing program 4: 11:56:12 executing program 3: 11:56:12 executing program 0: 11:56:12 executing program 5: [ 268.853127] kernel msg: ebtables bug: please report to author: Chains don't start at beginning 11:56:13 executing program 1: 11:56:13 executing program 4: 11:56:13 executing program 0: 11:56:13 executing program 3: 11:56:13 executing program 5: 11:56:13 executing program 2: 11:56:13 executing program 4: 11:56:13 executing program 1: 11:56:13 executing program 0: 11:56:13 executing program 3: 11:56:13 executing program 5: 11:56:13 executing program 2: 11:56:13 executing program 4: 11:56:14 executing program 0: 11:56:14 executing program 1: 11:56:14 executing program 2: 11:56:14 executing program 3: 11:56:14 executing program 4: 11:56:14 executing program 5: 11:56:14 executing program 2: 11:56:14 executing program 1: 11:56:14 executing program 0: 11:56:14 executing program 4: 11:56:14 executing program 5: 11:56:14 executing program 3: 11:56:14 executing program 1: 11:56:14 executing program 0: 11:56:14 executing program 2: 11:56:14 executing program 4: 11:56:14 executing program 5: 11:56:15 executing program 1: 11:56:15 executing program 0: 11:56:15 executing program 3: 11:56:15 executing program 4: 11:56:15 executing program 2: 11:56:15 executing program 5: 11:56:15 executing program 1: 11:56:15 executing program 0: 11:56:15 executing program 3: 11:56:15 executing program 4: 11:56:15 executing program 5: 11:56:15 executing program 1: 11:56:15 executing program 2: 11:56:15 executing program 0: 11:56:15 executing program 3: 11:56:16 executing program 4: 11:56:16 executing program 1: 11:56:16 executing program 5: 11:56:16 executing program 2: 11:56:16 executing program 1: 11:56:16 executing program 0: 11:56:16 executing program 3: 11:56:16 executing program 4: 11:56:16 executing program 5: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r1, r0, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8) 11:56:16 executing program 2: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r1 = creat(&(0x7f0000000180)='./file0\x00', 0x0) write$P9_RREMOVE(r1, &(0x7f0000000280)={0xff60}, 0xe3c7) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6100) fdatasync(r1) io_setup(0x0, 0x0) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) connect$inet(0xffffffffffffffff, 0x0, 0x0) syz_open_procfs(0x0, 0x0) getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000000c0), &(0x7f0000000140)=0x4) recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x10062, 0x0, 0x0) accept4(0xffffffffffffffff, &(0x7f00000004c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000003c0)=0x80, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000200)={0x0, r1}) 11:56:16 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0a5c2d023c126285718070") r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x1, 0x0) poll(&(0x7f0000000140)=[{r1}], 0x1, 0x9) 11:56:16 executing program 1: r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$P9_RMKDIR(r0, &(0x7f0000000380)={0x14}, 0x14) 11:56:16 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$inet6(0xa, 0x803, 0x4) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm(aes))\x00'}, 0x58) close(r0) 11:56:16 executing program 0: process_vm_writev(0x0, &(0x7f0000002800), 0x0, &(0x7f0000000780)=[{&(0x7f00000028c0)=""/224, 0xe0}], 0x1, 0x0) r0 = socket(0x10, 0x803, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x400000, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000a00)="58d80d9edc7f6c14f956c7cf4cfaaba2cdf455e2d737d1984e0ce2c561001a6bccd4ba99e56ae705daa897ad2e4b0ec1f30c5cc19851d1865758cff5730878bb30e50d3ede9bd140bda5160bbb66d0bcf62be4ca142504fc4e33a785c75a618f00c6293d1a0c7dfbba34576fe0de731b15ab95a22761517b765f3473e552a99b2f32b6e3e70a7d6ba66054e5f452f4f889371124ec3f6753ac9bfba7a51560db1da5be591814b4ab00b323d3406448ef3e68a35d355a078329952444e2520d70ba46350a38be760afa931fb22eb2a4291a23df971b2dc05d031db7d52198141e2121bcf7", &(0x7f0000000280)="d298c1c6d8425c3154008204e20e714e7b417ed71b7e3b40cdccd3d1eab8081bef11f014599fee0a229e057a1377230715c96012d14d20c2b1d78f3a51f9cdc32d399dd9578f259e7ef5d5526edc5d9e005335f12d5568bf1a7cb32b384eeb984edba7d1e6c86015bca8d185", 0x3}, 0x20) recvmsg(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000700)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f00000002c0), 0x72, &(0x7f0000000e00)=""/241, 0xf1}, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) socket(0x1, 0x801, 0x9) recvmsg(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000140)=@hci, 0x80, &(0x7f0000000d00), 0x0, &(0x7f00000024c0)=""/129, 0x81}, 0x0) process_vm_writev(0x0, &(0x7f0000000b80)=[{&(0x7f00000007c0)=""/186, 0xba}, {&(0x7f00000001c0)=""/19, 0x13}, {&(0x7f0000000d00)=""/226, 0xe2}, {&(0x7f0000000980)=""/69, 0x45}], 0x4, &(0x7f0000002180), 0x0, 0x0) ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f0000000f00)={0x6, 0x0, [{0xbf3, 0x0, 0x2}, {0x97e, 0x0, 0x4}, {0xb02, 0x0, 0x6}, {0x351, 0x0, 0x8001}, {0xa1b, 0x0, 0x3ff}, {0xbff, 0x0, 0x7}]}) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f00000000c0)=""/85, 0xb}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/120, 0x6c}, {&(0x7f0000000480)=""/60, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x40d}, {&(0x7f0000000340)=""/22, 0x16}], 0x161, &(0x7f0000000600)=""/191, 0xbf}}], 0x40000000000020a, 0x0, &(0x7f0000003700)={0x77359400}) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000006c0)={r1, &(0x7f0000000bc0)="45ac596a6811c250947b4fb3b36d7eaefa3a07477a557f909abd0ff0faf958c986d01575672e86c123014498da8880fa197b87a28da7f8dc0588674cebe5320d90726fa9817ce5f7de55484993e9e5705a37416fceaff84ad0048d8e0e5cd2ae3fc3c8e2da0666eafca354e5ce18547779d1e13769649138e44eef709702f98ae40ee47d154c73ee3f9500402ec5023fdc6f84849aacb338ea52013bd4ade1ef8d19f8e7a521462f67e884d3939cb4cc89b3c5e7e9bbf5a33c285bfba1910be15a1bf14e", &(0x7f00000008c0)=""/186}, 0x18) 11:56:16 executing program 5: r0 = add_key(&(0x7f00000000c0)='encrypted\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)=';', 0x1, 0xfffffffffffffffc) keyctl$search(0x1c, 0x0, &(0x7f0000000100)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x2}, r0) r1 = shmat(0xffffffffffffffff, &(0x7f0000ffc000/0x2000)=nil, 0x2000) shmdt(r1) r2 = socket$inet_smc(0x2b, 0x1, 0x0) sendto$inet(r2, &(0x7f00000001c0)="1581a2010ffa30d1a41be43f8cd638134fcdb678c79984a3923d40a6c183ba8c384d8ee814a21d726b8d49705ee83607059e29e8f1e96648f4977b044f331611a0e7b5d707dd8520a213a1e87dd4ff822f17cf8450165838393ce34421bfa9c56d0cd7a66154f932bc4404e3339c", 0x6e, 0x20000000, &(0x7f0000000240)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000080)) shmget$private(0x0, 0x4000, 0x54000000, &(0x7f0000ffc000/0x4000)=nil) 11:56:16 executing program 1: ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000280)={0x9, @pix={0x0, 0x0, 0x31364d59}}) fstat(0xffffffffffffffff, &(0x7f0000000040)) [ 273.003754] encrypted_key: insufficient parameters specified [ 273.044720] encrypted_key: insufficient parameters specified 11:56:17 executing program 0: syz_emit_ethernet(0x2a, &(0x7f0000000080)={@random="c729aa13221a", @remote, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @broadcast}, @igmp={0x11, 0x0, 0x0, @multicast1}}}}}, &(0x7f0000000000)) 11:56:17 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$KVM_SET_NR_MMU_PAGES(r0, 0x4018920a, 0x0) setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.selinux\x00', &(0x7f0000000080)='unconfined\x00', 0xb, 0x2) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x9) 11:56:17 executing program 5: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) open(&(0x7f0000000040)='./file0\x00', 0x0, 0x4) r0 = socket$inet_udp(0x2, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f00000003c0)={0x0, 'ifb0\x00'}, 0x18) mount(&(0x7f00000002c0)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f00000013c0)='ramfs\x00', 0x0, &(0x7f000000a000)) chroot(&(0x7f0000000280)='./file0\x00') mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x201000, &(0x7f00000002c0)) chdir(&(0x7f0000000240)='./file0\x00') mkdir(&(0x7f0000000200)='./file0\x00', 0xfffffffffffffffb) pivot_root(&(0x7f0000000100)='.\x00', &(0x7f00000003c0)='./file0\x00') pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00') 11:56:17 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f000020d000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r2 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r2, &(0x7f00002f8fc8)={0x0, 0x0, &(0x7f0000002000)}, 0x8001) recvmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000308000)=""/1, 0xffffffb8}], 0x1, &(0x7f0000000100), 0xffffffab}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r5, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r6 = socket$alg(0x26, 0x5, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x40000, 0x0) bind$alg(r6, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58) r7 = accept4(r6, 0x0, &(0x7f0000000280)=0x39f, 0x0) splice(r3, 0x0, r7, 0x0, 0x20000000003, 0x0) close(r3) close(r4) sendmmsg$alg(r2, &(0x7f0000001300)=[{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000002c0)="761876e8eea7b11b74669191b88ff47cbc50722d1f63b5e3083abead319b40f5643bcf8dee391e1d2613fe8d42a510190ad16d34e3754635d57640c6a937cb23c0726759bd8f82e400dcb0e838d09a64a903a2517db3e0d8ac8fd520fe6c59da82ab33dd1212f2debb7c79801528dd7865925cbdad3ea27cae25c628292ddaff82ef7814a6941a439310f4fed517581bb5d3cfc70afa0717e1044d522b9bf08fdbca86ae6c6c94da005572e6ce719faa2f82783229f71be0584c57eaa2ad5f242872bc54054badc8f1b1274a1ff4d63cde30fcb648db098a5ea30f602cbdfd283407133fb8294cf1e1b8f5f7b03a5c17b79d0a12c4d4a6b63f196a5d4ee92160822e6ff6d5a24bec759c142c86a905293237723ed5f0c2c87c5dda4005cac29852051d77b973ced46738119b90fa08dfb12551199fc6e4de0873cf470e6d6f75492f8ca747d245c8fd44c82e3daa26709fa735f1e3993888503ff9cd5755c536a1e0f44b7ff364e929f419559a6e4d0b94aa632bd6e440edc692ddb2c1edeb1832e8aa6b6f9f9dcaa58fc4a3241876dec71d217d94c4581727c8314c435eadfd9ec711d2b378a85dffef03b7ce654ac684db1278b396e7fcc6b1f806ceb5d3a791fe68c1fda7a1b5186931f16e6f25ac628831385f4a0ce5574642fbda229f042fd03860513981561bffba09765351b81eaf6910c00532576cbe8cbc61d632a0f84782da62bf20d8b57ca750d8cd33196b8ad1de3e044872bc49d497d0bd87c3a0e8a2ceb91d02aa01851f57222cd30f37eb92418ebbdb62dce3f4dad32f05fc35e2d1d2f9b2052ebe42da07ab87a9aecacfdb3dad8d00b5086d9c9bcc22f59d891590239894b4adeee2d0b25d4cd28287130d14af34d66c23e8a14bf1db64b24663385265f5016700c41f2057d207f6eaa01c8ee1b5d47240e6566edbef3b37512f76de0d16a859f4d8b16a1dddc3570041198f86945154edd40f02232840cc72b7b9248aa574a37940310d2eab2d3839edbc16ffa0244fdbdf925b1e496fa89cda9dd7cc798da0f54c451712333e55d8fe98425b5950625a6852e5a566e22c83a55dd57c55e033addea55a2e00816122717aacd27ea078250d6749fd37f25b8b27ded62aeccc3a23e493f38ca6f965f49d9feaa9c2a7614d10e54b141f5507164a2b4a6adbadbd1ad2dba5153047bc993ff595a7a068454829a029f0cce72bdc39c5b0e0f97976511c992345d14c28d4fb5466145a5d300ac922d57d1fe42587a58bc6887d093ea535833145f9ba15d7977dd71849d409dbcf0b2d8dc647502577486460267ed2b709159318015fdade86205977469ff998eea508c0e2146437f58d9882ea7d7a480629aa707133d477d6e38f08cb923a3556f2f3fb1ac46020e4592bb59d6acadfa082b673942737c5bd58319c2491b56826998976c030dc1cead14cba03b650525e20214bef2d6708951d106b6452a6e4a5e5731001a712608b3278547334b9e256ffd5b923e454e4bd5f3d2036d1248165df6e152caa29362dfdf1232a18c361081a5c9f65d874b6805beb509d331a7ca68e3c7c47d040041c195754c7791ec2ef7a78f724e653b5ad1803b5296b36bf26b46ae0cc95ed1076c90d8317055eb629204402502e1b111ae61a8264dfe521990f57614bf6eff8a86976891e78924cb5d7b7b43674111f00b4f5f160db863f53a4e1b60e9fe8f06faab8ee2cf38edb69a0025593649c78440a3ccd5857a162ea511a85d4237937af2848850a3292fe557649c60210ae003d723ae18a0fabb0350e5da5afcc79663c9c6548457e868d1991b6673917311d367957e00b58a3246160444a8bbb9f1ec1baa8b6e008cbe716b3141f3e3ae1001ca1311878c30f9874b11e1e28cc802f81942bb7aed6c670c67df1a254818227ce6f594a748d732cb3edbfc281915b191456d74130d0e0f92101bd3cfda9f2b17ec8ecd6f43f9e2c293977b0ea80717b948442f082638e1a52194010da318a8ab06172cf2b78536f9c753464575845663c6451f52f21fab7fd3f2487a807902fed3d1016f263c0bcecdfc7839c62504be5b194ef6ad62da2d976e9b2023673e445d6bf134b5dfe57fd3f1e2239b8ec41030b92bad696fcd6e51b971440e9fb11b487419259130e62098204100e53352649a1d3605f5cc7b4c6c8265f0589ab00869614abe73e1674332251997c9e4e26abcefb425e86a1a94d0cd0b67d5f32750251c374491a3e22d909af2ee49e5bc6594857cf8343a2b01a2a25b2465f923e87b3315048633eed0a4ff4b1d2309e6df81a2a5d00c4e0d14cd538aeefe89af03725c13c93d6b586de9511bee410097ee3f61c5f0aad22f52bfef29b943e642edad1a478c1a6e4f4f9c12f6dbb0368b788a1849de8efd95b89f8149a3ccb0ec5c128b4ee284a9ea14639bb6c58e90cac494592d7901025b03665d6eb6af017fe63e966bd5ba19653574357b648f046eaae5259d618aa13287842416f5155ca06281d8df69abbb896e63c7de20a30e1a37a2b115f0aec60c339c1373a851f7336da3f93333ce69c1b59a77e34ffee7a1aab3f84409f751a80153577e5fe19169330e79b5499ffe88bfb6892a5d9f797e19e4ad6cda7dc18939923d0b13f939f99389429e1df2ef3d7be78d0d47fbfc6cedaedfb76cecef1587fc0b62dc9044ed4e650fb36b5a4e94232911fc36a8f075babdfdba2455fbdcb39f2b550f9c611261f150f95221a4696a7491d1b67146ee6c30689534e8817ab72eb6383ee3d2a3726e2ecf92b5b1b8d4849bb952c98e5231b9869e5bf0943bfa30376b9164b9a8a75351b86172e3c4fe9ae15c16cdb6bac82a5d9e820e9bbe96d985331e7d27bf74b2122854f6b19b09daca799c797bb066b7913bd189473b5d50bc425e99a5fcfe18b4203c3cba84da30145d49cd66b59e76e2efe0a6a887592425a816b72d3bff06a52d09e9dcd18bf3358b19dea5b199ec3a171ea95d6cea7927cd38fd5084c68dfdc2fe1b53e22169d34de0575b9e83b0cf4893da6e3baa0e5d8d65e2ac04c64ee99e2b4e543247bd05933cb182af9a3e19259bc574e374e03479c239c0409ad6e5425bc838197d5e82199ef548c6b6e76e492d8c5ca60c1ccfc637bf952f599f457d2b68d7521fa669d36b48daa2352513fecbe0b2d686281f8ab7ec6881c48ddd5fdbb748f2255b4c25bca1fc97e81929425343923684ddc49aaffd00a467e271e9b8e05deb5aa9c050e3450890499d0be0a7428c6a3a8b147e465d65d7c2f20683b07b636b9ef91771c0ef647a8147363d214e97bdeb27aedafc4b4d4ce424e2c899fa0bde0b9e9f8a272b25c81124a416a7bb1c5455b01a2a90668f183372cba3b2da32cbc0a24748603717983777a3ee71c417978e34dd8b9fe78ab9327ce40316fd9c13c611f1ad7c4d8446b8ce82f3858cf66585af3b5584ce1ac5be13e352b59a4e2499fe1a82194ba7ea354843cfb01d5161bbaa59a602c8eeec5ff9858c3c1cc9c88d991a07b2341c72de3956a26a0a7e6f4e2b194673a026291734d87f491a74d5ff98145623a862234fc24801a5c793fc8140a04bc21db46e9939027b73f7ad0cab16bf8b1be6eb7ce4c077a6d23a6b051a10d20f44c5e87b0e685c9ea6690b60fed6347737c4bf97915990527444a76d9bd664a8d68a981bcde2ffa7a015138658dc83b598a2f6057741c364d735b892b780d1ae075eda9a8a234cf90d6956163f2029b6a41c26e5dfc4ae9d2d0a05901c7cf4a5e2163405a0eba7d01b3c48e1c7a2821749069d2930256cc4a9bf84f547fbca0854a979835d5deb9cdd625e7268cb2a55342a7fb4a1f83b020c12f738adc1bb437f69d07e78230b31db140f82db8ef839fd5e57729d1f422966aa4863d6db268ffa5e48e2b1c7c771f0ce4cb62c53be4607f65fc057305a7434cdfde9c62411e68ff3f8fd0a350493c9ede1114b135a4f410ae46b4607823007c09db9197adcf73aa116351c2a4d930fb99c7abb83e44d481f781d901257188f693f81890e50ec63a05674157ea96c19bd36ccc8e7fc214ad3127024e73552fb424b98642d6723a2a9575de7e93b7c552521134c77d1c4e30fef24278613f44b89c380a1439e700409e3e9e7e6585f089075a48923fec5954680c54ce718c91ea2ea3419667d7e629653715e12edf6ceb59d8083d785e1337a719aa7f1649347f9c6b42272f5cacbb342a3276d9bfdec3edec7eae50a2b7a86f217e61c018d05f2ab9dc7b90a8811881799ff71125916f2ce1e85c878a2dd7ea4f1a144bb5d0ef723c25557b9431422bc0de44a83000e82e297e7d0a62b3237ee2e354df4c4a12b5f9ccba4b96d182ff74464db83ce5cd1992b5233729f3b5723f46e62dcb7ad8e18ea95d4ca57ed7e389f526891a032f43f2f29ad548484c5c396466d705f33bda9c81d6933be4f0f31bbb93762b94a984ef6af13a8731a9e163c2e6f800da6b03a4b242e77168adb8aed8c7424ba5d56fac266d5cac634b39175337838cca3b00e017afddcd5402d524ea83c9ec8de222943009d1c162158abcac31177b53c7758451165758d300e04fbbdf4fa71fc9e1ff5d44c2999d6e2a92277d60ac8f7f1ceeb44df9afc31be8ca2f38dfc2cb94ed4733059d0539eaea147bf6c45cc08abf8060a4fd0dd4c5701f25f8cd198bf6d699c9d8facfd7d83d76e061f4c9f1305bb90599314259502a66641408fcfd8b0ae2b1bb3deb6cb6fa28453a6f4ea789535600678b37ced7439e5bc35e4dd75ea44453e542ac25e3d4e8fcfacecc66e20ee05434b83e4888db2cdcb5af14a3d14cef4eb77b874c9237a87b34b777a79e85168618c0ad32430c332666bf29fb7433ae5cf186bcf2602f91b0fe39ca4138cd873c0c7c22e669b37b6e3ece45279ea8cc6f9771f27b862ad8735dd8f8a1b29ca8d6077c0cecf88b683b3fe9ddcda5d9a94cce32a689d2f323c71c1e945fbc02eb14962cc3d93cacc9108c03513596d96581f33952042c273d99a1c571acfa382fdd9bdc832f9e2200f5a9d630471963c8bdd80310447bde1b9f3c420298276118c0f835a78b0b0370edb920d38ddf1cd967563ce9ebc971a9c8252cd85c2844e65d4264bf04ed309a20575f01bed46a3cb388f1b90fb8265eb3a6782e3c4a9bca9acf7973ef51a4b22da42aceb5950b8c5d5f976b61c66abf80bc02fa2658ca18a9994e4c0a4b067df533719c44c1313b3abe41b462a582531954323902dd02dd0ba9970493d6e924b839193cfa852ac0211254c56f43a218e24644c180023b2aa302d355e26ea1e66bea886da225a2079a108faeb5ce5c4d4f3340c349d04a8beb343f9b544281cbea0a67c369cf68285970428f0e135400019418cd8c3577f1145ec18e55d95111c1628e5354cf8e6938af5c3f98b95acf310d2529f8bd9eb4de1531d71125ca99faeee361cb7a26be5d8391d315b69d2aed4d65b052a9ced02761050004d494a1e1a7e7f86d496f77ebfa489da9ef02ab90e5b3208b7e54cbe1b095c67e7fd74c5781bf032513e364a2949e504b2cc78413216e1cff114e11268fa1f0bc8b2cced489b90085313b7cd4e785ba0305744cb765821825981831a2c6f5108ba643dd1678a20998a62156c34d56bde867bfe51e86067f1f08657ff4da509c4d4b707fcd915ae893cdf189e11e", 0xfba}], 0x1, &(0x7f00000012c0)=[@assoc={0x18, 0x117, 0x4, 0x100}], 0x18, 0x24000080}], 0x1, 0x8010) sendmmsg$alg(r2, &(0x7f0000003980)=[{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000001880)="bd", 0x1}], 0x1}], 0x1, 0x0) 11:56:17 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f0000000000)=0x4) r1 = dup(r0) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000180)=0x0) write$FUSE_LK(r0, &(0x7f0000000140)={0x28, 0x0, 0x1, {{0x4, 0x6, 0x2, r2}}}, 0x28) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000280)={0x1000, 0x8, 0x400, 0x9, [], [], [], 0x1, 0xbe, 0x40, 0x3, "e3732555bb2ab2a6b90dfe77b2c9db67"}) perf_event_open$cgroup(&(0x7f00000003c0)={0x5, 0x70, 0x1cb, 0x1f, 0x8001, 0x1, 0x0, 0x4, 0x0, 0x3, 0x6, 0x9, 0x8d, 0x7bf37ad0, 0x6, 0x8, 0x965, 0x8, 0x401, 0xc3e, 0xffffffffffffffc0, 0x87cf, 0x3, 0x2, 0x6, 0x4, 0x7, 0x4, 0x0, 0x4acd, 0x7, 0x80000000, 0x200, 0x6, 0x8000, 0x161, 0x0, 0x2, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000080)}, 0x8000, 0x7, 0x3, 0x3, 0x1, 0x2, 0x6f3e}, r1, 0xf, r1, 0x4) bind$packet(r3, &(0x7f0000000100)={0x11, 0x1, r4}, 0x14) syz_emit_ethernet(0x4, &(0x7f00000001c0)=ANY=[@ANYRES16=r3, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50000000000001fc00d50120df65edca589496e535aee6daa87a32917f28e5b3dcc343d3b9a935"], &(0x7f0000000240)) [ 273.538980] IPVS: Unknown mcast interface: ifb0 [ 273.588602] IPVS: Unknown mcast interface: ifb0 11:56:17 executing program 2: r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x1, 0x2) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000140)={0x2, 0x1, 0x7}) r1 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000900)={"6c6f0000000002d68900", 0x0}) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3400000013000100000000000000000000000000", @ANYRES32=r3, @ANYBLOB="000000000000000008000a0001040000000000000000000000000000"], 0x34}}, 0x0) getpeername(r2, &(0x7f00000001c0)=@hci, &(0x7f0000000080)=0x80) ioctl$int_out(r2, 0x5462, &(0x7f0000000240)) 11:56:17 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) ioctl$IOC_PR_RESERVE(r2, 0x401070c9, &(0x7f0000000100)={0x9, 0x0, 0x1}) 11:56:17 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000140), 0x4) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000000)=0x20, 0x4) 11:56:17 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000140)=""/28, 0x1c) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000000)={0xbf, @time={0x0, 0x1c9c380}}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0x4058534c, &(0x7f0000000340)={0x80, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc0105303, &(0x7f0000000400)) r1 = dup2(r0, r0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x79d}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000180)={r2}, &(0x7f0000000200)=0x8) r3 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040)) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f00000002c0)={{0xffffffffffffffff, 0x1}, {0x0, 0x8}, 0x7fffffff, 0x3, 0x9}) timer_settime(0x0, 0x0, &(0x7f0000000280)={{}, {0x0, 0x1c9c380}}, &(0x7f00000001c0)) tkill(r3, 0x1000000000013) 11:56:17 executing program 3: unshare(0x8000400) r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000000), 0x4) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240)='/dev/hwrng\x00', 0x400000, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000000280)={0x7, 0x3, 0x9445, 0x103}) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e22}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={r2, @in={{0x2, 0x4e21}}, 0x2, 0x7, 0x4, 0x2, 0x8}, &(0x7f0000000200)=0x98) 11:56:17 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f000020d000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r2 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r2, &(0x7f00002f8fc8)={0x0, 0x0, &(0x7f0000002000)}, 0x8001) recvmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000308000)=""/1, 0xffffffb8}], 0x1, &(0x7f0000000100), 0xffffffab}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r5, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r6 = socket$alg(0x26, 0x5, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x40000, 0x0) bind$alg(r6, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58) r7 = accept4(r6, 0x0, &(0x7f0000000280)=0x39f, 0x0) splice(r3, 0x0, r7, 0x0, 0x20000000003, 0x0) close(r3) close(r4) sendmmsg$alg(r2, &(0x7f0000001300)=[{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000002c0)="761876e8eea7b11b74669191b88ff47cbc50722d1f63b5e3083abead319b40f5643bcf8dee391e1d2613fe8d42a510190ad16d34e3754635d57640c6a937cb23c0726759bd8f82e400dcb0e838d09a64a903a2517db3e0d8ac8fd520fe6c59da82ab33dd1212f2debb7c79801528dd7865925cbdad3ea27cae25c628292ddaff82ef7814a6941a439310f4fed517581bb5d3cfc70afa0717e1044d522b9bf08fdbca86ae6c6c94da005572e6ce719faa2f82783229f71be0584c57eaa2ad5f242872bc54054badc8f1b1274a1ff4d63cde30fcb648db098a5ea30f602cbdfd283407133fb8294cf1e1b8f5f7b03a5c17b79d0a12c4d4a6b63f196a5d4ee92160822e6ff6d5a24bec759c142c86a905293237723ed5f0c2c87c5dda4005cac29852051d77b973ced46738119b90fa08dfb12551199fc6e4de0873cf470e6d6f75492f8ca747d245c8fd44c82e3daa26709fa735f1e3993888503ff9cd5755c536a1e0f44b7ff364e929f419559a6e4d0b94aa632bd6e440edc692ddb2c1edeb1832e8aa6b6f9f9dcaa58fc4a3241876dec71d217d94c4581727c8314c435eadfd9ec711d2b378a85dffef03b7ce654ac684db1278b396e7fcc6b1f806ceb5d3a791fe68c1fda7a1b5186931f16e6f25ac628831385f4a0ce5574642fbda229f042fd03860513981561bffba09765351b81eaf6910c00532576cbe8cbc61d632a0f84782da62bf20d8b57ca750d8cd33196b8ad1de3e044872bc49d497d0bd87c3a0e8a2ceb91d02aa01851f57222cd30f37eb92418ebbdb62dce3f4dad32f05fc35e2d1d2f9b2052ebe42da07ab87a9aecacfdb3dad8d00b5086d9c9bcc22f59d891590239894b4adeee2d0b25d4cd28287130d14af34d66c23e8a14bf1db64b24663385265f5016700c41f2057d207f6eaa01c8ee1b5d47240e6566edbef3b37512f76de0d16a859f4d8b16a1dddc3570041198f86945154edd40f02232840cc72b7b9248aa574a37940310d2eab2d3839edbc16ffa0244fdbdf925b1e496fa89cda9dd7cc798da0f54c451712333e55d8fe98425b5950625a6852e5a566e22c83a55dd57c55e033addea55a2e00816122717aacd27ea078250d6749fd37f25b8b27ded62aeccc3a23e493f38ca6f965f49d9feaa9c2a7614d10e54b141f5507164a2b4a6adbadbd1ad2dba5153047bc993ff595a7a068454829a029f0cce72bdc39c5b0e0f97976511c992345d14c28d4fb5466145a5d300ac922d57d1fe42587a58bc6887d093ea535833145f9ba15d7977dd71849d409dbcf0b2d8dc647502577486460267ed2b709159318015fdade86205977469ff998eea508c0e2146437f58d9882ea7d7a480629aa707133d477d6e38f08cb923a3556f2f3fb1ac46020e4592bb59d6acadfa082b673942737c5bd58319c2491b56826998976c030dc1cead14cba03b650525e20214bef2d6708951d106b6452a6e4a5e5731001a712608b3278547334b9e256ffd5b923e454e4bd5f3d2036d1248165df6e152caa29362dfdf1232a18c361081a5c9f65d874b6805beb509d331a7ca68e3c7c47d040041c195754c7791ec2ef7a78f724e653b5ad1803b5296b36bf26b46ae0cc95ed1076c90d8317055eb629204402502e1b111ae61a8264dfe521990f57614bf6eff8a86976891e78924cb5d7b7b43674111f00b4f5f160db863f53a4e1b60e9fe8f06faab8ee2cf38edb69a0025593649c78440a3ccd5857a162ea511a85d4237937af2848850a3292fe557649c60210ae003d723ae18a0fabb0350e5da5afcc79663c9c6548457e868d1991b6673917311d367957e00b58a3246160444a8bbb9f1ec1baa8b6e008cbe716b3141f3e3ae1001ca1311878c30f9874b11e1e28cc802f81942bb7aed6c670c67df1a254818227ce6f594a748d732cb3edbfc281915b191456d74130d0e0f92101bd3cfda9f2b17ec8ecd6f43f9e2c293977b0ea80717b948442f082638e1a52194010da318a8ab06172cf2b78536f9c753464575845663c6451f52f21fab7fd3f2487a807902fed3d1016f263c0bcecdfc7839c62504be5b194ef6ad62da2d976e9b2023673e445d6bf134b5dfe57fd3f1e2239b8ec41030b92bad696fcd6e51b971440e9fb11b487419259130e62098204100e53352649a1d3605f5cc7b4c6c8265f0589ab00869614abe73e1674332251997c9e4e26abcefb425e86a1a94d0cd0b67d5f32750251c374491a3e22d909af2ee49e5bc6594857cf8343a2b01a2a25b2465f923e87b3315048633eed0a4ff4b1d2309e6df81a2a5d00c4e0d14cd538aeefe89af03725c13c93d6b586de9511bee410097ee3f61c5f0aad22f52bfef29b943e642edad1a478c1a6e4f4f9c12f6dbb0368b788a1849de8efd95b89f8149a3ccb0ec5c128b4ee284a9ea14639bb6c58e90cac494592d7901025b03665d6eb6af017fe63e966bd5ba19653574357b648f046eaae5259d618aa13287842416f5155ca06281d8df69abbb896e63c7de20a30e1a37a2b115f0aec60c339c1373a851f7336da3f93333ce69c1b59a77e34ffee7a1aab3f84409f751a80153577e5fe19169330e79b5499ffe88bfb6892a5d9f797e19e4ad6cda7dc18939923d0b13f939f99389429e1df2ef3d7be78d0d47fbfc6cedaedfb76cecef1587fc0b62dc9044ed4e650fb36b5a4e94232911fc36a8f075babdfdba2455fbdcb39f2b550f9c611261f150f95221a4696a7491d1b67146ee6c30689534e8817ab72eb6383ee3d2a3726e2ecf92b5b1b8d4849bb952c98e5231b9869e5bf0943bfa30376b9164b9a8a75351b86172e3c4fe9ae15c16cdb6bac82a5d9e820e9bbe96d985331e7d27bf74b2122854f6b19b09daca799c797bb066b7913bd189473b5d50bc425e99a5fcfe18b4203c3cba84da30145d49cd66b59e76e2efe0a6a887592425a816b72d3bff06a52d09e9dcd18bf3358b19dea5b199ec3a171ea95d6cea7927cd38fd5084c68dfdc2fe1b53e22169d34de0575b9e83b0cf4893da6e3baa0e5d8d65e2ac04c64ee99e2b4e543247bd05933cb182af9a3e19259bc574e374e03479c239c0409ad6e5425bc838197d5e82199ef548c6b6e76e492d8c5ca60c1ccfc637bf952f599f457d2b68d7521fa669d36b48daa2352513fecbe0b2d686281f8ab7ec6881c48ddd5fdbb748f2255b4c25bca1fc97e81929425343923684ddc49aaffd00a467e271e9b8e05deb5aa9c050e3450890499d0be0a7428c6a3a8b147e465d65d7c2f20683b07b636b9ef91771c0ef647a8147363d214e97bdeb27aedafc4b4d4ce424e2c899fa0bde0b9e9f8a272b25c81124a416a7bb1c5455b01a2a90668f183372cba3b2da32cbc0a24748603717983777a3ee71c417978e34dd8b9fe78ab9327ce40316fd9c13c611f1ad7c4d8446b8ce82f3858cf66585af3b5584ce1ac5be13e352b59a4e2499fe1a82194ba7ea354843cfb01d5161bbaa59a602c8eeec5ff9858c3c1cc9c88d991a07b2341c72de3956a26a0a7e6f4e2b194673a026291734d87f491a74d5ff98145623a862234fc24801a5c793fc8140a04bc21db46e9939027b73f7ad0cab16bf8b1be6eb7ce4c077a6d23a6b051a10d20f44c5e87b0e685c9ea6690b60fed6347737c4bf97915990527444a76d9bd664a8d68a981bcde2ffa7a015138658dc83b598a2f6057741c364d735b892b780d1ae075eda9a8a234cf90d6956163f2029b6a41c26e5dfc4ae9d2d0a05901c7cf4a5e2163405a0eba7d01b3c48e1c7a2821749069d2930256cc4a9bf84f547fbca0854a979835d5deb9cdd625e7268cb2a55342a7fb4a1f83b020c12f738adc1bb437f69d07e78230b31db140f82db8ef839fd5e57729d1f422966aa4863d6db268ffa5e48e2b1c7c771f0ce4cb62c53be4607f65fc057305a7434cdfde9c62411e68ff3f8fd0a350493c9ede1114b135a4f410ae46b4607823007c09db9197adcf73aa116351c2a4d930fb99c7abb83e44d481f781d901257188f693f81890e50ec63a05674157ea96c19bd36ccc8e7fc214ad3127024e73552fb424b98642d6723a2a9575de7e93b7c552521134c77d1c4e30fef24278613f44b89c380a1439e700409e3e9e7e6585f089075a48923fec5954680c54ce718c91ea2ea3419667d7e629653715e12edf6ceb59d8083d785e1337a719aa7f1649347f9c6b42272f5cacbb342a3276d9bfdec3edec7eae50a2b7a86f217e61c018d05f2ab9dc7b90a8811881799ff71125916f2ce1e85c878a2dd7ea4f1a144bb5d0ef723c25557b9431422bc0de44a83000e82e297e7d0a62b3237ee2e354df4c4a12b5f9ccba4b96d182ff74464db83ce5cd1992b5233729f3b5723f46e62dcb7ad8e18ea95d4ca57ed7e389f526891a032f43f2f29ad548484c5c396466d705f33bda9c81d6933be4f0f31bbb93762b94a984ef6af13a8731a9e163c2e6f800da6b03a4b242e77168adb8aed8c7424ba5d56fac266d5cac634b39175337838cca3b00e017afddcd5402d524ea83c9ec8de222943009d1c162158abcac31177b53c7758451165758d300e04fbbdf4fa71fc9e1ff5d44c2999d6e2a92277d60ac8f7f1ceeb44df9afc31be8ca2f38dfc2cb94ed4733059d0539eaea147bf6c45cc08abf8060a4fd0dd4c5701f25f8cd198bf6d699c9d8facfd7d83d76e061f4c9f1305bb90599314259502a66641408fcfd8b0ae2b1bb3deb6cb6fa28453a6f4ea789535600678b37ced7439e5bc35e4dd75ea44453e542ac25e3d4e8fcfacecc66e20ee05434b83e4888db2cdcb5af14a3d14cef4eb77b874c9237a87b34b777a79e85168618c0ad32430c332666bf29fb7433ae5cf186bcf2602f91b0fe39ca4138cd873c0c7c22e669b37b6e3ece45279ea8cc6f9771f27b862ad8735dd8f8a1b29ca8d6077c0cecf88b683b3fe9ddcda5d9a94cce32a689d2f323c71c1e945fbc02eb14962cc3d93cacc9108c03513596d96581f33952042c273d99a1c571acfa382fdd9bdc832f9e2200f5a9d630471963c8bdd80310447bde1b9f3c420298276118c0f835a78b0b0370edb920d38ddf1cd967563ce9ebc971a9c8252cd85c2844e65d4264bf04ed309a20575f01bed46a3cb388f1b90fb8265eb3a6782e3c4a9bca9acf7973ef51a4b22da42aceb5950b8c5d5f976b61c66abf80bc02fa2658ca18a9994e4c0a4b067df533719c44c1313b3abe41b462a582531954323902dd02dd0ba9970493d6e924b839193cfa852ac0211254c56f43a218e24644c180023b2aa302d355e26ea1e66bea886da225a2079a108faeb5ce5c4d4f3340c349d04a8beb343f9b544281cbea0a67c369cf68285970428f0e135400019418cd8c3577f1145ec18e55d95111c1628e5354cf8e6938af5c3f98b95acf310d2529f8bd9eb4de1531d71125ca99faeee361cb7a26be5d8391d315b69d2aed4d65b052a9ced02761050004d494a1e1a7e7f86d496f77ebfa489da9ef02ab90e5b3208b7e54cbe1b095c67e7fd74c5781bf032513e364a2949e504b2cc78413216e1cff114e11268fa1f0bc8b2cced489b90085313b7cd4e785ba0305744cb765821825981831a2c6f5108ba643dd1678a20998a62156c34d56bde867bfe51e86067f1f08657ff4da509c4d4b707fcd915ae893cdf189e11e", 0xfba}], 0x1, &(0x7f00000012c0)=[@assoc={0x18, 0x117, 0x4, 0x100}], 0x18, 0x24000080}], 0x1, 0x8010) sendmmsg$alg(r2, &(0x7f0000003980)=[{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000001880)="bd", 0x1}], 0x1}], 0x1, 0x0) 11:56:18 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22}, 0x10) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x5, 0x4000) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x80000001) r2 = socket$inet(0x2, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000596000)=0x9, 0x4) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4) bind$inet(r2, &(0x7f0000000140)={0x2, 0x4e22}, 0x10) 11:56:18 executing program 0: r0 = socket$inet(0x2, 0x3, 0x4) bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x98e, 0x10800) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180)='nbd\x00') sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x5c, r2, 0x0, 0x70bd2c, 0x25dfdbff, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x80000001}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10001}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x106}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000800}, 0x40000) getsockname(r0, &(0x7f0000000040)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000003740)=0x80) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000003780)={r3, @rand_addr, @dev}, 0xc) syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@link_local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x4, 0x0, @empty=0x9000000, @broadcast}, @udp={0x0, 0x0, 0x8}}}}}, &(0x7f0000000380)) [ 274.124072] netlink: 12 bytes leftover after parsing attributes in process `syz-executor2'. 11:56:18 executing program 3: remap_file_pages(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x6, 0x4000) io_setup(0x4, &(0x7f0000000000)=0x0) r1 = socket(0x2, 0x803, 0xff) shutdown(r1, 0x1) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @remote}, 0x10) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000140)="6f0300000000bbde1a72726252264ac5a57aa77a", 0x14}]) r2 = shmget(0x3, 0x2000, 0x200, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_STAT(r2, 0x2, &(0x7f0000000180)=""/66) [ 274.236269] netlink: 12 bytes leftover after parsing attributes in process `syz-executor2'. 11:56:18 executing program 4: r0 = socket(0x40000000015, 0x5, 0x0) getpeername$packet(r0, &(0x7f0000000cc0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000d00)=0x14) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x200100, 0x0) getsockname$packet(r1, &(0x7f0000000040), &(0x7f0000000080)=0x14) [ 274.340637] mmap: syz-executor3 (8556) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. 11:56:18 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r1 = accept(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, &(0x7f0000000100)=0x80) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={0x0, 0x1}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000200)={r2, 0x10001}, 0x8) r3 = memfd_create(&(0x7f0000000840)="656d30e6d0657270722ac8a9f5b38e25e2dd6f632500630e0489c98b1d06285cc037e956cdf575b04dbf8f009383c6fbcb84fb772a2624599e6f02ba896ccbb0030005d05c2943d24c16ddc9c196e49095f7c1eb5e0e70909c61e6ff8464cddd603a55ee471fe6e186e1b4ba9629c6b8bbd80de2a9e90934e58f1f881b1dc8f91ada3acd2dda93e27718e107b0c2228c1cfac540b9773aee7983eb21090124e61a1b7c10d6ae3b7e41450c306bcb6ae6538d1f5ea3ae4e8020e659e8a8fd22b9cb459d08ead0e9721c580a098839a7434190d7bc26ae008915c41efb175ddaefee25bb94a93624ce19b548731ac08f1351f5f09c13acd2b8afb09651", 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000380)='maps\x00') sendfile(r3, r4, &(0x7f0000000000)=0x200, 0x1080005000) creat(&(0x7f0000000040)='./file0\x00', 0x88) 11:56:18 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x2100) mount(&(0x7f0000000300)=ANY=[], &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, &(0x7f000000a000)) r0 = creat(&(0x7f0000000180)='./file0/bus\x00', 0x0) write$P9_RGETATTR(r0, &(0x7f0000000300)={0xa0}, 0xa0) utime(&(0x7f0000000000)='./file0/bus\x00', &(0x7f00000000c0)={0x2, 0x67cc7c0a}) creat(&(0x7f0000000040)='./file0/bus\x00', 0x0) mkdir(&(0x7f0000000140)='./file0/bus\x00', 0x40) write$smack_current(r0, &(0x7f0000000100)='ramfs\x00', 0xfdef) 11:56:18 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x0, @loopback}, {0x0, @broadcast}, 0xfffffffffffffffe, {0x2, 0x0, @rand_addr}, 'sit0\x00'}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x200800, 0x0) r2 = semget(0x2, 0x3, 0x404) semctl$GETNCNT(r2, 0x0, 0xe, &(0x7f0000000140)=""/191) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) 11:56:18 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r1 = accept(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, &(0x7f0000000100)=0x80) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={0x0, 0x1}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000200)={r2, 0x10001}, 0x8) r3 = memfd_create(&(0x7f0000000840)="656d30e6d0657270722ac8a9f5b38e25e2dd6f632500630e0489c98b1d06285cc037e956cdf575b04dbf8f009383c6fbcb84fb772a2624599e6f02ba896ccbb0030005d05c2943d24c16ddc9c196e49095f7c1eb5e0e70909c61e6ff8464cddd603a55ee471fe6e186e1b4ba9629c6b8bbd80de2a9e90934e58f1f881b1dc8f91ada3acd2dda93e27718e107b0c2228c1cfac540b9773aee7983eb21090124e61a1b7c10d6ae3b7e41450c306bcb6ae6538d1f5ea3ae4e8020e659e8a8fd22b9cb459d08ead0e9721c580a098839a7434190d7bc26ae008915c41efb175ddaefee25bb94a93624ce19b548731ac08f1351f5f09c13acd2b8afb09651", 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000380)='maps\x00') sendfile(r3, r4, &(0x7f0000000000)=0x200, 0x1080005000) creat(&(0x7f0000000040)='./file0\x00', 0x88) 11:56:18 executing program 4: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x1) ioctl$UI_DEV_CREATE(r0, 0x5501) syz_emit_ethernet(0x230, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaacf2bb43c40b8009078ac14ffaae000f00000000000", @ANYRES32=0x42424242, @ANYRES32=0x42424242, @ANYBLOB="f9000000907b0004ac5f0aa6ccfbdb47c645d65e6f4f686e2191d1ffe55bc87a8f02777ffb61ffecb93a1a856a"], 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, &(0x7f0000000040)=0x1) dup2(r0, r0) 11:56:18 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x805, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000040)={0x400000000002f}) write$uinput_user_dev(r0, &(0x7f0000000540)={'syz0\x00', {}, 0x24, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) write$input_event(r0, &(0x7f0000000100)={{r1, r2/1000+10000}, 0x0, 0x2, 0x268528d0}, 0x18) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r0, 0x5501) 11:56:18 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000880)='/dev/uinput\x00', 0x10000000000002, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000380)) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0x2fd) socket$inet_smc(0x2b, 0x1, 0x0) ioctl$UI_DEV_SETUP(r0, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'}) r2 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x80000000006, 0x0) ioctl$GIO_SCRNMAP(r1, 0x4b40, &(0x7f0000000240)=""/186) ioctl$VIDIOC_ENUM_FREQ_BANDS(r2, 0xc0405665, &(0x7f0000000080)={0x0, 0x2}) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r1, 0x40045730, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x5, 0x10}, &(0x7f0000000140)=0xc) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4068aea3, &(0x7f00000001c0)={0x7b, 0x0, [0xa3, 0xfffffffffffffc00, 0x100000001, 0xffffffffffffffd0]}) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000180)=r3, 0x4) 11:56:19 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f00000002c0)="ad8445ab7ef9ea9c03e6d91bedc93effb204290400000000000000d7", 0x1c, 0x0, 0x0, 0x0) ioctl$KVM_GET_XCRS(0xffffffffffffffff, 0x8188aea6, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000220000050000000000000008cb00000000000002000000000000003f0b000009000000000000f83fd5577c0bf81f00000000000000ff88a90100000000000000000000f1002b574fafa642b374e7c412981a6ecc2c2f81c8da33c9198f426fbc8f7654e7540b86cfe60434caba79b52ce2357938deccd89c8dcee065c727150e3e5ecaf1eca120f68722435b9da875315f3d4d124f7e1027189fddb070b9f85ef36e40f0b547a335f44504b7abb8b0b7e6599f45d0b1e3158ce35fd65bbeb70c2af8597eedff4b91fd93ac40fd91f1a1c1a3635f60778e018dbf5e425c7a7a3dd82e037af069e4f0faabe32acb5ec0b1807a7dca18df86eebc4868364975e3b4581d989e4d08b3b0973e57483f66ac76e34f174206715c07aacaf171df103a56961730fd948d2c3470283d3eeb53eb6e5455537220e679396ab93b62341b9eabec554b6276cf926835637ad7bb2f2037b5ef5b13f0290700000074ec7c10b5e72465bec064e53b30177e48f0dd4f37d710827e96c7694a0534475b3c2920c710a146734b60c99fa3a1a5c6cf293ab3490bed007f003a265b29e5ba1f19"]) socketpair$unix(0x1, 0x4000000000002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom(r1, &(0x7f0000000340)=""/4096, 0x1000, 0x0, &(0x7f0000001340)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80) ioctl$int_in(r1, 0x5421, &(0x7f0000000280)=0x3) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) r2 = syz_open_dev$dmmidi(&(0x7f0000000200)='/dev/dmmidi#\x00', 0x5, 0x410040) ioctl$KDGKBMETA(r2, 0x4b62, &(0x7f0000000240)) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x1ae, 0x0, 0x0) 11:56:19 executing program 4: mkdir(&(0x7f000002b000)='./file1\x00', 0xd) recvfrom$inet6(0xffffffffffffffff, &(0x7f0000000180)=""/68, 0x44, 0x0, &(0x7f0000000200), 0x1c) mount(&(0x7f0000000200)=ANY=[], &(0x7f000002c000)='./file0\x00', &(0x7f00001d0ffa)='ramfs\x00', 0x0, &(0x7f000000a000)) r0 = socket(0x10, 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') sendfile(r0, r1, &(0x7f0000000000), 0x800000080000002) 11:56:19 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x104, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x8031, r0, 0x0) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000040)) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000000)) 11:56:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x44, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0xc000, 0x8) ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f00000001c0)) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x250000, 0x0) mq_getsetattr(r3, &(0x7f0000000240)={0xb2, 0x5, 0x3ff, 0x3, 0x40, 0x41, 0x9, 0xfff}, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000280)={0x0, 0x8000}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="000021f8a27e2a0d0ca2"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000003000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="0f20e06635040000000f22e0baf80c66b894b1618466efbafc0c66b8c700c0fe66ef0f0866b8204783760f23d00f21f866352000000d0f23f80f235a0f210c673e0f236a650f1b8bf9f7baf80c66b82cce0c8466efbafc0cec0f20e06635002000000f22e0", 0x65}], 0x1, 0x0, &(0x7f0000000480), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x402, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rfkill\x00', 0x10000, 0x0) ioctl$RTC_PIE_ON(r3, 0x7005) ioctl$sock_inet6_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000200)) ioctl$KVM_SMI(r4, 0xaeb7) [ 275.087248] input: syz1 as /devices/virtual/input/input5 [ 275.096950] input: syz0 as /devices/virtual/input/input6 [ 275.195723] input: syz0 as /devices/virtual/input/input7 [ 275.208659] input: syz1 as /devices/virtual/input/input8 11:56:19 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = syz_open_procfs(0x0, &(0x7f0000000080)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424ab9b3f8683ecf89dee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca9fcf03cbf82bd13534737339245d3c70641be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf3ad8882947ffa1fb4c050727beb12c57e06ff590000000000000000000000000000008924578ad49ea1144c7448d640aa88a66a71b77d73a924ff027fdcb550161653d4cb57088385248286f5be9d8766c70c29e6f5063dfe74a1b0b52079159048210b4d271ac94c889b063ca34a09579af03631f128e6dd2c966daecd7c6f7e0f4ebcaf80250cfab07184838078c71d809d06dc0bac75db814525d1d1acaf4cb6f4890f397382ae636697f688094e38db5c22770f53076c630df9bb4c149189ffa975f52087311c5baafc11c90bdc25fc803b71153ddc3995b2df49cdd784bc5bea40861070dadb395e85c93cdfa08e") mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffc, 0x12, r1, 0x0) io_setup(0x0, &(0x7f0000000000)) io_pgetevents(0x0, 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000380)={&(0x7f0000000340), 0x8}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x220000, 0x0) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f00000002c0)=0x100000001, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r4 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f00000000c0), 0x9a, 0xfffffffffffffffd) keyctl$dh_compute(0x1c, &(0x7f0000000080)={r4}, &(0x7f00000009c0)=""/240, 0x4a3, 0x0) r5 = syz_open_dev$vbi(&(0x7f0000000300)='/dev/vbi#\x00', 0x1, 0x2) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r5, 0x40405514, &(0x7f0000000540)={0xa, 0x4, 0x8, 0x9, 'syz1\x00', 0x6}) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r5, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="000127bd7000fbdbdf250900000044005a5910d44bc33250ee0063030014000600fe8000000000000000000000000000bb08000800ff000000140002007663616e30000000000000000000000008000500e07a29c6d7d5589154785f0eb5c89f028b52a553a4680546bd9b3785d97b2ba57ec08155b13262ebeb9b9f3223fae89f773e96ee72f6cc47b63c0eb1f5e99886b2d8bf664a50b57f3e04b61548c028879be5401bd7352dbf70247f8d485d5e890dddb060de60875fcebbe8b77eaa6a6f9651e5a185f0313c27f08c85d16e4fa19ca41d0ac19520cfb9b8af77a699fafc27ae560215f5eea4c83f46f88c1870f39bb4630e68372a5a5639c9c09f6fc195fe4c18979ca39a1a0830e0f187a4824fa4a13209bd0a44841a9bc79db5e78a4895f3c82bf3cc2279e4d7ac9b120c6570f7fc4fda32b8447f704216c0201b317f51c104dc241b841c3204ea"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) syz_open_dev$video4linux(&(0x7f0000000380)='/dev/v4l-subdev#\x00', 0x0, 0x0) socket$key(0xf, 0x3, 0x2) [ 275.572766] ================================================================== [ 275.580182] BUG: KMSAN: uninit-value in keyctl_pkey_params_get+0x29c/0x7d0 [ 275.587240] CPU: 1 PID: 8620 Comm: syz-executor4 Not tainted 4.20.0-rc3+ #91 [ 275.594430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.603778] Call Trace: [ 275.606371] dump_stack+0x32d/0x480 [ 275.610008] ? keyctl_pkey_params_get+0x29c/0x7d0 [ 275.614872] kmsan_report+0x19f/0x300 [ 275.618696] __msan_warning+0x76/0xc0 [ 275.622523] keyctl_pkey_params_get+0x29c/0x7d0 [ 275.627208] keyctl_pkey_verify+0x2e2/0x890 [ 275.631547] __se_sys_keyctl+0x112c/0x1af0 [ 275.635794] ? prepare_exit_to_usermode+0x182/0x4c0 [ 275.640828] ? syscall_return_slowpath+0xed/0x730 [ 275.646636] ? __msan_get_context_state+0x9/0x20 [ 275.651397] __x64_sys_keyctl+0x62/0x80 [ 275.655383] do_syscall_64+0xcf/0x110 [ 275.659194] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 275.664380] RIP: 0033:0x457569 11:56:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x44, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0xc000, 0x8) ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f00000001c0)) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x250000, 0x0) mq_getsetattr(r3, &(0x7f0000000240)={0xb2, 0x5, 0x3ff, 0x3, 0x40, 0x41, 0x9, 0xfff}, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000280)={0x0, 0x8000}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="000021f8a27e2a0d0ca2"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000003000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="0f20e06635040000000f22e0baf80c66b894b1618466efbafc0c66b8c700c0fe66ef0f0866b8204783760f23d00f21f866352000000d0f23f80f235a0f210c673e0f236a650f1b8bf9f7baf80c66b82cce0c8466efbafc0cec0f20e06635002000000f22e0", 0x65}], 0x1, 0x0, &(0x7f0000000480), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x402, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rfkill\x00', 0x10000, 0x0) ioctl$RTC_PIE_ON(r3, 0x7005) ioctl$sock_inet6_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000200)) ioctl$KVM_SMI(r4, 0xaeb7) [ 275.667575] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 275.686475] RSP: 002b:00007f530de4fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 275.694187] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457569 [ 275.701465] RDX: 00000000200009c0 RSI: 0000000020000080 RDI: 000000000000001c [ 275.708737] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 275.716010] R10: 00000000000004a3 R11: 0000000000000246 R12: 00007f530de506d4 [ 275.723292] R13: 00000000004c286f R14: 00000000004d4258 R15: 00000000ffffffff [ 275.730582] [ 275.732216] Local variable description: ----args.i@keyctl_pkey_params_get [ 275.739374] Variable was created at: [ 275.744118] keyctl_pkey_params_get+0xaa/0x7d0 [ 275.748733] keyctl_pkey_verify+0x2e2/0x890 [ 275.753050] ================================================================== [ 275.760401] Disabling lock debugging due to kernel taint [ 275.765854] Kernel panic - not syncing: panic_on_warn set ... [ 275.771735] CPU: 1 PID: 8620 Comm: syz-executor4 Tainted: G B 4.20.0-rc3+ #91 [ 275.780300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.789643] Call Trace: [ 275.792230] dump_stack+0x32d/0x480 [ 275.795866] panic+0x624/0xc08 [ 275.799064] kmsan_report+0x300/0x300 [ 275.802884] __msan_warning+0x76/0xc0 [ 275.806680] keyctl_pkey_params_get+0x29c/0x7d0 [ 275.811353] keyctl_pkey_verify+0x2e2/0x890 [ 275.815689] __se_sys_keyctl+0x112c/0x1af0 [ 275.819932] ? prepare_exit_to_usermode+0x182/0x4c0 [ 275.824950] ? syscall_return_slowpath+0xed/0x730 [ 275.829794] ? __msan_get_context_state+0x9/0x20 [ 275.834546] __x64_sys_keyctl+0x62/0x80 [ 275.838512] do_syscall_64+0xcf/0x110 [ 275.842825] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 275.848006] RIP: 0033:0x457569 [ 275.851193] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 275.870092] RSP: 002b:00007f530de4fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 275.877792] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457569 [ 275.885058] RDX: 00000000200009c0 RSI: 0000000020000080 RDI: 000000000000001c [ 275.892321] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 275.899581] R10: 00000000000004a3 R11: 0000000000000246 R12: 00007f530de506d4 [ 275.907312] R13: 00000000004c286f R14: 00000000004d4258 R15: 00000000ffffffff [ 275.915677] Kernel Offset: disabled [ 275.919307] Rebooting in 86400 seconds..