[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 41.671922] audit: type=1800 audit(1569835399.131:33): pid=7406 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 [ 41.693322] audit: type=1800 audit(1569835399.141:34): pid=7406 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 [ 42.696188] audit: type=1400 audit(1569835400.161:35): avc: denied { map } for pid=7579 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.84' (ECDSA) to the list of known hosts. 2019/09/30 09:23:26 fuzzer started syzkaller login: [ 49.118130] audit: type=1400 audit(1569835406.581:36): avc: denied { map } for pid=7588 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/09/30 09:23:28 dialing manager at 10.128.0.105:33829 2019/09/30 09:23:28 syscalls: 2489 2019/09/30 09:23:28 code coverage: enabled 2019/09/30 09:23:28 comparison tracing: enabled 2019/09/30 09:23:28 extra coverage: extra coverage is not supported by the kernel 2019/09/30 09:23:28 setuid sandbox: enabled 2019/09/30 09:23:28 namespace sandbox: enabled 2019/09/30 09:23:28 Android sandbox: /sys/fs/selinux/policy does not exist 2019/09/30 09:23:28 fault injection: enabled 2019/09/30 09:23:28 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/09/30 09:23:28 net packet injection: enabled 2019/09/30 09:23:28 net device setup: enabled 09:26:25 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0) [ 227.891139] audit: type=1400 audit(1569835585.351:37): avc: denied { map } for pid=7605 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14986 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 228.023707] IPVS: ftp: loaded support on port[0] = 21 09:26:25 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0x4058534c, &(0x7f00000000c0)={{0x80}, 0x1, 0x0, 0x2}) [ 228.181534] chnl_net:caif_netlink_parms(): no params data found 09:26:25 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newqdisc={0x444, 0x24, 0x507, 0x0, 0x0, {0x0, r3, {0x0, 0xe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbq={{0x8, 0x1, 'cbq\x00'}, {0x418, 0x2, [@TCA_CBQ_RTAB={0x404}, @TCA_CBQ_RATE={0x10, 0x5, {0x6, 0x0, 0x0, 0x0, 0x0, 0x5}}]}}]}, 0x444}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newqdisc={0x24, 0x24, 0x507, 0x0, 0x0, {0x0, r3, {}, {0x4, 0xe}}}, 0x24}}, 0x0) [ 228.254363] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.261269] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.277570] device bridge_slave_0 entered promiscuous mode [ 228.294119] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.307910] IPVS: ftp: loaded support on port[0] = 21 [ 228.313342] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.343927] device bridge_slave_1 entered promiscuous mode [ 228.417531] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 228.429633] bond0: Enslaving bond_slave_1 as an active interface with an up link 09:26:26 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4cc74502f987c2cec6504df6ead74ed8a60ab563e98b4b2a3d27a7082dbb78abd55fba3da80b856445ab100621d6234555c08dc540473753cd89e9b08e3f5972fe9ca162b123e192e8c89c9dd81c796f27f537cc5a3fb54aff8eaff4f6b59c41705b96a6711d4679079d00"/137], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) lstat(&(0x7f0000000180)='./file0\x00', 0x0) write$FUSE_ATTR(r2, &(0x7f0000000540)={0x78}, 0x78) umount2(&(0x7f0000000000)='./file0\x00', 0x0) [ 228.509693] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 228.519003] team0: Port device team_slave_0 added [ 228.544597] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 228.551834] team0: Port device team_slave_1 added [ 228.566508] chnl_net:caif_netlink_parms(): no params data found [ 228.586054] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 228.595319] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 228.599386] IPVS: ftp: loaded support on port[0] = 21 [ 228.726595] device hsr_slave_0 entered promiscuous mode 09:26:26 executing program 4: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0, 0x0, 0x0, 0x1a6}}], 0x4000000000000f6, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) request_key(0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='stat\x00') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) [ 228.775275] device hsr_slave_1 entered promiscuous mode [ 228.815465] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 228.822748] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 228.853031] IPVS: ftp: loaded support on port[0] = 21 [ 228.860587] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.867750] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.881734] device bridge_slave_0 entered promiscuous mode [ 228.891104] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.898097] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.907134] device bridge_slave_1 entered promiscuous mode [ 228.938378] IPVS: ftp: loaded support on port[0] = 21 [ 228.978526] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 229.015965] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 229.036630] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.043941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.051117] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.057535] bridge0: port 1(bridge_slave_0) entered forwarding state 09:26:26 executing program 5: socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000000)=0x2) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62160554]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000780)={"54abec7338595f275a2292c45ff078f1cbbf04241d1c3421ec9bf61b2221bc18246e74f0001e36735c2ad340bf94ad2a35cfc5d0953a3b2bfd41e2e051c6765447395415a9b05dffbe957e300168dc46f8377130fd28e50a805a6005ab6167da65430e3fcc214d7893c6d91026b5f5192f346a367dbc8ae5df0fd099b4e7a6dadd7f555b203f504eda86e0e8d8c5f319604db5a686750d03bf3a67210063e9a17ca0a1ccd80a7d57cb034b828b784b14c9e5dd70ca358c6819c3df7f4443dced6d9a56bb54eac6538cc61c5e9ef3bda9feeb62cbe4f0e1d1c7f6cbbcada85dbb247b0551773f0734e6f4733db49c22e497557c2f74bfa0e4af9b6228643f180d9f9e1e2bcdf0c35a5b8c388e728b574a066e190800db7b42573f534b8f60e8f756dc4d8dec7ad58b0474fc002851b265cc72099d43115828ac723e73009150fcf7196b4133e2988d4b0fc459e57293afef8837fa0d5d24b984a95cb4bdc48fc9c6e73ebee6b1a3239b2c0eef7c751ccb9f2dcdc3c69173db48df6b5d6e59e6465283de675a8d053e7f3abf86f43006a5a0c6225a589c12583e767b9d817f17bf690444a18e6f8a35b2cb4b60c191efbb16393560b568ee6c82bed918aa4a34b575ac9966b395aafa7fc3b7f467b484eb7d2617e0a240e8acbc2a7e02b650f7d1be52f462be20faa32dd88eb041e2c46b24ed7ab79c10f05296f5461f4ebda25dd7b9908da4be62b0871b169016fab8aae31c7ba45e5b30b7556a062999f43d2dbb9995d2d5de72ffe885bf6bce45caa470933c0906807da75cd38533d8f16d875452c543b259e78215011d2be638eab023513cfe0693d3107e17cfc87e038fc7d1db232d15307fe1d2a818d0a4bde2c53d221111ffa646514dd1fbd3c011b058f79c6fb0a31857ea309018bf72180a434611195c975cf5e285777231b6f158ecaf212183600379fe9762277c13cb6cde9cc0178b883fd1f210180e599f8eb33d33a9ff0f70db1de485b2f2434f2707bf9a54bb6aff687c515c430d5087f4d53a57adf7c97a06dcc61d7733a93dc505d57d8d5c83bf83e345a979307d708756c3f0f1c53a28883b665fda239019f32fc6f07d700d05023e9ef5b66d4b6be57ffd6fe39703fd4eed61535568f47ee51eff8290618e8387d0ba0d00c5bc4585d2d85688af46bb1da08bf42901634cb10e6b03ee276c16980090b59f3c57b428ae0a7ede758c781e2a5a8585e903adde0a0a281a7779a59067d82985655d9138b75042970e11aee4b95b8bcf232473767cca0139b2c2fb40045c6e031950c314015db2524c3f2fe941f249d158a44aa14774e61b2ee185bdfea8f317e440a39533c6db7ffd3c2b626c1e1e088bcebc59526b016cc6a0e4b766c3f00f619d366e5a4378bc15f805a6fb8c9400"}) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 229.116954] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 229.125884] team0: Port device team_slave_0 added [ 229.161078] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 229.172050] team0: Port device team_slave_1 added [ 229.182862] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.191281] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.239025] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 229.246472] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 229.376335] device hsr_slave_0 entered promiscuous mode [ 229.413519] device hsr_slave_1 entered promiscuous mode [ 229.454038] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 229.462713] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 229.472915] chnl_net:caif_netlink_parms(): no params data found [ 229.498089] IPVS: ftp: loaded support on port[0] = 21 [ 229.517455] chnl_net:caif_netlink_parms(): no params data found [ 229.576884] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.585470] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.592476] device bridge_slave_0 entered promiscuous mode [ 229.600026] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.606453] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.614456] device bridge_slave_1 entered promiscuous mode [ 229.639986] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 229.664247] chnl_net:caif_netlink_parms(): no params data found [ 229.674222] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 229.688730] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 229.738829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.760550] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.767556] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.774603] device bridge_slave_0 entered promiscuous mode [ 229.787760] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 229.795533] team0: Port device team_slave_0 added [ 229.811343] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.817841] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.825522] device bridge_slave_1 entered promiscuous mode [ 229.836277] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.842720] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.850525] device bridge_slave_0 entered promiscuous mode [ 229.857776] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.864196] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.872317] device bridge_slave_1 entered promiscuous mode [ 229.879272] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 229.887169] team0: Port device team_slave_1 added [ 229.892498] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 229.906483] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 229.920146] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 229.935637] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 229.948258] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 229.958633] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 229.980283] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 229.988029] team0: Port device team_slave_0 added [ 230.006694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.014849] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 230.023985] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.031099] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 230.037837] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.046531] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 230.054886] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 230.062128] team0: Port device team_slave_1 added [ 230.070531] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 230.082174] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 230.101176] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 230.109463] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 230.175539] device hsr_slave_0 entered promiscuous mode [ 230.213567] device hsr_slave_1 entered promiscuous mode [ 230.296401] device hsr_slave_0 entered promiscuous mode [ 230.333646] device hsr_slave_1 entered promiscuous mode [ 230.374035] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 230.381973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.390231] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 230.397946] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.404322] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.417256] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 230.433585] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 230.443980] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 230.451231] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 230.462200] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.470391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 230.478228] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.484637] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.493369] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 230.501336] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 230.511825] chnl_net:caif_netlink_parms(): no params data found [ 230.524399] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 230.531737] team0: Port device team_slave_0 added [ 230.537928] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 230.545490] team0: Port device team_slave_1 added [ 230.552514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 230.586143] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 230.594247] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 230.600542] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 230.612322] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 230.621580] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 230.636396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.644436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 230.651289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.659211] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 230.667530] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 230.675516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 230.690034] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 230.711029] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.719026] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.726799] device bridge_slave_0 entered promiscuous mode [ 230.735989] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 230.742049] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.749563] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 230.795567] device hsr_slave_0 entered promiscuous mode [ 230.834141] device hsr_slave_1 entered promiscuous mode [ 230.883512] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.889883] bridge0: port 2(bridge_slave_1) entered disabled state [ 230.899992] device bridge_slave_1 entered promiscuous mode [ 230.915719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 230.923811] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 230.934238] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 230.945599] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 230.952551] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 230.960866] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 230.970362] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 230.979615] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 230.986788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.996127] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 231.003932] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.010266] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.017682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 231.025295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 231.032928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 231.041853] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 231.052827] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 231.073042] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 231.081809] team0: Port device team_slave_0 added [ 231.094696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 231.102550] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 231.110367] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.116747] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.126013] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 231.135619] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 231.154283] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 231.161559] team0: Port device team_slave_1 added [ 231.167455] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 231.175001] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 231.190155] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 231.200033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 231.207750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 231.215259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 231.222934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 231.248535] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 231.256898] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 231.262895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 231.270869] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 231.315469] device hsr_slave_0 entered promiscuous mode [ 231.353686] device hsr_slave_1 entered promiscuous mode [ 231.393979] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 231.409884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 231.417783] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 231.425690] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 231.436094] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 231.457409] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.465226] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 231.483045] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.497284] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 231.505555] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 231.512743] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 231.522171] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 231.530524] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 231.540814] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 231.549052] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 231.558983] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 231.566092] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 231.574025] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 231.581638] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 231.588707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 231.599728] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 231.609154] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 231.619711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 231.627573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 231.635297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 231.642130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 231.651193] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 231.657529] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 231.669451] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 231.675624] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.684840] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 231.690921] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.709647] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 231.722070] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 231.732474] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 231.741513] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 231.756803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 231.766868] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 231.774825] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.781163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.789075] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 231.798222] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 231.809210] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 231.823483] audit: type=1400 audit(1569835589.281:38): avc: denied { associate } for pid=7609 comm="syz-executor.1" name="syz1" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 231.859457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 231.868784] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 231.876806] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.883208] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.890781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 231.899296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 231.907022] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.913404] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.920673] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 231.952443] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 231.974121] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 231.994859] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready 09:26:29 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) inotify_init1(0x81400) [ 232.017884] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.044705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 232.061481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 232.087311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 232.095513] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.101868] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.108981] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 232.124225] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 232.139190] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 232.148686] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 232.159888] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 232.167249] audit: type=1400 audit(1569835589.631:39): avc: denied { create } for pid=7633 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 232.192423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 232.192556] hrtimer: interrupt took 33063 ns [ 232.201061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 232.212178] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 09:26:29 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000004900)={0x0, 0x0, &(0x7f00000048c0)={&(0x7f0000004840)={0x68, r1, 0x601, 0x0, 0x0, {{}, 0x0, 0x4108, 0x0, {0x4c, 0x18, {0x0, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0) [ 232.220490] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 232.229241] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 232.242539] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.264433] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 232.280167] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 232.291888] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 232.302311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 232.306134] audit: type=1400 audit(1569835589.771:40): avc: denied { create } for pid=7641 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 232.313496] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.347717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 232.349377] audit: type=1400 audit(1569835589.801:41): avc: denied { write } for pid=7641 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 09:26:29 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000000)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, 0x0) r1 = add_key(&(0x7f0000002000)='logon\x00', &(0x7f0000001000), &(0x7f0000001000)="1c989cc9f58ec796be4720e6160291a2fb7c6445e84b8e9e349ead029fe38d5810bf992b5d51f406a51cc339021268aed6f767582af42dbc8ea1110e4353fcf30b20f1f27ed3b44bef6444f8ca6a808e34ded636ef55e151c11b4ef7a5384f4a0ceb885759dfeeca5aaa540de461d2130755897533032f5639c4ba79988a49d63084f2cbed0a84e5e733146f15192fdabd0e3a", 0x93, 0xfffffffffffffffc) keyctl$clear(0x7, r1) keyctl$instantiate_iov(0x14, r0, &(0x7f0000000100)=[{&(0x7f00000001c0)="415c9084c5c9e9d9a3ada75ac6a75f5cdd3bd9d3bc655ca43ae0c861071dc24844841eee0d31fb343f8818a896b2517f1c92d31bf48022c1179c9b4a704aac5f654e588d00bb16c4c8e0a161f0de708e8ae93d7d9fa17868b1b7960ce6f4243de79982aee76e01db7e3bff971fee3bd76b5547c44885f26bda59ebaf12ef305109466c9b8a2eb696c0b4121577", 0x8d}, {&(0x7f0000000280)="32aeec434fd58786d13dc1b183db6ffa9fe785ab862f580b7802d1c359e7afba6c6debe0a9625b2fd2aaa4062931228afca7912f34125134f2e4e6caaf9c8a08205f55dfef14b12c34a7fb57176b5a5b9666ad39947b998feee0a08b4ca81cc963deec9930a13b14c84a0bf4affbe26ab2ec630d3f473a3a277077cd25", 0x7d}, {&(0x7f0000000300)="10cc60d32d6abdf957cbe47d3d24b63d8745c293848acf1420479410991d289dc4f45aa21cd673b7a55fc56f4014604c6aca3b993a578296b17d74cb77895aadc5a3517da44732ac70cd7f66ade149d5e0eb861e1d5cd8bf978f8d759d241e8fc5d24bc85f0024994d5cf2d7f313de951ad3e0277ea45f77b3c0581309355845cc88d203fb57922dec2a902decfcdbdf8806ce208a1761fe7f8b864bf7bdb33d360fb37abb8f75e44bcf839dc842cf64f6f365", 0xb3}, {&(0x7f00000003c0)="59897c2b1b72b7514e0aaf1a64a08898adc3c2728f427417290a1a89a7b1f3d87305382b111fc2c8c3d5fa80978c9c8637c70d2789a8f94460d749ab44d5c6e15885e346b617b271c3e2c037e457def08783c7288ea4c4444d789c13347990e0ccca9d4eed83df64a1976c42362dfabac6b7f91bf8f7fa996fb59d7aeb09985f97128e2d6baf12393042c34a676cec6b55", 0x91}], 0x4, r1) keyctl$restrict_keyring(0x1d, r0, 0x0, 0x0) syz_emit_ethernet(0x42, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa0000019078ac141400ac1423bb830300000b009078000000004500000000000000000000007f000001e0000001"], 0x0) ioctl$TCSETXW(0xffffffffffffffff, 0x5435, &(0x7f00000000c0)={0x5, 0x20, [0x0, 0x2, 0xff, 0x1, 0x6], 0x200}) syz_genetlink_get_family_id$net_dm(&(0x7f0000000040)='NET_DM\x00') [ 232.362598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 232.379381] audit: type=1400 audit(1569835589.801:42): avc: denied { read } for pid=7641 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 232.421862] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 232.438228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 232.448093] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 232.457392] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 232.467102] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 232.474286] 8021q: adding VLAN 0 to HW filter on device team0 09:26:30 executing program 0: r0 = socket$inet(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="24000000520007031dfffd946fa2830081200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @sit={{0x8, 0x1, 'sit\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_LINK={0x8, 0x2, r3}]]}}}]}, 0x38}}, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x210, 0x2, 0x0) [ 232.481923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 232.494477] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 232.503622] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 232.514687] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 232.522704] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 232.532440] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 232.549949] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 232.562889] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 232.574052] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 09:26:30 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00'], 0x1) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) lseek(r1, 0x0, 0x4) [ 232.594480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 232.603758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 232.611783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 232.620951] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 232.629099] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.635513] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.647525] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 232.654896] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 232.664507] audit: type=1804 audit(1569835590.121:43): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir228967918/syzkaller.2w18Ue/3/bus" dev="sda1" ino=16524 res=1 [ 232.694593] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 232.706118] audit: type=1804 audit(1569835590.171:44): pid=7656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir228967918/syzkaller.2w18Ue/3/bus" dev="sda1" ino=16524 res=1 [ 232.723250] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready 09:26:30 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x17, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000000000000bfa300000000000016030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000402704000001000000b7050000050000006a0a00fe00000000850000003f000000b70000002000000095000000000000009cc6b3fcd62c7d1c6238975d43a4505f80fc889f3c530cf08e467b592f868ee3b0a434df0a0e8c1bf176db2a6b2feb4b6fd3d5707ba3b12cca02a5d0841314dc79ec083f28f9d4e984c46ea7e2b347a36f5662403e1b2be4cc7c2683908a24001a9872971c7c56f0979bd10b97163c1d6d78589cd4fb21a6d06b50e57b6ede4fab0e196bf02f46c7953ab1abda45cbe8f9de9ca3c06c36efe1020ccdee9c8142e91e0cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263f6a728321e927917b9bb64aaf93ffa314d03565334fb0e73f3b05c98f029dc6b0b999b09edd9ed3e3163a19f32b98966154ab3dafb2375ecb33e12b345e77006082eefdd770612cbe81e51af3b23bf5adb018e3f25e5cddd57e27d26e55093057fb6f3999e4f5045a63f4d15536b2b44a2bace496289366badfa859fc558552f4a1104716f080000000c02dd18dfc89dfa36c205e63faa2641bc46103e1b547993d7351c9f837cb94cba89d9b34f684aaa8de14e3029aee5ebbc13e10a29e7c02711e7165a4f6548e8e66cf6bfae4ac0d0387afb3137470e89a84b13d3581026e8743d758ddf291176884d158d63cca177635fe7ea00f80e10481291968323fc9a81e23bf262077921b9a947d04cee5843040c080657ea04dcadcc9402006e9b10982afd41f5a66577ef7ec28f84549619ab75bf6c290e8894e152dd8f22f0f24d17af36024158635d9dbac582daa1adf9cd8032c2a4446268c55cd81e4daf00b24ad589bcd0346e0ce6c3a94e215553d4fb1dfe8b29216c842dd410f3e4f1f316d74033aaa0242e10ab9751d7b1bf3c06759feaefbbbfc788355ca6d60d6f469093d92140fda4b294e5de879d86457c8d04853b843afa3a434771863eb3295594c148d3d3f6273cac491d4aba110700483660ef594ee25fc3f31bc8a40753b791af137d121594836c7508627bdfc056126d499064863aea2d4cf35c7f4e7222d63ad8318459a5b8b0882adbaa46d2f84e64111125992931fb000e2780ab4a099ba67254f7e058231d6e510000000000000000000000000080bf38c44777db6408bb184e5cca9a2a0cd9832ad18370ff7ea19fddea94acc328a09ff756f0066f5f55935b539e712ba914a30d25463e66348497b9a687d9ea1b1b6f20e73810638fa039b334c53e88ffa049fa42588793e0ffe8463d"], &(0x7f0000000340)='GPL\x00'}, 0x48) [ 232.746323] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.759180] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 232.770866] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 09:26:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r4 = fcntl$dupfd(r3, 0x0, r3) bind$bt_rfcomm(r4, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x2}}, 0xa) syz_kvm_setup_cpu$x86(r4, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xfffffd94) [ 232.790287] audit: type=1400 audit(1569835590.251:45): avc: denied { prog_load } for pid=7659 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 [ 232.824909] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 232.833375] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 232.842630] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.857875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 232.871563] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 232.872452] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 232.883053] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.900874] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.914147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 232.922265] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 232.941643] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 232.951396] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 232.961495] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready 09:26:30 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet(0x2, 0xa, 0x2) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) [ 232.989586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 233.004180] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 233.011757] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.018167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.028190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 233.040541] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 233.049791] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 233.069449] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 233.082015] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 233.092234] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 233.101801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 233.115194] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 233.121929] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET) [ 233.126113] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 233.141745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 233.151573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 233.159763] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 233.168102] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.174508] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.184603] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 233.203252] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 233.214226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 233.222258] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 233.238370] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 233.251547] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 233.263809] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 233.275408] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 233.292607] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 233.315828] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 233.329418] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 233.337625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 233.348962] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 233.356919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 233.365094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 233.378180] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 233.391255] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 233.399637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 233.408440] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 233.418048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 233.426096] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 233.434807] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 233.445102] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 233.453947] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 233.459964] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 233.471888] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 233.480549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 233.489454] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 233.499831] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 233.512667] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 233.537464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 233.548374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 233.574707] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 233.591715] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 233.603747] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 233.609895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 233.630107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 233.646992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 233.656409] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 233.673979] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready 09:26:31 executing program 2: r0 = gettid() dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000000c0)) times(0x0) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0) add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) request_key(0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_PKEY_VERIFY(0x1c, 0x0, 0x0, 0x0, &(0x7f0000001500)) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$instantiate_iov(0x14, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x1000000000016) 09:26:31 executing program 0: r0 = socket$netlink(0x10, 0x3, 0xc) writev(r0, &(0x7f0000000100)=[{&(0x7f0000fb4000)="1f00000002031900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1) r1 = socket$netlink(0x10, 0x3, 0xc) writev(r1, &(0x7f000037d000)=[{&(0x7f0000000040)="1f00000002031900000007000000068100ed853b09000100010100ff3ffe58", 0x1f}], 0x1) r2 = socket$netlink(0x10, 0x3, 0xc) writev(r2, &(0x7f0000000100)=[{&(0x7f0000fb4000)="1f00000002031900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1) [ 233.700453] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 233.751346] audit: type=1400 audit(1569835591.211:46): avc: denied { write } for pid=7682 comm="syz-executor.0" path="socket:[28561]" dev="sockfs" ino=28561 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 09:26:31 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0x3f551f4) clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00') setxattr$security_capability(&(0x7f0000000180)='./file3\x00', 0x0, &(0x7f0000000200)=@v2, 0x14, 0x1) 09:26:31 executing program 1: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0x3f551f4) clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00') setxattr$security_capability(&(0x7f0000000180)='./file3\x00', &(0x7f00000001c0)='security.capability\x00', &(0x7f0000000200)=@v2, 0x0, 0x1) 09:26:31 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x9, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000000000000bfa300000000000016030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000402704000001000000b7050000050000006a0a00fe00000000850000003f000000b70000002000000095000000000000009cc6b3fcd62c7d1c6238975d43a4505f80fc889f3c530cf08e467b592f868ee3b0a434df0a0e8c1bf176db2a6b2feb4b6fd3d5707ba3b12cca02a5d0841314dc79ec083f28f9d4e984c46ea7e2b347a36f5662403e1b2be4cc7c2683908a24001a9872971c7c56f0979bd10b97163c1d6d78589cd4fb21a6d06b50e57b6ede4fab0e196bf02f46c7953ab1abda45cbe8f9de9ca3c06c36efe1020ccdee9c8142e91e0cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263f6a728321e927917b9bb64aaf93ffa314d03565334fb0e73f3b05c98f029dc6b0b999b09edd9ed3e3163a19f32b98966154ab3dafb2375ecb33e12b345e77006082eefdd770612cbe81e51af3b23bf5adb018e3f25e5cddd57e27d26e55093057fb6f3999e4f5045a63f4d15536b2b44a2bace496289366badfa859fc558552f4a1104716f080000000c02dd18dfc89dfa36c205e63faa2641bc46103e1b547993d7351c9f837cb94cba89d9b34f684aaa8de14e3029aee5ebbc13e10a29e7c02711e7165a4f6548e8e66cf6bfae4ac0d0387afb3137470e89a84b13d3581026e8743d758ddf291176884d158d63cca177635fe7ea00f80e10481291968323fc9a81e23bf262077921b9a947d04cee5843040c080657ea04dcadcc9402006e9b10982afd41f5a66577ef7ec28f84549619ab75bf6c290e8894e152dd8f22f0f24d17af36024158635d9dbac582daa1adf9cd8032c2a4446268c55cd81e4daf00b24ad589bcd0346e0ce6c3a94e215553d4fb1dfe8b29216c842dd410f3e4f1f316d74033aaa0242e10ab9751d7b1bf3c06759feaefbbbfc788355ca6d60d6f469093d92140fda4b294e5de879d86457c8d04853b843afa3a434771863eb3295594c148d3d3f6273cac491d4aba110700483660ef594ee25fc3f31bc8a40753b791af137d121594836c7508627bdfc056126d499064863aea2d4cf35c7f4e7222d63ad8318459a5b8b0882adbaa46d2f84e64111125992931fb000e2780ab4a099ba67254f7e058231d6e510000000000000000000000000080bf38c44777db6408bb184e5cca9a2a0cd9832ad18370ff7ea19fddea94acc328a09ff756f0066f5f55935b539e712ba914a30d25463e66348497b9a687d9ea1b1b6f20e73810638fa039b334c53e88ffa049fa42588793e0ffe8463d"], &(0x7f0000000340)='GPL\x00'}, 0x48) 09:26:31 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x6, &(0x7f0000000080)=0x8, 0x4) getsockopt$inet_tcp_int(r0, 0x6, 0x6, 0x0, &(0x7f00000000c0)) 09:26:31 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysfs$2(0x2, 0x0, &(0x7f0000000240)=""/105) 09:26:31 executing program 5: socket$key(0xf, 0x3, 0x2) socket$inet(0x2, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) fstat(0xffffffffffffffff, 0x0) setgid(0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000440)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0//ile0\x00', 0x0) r0 = socket$inet6(0xa, 0x401000000001, 0x0) close(r0) r1 = open(0x0, 0x1141042, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) ftruncate(r1, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) syz_open_procfs(0x0, 0x0) rmdir(&(0x7f0000000340)='./file0//ile0\x00') 09:26:31 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r7, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2, 0x0, 0x0, 0xe1) 09:26:31 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = fcntl$dupfd(r2, 0x0, r2) bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x2}}, 0xa) 09:26:31 executing program 3: r0 = eventfd(0x943) write$eventfd(r0, &(0x7f0000000380)=0xfffffffffffffffe, 0x8) read$eventfd(r0, &(0x7f0000000180), 0x8) 09:26:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x15, 0x80005, 0x0) getsockopt(r0, 0x114, 0x2719, &(0x7f0000af0fe7)=""/13, &(0x7f000033bffc)=0x7ffff000) 09:26:31 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$P9_RLERRORu(r0, &(0x7f0000000100)={0x19, 0x7, 0x0, {{0xc, 'cgroup.stat\x00'}}}, 0x19) 09:26:31 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)='\x00', 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0) sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37) 09:26:32 executing program 4: socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil) shmat(r5, &(0x7f0000000000/0x13000)=nil, 0x4000) prlimit64(0x0, 0x0, 0x0, &(0x7f0000000040)) shmctl$IPC_SET(0x0, 0x1, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, 0x0) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62160554]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 09:26:32 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup2(r0, r0) r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad", 0x44}, {0x0}, {&(0x7f0000000040)}, {0x0}], 0x4, 0x2) 09:26:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x15, 0x80005, 0x0) getsockopt(r0, 0x114, 0x2719, &(0x7f0000af0fe7)=""/13, &(0x7f000033bffc)=0x7ffff000) 09:26:32 executing program 2: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') fchmod(r0, 0x0) 09:26:32 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = fcntl$dupfd(r2, 0x0, r2) bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x2}}, 0xa) 09:26:32 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire], 0x0, 0x0, 0x0}) 09:26:32 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x0, 0x0) close(r0) openat$cachefiles(0xffffffffffffff9c, &(0x7f00000015c0)='/dev/cachefiles\x00', 0x0, 0x0) close(r0) [ 235.109435] audit: type=1400 audit(1569835592.571:47): avc: denied { setattr } for pid=7769 comm="syz-executor.2" name="stat" dev="proc" ino=29076 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=file permissive=1 09:26:32 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) ioctl$TIOCGWINSZ(r0, 0x5413, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") syz_emit_ethernet(0xffb6, &(0x7f000000a000)={@broadcast=[0xff, 0xe0], @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x3, 0x0, 0xfec3, 0x0, 0x0, 0x0, 0x29, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @udp={0x0, 0x0, 0xffffca88}}}}}, 0x0) 09:26:32 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)='\x00', 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0) sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37) 09:26:32 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x200408d4, &(0x7f000072e000)={0xa, 0x0, 0x0, @empty}, 0x1c) 09:26:32 executing program 2: [ 235.360119] sit: non-ECT from 172.20.255.187 with TOS=0x3 09:26:32 executing program 3: 09:26:32 executing program 2: 09:26:33 executing program 0: [ 235.507604] sit: non-ECT from 172.20.255.187 with TOS=0x3 09:26:33 executing program 4: 09:26:33 executing program 2: 09:26:33 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)='\x00', 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0) sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37) 09:26:33 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)='\x00', 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0) sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37) 09:26:33 executing program 1: 09:26:33 executing program 4: 09:26:33 executing program 0: 09:26:33 executing program 2: 09:26:33 executing program 1: 09:26:33 executing program 4: 09:26:33 executing program 0: 09:26:33 executing program 2: 09:26:33 executing program 1: 09:26:33 executing program 0: 09:26:33 executing program 5: 09:26:33 executing program 4: 09:26:33 executing program 2: 09:26:33 executing program 3: 09:26:33 executing program 1: 09:26:33 executing program 0: 09:26:33 executing program 3: 09:26:33 executing program 2: 09:26:33 executing program 4: r0 = syz_open_dev$binder(&(0x7f0000000340)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000004c0)={0x4c, 0x0, &(0x7f00000005c0)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 09:26:33 executing program 5: 09:26:33 executing program 3: 09:26:33 executing program 4: 09:26:33 executing program 0: 09:26:33 executing program 1: 09:26:33 executing program 2: 09:26:34 executing program 5: 09:26:34 executing program 3: 09:26:34 executing program 1: 09:26:34 executing program 0: 09:26:34 executing program 2: 09:26:34 executing program 4: 09:26:34 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x6, &(0x7f0000000080)=0x8, 0x4) getsockopt$inet_tcp_int(r0, 0x6, 0x6, 0x0, &(0x7f0000000000)=0x2b0) 09:26:34 executing program 0: clone(0x808100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) 09:26:34 executing program 4: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r3, &(0x7f0000000040), 0xe) listen(r3, 0x0) 09:26:34 executing program 2: r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x0, 0x0) ioctl$VFIO_CHECK_EXTENSION(r0, 0x3b65, 0x3) [ 236.838040] ptrace attach of "/root/syz-executor.0"[7606] was attempted by "/root/syz-executor.0"[7888] 09:26:34 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180)='/dev/net/tun\x00', 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_dev$loop(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$BLKPG(r2, 0x1269, 0x0) ioctl$KIOCSOUND(r1, 0x4b2f, 0x0) getgid() sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'b\x14\x90\x10_slA\x97\xdc\x8f\x00\x00\x00\x00 ', 0x43732e5398416f1a}) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) 09:26:34 executing program 3: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="b40800002c000107f1ff58980000000000000000", @ANYRES32, @ANYBLOB="000005000000000006000000080001007533320088080200240105000cff080000058000a30ee30000000000000000010000003f0800000006000000ffffffff0000000308000000020000000000000200000004ff0700001f00000000000400000000018b0700008800000000000001000000020100000005000000000000020000080006000000ea000000000000600000000000020000000000000000000400000003000100000001000000000006000000060900000003000000000000f30000000509000000ffff00000000000700000001010000000700000026d9c9ac0000000208000000aaed000000000003fffffffd05000000010000000000000000000000dc000000000001000000ffff000000012a6a000001000000000000090000000140000000080000000000076600000005fcffffffe203000004040500028b070066520100050001000000000300000003000000040200000006000000fffffff7ffffffc0040000000300000000000020000001ffa80c000000000000000000020000000508000000d3000000000005f90000007f7d574e6d0700000000000009339e00007104000001f8ffff0000003f0000000000100000000000000000000000006b806200000014000000000046d9fffffff901040000070000000000000700000000ad000000010000000000000900000006000000004020000000000ea100006d430700000009000000000001870000003f070000000500000000000006ffff0000090000007f0000000000002000000001000000000600000000000400000000070000000050000000000000c600000007ffffffff030000000000000200000009faffffff0008000000000efc00000000010000000000010000000080000000066e00000004000000000000020000002200000000800000000000010000000006ff7f00000900000000000001fffffffd01000000030000000000003f0000000008000000150f0000000000be000006c7010400000100010000000003ffffffff0800000009000000000000600000000605000000080000000000000300000006010100000400000000008001000001010000000004000000ffff000000000003030000002e000000000007ff00000007ff0f0000ca00000000008001ffffffff0400000000000000000000010000c384050000006800000000000fff0000007f07000000030000000000000200000000010100000800000000000005000000030000000009000000ffffffff000007ff02000000010001000000f19000000065080000000300000000000000000002440400000000100000000005d10000000601010000050000000000008100007fff000200000800000000000000000000071901000028b100000000003f000002d200000000030000000000008000000004740c000001040000000000060000072103000000080000000000000700000008000200000800000000000065000000bf0500000022000000fffffffd000000037f0000000200000000000008000000090104000001000000000000000000000401000000080000000000000000000001070000000600000000000005000000070100000002100000000000070001000104000000b9000000000000040000000603000000030000000000000700000002030000007f0e000000000005000000090600000000000000ffffffff000000d1690000004d5700000000000800000001ffffffff0900000000000000000000a17f000000080000005485bb1a0000000581ffffff490700002800000000000008f7090000ffff000000000e910000003004000000e0ffffff00000001fffff0007f00000001000100a4010500100103000007030004005ec900000008000000070000000700000000e3a60000000000000000002004000000fffffffffffffff7000000200900000000000000000000010000000307000000380400000000000300000001070000000000000000000003000000070900000000000000000000ff0000010001000100070000000000000300000008dc320000030000008000000100001f1a060000000100008000000003ffffffff07000000ffffffff0000000100000005030000000800000000000000000000030100000000000000000000010000ffff000100000700000000000bb200000008070000000180000000000800000100010000000092000000000000da0000443307000000280d00000000000100000020020000000700000000008000000063e93b00000003000000000000040000077e0500000004000000fffffffd000080000101000000000100000080017fffffff1f000000010400000000000400000008fffbffff0008000000007750000000ff670000000200000000000008fffffffe0300000005000000000000cc0000007f0800000000000000140008006e6c6d6f6e3000000000000000000000a40105000d07010001ff06000000ad1b000003ff80000001000002000200000001fcffff000032e50000010000000000020000000000001d00010000020000007f000000ffffe728000009c3080000009ae7ffff000000040000000400000100ffff00000000095900000001080000003b000000000000ff00000009ffffff7f0100000000000200000000000700000003000000800000008000000003000000b42200000000000500007fff0800000005000000000000ff000000000001000006000000000000040000000701000000ff0f0000ffffffff00000004ff000000ff7f000080000000000000061a000000010100000000b53600000001e4000000030000000000ff270000001f200000003f000000fffffff90000000501000000000001000000000200000006fffeffff0100000000000003000000020300000003000000000000010000000201000100050000000000000500000006070000000002000000000004000000a0030000008e0d00000000000600000006010100007f00000000000005000007ff050000000700000000000401000000050100000004000000"], 0x8b4}}, 0x0) [ 236.894920] ptrace attach of "/root/syz-executor.0"[7606] was attempted by "/root/syz-executor.0"[7898] 09:26:34 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x0) close(r0) close(0xffffffffffffffff) close(0xffffffffffffffff) socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000), &(0x7f00000000c0)=0x8) 09:26:34 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180)='/dev/net/tun\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, 0x0) openat$selinux_status(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup(r2, 0x0, 0x200002, 0x0) read$eventfd(0xffffffffffffffff, 0x0, 0x0) r3 = getgid() sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETGROUP(r1, 0x400454ce, r3) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'b\x14\x90\x10_slA\x97\xdc\x8f\x00\x00\x00\x00 ', 0x43732e5398416f1a}) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) 09:26:34 executing program 0: r0 = gettid() r1 = creat(&(0x7f0000000100)='./file0\x00', 0x10003) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="01e23ddf45f1f8fddf8ee3440fa2d936fa4e0f9fdbe572c3c922835d2b5fe1620c22b487813885e8f996b20dfeb2af0000000000000000000000000000bf5777b965ce27d15a5383acc22cb4b188295fdc24f46da95f8c65"], 0x58) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x4008001, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getresuid(&(0x7f00000002c0), &(0x7f0000000300)=0x0, &(0x7f0000000340)) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000140)='security.capability\x00', &(0x7f0000000440)=@v3={0x3000000, [{0xfffffbff, 0x7ff}, {0x1, 0x100}], r2}, 0x18, 0x0) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000001c0)={{0xffffffffffffffff, 0x2, 0xacc, 0x0, 0x81}}) prctl$PR_SET_PTRACER(0x59616d61, r0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x200000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_IRQ_BUSID(r4, 0xc0106403, 0x0) ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, 0x0) close(r1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) r5 = creat(&(0x7f0000139000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) r6 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) fchdir(r6) openat$cgroup_procs(r6, &(0x7f0000000480)='tasks\x00', 0x2, 0x0) write$P9_RCREATE(r5, &(0x7f0000000000)={0x18}, 0xfdef) ioctl$UI_DEV_DESTROY(r5, 0x5502) ptrace$setopts(0x4206, r0, 0x0, 0x0) 09:26:34 executing program 4: r0 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) stat(0x0, 0x0) getegid() perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x0, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000ec0)) msgctl$IPC_SET(0x0, 0x1, 0x0) getgroups(0x1, &(0x7f0000000140)=[0x0]) mq_open(&(0x7f0000001380)='eth0\x00', 0x0, 0x0, 0x0) msgget$private(0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) close(0xffffffffffffffff) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@mcast2, @in6=@initdev}}, {{@in6=@empty}, 0x0, @in6=@local}}, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000440)={@loopback}, &(0x7f0000000480)=0x14) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000005c80)={@remote, @broadcast}, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, &(0x7f00000074c0)) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x7) socket(0x0, 0x803, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x0, 0x803, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000009200)={0x0, 0x0, 0x0}, 0x0) socket$inet6(0xa, 0x2, 0x0) accept(0xffffffffffffffff, 0x0, &(0x7f0000000780)) socket(0x0, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000009200)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x0, 0x803, 0x0) getsockname$packet(r2, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000b40)) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000480)={0x0, 0x0, 0xc0, 0x0, [], [{}, {0xffffffff}], [[], [], [], [], []]}) 09:26:34 executing program 3: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f00000000c0)={'irlan0\x00', {0x2, 0x4e24, @broadcast}}) openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(0xffffffffffffffff, 0x8250aea6, &(0x7f0000000140)=""/7) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0xb2) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') r2 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) write(r2, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r2, r3, 0x0, 0x7ffeffff) sendfile(0xffffffffffffffff, r2, 0x0, 0xffffffff) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000280)=0x3, 0x4) r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r4, 0x4, 0x2000) fsetxattr(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="623472bd9466732e6d61707300"], &(0x7f0000000240)='cpuset(selfwlan0-!nodev-!\x00', 0x1a, 0x2) preadv(r1, &(0x7f00000017c0), 0x199, 0x0) 09:26:34 executing program 5: r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ppoll(&(0x7f0000000340)=[{r2}, {r1}, {r0}, {r6, 0x602}], 0x4, 0x0, 0x0, 0x0) 09:26:34 executing program 0: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x0) close(r0) close(0xffffffffffffffff) close(0xffffffffffffffff) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="88f62898", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={r2, 0xc87a}, &(0x7f00000000c0)=0x8) 09:26:34 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0, 0x0, 0x0, 0x1a6}}], 0x4000000000000f6, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='stat\x00') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) 09:26:34 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x50, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'netdevsim0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x5, @mcast2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8}]}]}, 0x50}}, 0x0) [ 237.363556] audit: type=1804 audit(1569835594.801:48): pid=7923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir098302641/syzkaller.7AXp1Z/15/file0" dev="sda1" ino=16567 res=1 09:26:34 executing program 3: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x200000000d8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00\x00\x00\x00\x00\x00)\x00', @ifru_flags}) 09:26:34 executing program 1: io_setup(0x0, 0x0) write(0xffffffffffffffff, 0x0, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) write(0xffffffffffffffff, 0x0, 0x0) ioctl$EVIOCGPHYS(0xffffffffffffffff, 0x80404507, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) write$P9_RWRITE(r0, &(0x7f00000000c0)={0xfffffffffffffe37}, 0xb) ioctl$BLKBSZSET(r0, 0x40081271, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) [ 237.510961] netlink: 'syz-executor.5': attribute type 5 has an invalid length. 09:26:35 executing program 2: accept$unix(0xffffffffffffffff, 0x0, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) getsockname$unix(0xffffffffffffffff, 0x0, 0x0) bind$unix(r0, &(0x7f00000011c0)=@abs={0x3}, 0x6e) 09:26:35 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10) r1 = open(0x0, 0x0, 0x0) ftruncate(r1, 0x0) sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={0x0}}, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="0000000062b8dd1766aff07a00", 0xd) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0) sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37) [ 237.588645] netlink: 'syz-executor.5': attribute type 5 has an invalid length. [ 237.616011] audit: type=1400 audit(1569835595.081:49): avc: denied { map } for pid=7965 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 09:26:35 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) syz_open_pts(r0, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000300)='/dev/uinput\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x18) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, 0x0, 0x0) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 237.710948] audit: type=1400 audit(1569835595.131:50): avc: denied { map } for pid=7970 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 09:26:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_NAME(0xf, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x156) write(r1, &(0x7f0000000100)="1c0000005e001f0214584707f9f4ffffff000000000000001f000000", 0x1c) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) flistxattr(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) 09:26:35 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) fcntl$getownex(r0, 0x10, &(0x7f0000000a80)) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0xc0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=0x3bb674ee, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x4, 0x4}, 0x0, 0x0, &(0x7f0000000140)={0x3, 0x1, 0xffffffff, 0x5}, &(0x7f0000000200)=0x362, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=0x7fffffff}}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0)=r2, 0x4) clone(0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xf) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) 09:26:35 executing program 2: clone(0x7fd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binder(0x0, 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) 09:26:35 executing program 1: 09:26:35 executing program 1: [ 238.012076] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 238.021826] audit: type=1400 audit(1569835595.471:51): avc: denied { set_context_mgr } for pid=7994 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 [ 238.085532] binder: BINDER_SET_CONTEXT_MGR already set [ 238.140988] binder: 7994:7996 ioctl 40046207 0 returned -16 09:26:35 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10) r1 = open(0x0, 0x0, 0x0) ftruncate(r1, 0x0) sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={0x0}}, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="0000000062b8dd1766aff07a00", 0xd) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0) sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37) [ 238.233810] binder: BINDER_SET_CONTEXT_MGR already set 09:26:35 executing program 1: [ 238.304204] binder: 7994:8009 ioctl 40046207 0 returned -16 09:26:35 executing program 1: 09:26:36 executing program 2: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xffffffffffffff41}}, 0x0) r0 = socket$inet6(0xa, 0x8000008000080003, 0x5) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x4000, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c00000011003586000000030000000007000000", @ANYRES32=r1, @ANYBLOB="00000005000000000c001a00080002000300000082ca885ad49dcd5e"], 0x2c}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x332, 0x0) 09:26:36 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000640)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) dup2(0xffffffffffffffff, 0xffffffffffffffff) 09:26:36 executing program 0: 09:26:36 executing program 1: [ 239.092682] input: syz1 as /devices/virtual/input/input5 09:26:36 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_NAME(0xf, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x156) write(r1, &(0x7f0000000100)="1c0000005e001f0214584707f9f4ffffff000000000000001f000000", 0x1c) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) flistxattr(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) 09:26:37 executing program 4: 09:26:37 executing program 2: 09:26:37 executing program 1: 09:26:37 executing program 0: 09:26:37 executing program 5: 09:26:37 executing program 3: 09:26:37 executing program 3: 09:26:37 executing program 4: 09:26:37 executing program 5: 09:26:37 executing program 2: 09:26:37 executing program 1: 09:26:37 executing program 0: 09:26:37 executing program 5: 09:26:37 executing program 3: 09:26:37 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="0207000902000000e0e9000000ffff00"], 0x10}}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@local, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in6, 0x0, 0x0, 0x0, 0x5}}, 0xe8) connect$inet6(r3, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) 09:26:37 executing program 2: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) sendmsg$sock(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 09:26:37 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) sendmsg$inet(r0, 0x0, 0x0) 09:26:37 executing program 5: perf_event_open(&(0x7f0000000380)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/fscreate\x00') pwritev(r0, &(0x7f0000001680)=[{&(0x7f00000001c0)="ba", 0x1}], 0x1, 0x0) 09:26:37 executing program 3: open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) r0 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) sendfile(r0, r1, 0x0, 0x10000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x10000) 09:26:37 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:37 executing program 2: syz_open_procfs(0x0, 0x0) r0 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) sendfile(r0, r1, 0x0, 0x10000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x10000) [ 240.292572] audit: type=1400 audit(1569835597.751:52): avc: denied { mac_admin } for pid=8086 comm="syz-executor.5" capability=33 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 09:26:37 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 240.342643] SELinux: Context º is not valid (left unmapped). [ 240.426000] audit: type=1800 audit(1569835597.761:53): pid=8092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16589 res=0 [ 240.470545] audit: type=1800 audit(1569835597.771:54): pid=8092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16589 res=0 [ 240.512603] audit: type=1804 audit(1569835597.771:55): pid=8092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir019763076/syzkaller.qGkwZD/20/file0" dev="sda1" ino=16589 res=1 09:26:38 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 240.553557] audit: type=1804 audit(1569835597.831:56): pid=8096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir019763076/syzkaller.qGkwZD/20/file0" dev="sda1" ino=16589 res=1 09:26:38 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.stat\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f0000000200)={{0x9, 0x9}, {0x2, 0x100}, 0x7fff, 0x3}) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = accept(r1, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f00000005c0)=""/77) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8000000000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x7e, 0x1, 0x3}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0x234, 0x0, r4, 0x0, [0x305f, 0xa, 0x300, 0x1800, 0x6000000]}, 0x2c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) r6 = syz_open_dev$sndseq(&(0x7f00000002c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r6, 0xc0a85320, &(0x7f0000000080)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r6, 0x40505330, &(0x7f0000000140)={{}, {0x20000000000080}, 0x0, 0x3, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001300)={0xffffffffffffffff}) fcntl$getownex(r7, 0x10, &(0x7f00000012c0)={0x0, 0x0}) getresuid(&(0x7f0000000140), &(0x7f00000001c0)=0x0, &(0x7f0000001240)) r10 = getgid() setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={r8, r9, r10}, 0xc) getuid() socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001300)={0xffffffffffffffff}) fcntl$getownex(r11, 0x10, &(0x7f00000012c0)={0x0, 0x0}) getresuid(&(0x7f0000000140), &(0x7f00000001c0)=0x0, &(0x7f0000001240)) r14 = getgid() setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={r12, r13, r14}, 0xc) fstat(r2, &(0x7f0000000300)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001300)={0xffffffffffffffff}) fcntl$getownex(r15, 0x10, &(0x7f00000012c0)={0x0, 0x0}) getresuid(&(0x7f0000000140), &(0x7f00000001c0)=0x0, &(0x7f0000001240)) r18 = getgid() setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={r16, r17, r18}, 0xc) getresuid(&(0x7f0000000140), &(0x7f00000001c0)=0x0, &(0x7f0000001240)) r20 = getgid() setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={0x0, r19, r20}, 0xc) getgid() socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001300)={0xffffffffffffffff}) fcntl$getownex(r21, 0x10, &(0x7f00000012c0)) getresuid(&(0x7f0000000140), &(0x7f00000001c0), &(0x7f0000001240)) getgid() getresuid(&(0x7f0000000140), &(0x7f00000001c0), &(0x7f0000001240)) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280), 0xc) 09:26:38 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000240)=0x7) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x2, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61d7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, 0x0, 0x0) ioctl$BLKPG(0xffffffffffffffff, 0x1269, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000008000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000009000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68) socket$inet(0x2, 0x80001, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) r3 = inotify_init1(0x0) fcntl$setown(r3, 0x8, 0xffffffffffffffff) fcntl$getownex(r3, 0x10, &(0x7f0000000100)={0x0, 0x0}) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) process_vm_readv(r4, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0) [ 240.632266] audit: type=1804 audit(1569835597.841:57): pid=8096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir019763076/syzkaller.qGkwZD/20/file0" dev="sda1" ino=16589 res=1 09:26:38 executing program 1: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000100)={'ipvs\x00'}, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) unshare(0x20600) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) ioctl$FIGETBSZ(r1, 0x2, &(0x7f0000000000)) geteuid() setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x7, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, &(0x7f0000000080)) r3 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_opts(r3, 0x0, 0x7, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3d, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write$FUSE_OPEN(r4, &(0x7f00000001c0)={0x20, 0x0, 0x2, {0x0, 0x4}}, 0x20) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r7 = fcntl$dupfd(r6, 0x0, r6) bind$bt_rfcomm(r7, 0x0, 0x0) connect$bt_sco(r7, &(0x7f0000000200)={0x1f, {0x1f, 0xf9, 0x0, 0x1f, 0x1, 0x5}}, 0x8) r8 = fcntl$dupfd(r5, 0x0, r5) bind$bt_rfcomm(r8, 0x0, 0x0) ioctl$UI_SET_SNDBIT(r8, 0x4004556a, 0x2) add_key$keyring(&(0x7f0000000040)='k\xa5\x16%\xcaNg\x00', 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000000c0)) syz_genetlink_get_family_id$SEG6(&(0x7f0000000240)='SEG6\x00') openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000140)=0x628) [ 240.772252] audit: type=1800 audit(1569835597.861:58): pid=8100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16566 res=0 [ 240.822398] ptrace attach of "/root/syz-executor.5"[7619] was attempted by " °ÿ àÿ 0 p €  ÿ Àÿ ðÿ ÿÿÿÿ   \x07 \x0a N# ÿÿà   @ = [ 240.824195] ptrace attach of "/root/syz-executor.5"[7619] was attempted by " °ÿ àÿ 0 p €  ÿ Àÿ ðÿ ÿÿÿÿ   \x07 \x0a N# ÿÿà   @ = [ 241.050037] audit: type=1804 audit(1569835597.871:59): pid=8100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/25/file0" dev="sda1" ino=16566 res=1 09:26:38 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) poll(&(0x7f00000001c0)=[{r2}], 0x2000000000000035, 0x0) 09:26:38 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f00000002c0)="b959080000b868cd678dba000000000f300f01b00000000048b80c000000000000000f23d80f21f835800000a00f23f866440f3881bf10f64b3966b8c3008ee8b9800000c00f3235000400000f30c443895de000480fc7284a0fc72ca9c74424009d000000c7442402cd000000ff2c24", 0x70}], 0x1, 0x8, &(0x7f0000000080)=[@cstype0], 0x1) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 09:26:38 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 241.219075] audit: type=1804 audit(1569835597.921:60): pid=8105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/25/file0" dev="sda1" ino=16566 res=1 [ 241.245961] protocol 88fb is buggy, dev hsr_slave_0 [ 241.246037] protocol 88fb is buggy, dev hsr_slave_1 09:26:38 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:38 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0xc, 0x2, [@IFLA_BR_MCAST_QUERY_USE_IFADDR={0x8}]}}}]}, 0x3c}}, 0x0) 09:26:38 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000240)=0x7) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x2, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61d7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, 0x0, 0x0) ioctl$BLKPG(0xffffffffffffffff, 0x1269, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000008000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000009000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68) socket$inet(0x2, 0x80001, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) r3 = inotify_init1(0x0) fcntl$setown(r3, 0x8, 0xffffffffffffffff) fcntl$getownex(r3, 0x10, &(0x7f0000000100)={0x0, 0x0}) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) process_vm_readv(r4, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0) 09:26:38 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 241.343244] audit: type=1804 audit(1569835597.921:61): pid=8105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/25/file0" dev="sda1" ino=16566 res=1 09:26:38 executing program 2: fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='trusted.overlay.origin\x00') syz_open_procfs(0x0, &(0x7f00000004c0)='\x00\xaeC\xae\xc4\x05\xa9\xbd~\xfb\x96\xf7,k\x1a+@\xe54\x01\x01\x01\x00w\xa7\x04~\\\xd4Y\x04\xaf^\xc6\xf2\x98\"\xa0\xa1\x04\xaf\x81\x00ov0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x10000) 09:26:38 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:38 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:38 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 241.589430] netlink: 'syz-executor.3': attribute type 24 has an invalid length. [ 241.735525] ptrace attach of "/root/syz-executor.5"[7619] was attempted by " °ÿ àÿ 0 p €  ÿ Àÿ ðÿ ÿÿÿÿ   \x07 \x0a N# ÿÿà   @ = 09:26:39 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000003fc0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000340)=@ax25={{0x3, @null}, [@remote, @bcast, @remote, @rose, @rose, @netrom, @netrom]}, 0x80, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000640)=""/15, 0xf}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x4, 0x44000102, 0x0) 09:26:39 executing program 3: 09:26:39 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:39 executing program 4: 09:26:39 executing program 2: r0 = socket(0x10, 0x80002, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newtfilter={0x40, 0x2c, 0x701, 0x0, 0x0, {0x0, r3, {}, {}, {0x1}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0x14, 0x2, [@TCA_BPF_FLAGS={0x8}, @TCA_BPF_FD={0x8}]}}]}, 0x40}}, 0x0) sendmmsg$alg(r0, &(0x7f0000000140), 0x332, 0x0) 09:26:39 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000440)=0x19) dup3(r1, r0, 0x0) 09:26:39 executing program 3: perf_event_open(&(0x7f0000000380)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/fscreate\x00') pwritev(r0, &(0x7f0000001680)=[{&(0x7f00000001c0)="ba", 0x1}], 0x1, 0x0) 09:26:39 executing program 4: 09:26:39 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 242.126255] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 09:26:39 executing program 5: 09:26:39 executing program 1: 09:26:39 executing program 2: 09:26:39 executing program 4: 09:26:39 executing program 5: 09:26:39 executing program 3: 09:26:39 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:39 executing program 4: 09:26:39 executing program 2: 09:26:39 executing program 1: 09:26:39 executing program 5: 09:26:39 executing program 3: 09:26:39 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:39 executing program 4: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff577, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r1, 0x4) 09:26:40 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x22, 0x7}}, &(0x7f0000014ff5)='syzka\x00\x00\x00\x05\x00\xf3', 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x0, 0x44, 0x0, &(0x7f0000000200)="e460cdfbef24080000000a9386dd6a000000000733eb3014cd3ec8a755c1e1380081ffad000000e8d5000000010000001400000500242f09880bd320d98a61a90021c9bf", 0x0, 0x401}, 0x28) 09:26:40 executing program 3: 09:26:40 executing program 5: 09:26:40 executing program 1: 09:26:40 executing program 5: 09:26:40 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:40 executing program 3: madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x12) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = syz_open_procfs(0x0, &(0x7f0000000600)='\x00\x00\x00\x00\x00\xe8\xee\xc9\x96\xc2;\xaf\t5,\xffx\xf0\xde\xc4\xa8M*\xe4;~y\xb6&\xa5\xaa\xcec\x1e\x8a;\xea;P\xb5w_6\f\xe5\xcc`\xa0\xce\xf0+\x19v\xb9I\xdf\xfe\x13\xd9\x1a\xd6;+\x16\x05\x1aul>\x82@\x0f\xdf\xcd\x99\x9a\x13\xe2[F\xf08\xa6D\x97\xb5\x1f\xf3\xe9\xd5\xbf\x13k\xbc)\xa1nbx\x9c\x02\xa6p?\x12\x89\nAr\xe9Q\xb0\x80Q\x8e\xf2\xf0yX\x9b\x96\xa4\x8b\x01f\xe0\x04\xbd\x93K!\xa0D-\xfc\x12\x02\xe2\xb5WQ\xb4\xb1\xf2\x16)\xc8\b\xc2\x99\x9a\xd9\xa6p\xedK\xb5\x8b\xe8\xbf\xa0\xa1\x13\xd78Mt$\x06\xb6c\xd0Y\x05\xd1l\x98|\xff\xb5\v\x93\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00'/203, 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeefffdef) 09:26:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) [ 243.075952] netlink: 'syz-executor.1': attribute type 6 has an invalid length. 09:26:40 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0xf6) read(r0, 0x0, 0x0) 09:26:40 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0) r0 = dup(0xffffffffffffffff) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x14c}, 0x137) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00'/203, 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeefffdef) [ 243.175477] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 243.207352] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 09:26:40 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 243.241358] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 243.262895] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 09:26:40 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSMASK(r0, 0x80084504, 0x0) 09:26:40 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) close(r0) 09:26:40 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:40 executing program 5: pipe(&(0x7f0000000180)) clone(0x22004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='syscall\x00') r1 = syz_open_procfs(0x0, &(0x7f0000000240)='fd/3\x00W\xf6Je|H\x10\x05\xf1\xab\xc4MJ\xcbP\xed@\xe8\xe39\xd2\xea\xaap\xf9\x1aTM\x1f\x8e\x86c\xb4T\xde\x10\xf6\xa1\x89\xea)6\xca\x00\xa2\x04\xe6}\xaa\xd4\xf6~\xd0\x04bq\xe5\xa2\x99t;zzV\x15\x9a\x1b\xb9\x87@\xe9#\x99\xd6\xb8\xa4\xb1T\xdd\xe0\x93\xd0\xd5\xd8\x0f\x11y\xef\xf1R\v\xd6\x81\x97\xa96,q\xd053\x1a\x11VEG(\x93\x18\xf2\xbc\x17\x1f\xd7\x89F(G\x18S\xda\x99\xdb\xeb\xa0\xc9*\xbd\xb4=Y;\xa8\xed\xd2\xa9\xa2\x87\xa0\xfb\r\xf7I1]:\xd1;h\xc6\xe2M\xf2\x005\x96\x9b\xd1\x92v\xf9\xba\xf4\x12\r\"^\xc2\xb2\x1d\n:mnO8\\\xa1\x7f\x92r\x95\x96\xda7\xea\x85\xc8\x8c\xa8^\xb7\x1f\x80\x05\x03\xbb\xef9C\xcb(\x9bF\vHFW\x04\x1d\xc7LkW\xb2\xe9\xdd\x17\xe8%\x86\xd1H\rR\xafX\x1f\xea\x00'/247) exit(0x0) sendfile(r1, r0, 0x0, 0x1fb) 09:26:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:41 executing program 5: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0) write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0) 09:26:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:41 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000001500)='/dev/vcsa#\x00', 0x1, 0x141001) write$UHID_INPUT(r4, &(0x7f00000015c0)={0x8, "539dc5034b105778733af5042f1b35c5aa7d8c886bf5de88d5ecee344df67b6ed79e0b3e882d38d6c625b9483ca8214dc98ad8aff2d86e330cf75263d193277938f33e036e59d5c79242e0abe9ab54e92558fc224dd9ff27aa44303b3330ba657091b42f8f79174e4e3916950d3ee3b25a7acd3b7ae44419e1d4273a9dc3ee5a84faea57aea71c3d44057e1ea5f8749735b4b2839b2fcd3bd73d65f970953cd90fa1fa84761c10754d71f9c45ad92e3e0ac7c88e85b163feddb6c7a25c627c5f45acb4ad7bbbe6985e73a3b3d544593b849c3f5317bb2b9bcfb162a4fbdf41b2f04add17ca8a43224af44f79020560c5510aa9a1f8fda5df9d8a995a81014048d177fe83569e15d4b19ebf8477add2d093b76847034356010274b19a5c9105c26b061640778bdb325ef4b2e1b625c582f47129d72261ba62bc853587e3c8a1c39e3f7dd55e3db1aa5b529d0fd3196953be90711a3c44c79a8828cd6be308676dbfe1b4376909da21cca5acd19b2b5efc847933a5687b405acb4c7e6126d31c4d57c3f6d4ec470ea51aa5a510335a1ab832ad5fb518261fd71a4ae801a9131d6572d656492a3d52b400c0c7b07bd3cc8bd2b7f633dd84db12ed326eef776130ed848a76a52a7e0bb5dd3ce269d00493842d0fa82fc3bec611dba727a0d0b3f3e07c3aebc3d0c1fe34ee984cf17e8918d899c2c91d512b12c488f39f74d58d589e0dbd1a023243f069929e714924f832b5ea6da6888cd03bbb40aa394a8b5850d346a4b93368674f03e169b1980ce3fb656ee874f05e219207cb039f12c8cb4ec3b04f145ade873a40790b3a9ccc91d407e28eae13302e72108971a3abd4d20abdf18394bc2b93bc3bd47d2cfd8619ce11eb4b6a1f2d4792b00ebad9f9c81699369b8fb7bbd3a05207808494bb0a4821e5d72f73e8ac5a7b1a9c6d0977a45ad353ab70b1cd0eededb119fbf6d2acfefc42be6ef9a4232964fdf930fcfbe135383d1d87e785adf5d22a4b04c77b2e5a138b6751c6f1896e97ec8a04767f2dbf5e177e176757d6e0fb0b175ac5cd98454a28942fbd87f29efcd6725492bd86bb63287a93473f3961a1603581b8f94d03cb6265d64ca0b49641cd1f5941ceaca15777619e1a224372689a2ee35e0e8ee494d56f85f8d1ef94031fb4440eac784d95ebb04cff3e7aa143dcfb1b7ca11729909fce59f00c578367d8cb1266bb9e0dd9a67fe01204b2450324ae48f51a59a7a39e755acb97008195beaf8518898f8cdb3918018ce1ab087af0a4c09c8f1f8d998da7c466d91d8e020e8db50c7783ab0bc0245505d2265e05d66d3a7cdd900eae91e31c8aed12d68775dae766d9db146bbb2472a662aefe4a31a2a50297263f32bdb6512c4f01ee4f9e76ca66ed4f4aa76a4f5e26b3389814b2922f15aad9487791c5ddcc807df6b71656005b6fe0b6aabdffeb78e7c44552fd973a050e91534636df70c725c315748e92a4712f5a7ef150eddc7c761ebf4c1e0902c312d23f25848709cedee10a83444256842fc182c510105b49c992edc8f1b701368d3690262eae7969516a8c66cbd09b8f522f70c79d5de95c235047ecfa773d5c8ab4d0c2c41326689ed5ee0143cee7928173aa7ae9432e8d33ff50847728601e246c8af24a228df1ea023d0f45f444d3645a6d5149ddbb1e456158ce7b1ac751d80958b2ed4ed3683500986e8e4810e651af9bcca01577d9b681ce115cf306e5edf2a92557078e92d3a940ae58eb7b9fcaaec076cd4d6d0d00ef53f5cf220b85703670307f9ac247d20eb4b3b01f9ca6ba05ad9b230176abdb6d6ba8d1114cd2076ddcf9682bf88f9c1129424b2d9335e644ca9064bdc6f6741a9640bf93591f9f896e0958a1b4cd06e5b6acd6238082f0d13157a49cef61a4bedd159b9e08231d740cab593fcee23b688fc33b464abfbc489ab9a1c2f5b8a3b30bec9c4d8895dc56fad32d74aa8910b991150c54b90b082c0c4823632d48ac103e882f272df521660780e96f3bff7cc8026f39bb360d96720276a29622cc6b8c461a0b6070e6ea8dea0d20a3cdc876c9c8309a8e8083f0e5e2fe32ce61d81b7b03bc1dd73e2b3ff8533941fae00fd937168dc0e10b90747acee23e5894703edc24315319870bbe58484e1e92b4472a8ef26282852e83081b413055d49f946d31138a20eb9c7937c9b33e7e408c64bdb1f5e182b87825ad1bd9981ddbd25a3d9a5b5ae5f12f2b5c26768746b5ea15f7626a34b68af9476fe931d958b6c867069ef9683f06392a5b3849c21d82686fdf9b75f36b9bf97703d31fc9ab45b8b6a681ba8d5b754b5851108fd09811891a7cb9279a7e40beb7f05a474ac10af021a8d006b01e0f17cbdd485191d02d310b2ab79482cb86ab5cb7a42b189044b805926a91f4273bf2c343279831241bff7336f8f312eaa6f0c2155b55886b09fff118bdb5c2a7d7ea0b38c0a7a7115837ffad097c478b046abf9eea723c7c7087140e29bb8db5210030fcff6c1804cb4a7e727bec692597edec662ca9912bd9b1f9a8825d6e7c4ad6078c60ce2f7f283dd59506a0a2d331d1ed29d3955454f61942e58cc251d4889d6518574130a0ab6da6047e49b4466091fad91c9c44d4b4c2ea054b583957c20f6a7de019b0731bfe9b76ba51aa88dbadf42f09d46cc4942d44dd4a434705b86e01e5e0cc87f5a3d455c7d0c406baeeab319c1ba0f38e5f08fe3512f9e72dd8605d415e649fec75d8f6065e7ddcd39f91089d0f9ff62dbf8fd6ca07cc2f21d3a9c8d1c34f85585e27f46d222dcc3a71faaf0cdde03af31ad4a32742e58f60733bcc18102e82fc159310abaad3c21661e2f2374409cb0a3fa1e410ec92ac6eb8fa8b26a66a5cabb87004dc1199f449ec2e97a3fe750eae2697b50bb996f8ca967ed87a5139ca34f9a227c271b3f7fcfdcec7ec6f5f00fee000585099c2bd7a115c11e57c0cd64e3406f37afc1a8333e01812dfe6398089341bab8328af9ccece6c4f52216abad788fbed79f8addbbe85451885bf116e8513b06bcc894572952454e5bde34753ac50f8ebf5d22cc5ff7ddd1c1dbf79ea62c7fe11f0222ba9f8ea19075713a3e7a97874ff609f46af712720cf477237bc56b4ddde9400c7bce30dc9ed41e6d1bd78962f6e713ffb38cb1b4bad9cf08dfaca1114ce7628af884286c94bbf9bae794b7d35515c4edc64d01f2a2b275f5bef8ded363be0b15af2d22e2cc03a89d5d9f83b4bcb9ba46f5d321a15b22f51bffba163bd036e6d05c02f3bb072be3c309a2aae9aceadfecb809ebb589433cfdaa5d334eabae578335bcee60806879416705935e0ae62cce04dc1e4d1fafb57b88947d649141d358ad0a4331015124bfe3e4bd3b38e276f92d534bbbad37cfcb396948882a46fd6662a25958dd27954ee9097c2e945726c2c18a367117eb852379c4ac693de78b724004e9de2f5735ff01996d06e038f39d7710a89e4f323f457789c6c637a4bb9d99e7281919eb06123abd855505399e6aa4f989001f9f615529651a6da0db9b48600f0391c308d6978829e9e66dc9e3a2f6a77edb76567608f3cd8547b6a6355360a3c307d6b8a8bff486565e33d9a5e8e2e916336c9cfda7f0299881215d368d49031dbe3e6757fd7175ac8582b259c3a40312aebbc509f7623b5fe51c110928e2cf4da8771a46152d7ba67449665b83b4abcb0d83f4a916020b0fa1af09af4784e06bc70f7a166b46442b7da2526b62ad3bdd3cbb314875aad65e389be47bd675d6bb2933424b6c6e88f36af441523cd6328f45d7941d855ec71971b39de3429a729ff78f7fac52986d150ba0dda923b57e167b0c2dbaddf794db27cf12c3fd6a53f77d937158eaf2f009759dc72f9949824b799175dc1cfa8be88c11cddde584073ec76bedc3e68ffe74a91cfe0e579867ece553af00753db4a9db056fec9e4275490f50f780a4838b54d54dc09aa05a8325d00c4dec24856fd4244783d611a713b5b5077afa197f799c9f68355cea1a0ab7c897fd6037aa2296e96ce53d5257cc6fa76aa58ff18c2a0ea4fae10ecf75e4b1e06aed10050dfc4f1a22547bfaa0d78e97113c9206a595cfbc6b6940952ab691b6ea049606155c7ffba49932c765a0f6d468af04422845b00b136bd133e0618c447c703ff5b9a1c7af194bc487e9c4931fae40e5849ae2251457d06bf82eb8bfbfa744fb24f705c1a65d7436463e08bf27cc20edaeb2b4d0040a360be150a61f94a5533c82544b7833cc9b3d924b92eb189136c4b52666aa7ce33880af6fca8856b2e1114dab2c57a290a8704e6c82460c4c999e020e9abb8a0408fd63beeb139831904d082e4a419c79f95e3487729c3fbb025016d20ab4d96dd5ee8b0b2023c54468d0237e99d73d6b037dccf92d9c8ac17e94f8519408f4a340882409c6a7e60dd0be73cf1161b55b30347f7338ec88a913ad048b545a82e3d84d6ed3b70afb240ed482303e16e11991f699983864c02e41f2078bb1d1f2ae0e5cd6ca884fb2a96296668d783adc2c2c94b3f32e1a035eb2856d616016111564df7933b4c227045756e79f9a83c41df717f0e89a7fbf29cda0317912837408b8e6e3820b356a6914a6887510ed6bf8861c81c80bdf42e6f0bfab0b47b67c751ec813c4cad8b2bcbebc138c3fe85e1ad67b2b120fb207c65f43a9aab037f88049dc25cc82fd523a076795a6e9b28a9cd80667b7a658a7098a8b300837cfef63a98297b6c2fc2db5971f5a92ca96c6974bbb729239f78fa3184f5011e342f43b796b1634d612f029c1e3c2acfb6f1e649feecaa952d608ed9e8531ff13e6af75e5e09ef29918f8c6953822746f889206c9e9e472896c12762e1843fbccdd7f26668c00945ff0fcbd9e79ac3a12ab3ee7eb60b4a33a3fba58295422808c2d35cd2aec0aa8b51e84f06eb79369b08a4875816f7040c24bd353a66e0c7d6f56ff3d6e9c42a77a5169b3cfc3c58de91e280d3b705c8488df9e096d66cede352c00d7d9c9fce344404bb326e6695cd2f6cfc839a6b1d857da8703924356f5a154303e76cea9d3d1bf695cc1843abf7c66857cc6800a2e8baac97317a62a4a76edccb0a8c9570dc74b0dfa461cdf8b706b8c8a914bce3a91eb9d547a5c35c14d477a0f27fb2b3d1a90aa70c455ea8c6995d39cabb7d7987ae25f89c7d3e26d6885732761f39db5bceb17992aa6b37c40b060a8d42a78118ec8d3fb26ac1a3d3938f677f554e514a65eb07b464196edd30a3882a423753e30dac26b5286cb3033175e8f600f6a7b5b203d9b06ad1333e2417875f1aa5f43953dc7989d7342e7b4336e20b2f033375bbd6fe228289e4a8440608123f8247b1c3a7fabb5d75f875febcc366a124ad4d43b8900afc3e4471911482d7c9dcd2afd579f0e488447d972e41c3497b2da66aa8eeeee6a89d2f1897572375677a7345380e9270d02fd4d32e06f3e53aa120563e603de19a02b3b37e2e652cd2a8152ed1a31feb9e1182731fce09b52a500991354985c108de875a9ab52508a430d3aff226709b46e00aac462161d68d1845a95cd1c56e16d7acc2fe3224b2dc9bb441e53e492146aaefb4c30141a2b6bd14b0dbc8e6b1a713ed4c40fd0323377e72f1c25f1c8ca96637a20c735a1edca585b412104945f1523c6af518bfe7e3ab8bd51540ddc10489c372a91c76e56909ce86c8e045cd0bfe7a270564a380aa762cca36e239e0a7c246b180376d71d349c847c08f80e15520172329ec3a7971ec585148e93a264c24470645ede73198736723972480db5dbfdf853c", 0x1000}, 0x1006) 09:26:41 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$int_in(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r7, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2, 0x0, 0x0, 0xe1) 09:26:41 executing program 1: keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000001340)=[{&(0x7f0000000000)="f2d1b7941a4be889573513c0bdbc2fedf8a8641ed3c4b37377b7d5181c1a59d8ddfd3a759bfa4d6bf6b5e19f385b763989e52ce3ecc633eeb8b7c018d7dfd6e43b8e611990558fd63a3cca75d3798cf44afa347a67aede7997d9a7047c88a66e59772e35a4b45af93691e6c6328740fe782f41305ec21d715d3897d63d0bdffff83227a99910a96f10852d2054a59da28072e54d2090d9cbe96dcbc2035cd8f9f29ac7b808664def01f962a3e2c055221015dc5b2d3de3171a9290ee9d3d4da1c5a5525034ce7790f6851c9c66391071b881728b5bca960ff2d0dabb82f6c32feaa6a74c0defc76272a25ad075bbf5ae9138a98250a393c0e6f7e720b8a78f7a09a98fc98a22889e89b27d1bd864e63b63a6bcf9734712261784efd06c8b9baaf4edf5d3e0c1481538c9b9771b25f4922452a53115ec3404607e167fde214fb1949fa7406830d0dec839fc7a29c03bb29c51191f9fa97d6c81d980a73b7c23caaa3db6bd52eb2ebd2acd1aac53ca161713cfbf5691e1a93734d5bed6473bcefed4cf1d014f0cbdb086941fc4090e5d96a6b9f53c44d2c121f7ccdae8c3f80d9d73f3726ec5d713dd04f39ae30d588505bf1350358ae7af0b30f199edfec575c9624ecc270b345eeeacfe627c8e43e81a81637849d5c7c968708c0225c14225e1e8877ef2dd8df7f130c3cb0aca0da8a6aa816dd26358f69e6c76c373e9eba8e5c406a20ab1423eca475adf863e4a6062684b275abb6a80a8db9aa66372e62c2c897aa953f7a1ef829df9ebcdf953404003703a820fd0668f34604e8f4992448eb1809049751be3acfd91dd4e7dfb2eceacbc81ca0b7ca382c3162cc57df9292d8354e6336a8832d4a194993e636a691b730f5c8981055fa574ffe637c6ada3f4144e445a50de4ca0ec1674f732be7558e300b30ac782fb766846adf6a4dff3982407d38692d3a8fb5ec141ae624fec5897a76eda1da450abb6abf7166bb3c7de7dee48f4eae4e1e59d17b7cb743ec4edf8a37f2ae928a6bc2644d5a0876d43e04da80d125a7f36daed9dac57cb5ee4a553ced49f83b758e15efb86ce67a3069a41723a7538b148f898ce1aa5333f0eb9fba162d0489559595cd8497dc48bec2608ba9c5b2832fb772df8360c9d8257e5adfb05041e8eb0e25377b46dc4bd822be7abbc4772d632d9318e31c44b3f41d5c75b03e0ec09dbcaa4e4b296f60c7638783b850bed941a2c344031052963348dd4404e597a7cae4958916406c9fe145e0969e23c4bca1b986f2e77015cbb3fc747b9805a4684e2ad1e03955219827009f88b401c3b9761c3af65c0d6b6df9290e93d26732f0f4029d5de697c2a861a97964d65c0c64b617a78d1584be182cadaad3c44dad6931b16ba5ceeff07433d98bd16a5ce36a7d92c514609deafe504e99a43e551e41ba12ea6c886704fd9fb5799c63d997696945dd4f8de9326eca9c6ae91a8c45de8bd79e931bc186ba8087008c7c96d05a6830557bf54d8c1aca66d8a81037223f29a6b03301df84ec263406d2ceee391157fe1a61f827f7b6c642dad547d1f9f69759f50f4021ab0f42406dc6966b5222bd32225846bf0e1566fde849f9640766e3df6c7daa4a4eb568fbe077d9345fb6aff4b42445e5e590a3f18ce44ecf10db15950f9bebec094a14af148d703f6752a30e03efc52124e48511cc679554c98de1a24dadc2a3ecfe00d15e4cf7191fb61e4e2be6f1dcce794a28da6f2d7e6c626f0d67a5e091ef88476df29f29794b82334082c2f5321be7c9c209971216c51321d4173fe3dadbea27d29f06ec977258c17fff0e876e9bf3c3193ff08a15a3dc7414a09cc0f4a47eecb26b5f78692a93ecd5a90a0fc30572f96011488f1b395ab63aa4a2c60dc46048df31697935ef15acd8809b088e8563268b70f41cc719aeaf7dedc2dede9228107a5a0e7c9b6d1e8610d6e6b9a355abead1fa83e3aae4a7b8430fa6f01307ccd7d779821fabf7371e56aeffee74226433c3db90d82b1d4ac4d53c3f7b1231bdc3626c48a8b5ec73f8b8adf2a820affd576114d4cb7efff51f5d5c5f193481fc480c9584b8543e0b30b4f650be154a2046de2553329ec0daaab3c732375e6cbfbf2acf7892f22b0e2be6005f15f65da384cbd99aa4ddd199bd0520cc2826da32e8694abd98d5c04b3f5cda634d5f38d5032676717e1f98665b6ecde5965a170dad3c7e064c967a59e42ba1c6117f1cc12c87963f9d15d26c55588b67e9f037394c75418b957285a6ed7b4f1530a0fc14aed2737fbe87779938874509021d7c1528a027d4cdb43082f47cbd6bbc114d6cc48b53749ab269e8f614a3e2a8306de622eb6e671ac4055ce81dbf04f47c3dc223b07f89c931db10edde99b0cf636058a84a969a7f013c7538df47245762c8f7f0ae37a42aa2bc73cdfdb7fe14532fe24dc537bb301d91ad3741b5931e2759f8fa20568ee8cfbb11da9d2290ab0cdab31c27460e97925570df6ee81d281cff10a14c0f0e37a3cd30a33b71ec4b2f307242a95959ca0c208497c0f4f5ed4d0b5f54b4c0d0126263b1fd8cfa9d172a5d49b661737d9a8dd5b6b47745bfb264c3512687ab9b84b8f8d9675bc192580107543f1f26cfa8e8a805ace81b70a9f5e800fb560c53926a95b78b04bb32e01c9b23e73de9600730d049092785cc779e013f3e58a0a1ea6180a4a7a5098e6060902a2f3fdacbedb55656ce9f1eb3b5adb357464423ed82541ebb879cb08512b8dc76a16529e8cfa85777f96e79a23f54d696d4193eb36198bfebe316a21602e99ae9725aaca44f87c13294a4d461a179ff1ac438492b5614c559e046e8a5b615e421c073b2663adff6d978899d0114dd610e76f7c81e29b4dd1a560b9e532f59cab2730d84b7c41427c5f9512e2a0ceb2c97e3577e14c8ba014fe1e4101e3a6f49436bfa498924407d9466e3edb8b2514a9417dbc4a60c6b68706a7ba97d1e2f14828bf5f03e9dafc724cf67aae798b5a48c2018b9cb9d8a72651adda433a78438c06a3603a53962a5c5045577f88228e19e4a5daf677fafa73ba7c71d2c169eabbe7bac6eed3864bb74c0496b2afd7d31bcb1c56f67d1b021abaf4a0708b3ece70fdc87cfc96017fb0c36d6a1e1360ecd7b5914d4d8703731800f3e777bbfbb79ff36fbedfc67922ba458a0826e3750565f64c5df3766a960b75738878ca20f50220622af63ef5b71ad67af5bed21e3e817e2400d7b9805f0d4b8124a5c64752609591d92472f662a05f99d3fe5c5f851cb50aab1af5a7097f5b3a14f427d3ccd6a5d1b02ae226a67488197872e3584683373b2792248ef624831998498b58d1466cb6dea5c3851dc37df5298d19a0d3fc5ce9af427e25ae06a503143f616d927e725796273d7ce1f1a261fd39180a2d38d753b1616079d1493520ee28f12df62a7ffbddb39e545565ba2fd86df80e9efc2362747e3a6314e12d091ebb32bf4d160dbe885185089c5ce83cacab0fe9bede255e8eb5223f5cf8600e209820dc132b4b94274ec1950704ab784faef19c0eaa847d7add85df836c349622ee2cec77a758f3f91bcfccd003f5675ec3d3a6566a6662a1031b80e16f93a18246e95fe6a898d0c38cd13ef8dea4321b479b13b0c0a1287c0f3dfdf421d2cabb332df60d1d4160d5ef1271bb32c9a9812f0bc7c5781a2a63668c2e7c4578f6a4d3d3419b638b72618a4024fc8dad1ce9a9966269b8b5e837c0401057c32437db5b83b64bfb2d34342c83c0a10d9bb8e5b50d133610b3e938e3b3dd90df10e362e0df0d9f63f77beb44a6685218b773fc794e06d738a83b463d7954dc5c0d75c7a94fea56c7bc82655d5836d560d8a7b797478c080f18985a412a2d2eee0ac380e6235375c5828599e14b4c9bad3db78ea8baaef6f7d1258a9f48bb08c2811c4b1117db57f6654b6c4d63d196d071cb48d2c6ff0843c3afea7737d1e68bf795d7e902a1165332e25e37059b30a5dcfdc096a7d6379b3ae51e4a8f4557f8d28ba9d74252b3a4306008438960b83aacdbf09fa8325c03699e544c5aa97d31a552214c5000c9e5db4520a25c434952bf6eb576f111c319878b491a0ba032470fd2c2b0f1e9c3fe4a8f0daab7a3b1b75df73538ba08d20105d84f2ad48c40fd48b0ac0d88d9eadce264141b0a595118f9885545392691d69e1f0e0fd39c8dd53150bd87d11f4c43ee86e109c3971859513603e04923e6b3b06cc4e483073c7b64ece61904d90a7a67aebf97bd0c1ed04f07fc98f1518b4d1833e7fa5a1d96d0ce2be080d6b0d975f3aed928f49e21c3f1598a4320b6d87a58dac9a6b077b3c3d98f867a92131615014b01707fd42ecfc8a441e7d2c1803bb2c0988177629391b3fd96e072ba0282306234dfe0974a0271213a9b7451fd3821aa3d8e220cccecd0cfca1d8c20dab4f763ba24182aac72980416f4f2a66a2f477d483c223db3ddf442b49ed5d7ba5bea4b171b59037fd6792b195dc4a1aa6526c69e4ba7abc58481182a622ec7261362dbc7619b90bf09a6c9dfb7d44e52040645caa14a869eca0f9d5b2987d4891c4800aa4f33cf2a3af21bf954ea3ad8022c2647221a1b5b3d902d918696951e14e7e59847a52414d8334aa1f42c3ae9be64a09272754eeb2eb3b2e8dca690b483c903788d62ad364e44caa52f86ade881b139ec537dd0fa2e39b803d92e767e94fcbe3722dc86d88b6b9026cd079a232ead5c8d2b9dadc33892488b643a488702c04ba2e4ce120fd04942a5508f68b2d3a7ba017d9be959cb1fbc335276cb4763838ef8a15fb9dc3eb819a1901d94639d64e1daf1f6ffb6a4076fee199608fa9d12a6b54ed752e290dab5d85c750c73f4410895a661b0fb516223025cb07746dac52f0928ab60e6715f71b8d3958acb90b2b727210b19c1645cc8152fb89e332e4927e826e593d85d38c4134d3b4aee11a7911ab5f06617390cb4ccea3dad39229239d0fec6ccd2b834c6654c8f689724ec370f6cd4e5225c88df572ace1617cb2278bb9cccc666e5b609f82102376653a3d8134b2aef83679e0152774ed3f1d7079343b0eb962a4c653c994dfc152a2f00c0a2ba2919013c7852a92ba712158bdd6df44b37bb7e12408fe17cb5c6959f36a845fd0164e3defc29c27c0168dea58281e3f51bbcac4a25a90054084f46a03d4d34a819137cb5cd3e9433a433a965e965515ac624ce7e484957c0da1643ac5eaa272cb06be4968d71954b17778fa35675e8763eabb26d739cbe76aeaeaf688503bd2c34774db740298f44f36f3fc2f36cdb3f4cb88b596972bd08d623ce7aab92630a649870cda0ed63e924f5a5d85cbead74b96f3c90642612908ce8125fe9318478aa8b5053d15f299314b57cf9ffb499abfc93efc92668972c78201b1d11ed1a06226a91758212327ff68b53ae534d28471b552a758398553cb127d61efd4fb55dcb46d3bb79f6c22fe31b291214990848df3ef134861a46d66691d0792b6fe0699923ea31c5286b870c6a495fa3ae36a7aa37b328a8a1584929eaea90de6ed460c615ebe60328832ecb86e3425e7570112ff19ee846f40c9bcec76257c17791ee08895d61c6d4ad9109611804f7008ef53fc03c2dd933c125b4c94b365d57f3845f9776d229a7ee3442f51133f67da41ce511b605d0e2baacd8570da3a4ce5ed13f025c92c9578b5310d0c1e02160e03b5d47284b82794ad8f698e9e6e1f2650e24b5c19eb46783c308d3c3d78ef35930d890fdafc58933bf1edf452eb026d5a4c4bef84b913c9850cbab4e6545fa14", 0xfffffd1d}, {&(0x7f0000001040)="c8ca39965f6ecae49cfa406e0318ad328e372a4f8393e9ea496857cd4d7b299dfe0882de4352987a3f15492405dd2d029b7a14de4415ed7d5df3f2e70bac300009a13bbd4a6dbe72beec37b7fa60962d9f522afa18a71d1bc1f223211ebff7f16250239c768044f5b6e4030130992b302d163bf01fb4ade3533fc5b5c3c9aa869c9ef1a75063579e014fac3cfd905a229e38579bafc38e936ecdb8404d0e410ce19c7b2afbf78388964f802b26be3062c7834464165edf82bcf709f52824f60e81a5dc21186669537c1f8b498c91a641ddb6bc17c46150853b3f5cca68a3bad722343b72de3172b73b48db4c1f8ea825473ed954cd262f5ea1389b", 0xfb}, {&(0x7f0000001140)="5d4f1862be4e456e739926faf8a80478980ac869b89d8084636fbdf9b9ede3bd88ea", 0x22}, {&(0x7f0000001180)}, {&(0x7f00000011c0)="7cfb4a3299dc46f8077af1cf68ab7257", 0x10}, {&(0x7f0000001440)="3ecae2d002711ccbc2e2ab0bbd35099b6fe02cee2e17c2758cb36e3c41f91121123a5ffe15b5c0a322ea8036cacecbacdb47e5cc599b6d07ca7d0c490fd81d65b43182c785457e5c7fafa51f5a667c67e5ac2f705ccea0fea5fee2e4a8c80e4b46dab0e5d8ad78234c3c8da1ebe43c8d2ddd2f731bad966dce119a5e4f4557b62554bbbc99c4f3018e410dcbe795af0b685daaf29a254090c522336be0ec7b6e3e63f8f2f09efcf204aa2d2497588996ea8d258503cdabf1cc1a1dbc6f21b57ce01fec1792cb4444f891cf22ad58cd14d0e61484df5027dbec630f12fa1eb045aface76c0c85746649fa42fe26", 0xed}, {&(0x7f0000001280)="f2e5c4fe59c67e67cbf4c4f13d55afce4a0e785000e42641da7e6f9ae431ad546f477a89b221c88258742019", 0x2c}, {&(0x7f00000012c0)="e36fb7e97e3d782a9cbc99974f4ec73a31a94cdb2aa7202784eb32c58068049f5e2a18209300a57e3c024607f95da525bae2e2b949a2553e3579485ad8e462bfc1554ae20275761c4c569feb1efc077249", 0x51}], 0x8, 0x0) 09:26:41 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0) r0 = dup(0xffffffffffffffff) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x14c}, 0x137) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00'/203, 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeefffdef) 09:26:41 executing program 4: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) poll(&(0x7f00000001c0)=[{r1}], 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) close(r1) 09:26:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:41 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001800)={[{@fat=@codepage={'codepage', 0x3d, '1255'}}]}) 09:26:41 executing program 1: rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f00000012c0)={0x0, 0x0, 0x80}) [ 244.166183] FAT-fs (loop3): bogus number of reserved sectors [ 244.182300] FAT-fs (loop3): Can't find a valid FAT filesystem 09:26:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:41 executing program 4: socket$kcm(0xa, 0x20000000000003, 0x11) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x200, 0x0) ioctl$KVM_GET_LAPIC(r0, 0x8400ae8e, 0x0) socket$kcm(0x10, 0x2, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) socket$kcm(0x29, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x2, 0x200000000000001, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000005c0)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x88\x04\x00\x92\xee2\xc2$Wx\x15^\xdaM\xeaB\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WZ;\xce\x05\xfc\x95\xd9\x88\x1f|\x8b\xf1\xbf\xf2u\xdd\xd8AV\xd87\x96M\xea\xd2\xa2iM\xe9\xa1\xbc\xba}\xbe\xa1\x05J\"\f\xf9\b\xcf\xb8J\x13#\xecT\xdf\xe0\x9dOA>\xe9\x99\xf8\xaf@{dw\b\xe7{\xaf\x9a\x1e3\xc1\x83&\x89\xc2\xa5\xb1\xe2NN\xdf\xd3\x0f{\x8c\xc1\xc8y\x01\x04\x00\xc7\x94\xe3\x89|\xd7\x9f\xd3\x06\x17\xe6]\xd7\x81q\x1d\x1dN\x9e\xf4c\x83\x86_\xfc\xbc\xdd\xd4{\xde\xc4\xe5\xb6\b;L\x1cN\xa2\xc9k\xd7 \xc3\xe4\x19\x96\x8c\x04\xea\x9c9\xfa\xe3\xc1\x8dDuTHL\n\xe8\xb7oSx\'\xfd=\xfc\xa4\xa51\b\x02j\xb7\x98{`\x89\x8c\xd3\xc6\xe8\xe2\x9b\xd7\xab\xd1s\xfb\xaa\xcd\x9d\xf1\x9e\xee\xe3e\xf1\x91\xf7\xee%\xf8\xc7G', 0x2761, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000005c0)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x88\x04\x00\x92\xee2\xc2$Wx\x15^\xdaM\xeaB\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WZ;\xce\x05\xfc\x95\xd9\x88\x1f|\x8b\xf1\xbf\xf2u\xdd\xd8AV\xd87\x96M\xea\xd2\xa2iM\xe9\xa1\xbc\xba}\xbe\xa1\x05J\"\f\xf9\b\xcf\xb8J\x13#\xecT\xdf\xe0\x9dOA>\xe9\x99\xf8\xaf@{dw\b\xe7{\xaf\x9a\x1e3\xc1\x83&\x89\xc2\xa5\xb1\xe2NN\xdf\xd3\x0f{\x8c\xc1\xc8y\x01\x04\x00\xc7\x94\xe3\x89|\xd7\x9f\xd3\x06\x17\xe6]\xd7\x81q\x1d\x1dN\x9e\xf4c\x83\x86_\xfc\xbc\xdd\xd4{\xde\xc4\xe5\xb6\b;L\x1cN\xa2\xc9k\xd7 \xc3\xe4\x19\x96\x8c\x04\xea\x9c9\xfa\xe3\xc1\x8dDuTHL\n\xe8\xb7oSx\'\xfd=\xfc\xa4\xa51\b\x02j\xb7\x98{`\x89\x8c\xd3\xc6\xe8\xe2\x9b\xd7\xab\xd1s\xfb\xaa\xcd\x9d\xf1\x9e\xee\xe3e\xf1\x91\xf7\xee%\xf8\xc7G', 0x2761, 0x0) socket$kcm(0xa, 0x522000000003, 0x11) socket$kcm(0x11, 0x3, 0x300) socket$kcm(0x2b, 0x1, 0x0) socket$kcm(0x29, 0x2, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8e, 0x280441) ioctl$KDGETLED(r3, 0x4b31, &(0x7f0000000040)) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161) sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="72d3207b1bcf0e14f62342e893ccdc8c99e5a20b4147fa62946280332c1fe1e989866498fbd33c1d7dc1acf8fa468847d2a9dd15e329e41c32da60ece92417eaf7d1b9b1afab6284db6ce2aceaf5114f8daf25fb704272efbcd58992f0dcd90138d5ef2fad57f08f030b19174579891e6161103c0621faee007dc2ee5fef5a15f115e3fb4a666074e7527aa8409bf829ac59bfcf9648e52bc8196703ebaba0cf2d0f0c67d6c5caec8096712ee71aa1f3db4cfa8af456da80a507179a8ca50f2bc0d09e7b45a92143bb4e701f74a189e99eb850126e"], 0xd5) 09:26:41 executing program 3: mknod(&(0x7f0000000100)='./file0\x00', 0x1040, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000001ec0)={0x0, 0x12}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0) unlink(&(0x7f0000000040)='./file0\x00') creat(&(0x7f0000000040)='./file0\x00', 0x0) tkill(r0, 0x15) 09:26:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000001500)='/dev/vcsa#\x00', 0x1, 0x141001) write$UHID_INPUT(r4, &(0x7f00000015c0)={0x8, "539dc5034b105778733af5042f1b35c5aa7d8c886bf5de88d5ecee344df67b6ed79e0b3e882d38d6c625b9483ca8214dc98ad8aff2d86e330cf75263d193277938f33e036e59d5c79242e0abe9ab54e92558fc224dd9ff27aa44303b3330ba657091b42f8f79174e4e3916950d3ee3b25a7acd3b7ae44419e1d4273a9dc3ee5a84faea57aea71c3d44057e1ea5f8749735b4b2839b2fcd3bd73d65f970953cd90fa1fa84761c10754d71f9c45ad92e3e0ac7c88e85b163feddb6c7a25c627c5f45acb4ad7bbbe6985e73a3b3d544593b849c3f5317bb2b9bcfb162a4fbdf41b2f04add17ca8a43224af44f79020560c5510aa9a1f8fda5df9d8a995a81014048d177fe83569e15d4b19ebf8477add2d093b76847034356010274b19a5c9105c26b061640778bdb325ef4b2e1b625c582f47129d72261ba62bc853587e3c8a1c39e3f7dd55e3db1aa5b529d0fd3196953be90711a3c44c79a8828cd6be308676dbfe1b4376909da21cca5acd19b2b5efc847933a5687b405acb4c7e6126d31c4d57c3f6d4ec470ea51aa5a510335a1ab832ad5fb518261fd71a4ae801a9131d6572d656492a3d52b400c0c7b07bd3cc8bd2b7f633dd84db12ed326eef776130ed848a76a52a7e0bb5dd3ce269d00493842d0fa82fc3bec611dba727a0d0b3f3e07c3aebc3d0c1fe34ee984cf17e8918d899c2c91d512b12c488f39f74d58d589e0dbd1a023243f069929e714924f832b5ea6da6888cd03bbb40aa394a8b5850d346a4b93368674f03e169b1980ce3fb656ee874f05e219207cb039f12c8cb4ec3b04f145ade873a40790b3a9ccc91d407e28eae13302e72108971a3abd4d20abdf18394bc2b93bc3bd47d2cfd8619ce11eb4b6a1f2d4792b00ebad9f9c81699369b8fb7bbd3a05207808494bb0a4821e5d72f73e8ac5a7b1a9c6d0977a45ad353ab70b1cd0eededb119fbf6d2acfefc42be6ef9a4232964fdf930fcfbe135383d1d87e785adf5d22a4b04c77b2e5a138b6751c6f1896e97ec8a04767f2dbf5e177e176757d6e0fb0b175ac5cd98454a28942fbd87f29efcd6725492bd86bb63287a93473f3961a1603581b8f94d03cb6265d64ca0b49641cd1f5941ceaca15777619e1a224372689a2ee35e0e8ee494d56f85f8d1ef94031fb4440eac784d95ebb04cff3e7aa143dcfb1b7ca11729909fce59f00c578367d8cb1266bb9e0dd9a67fe01204b2450324ae48f51a59a7a39e755acb97008195beaf8518898f8cdb3918018ce1ab087af0a4c09c8f1f8d998da7c466d91d8e020e8db50c7783ab0bc0245505d2265e05d66d3a7cdd900eae91e31c8aed12d68775dae766d9db146bbb2472a662aefe4a31a2a50297263f32bdb6512c4f01ee4f9e76ca66ed4f4aa76a4f5e26b3389814b2922f15aad9487791c5ddcc807df6b71656005b6fe0b6aabdffeb78e7c44552fd973a050e91534636df70c725c315748e92a4712f5a7ef150eddc7c761ebf4c1e0902c312d23f25848709cedee10a83444256842fc182c510105b49c992edc8f1b701368d3690262eae7969516a8c66cbd09b8f522f70c79d5de95c235047ecfa773d5c8ab4d0c2c41326689ed5ee0143cee7928173aa7ae9432e8d33ff50847728601e246c8af24a228df1ea023d0f45f444d3645a6d5149ddbb1e456158ce7b1ac751d80958b2ed4ed3683500986e8e4810e651af9bcca01577d9b681ce115cf306e5edf2a92557078e92d3a940ae58eb7b9fcaaec076cd4d6d0d00ef53f5cf220b85703670307f9ac247d20eb4b3b01f9ca6ba05ad9b230176abdb6d6ba8d1114cd2076ddcf9682bf88f9c1129424b2d9335e644ca9064bdc6f6741a9640bf93591f9f896e0958a1b4cd06e5b6acd6238082f0d13157a49cef61a4bedd159b9e08231d740cab593fcee23b688fc33b464abfbc489ab9a1c2f5b8a3b30bec9c4d8895dc56fad32d74aa8910b991150c54b90b082c0c4823632d48ac103e882f272df521660780e96f3bff7cc8026f39bb360d96720276a29622cc6b8c461a0b6070e6ea8dea0d20a3cdc876c9c8309a8e8083f0e5e2fe32ce61d81b7b03bc1dd73e2b3ff8533941fae00fd937168dc0e10b90747acee23e5894703edc24315319870bbe58484e1e92b4472a8ef26282852e83081b413055d49f946d31138a20eb9c7937c9b33e7e408c64bdb1f5e182b87825ad1bd9981ddbd25a3d9a5b5ae5f12f2b5c26768746b5ea15f7626a34b68af9476fe931d958b6c867069ef9683f06392a5b3849c21d82686fdf9b75f36b9bf97703d31fc9ab45b8b6a681ba8d5b754b5851108fd09811891a7cb9279a7e40beb7f05a474ac10af021a8d006b01e0f17cbdd485191d02d310b2ab79482cb86ab5cb7a42b189044b805926a91f4273bf2c343279831241bff7336f8f312eaa6f0c2155b55886b09fff118bdb5c2a7d7ea0b38c0a7a7115837ffad097c478b046abf9eea723c7c7087140e29bb8db5210030fcff6c1804cb4a7e727bec692597edec662ca9912bd9b1f9a8825d6e7c4ad6078c60ce2f7f283dd59506a0a2d331d1ed29d3955454f61942e58cc251d4889d6518574130a0ab6da6047e49b4466091fad91c9c44d4b4c2ea054b583957c20f6a7de019b0731bfe9b76ba51aa88dbadf42f09d46cc4942d44dd4a434705b86e01e5e0cc87f5a3d455c7d0c406baeeab319c1ba0f38e5f08fe3512f9e72dd8605d415e649fec75d8f6065e7ddcd39f91089d0f9ff62dbf8fd6ca07cc2f21d3a9c8d1c34f85585e27f46d222dcc3a71faaf0cdde03af31ad4a32742e58f60733bcc18102e82fc159310abaad3c21661e2f2374409cb0a3fa1e410ec92ac6eb8fa8b26a66a5cabb87004dc1199f449ec2e97a3fe750eae2697b50bb996f8ca967ed87a5139ca34f9a227c271b3f7fcfdcec7ec6f5f00fee000585099c2bd7a115c11e57c0cd64e3406f37afc1a8333e01812dfe6398089341bab8328af9ccece6c4f52216abad788fbed79f8addbbe85451885bf116e8513b06bcc894572952454e5bde34753ac50f8ebf5d22cc5ff7ddd1c1dbf79ea62c7fe11f0222ba9f8ea19075713a3e7a97874ff609f46af712720cf477237bc56b4ddde9400c7bce30dc9ed41e6d1bd78962f6e713ffb38cb1b4bad9cf08dfaca1114ce7628af884286c94bbf9bae794b7d35515c4edc64d01f2a2b275f5bef8ded363be0b15af2d22e2cc03a89d5d9f83b4bcb9ba46f5d321a15b22f51bffba163bd036e6d05c02f3bb072be3c309a2aae9aceadfecb809ebb589433cfdaa5d334eabae578335bcee60806879416705935e0ae62cce04dc1e4d1fafb57b88947d649141d358ad0a4331015124bfe3e4bd3b38e276f92d534bbbad37cfcb396948882a46fd6662a25958dd27954ee9097c2e945726c2c18a367117eb852379c4ac693de78b724004e9de2f5735ff01996d06e038f39d7710a89e4f323f457789c6c637a4bb9d99e7281919eb06123abd855505399e6aa4f989001f9f615529651a6da0db9b48600f0391c308d6978829e9e66dc9e3a2f6a77edb76567608f3cd8547b6a6355360a3c307d6b8a8bff486565e33d9a5e8e2e916336c9cfda7f0299881215d368d49031dbe3e6757fd7175ac8582b259c3a40312aebbc509f7623b5fe51c110928e2cf4da8771a46152d7ba67449665b83b4abcb0d83f4a916020b0fa1af09af4784e06bc70f7a166b46442b7da2526b62ad3bdd3cbb314875aad65e389be47bd675d6bb2933424b6c6e88f36af441523cd6328f45d7941d855ec71971b39de3429a729ff78f7fac52986d150ba0dda923b57e167b0c2dbaddf794db27cf12c3fd6a53f77d937158eaf2f009759dc72f9949824b799175dc1cfa8be88c11cddde584073ec76bedc3e68ffe74a91cfe0e579867ece553af00753db4a9db056fec9e4275490f50f780a4838b54d54dc09aa05a8325d00c4dec24856fd4244783d611a713b5b5077afa197f799c9f68355cea1a0ab7c897fd6037aa2296e96ce53d5257cc6fa76aa58ff18c2a0ea4fae10ecf75e4b1e06aed10050dfc4f1a22547bfaa0d78e97113c9206a595cfbc6b6940952ab691b6ea049606155c7ffba49932c765a0f6d468af04422845b00b136bd133e0618c447c703ff5b9a1c7af194bc487e9c4931fae40e5849ae2251457d06bf82eb8bfbfa744fb24f705c1a65d7436463e08bf27cc20edaeb2b4d0040a360be150a61f94a5533c82544b7833cc9b3d924b92eb189136c4b52666aa7ce33880af6fca8856b2e1114dab2c57a290a8704e6c82460c4c999e020e9abb8a0408fd63beeb139831904d082e4a419c79f95e3487729c3fbb025016d20ab4d96dd5ee8b0b2023c54468d0237e99d73d6b037dccf92d9c8ac17e94f8519408f4a340882409c6a7e60dd0be73cf1161b55b30347f7338ec88a913ad048b545a82e3d84d6ed3b70afb240ed482303e16e11991f699983864c02e41f2078bb1d1f2ae0e5cd6ca884fb2a96296668d783adc2c2c94b3f32e1a035eb2856d616016111564df7933b4c227045756e79f9a83c41df717f0e89a7fbf29cda0317912837408b8e6e3820b356a6914a6887510ed6bf8861c81c80bdf42e6f0bfab0b47b67c751ec813c4cad8b2bcbebc138c3fe85e1ad67b2b120fb207c65f43a9aab037f88049dc25cc82fd523a076795a6e9b28a9cd80667b7a658a7098a8b300837cfef63a98297b6c2fc2db5971f5a92ca96c6974bbb729239f78fa3184f5011e342f43b796b1634d612f029c1e3c2acfb6f1e649feecaa952d608ed9e8531ff13e6af75e5e09ef29918f8c6953822746f889206c9e9e472896c12762e1843fbccdd7f26668c00945ff0fcbd9e79ac3a12ab3ee7eb60b4a33a3fba58295422808c2d35cd2aec0aa8b51e84f06eb79369b08a4875816f7040c24bd353a66e0c7d6f56ff3d6e9c42a77a5169b3cfc3c58de91e280d3b705c8488df9e096d66cede352c00d7d9c9fce344404bb326e6695cd2f6cfc839a6b1d857da8703924356f5a154303e76cea9d3d1bf695cc1843abf7c66857cc6800a2e8baac97317a62a4a76edccb0a8c9570dc74b0dfa461cdf8b706b8c8a914bce3a91eb9d547a5c35c14d477a0f27fb2b3d1a90aa70c455ea8c6995d39cabb7d7987ae25f89c7d3e26d6885732761f39db5bceb17992aa6b37c40b060a8d42a78118ec8d3fb26ac1a3d3938f677f554e514a65eb07b464196edd30a3882a423753e30dac26b5286cb3033175e8f600f6a7b5b203d9b06ad1333e2417875f1aa5f43953dc7989d7342e7b4336e20b2f033375bbd6fe228289e4a8440608123f8247b1c3a7fabb5d75f875febcc366a124ad4d43b8900afc3e4471911482d7c9dcd2afd579f0e488447d972e41c3497b2da66aa8eeeee6a89d2f1897572375677a7345380e9270d02fd4d32e06f3e53aa120563e603de19a02b3b37e2e652cd2a8152ed1a31feb9e1182731fce09b52a500991354985c108de875a9ab52508a430d3aff226709b46e00aac462161d68d1845a95cd1c56e16d7acc2fe3224b2dc9bb441e53e492146aaefb4c30141a2b6bd14b0dbc8e6b1a713ed4c40fd0323377e72f1c25f1c8ca96637a20c735a1edca585b412104945f1523c6af518bfe7e3ab8bd51540ddc10489c372a91c76e56909ce86c8e045cd0bfe7a270564a380aa762cca36e239e0a7c246b180376d71d349c847c08f80e15520172329ec3a7971ec585148e93a264c24470645ede73198736723972480db5dbfdf853c", 0x1000}, 0x1006) 09:26:42 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001800)={[{@fat=@flush='flush'}, {@fat=@errors_continue='errors=continue'}]}) 09:26:42 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 244.811135] FAT-fs (loop4): bogus number of reserved sectors [ 244.840299] FAT-fs (loop4): Can't find a valid FAT filesystem 09:26:42 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0) r0 = dup(0xffffffffffffffff) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x14c}, 0x137) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00'/203, 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeefffdef) 09:26:42 executing program 3: syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 09:26:42 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 246.896383] device bridge_slave_1 left promiscuous mode [ 246.902424] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.939729] kauditd_printk_skb: 24 callbacks suppressed [ 246.939745] audit: type=1400 audit(1569835604.401:86): avc: denied { map } for pid=8424 comm="syz-executor.1" path="/root/syz-executor.1" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 246.976250] audit: type=1400 audit(1569835604.401:87): avc: denied { map } for pid=8424 comm="syz-executor.1" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14986 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 246.978246] device bridge_slave_0 left promiscuous mode [ 247.008376] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.096294] device hsr_slave_1 left promiscuous mode [ 250.138523] device hsr_slave_0 left promiscuous mode [ 250.199794] team0 (unregistering): Port device team_slave_1 removed [ 250.210765] team0 (unregistering): Port device team_slave_0 removed [ 250.221892] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 250.268376] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 250.338810] bond0 (unregistering): Released all slaves [ 250.450279] IPVS: ftp: loaded support on port[0] = 21 [ 250.526522] chnl_net:caif_netlink_parms(): no params data found [ 250.556251] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.562711] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.570020] device bridge_slave_0 entered promiscuous mode [ 250.577131] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.583579] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.590598] device bridge_slave_1 entered promiscuous mode [ 250.611008] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 250.620405] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 250.637798] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 250.645392] team0: Port device team_slave_0 added [ 250.650991] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 250.658575] team0: Port device team_slave_1 added [ 250.663977] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 250.671303] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 250.715193] device hsr_slave_0 entered promiscuous mode [ 250.763637] device hsr_slave_1 entered promiscuous mode [ 250.833971] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 250.842364] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 250.858173] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.864722] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.871309] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.877687] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.956051] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.969850] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 250.982683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 250.996785] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.008722] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.022105] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 251.032995] 8021q: adding VLAN 0 to HW filter on device team0 [ 251.050491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 251.060193] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.066593] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.093825] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 251.101459] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.107864] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.115629] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 251.124325] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 251.140947] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 251.149509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 251.158852] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 251.169530] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 251.176377] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 251.200334] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 251.222488] 8021q: adding VLAN 0 to HW filter on device batadv0 09:26:48 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSMASK(r0, 0x40284504, 0x0) 09:26:48 executing program 2: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) 09:26:48 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0x0, 0x0, 0x0) 09:26:48 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r0 = socket$inet(0x10, 0x0, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0) 09:26:48 executing program 5: mq_unlink(&(0x7f0000000000)='/dev/vcs\x00') 09:26:48 executing program 4: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) 09:26:48 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0x0, 0x0, 0x0) [ 251.359416] audit: type=1800 audit(1569835608.821:88): pid=8437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16626 res=0 09:26:48 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x8, 0xdf, 0x80, 0x3f, 0x0, 0xfffffffffffffffd, 0xb6f887ea7122756a, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_config_ext={0x9, 0x7}, 0x8, 0x5, 0xffff, 0x5, 0x6, 0x800, 0x7fff}, 0x0, 0x10, 0xffffffffffffffff, 0x9) open(&(0x7f0000000000)='.\x00', 0x0, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8, 0x8000, 0x8, 0x0, 0x0, 0x0, 0x0, 0xffffffffffff1821, 0x0, 0x0, 0x7e6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100000000, 0xfe, 0x1, 0x0, 0x1, 0x7, 0x0, 0x0, 0x5311066e, 0x3, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x71cff475, 0x0, @perf_config_ext={0x7fffffff, 0xfffffffffffffffe}, 0x0, 0x40001f, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x8) umount2(&(0x7f0000000540)='./file0\x00', 0x4) 09:26:49 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x50000}]}) renameat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00') [ 251.473815] audit: type=1400 audit(1569835608.931:89): avc: denied { create } for pid=8442 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 09:26:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0x0, 0x0, 0x0) 09:26:49 executing program 3: 09:26:49 executing program 1: 09:26:49 executing program 2: [ 251.650739] audit: type=1800 audit(1569835608.991:90): pid=8437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16626 res=0 09:26:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:49 executing program 2: 09:26:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 251.827932] audit: type=1400 audit(1569835609.031:91): avc: denied { associate } for pid=8448 comm="syz-executor.5" name="file0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 09:26:49 executing program 1: 09:26:49 executing program 3: creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') gettid() tkill(0x0, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000440)={0x0, 0x7fff, 0x6, 0xba, 0x5, [{0x3, 0x5, 0x70347e4, 0x0, 0x0, 0x100}, {0x8, 0x9, 0x0, 0x0, 0x0, 0x3000}, {0x6e, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x1004}, {0x0, 0x0, 0x8, 0x0, 0x0, 0x80}, {0x7, 0x99e}]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip6erspan0\x00'}) 09:26:49 executing program 4: 09:26:49 executing program 5: [ 251.991937] devpts: called with bogus options 09:26:49 executing program 4: 09:26:49 executing program 2: 09:26:49 executing program 1: 09:26:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:49 executing program 5: 09:26:49 executing program 2: [ 252.152918] audit: type=1804 audit(1569835609.611:92): pid=8496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir019763076/syzkaller.qGkwZD/36/file0" dev="sda1" ino=16640 res=1 09:26:49 executing program 4: 09:26:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:49 executing program 5: 09:26:50 executing program 3: 09:26:50 executing program 1: 09:26:50 executing program 4: 09:26:50 executing program 5: 09:26:50 executing program 2: 09:26:50 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:50 executing program 1: 09:26:50 executing program 5: 09:26:50 executing program 4: 09:26:50 executing program 3: 09:26:50 executing program 2: 09:26:50 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 09:26:50 executing program 4: 09:26:50 executing program 2: 09:26:50 executing program 5: 09:26:50 executing program 1: 09:26:50 executing program 3: 09:26:50 executing program 5: 09:26:50 executing program 4: 09:26:50 executing program 2: 09:26:50 executing program 0: 09:26:50 executing program 3: 09:26:50 executing program 1: 09:26:50 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x92f2, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf24cb08948dd94ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x1, 0x0, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x6c102, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad3a4bf5cf5f0dfca5", 0x4c}, {0x0}, {&(0x7f0000000040)="38bead979bda2bea18ecd6b1fc4cbf74d51c5a93871a4ce813ad98c4", 0x1c}, {0x0}], 0x4, 0x2) mkdirat(0xffffffffffffffff, 0x0, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='trusted.overlay.origin\x00', &(0x7f0000000440)='y\x00', 0x2, 0x0) write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000280)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0) 09:26:50 executing program 5: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r3, &(0x7f0000000040), 0xe) listen(r3, 0x0) 09:26:50 executing program 3: r0 = socket$inet6(0xa, 0x802, 0x0) sendmmsg$inet6(r0, &(0x7f00000040c0)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0}}], 0x1, 0x0) 09:26:50 executing program 4: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf24cb08948dd94ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x1, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x6c102, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad3a4bf5cf5f0dfca5", 0x4c}, {0x0}, {&(0x7f0000000040)="38bead979bda2bea18ecd6b1fc4cbf74d51c5a93871a4ce813ad98c4", 0x1c}, {0x0}], 0x4, 0x2) mkdirat(0xffffffffffffffff, 0x0, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='trusted.overlay.origin\x00', &(0x7f0000000440)='y\x00', 0x2, 0x0) write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000280)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0) 09:26:50 executing program 1: 09:26:50 executing program 2: 09:26:51 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0x40a85323, &(0x7f00000000c0)={{0x80}}) 09:26:51 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ifreq(r0, 0x89f3, &(0x7f0000000800)={'ip6tnl0\x00', @ifru_data=&(0x7f00000004c0)="85828efe55ebed48d53e39fc0eae88d3ec3ae5ee04b7b769e056b120956a21f3"}) 09:26:51 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x121001) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534b, &(0x7f00000000c0)={{0x80}}) 09:26:51 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000cd0fc8)={0x0, 0x0, &(0x7f0000ca6000)={&(0x7f0000000200)=ANY=[@ANYBLOB="020d0000140000000000000000000000080012000000030000000000000000000600000000000000000020444d57000000000000000000000000000000000000ff02000000000000000000000000000105000500000000000a0000000000000000000000000000000000ffffac141400000000000000000005000600008000000a00000000000000fe80000000000000000064bec63b58698aed868531503aa40f0000000000ff0000e0c667f500000b95da806b5dadd696d4c831015719eac2e97a75aa8f0ba05fc54fba27ede57c15229e63f004d98eaeafd0836d849a13874f39db2227dcf3bf054c57b7664922dbc71219297197c6b0202279739f13c13f45018b4fcb1b8d9481fddda19eebeaf2e502ad7764d0c1ec0b07a930fe5a368acd0e937636494412209ea251320c9a87b4bf63e7d8eb35296a564ad8f33ed87489a4d82b1d79e61d5b575056bb520fc7d132e7d28a8127ab1b4b3abfc7b6436084d62dc7efc701f449bd0130e59595a6b178a6a694395262e174f0ef87646ca3ed605e6f5285b4659f32b5f4a3db73c888cf61dc4355f69dce1c9eeea4a881008799d00a798da018b40219110f5f156d6ce6340bbfc33d8a4496c5315d000000000000"], 0xa0}}, 0x0) [ 253.607509] audit: type=1400 audit(1569835611.071:93): avc: denied { write } for pid=8574 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 253.637494] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 09:26:51 executing program 0: getpid() sched_setscheduler(0x0, 0x5, &(0x7f0000000380)) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4cc74502f987c2cec6504df6ead74ed8a60ab563e98b4b2a3d27a7082dbb78abd55fba3da80b856445ab100621d6234555c08dc540473753cd89e9b08e3f5972fe9ca162b123e192e8c89c9dd81c796f27f537cc5a3fb54aff8eaff4f6b59c41705b96a6711d4679079d00"/137], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) lstat(&(0x7f0000000180)='./file0\x00', 0x0) write$FUSE_ATTR(r2, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0xfff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x7}}}, 0x78) umount2(&(0x7f0000000000)='./file0\x00', 0x0) 09:26:51 executing program 4: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad3a4bf5cf5f0dfca5", 0x4c}], 0x1, 0x2) 09:26:51 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) clone(0x1000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 09:26:51 executing program 1: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) clone(0x3102003bfe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x4, 0x4, 0x10000000000080, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x20002}, 0x3c) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x31) wait4(0x0, 0x0, 0x0, 0x0) 09:26:51 executing program 5: r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0xc0046209, 0x0) 09:26:51 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') read$FUSE(r0, &(0x7f0000000440), 0x1000) [ 253.870210] binder: 8595:8596 ioctl c0046209 0 returned -22 09:26:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$kcm(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r1, 0x107, 0x8, &(0x7f0000000000), 0x4) [ 253.976494] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 09:26:51 executing program 1: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000040)=0x40, 0x4) bind$xdp(r2, &(0x7f0000000300)={0x2c, 0x1, r1}, 0x10) 09:26:51 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x69) r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0xf6) read(r0, 0x0, 0x0) syz_open_dev$sndpcmc(0x0, 0x7, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/autofs\x00', 0x0, 0x0) 09:26:51 executing program 3: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x9, @sdr}) 09:26:51 executing program 4: open(0x0, 0x0, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000040)='tmpfs\x00', 0x0, 0x0) 09:26:51 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000040)=0x40, 0x4) r3 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup3(r4, r3, 0x0) bind$xdp(r2, &(0x7f0000000300)={0x2c, 0x1, r1, 0x0, r3}, 0x10) [ 254.239034] audit: type=1800 audit(1569835611.701:94): pid=8633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=16665 res=0 09:26:51 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) dup2(r0, r0) r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad", 0x44}, {0x0}, {&(0x7f0000000040)}, {0x0}], 0x4, 0x2) 09:26:51 executing program 1: openat$pfkey(0xffffffffffffff9c, 0x0, 0x20000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) r1 = syz_open_dev$binder(0x0, 0x0, 0x0) dup3(r1, r0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) socket$inet_udp(0x2, 0x2, 0x0) 09:26:51 executing program 2: open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r0, r1, 0x0, 0x7fffffff) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) sendfile(r2, r0, 0x0, 0xffffffff) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x5000008912, &(0x7f0000001600)="11dca50d5e0bcfe47bf070") 09:26:51 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x0, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000180)) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001240)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30}, 0x0) r4 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r4, 0x6, 0x15, &(0x7f00000000c0)=0x5, 0x4) mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) dup(0xffffffffffffffff) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000400)='./file0\x00', 0x0) unlink(&(0x7f0000000040)='./file0\x00') prctl$PR_GET_THP_DISABLE(0x2a) 09:26:51 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) ftruncate(r3, 0x2081f8) fcntl$setstatus(r2, 0x4, 0x6100) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0xf642e7e) write$cgroup_type(r1, &(0x7f00000000c0)='threaded\x00', 0x100000198) [ 254.388010] audit: type=1800 audit(1569835611.841:95): pid=8645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16652 res=0 09:26:51 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001800)={[{@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@flush='flush'}, {@fat=@errors_continue='errors=continue'}]}) 09:26:52 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) creat(&(0x7f0000000040)='./file1\x00', 0x2a) clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000200)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x109) dup2(r0, r1) execve(&(0x7f00000002c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0) open$dir(&(0x7f00000000c0)='./file0\x00', 0x841, 0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000080)='./file1\x00', 0x0, 0x0) sched_yield() [ 254.508108] audit: type=1804 audit(1569835611.891:96): pid=8645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/49/file0" dev="sda1" ino=16652 res=1 [ 254.569992] FAT-fs (loop3): bogus number of reserved sectors [ 254.593807] FAT-fs (loop3): Can't find a valid FAT filesystem 09:26:52 executing program 1: open(0x0, 0x0, 0x0) fchdir(0xffffffffffffffff) open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000040)='tmpfs\x00', 0x0, 0x0) [ 254.617334] audit: type=1804 audit(1569835611.941:97): pid=8656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/49/file0" dev="sda1" ino=16652 res=1 09:26:52 executing program 3: write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x4}], 0x18) r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f00000001c0)={0x0, 0x4, &(0x7f0000000140)="f2748ba7"}) write$evdev(r0, &(0x7f0000000040)=[{}, {}], 0x52a) [ 254.733758] audit: type=1800 audit(1569835612.201:98): pid=8673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16663 res=0 [ 254.802758] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. 09:26:52 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0xd, 0x18, 0x4, 0x3, 0x0, r0}, 0x3c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f00000001c0), &(0x7f0000000080)}, 0x20) 09:26:52 executing program 0: r0 = gettid() utimensat(0xffffffffffffffff, 0x0, &(0x7f0000000100), 0x200) sched_rr_get_interval(0x0, &(0x7f0000000140)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x40000, 0x0) dup3(r1, 0xffffffffffffff9c, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000000c0)) pselect6(0x40, &(0x7f00000001c0)={0x5, 0xfffffffffffffffe, 0x2, 0x0, 0x3, 0x79, 0xffffffffffffb852}, &(0x7f0000000200)={0x0, 0x2, 0x0, 0x1, 0xb9, 0x0, 0x8}, &(0x7f0000000240)={0x100000000, 0x0, 0x0, 0x1, 0x0, 0x6629, 0x0, 0x1f}, 0x0, &(0x7f0000000300)={0x0}) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) statfs(0x0, 0x0) tkill(r0, 0x1000000000016) [ 254.871595] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. 09:26:52 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000340)) 09:26:52 executing program 3: timer_create(0x2, 0x0, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x9}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000e60000)) 09:26:52 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @empty}, 0x10) sendto$inet(r0, 0x0, 0x2f5, 0x200007fc, &(0x7f0000000000)={0x2, 0x3, @local}, 0x10) bind$inet(0xffffffffffffffff, 0x0, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) getpid() stat(0x0, 0x0) pipe2$9p(0x0, 0x0) lstat(0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) memfd_create(0x0, 0x0) fdatasync(0xffffffffffffffff) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x3d6, 0x0) lstat(0x0, 0x0) socket$key(0xf, 0x3, 0x2) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) ioctl$RTC_PIE_OFF(0xffffffffffffffff, 0x7006) sendto(r0, &(0x7f0000000040)='J', 0xffffffffffffff7e, 0x8841, 0x0, 0xffffffffffffff44) shutdown(r0, 0x2) recvfrom$inet(r0, 0x0, 0x0, 0x80040000101, 0x0, 0x2f49b2819fbc7c26) [ 255.242042] audit: type=1804 audit(1569835612.701:99): pid=8716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/49/file0" dev="sda1" ino=16652 res=1 09:26:52 executing program 0: getpid() sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4cc74502f987c2cec6504df6ead74ed8a60ab563e98b4b2a3d27a7082dbb78abd55fba3da80b856445ab100621d6234555c08dc540473753cd89e9b08e3f5972fe9ca162b123e192e8c89c9dd81c796f27f537cc5a3fb54aff8eaff4f6b59c41705b96a6711d4679079d00"/137], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2cff534300"]) lstat(&(0x7f0000000180)='./file0\x00', 0x0) write$FUSE_ATTR(r2, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x7}}}, 0x78) umount2(&(0x7f0000000000)='./file0\x00', 0x0) [ 255.288459] audit: type=1804 audit(1569835612.741:100): pid=8716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/49/file0" dev="sda1" ino=16652 res=1 09:26:52 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x0, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000180)) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001240)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30}, 0x0) r4 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r4, 0x6, 0x15, &(0x7f00000000c0)=0x5, 0x4) mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) dup(0xffffffffffffffff) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000400)='./file0\x00', 0x0) unlink(&(0x7f0000000040)='./file0\x00') prctl$PR_GET_THP_DISABLE(0x2a) 09:26:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:26:52 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000200)='/dev/urandom\x00', 0x82042, 0x0) dup2(r0, r4) 09:26:52 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x1}}) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f00000014c0)={0x0, 0x0, 0x6}) readv(r0, &(0x7f0000000240)=[{&(0x7f00000013c0)=""/135}, {&(0x7f0000001480)=""/25}, {&(0x7f00000003c0)=""/4096, 0x8}], 0x20000000000002ca) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) 09:26:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x5400008912, &(0x7f0000001600)="11dca50d5e0bcfe47bf070") r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r1, &(0x7f0000000140), 0x8) listen(r1, 0x0) 09:26:53 executing program 2: r0 = gettid() r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r1, &(0x7f0000000000)={'#! ', './file0'}, 0xb) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) setxattr$security_capability(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.capability\x00', 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) 09:26:53 executing program 1: clone(0x3102003bfe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x4, 0x4, 0x10000000000080, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x20002}, 0x3c) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x31) wait4(0x0, 0x0, 0x0, 0x0) 09:26:53 executing program 3: 09:26:53 executing program 4: [ 255.630551] ptrace attach of "/root/syz-executor.1"[8751] was attempted by "/root/syz-executor.1"[8754] 09:26:53 executing program 3: 09:26:53 executing program 2: [ 255.678036] ptrace attach of "/root/syz-executor.2"[8756] was attempted by "/root/syz-executor.2"[8757] 09:26:53 executing program 0: 09:26:53 executing program 5: 09:26:53 executing program 1: 09:26:53 executing program 4: 09:26:53 executing program 3: 09:26:53 executing program 2: 09:26:53 executing program 0: 09:26:53 executing program 1: 09:26:53 executing program 2: 09:26:53 executing program 4: 09:26:53 executing program 3: 09:26:53 executing program 0: 09:26:53 executing program 5: 09:26:53 executing program 1: 09:26:53 executing program 2: 09:26:53 executing program 3: 09:26:53 executing program 4: 09:26:53 executing program 0: 09:26:53 executing program 4: 09:26:53 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x105082) r1 = memfd_create(&(0x7f0000000080)='\xfaIhFlK\x99F\x17\x16\xa5>\xd3\xc0\x93\xb5.\xda\x06_bT\x1cB\xdb\xf8y1\xe7,\x03\x98h\x86(\xa0m\x87+x\x14i\x88\xcd\x89\x81\xfb\x86', 0x0) pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f00000000c0)='S', 0x1}], 0x1, 0x4081003) fallocate(r0, 0x1, 0x0, 0x100000001) 09:26:53 executing program 5: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x4}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000900)={0x200041}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080), 0x10, 0x0}, 0x0) 09:26:53 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fchdir(r0) unlink(&(0x7f0000000280)='./bus\x00') r3 = creat(&(0x7f0000000080)='./bus\x00', 0x10088253bdf60fc3) fsetxattr$system_posix_acl(r3, &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000600)={{}, {}, [{}, {}, {}, {}, {}, {0x2, 0x2}, {0x2, 0x4}]}, 0x5c, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x4000000000141042, 0x0) write$P9_RXATTRCREATE(r4, &(0x7f0000001440)={0x7}, 0x7) 09:26:53 executing program 3: syz_mount_image$gfs2(&(0x7f0000000040)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@localflocks='localflocks'}]}) 09:26:53 executing program 0: 09:26:54 executing program 4: 09:26:54 executing program 0: 09:26:54 executing program 2: [ 256.589276] gfs2: not a GFS2 filesystem 09:26:54 executing program 5: 09:26:54 executing program 1: [ 256.671517] gfs2: not a GFS2 filesystem 09:26:54 executing program 0: 09:26:54 executing program 4: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x3}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x2}, 0x10) sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080), 0x10, 0x0}, 0x0) 09:26:54 executing program 3: 09:26:54 executing program 5: 09:26:54 executing program 2: 09:26:54 executing program 1: 09:26:54 executing program 3: 09:26:54 executing program 0: 09:26:54 executing program 5: 09:26:54 executing program 2: 09:26:54 executing program 4: 09:26:54 executing program 3: 09:26:54 executing program 0: 09:26:54 executing program 1: 09:26:54 executing program 2: 09:26:54 executing program 5: 09:26:54 executing program 4: 09:26:54 executing program 3: 09:26:54 executing program 2: 09:26:54 executing program 0: 09:26:54 executing program 1: 09:26:54 executing program 5: 09:26:54 executing program 4: 09:26:54 executing program 3: 09:26:54 executing program 2: 09:26:54 executing program 1: 09:26:54 executing program 5: 09:26:54 executing program 0: 09:26:54 executing program 3: 09:26:54 executing program 2: 09:26:54 executing program 4: 09:26:55 executing program 3: 09:26:55 executing program 4: 09:26:55 executing program 0: 09:26:55 executing program 5: 09:26:55 executing program 1: 09:26:55 executing program 3: 09:26:55 executing program 2: 09:26:55 executing program 5: 09:26:55 executing program 4: 09:26:55 executing program 0: 09:26:55 executing program 3: 09:26:55 executing program 1: 09:26:55 executing program 5: 09:26:55 executing program 2: 09:26:55 executing program 4: 09:26:55 executing program 0: 09:26:55 executing program 2: 09:26:55 executing program 5: 09:26:55 executing program 3: 09:26:55 executing program 4: 09:26:55 executing program 1: 09:26:55 executing program 5: 09:26:55 executing program 4: 09:26:55 executing program 0: 09:26:55 executing program 3: 09:26:55 executing program 1: 09:26:55 executing program 2: 09:26:55 executing program 5: 09:26:55 executing program 4: 09:26:55 executing program 0: 09:26:55 executing program 2: 09:26:55 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r0, r0) pipe(0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000080)="66b829018ec0b9800000c00f3235002000000f3066baf80cb8c8f61a8eef66bafc0ced0f787e0036400fc75a00c4e1f9e601c4018575504f0f87d485a71b64440f01c43e662666470f38804185", 0x4d}], 0x1, 0x0, 0x0, 0xfffffffffffffe96) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r4, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xffe8) ioctl$KVM_RUN(r3, 0xae80, 0x0) 09:26:55 executing program 5: gettid() getsockopt$netlink(0xffffffffffffff9c, 0x10e, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, 0x0) r1 = dup(r0) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) write$P9_RWSTAT(r1, 0x0, 0x0) 09:26:55 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newqdisc={0x444, 0x24, 0x507, 0x0, 0x0, {0x0, r2, {0x0, 0xe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbq={{0x8, 0x1, 'cbq\x00'}, {0x418, 0x2, [@TCA_CBQ_RTAB={0x404}, @TCA_CBQ_RATE={0x10, 0x5, {0x6, 0x0, 0x0, 0x0, 0x0, 0x5}}]}}]}, 0x444}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newqdisc={0x444, 0x24, 0x507, 0x0, 0x0, {0x0, r2, {}, {0x9, 0xe}}, [@qdisc_kind_options=@q_cbq={{0x8, 0x1, 'cbq\x00'}, {0x418, 0x2, [@TCA_CBQ_RTAB={0x404}, @TCA_CBQ_RATE={0x10, 0x5, {0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffe01}}]}}]}, 0x444}}, 0x0) 09:26:55 executing program 4: socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$netrom(r0, 0x0, &(0x7f0000000200)) 09:26:56 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2400000011000705cff4537a98090a0000000000", @ANYRES32=r3, @ANYBLOB="000000000000000010000000"], 0xd4}}, 0x0) [ 258.588417] ================================================================== [ 258.596250] BUG: KASAN: null-ptr-deref in kvm_write_guest_virt_system+0x64/0x90 [ 258.603721] Write of size 24 at addr 0000000000000000 by task syz-executor.3/8950 [ 258.611348] [ 258.612994] CPU: 1 PID: 8950 Comm: syz-executor.3 Not tainted 4.19.75 #0 [ 258.619840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.629196] Call Trace: [ 258.629281] dump_stack+0x172/0x1f0 [ 258.635456] ? kvm_write_guest_virt_system+0x64/0x90 [ 258.635527] kasan_report.cold+0x199/0x2ba [ 258.635547] check_memory_region+0x123/0x190 [ 258.635562] memset+0x24/0x40 [ 258.635578] kvm_write_guest_virt_system+0x64/0x90 [ 258.635630] handle_vmread+0x7fe/0xa10 [ 258.635647] ? handle_invpcid+0xa80/0xa80 [ 258.652558] ? __lock_is_held+0xb6/0x140 [ 258.652574] ? __lock_is_held+0xb6/0x140 [ 258.652594] ? handle_invpcid+0xa80/0xa80 [ 258.652609] vmx_handle_exit+0x276/0x16b0 [ 258.652620] ? lock_acquire+0x16f/0x3f0 [ 258.652651] ? vcpu_enter_guest+0xf15/0x5ed0 [ 258.665765] vcpu_enter_guest+0x10ca/0x5ed0 [ 258.665829] ? kvm_vcpu_ioctl+0x181/0xf90 [ 258.665848] ? emulator_read_emulated+0x50/0x50 [ 258.665865] ? lock_acquire+0x16f/0x3f0 [ 258.665882] ? kvm_check_async_pf_completion+0x2d8/0x440 [ 258.690736] kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 258.690756] ? kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 258.699224] kvm_vcpu_ioctl+0x4dc/0xf90 [ 258.707838] ? kvm_vcpu_block+0xcc0/0xcc0 [ 258.718096] ? mark_held_locks+0x100/0x100 [ 258.718192] ? __might_fault+0x12b/0x1e0 [ 258.727146] ? __fget+0x340/0x540 [ 258.735433] ? find_held_lock+0x35/0x130 [ 258.735448] ? __fget+0x340/0x540 [ 258.735466] ? kvm_vcpu_block+0xcc0/0xcc0 [ 258.735484] do_vfs_ioctl+0xd5f/0x1380 [ 258.735530] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 258.735616] ? selinux_file_ioctl+0x125/0x5e0 [ 258.747087] ? ioctl_preallocate+0x210/0x210 [ 258.747104] ? selinux_file_mprotect+0x620/0x620 [ 258.747125] ? iterate_fd+0x360/0x360 [ 258.754754] ? nsecs_to_jiffies+0x30/0x30 [ 258.754783] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 258.754796] ? security_file_ioctl+0x8d/0xc0 [ 258.754814] ksys_ioctl+0xab/0xd0 [ 258.754829] __x64_sys_ioctl+0x73/0xb0 [ 258.754869] do_syscall_64+0xfd/0x620 [ 258.754897] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.754909] RIP: 0033:0x459a29 [ 258.754924] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 09:26:56 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x8000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000001080)=""/192) 09:26:56 executing program 4: getuid() openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x0) r0 = gettid() fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) sendmsg(0xffffffffffffffff, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VT_GETSTATE(r1, 0x5603, 0x0) tkill(r0, 0x1000000000016) 09:26:56 executing program 5: write(0xffffffffffffffff, &(0x7f0000000000)="0f42", 0xfffffeab) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xf000, 0x1000, &(0x7f0000001000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f00000002c0)={{}, {0x0, 0x0, 0x0, 0x5, 0x64a, 0x0, 0x7f}}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 09:26:56 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x7) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) [ 258.754931] RSP: 002b:00007ff6adbd9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 258.754943] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 258.754949] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 258.754955] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 258.754962] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6adbda6d4 [ 258.754968] R13: 00000000004c2ddb R14: 00000000004d6618 R15: 00000000ffffffff [ 258.754990] ================================================================== [ 258.767512] kobject: 'tx-0' (00000000e5e2c9f7): kobject_uevent_env [ 258.768887] Disabling lock debugging due to kernel taint [ 258.867112] Kernel panic - not syncing: panic_on_warn set ... [ 258.867112] [ 258.873363] kobject: 'loop5' (000000008ad09e54): kobject_uevent_env [ 258.879316] CPU: 1 PID: 8950 Comm: syz-executor.3 Tainted: G B 4.19.75 #0 [ 258.892019] kobject: 'kvm' (0000000000a0621a): kobject_uevent_env [ 258.892957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.899012] kobject: 'loop5' (000000008ad09e54): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 258.905744] Call Trace: [ 258.905771] dump_stack+0x172/0x1f0 [ 258.905790] ? kvm_write_guest_virt_system+0x64/0x90 [ 258.905872] panic+0x263/0x507 [ 258.905887] ? __warn_printk+0xf3/0xf3 [ 258.912341] kobject: 'kvm' (0000000000a0621a): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 258.920506] ? kvm_write_guest_virt_system+0x64/0x90 [ 258.920523] ? preempt_schedule+0x4b/0x60 [ 258.920537] ? ___preempt_schedule+0x16/0x18 [ 258.920617] ? trace_hardirqs_on+0x5e/0x220 [ 258.920637] ? kvm_write_guest_virt_system+0x64/0x90 [ 258.927508] kobject: 'loop4' (00000000bfa3bc46): kobject_uevent_env [ 258.936226] kasan_end_report+0x47/0x4f [ 258.936241] kasan_report.cold+0xa9/0x2ba [ 258.936256] check_memory_region+0x123/0x190 [ 258.936267] memset+0x24/0x40 [ 258.936286] kvm_write_guest_virt_system+0x64/0x90 [ 258.946381] kobject: 'loop4' (00000000bfa3bc46): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 258.948412] handle_vmread+0x7fe/0xa10 [ 258.973910] *** Guest State *** [ 258.978516] ? handle_invpcid+0xa80/0xa80 [ 258.982650] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 258.987034] ? __lock_is_held+0xb6/0x140 [ 258.987048] ? __lock_is_held+0xb6/0x140 [ 258.987064] ? handle_invpcid+0xa80/0xa80 [ 258.987078] vmx_handle_exit+0x276/0x16b0 [ 258.987089] ? lock_acquire+0x16f/0x3f0 [ 258.987100] ? vcpu_enter_guest+0xf15/0x5ed0 [ 258.987117] vcpu_enter_guest+0x10ca/0x5ed0 [ 258.991562] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 258.996516] ? kvm_vcpu_ioctl+0x181/0xf90 [ 258.996530] ? emulator_read_emulated+0x50/0x50 [ 258.996542] ? lock_acquire+0x16f/0x3f0 [ 258.996556] ? kvm_check_async_pf_completion+0x2d8/0x440 [ 258.996571] kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 258.996580] ? kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 258.996593] kvm_vcpu_ioctl+0x4dc/0xf90 [ 258.996605] ? kvm_vcpu_block+0xcc0/0xcc0 [ 258.996616] ? mark_held_locks+0x100/0x100 [ 258.996632] ? __might_fault+0x12b/0x1e0 [ 258.996644] ? __fget+0x340/0x540 [ 258.996658] ? find_held_lock+0x35/0x130 [ 258.996668] ? __fget+0x340/0x540 [ 258.996681] ? kvm_vcpu_block+0xcc0/0xcc0 [ 258.996700] do_vfs_ioctl+0xd5f/0x1380 [ 259.003796] CR3 = 0x0000000000000000 [ 259.007057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 259.011172] RSP = 0x00000000000000bf RIP = 0x00000000000000c2 [ 259.015560] ? selinux_file_ioctl+0x125/0x5e0 [ 259.015575] ? ioctl_preallocate+0x210/0x210 [ 259.015587] ? selinux_file_mprotect+0x620/0x620 [ 259.015604] ? iterate_fd+0x360/0x360 [ 259.021549] RFLAGS=0x00010006 DR7 = 0x0000000000000400 [ 259.023603] ? nsecs_to_jiffies+0x30/0x30 [ 259.023622] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 259.023635] ? security_file_ioctl+0x8d/0xc0 [ 259.023649] ksys_ioctl+0xab/0xd0 [ 259.023665] __x64_sys_ioctl+0x73/0xb0 [ 259.033242] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 259.036967] do_syscall_64+0xfd/0x620 [ 259.036987] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 259.040344] kobject: 'tx-0' (00000000e5e2c9f7): fill_kobj_path: path = '/devices/virtual/net/veth2/queues/tx-0' [ 259.044366] RIP: 0033:0x459a29 [ 259.044381] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 259.044387] RSP: 002b:00007ff6adbd9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 259.044403] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 259.053427] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 259.057259] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 259.057267] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 259.057273] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6adbda6d4 [ 259.057284] R13: 00000000004c2ddb R14: 00000000004d6618 R15: 00000000ffffffff [ 259.061374] DS: sel=0x0000, attr=0x04005, limit=0x00000000, base=0x0000000000000000 [ 259.066947] Kernel Offset: disabled [ 259.326875] Rebooting in 86400 seconds..