[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   41.671922] audit: type=1800 audit(1569835399.131:33): pid=7406 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0
[   41.693322] audit: type=1800 audit(1569835399.141:34): pid=7406 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0
[   42.696188] audit: type=1400 audit(1569835400.161:35): avc:  denied  { map } for  pid=7579 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.84' (ECDSA) to the list of known hosts.
2019/09/30 09:23:26 fuzzer started
syzkaller login: [   49.118130] audit: type=1400 audit(1569835406.581:36): avc:  denied  { map } for  pid=7588 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2019/09/30 09:23:28 dialing manager at 10.128.0.105:33829
2019/09/30 09:23:28 syscalls: 2489
2019/09/30 09:23:28 code coverage: enabled
2019/09/30 09:23:28 comparison tracing: enabled
2019/09/30 09:23:28 extra coverage: extra coverage is not supported by the kernel
2019/09/30 09:23:28 setuid sandbox: enabled
2019/09/30 09:23:28 namespace sandbox: enabled
2019/09/30 09:23:28 Android sandbox: /sys/fs/selinux/policy does not exist
2019/09/30 09:23:28 fault injection: enabled
2019/09/30 09:23:28 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/09/30 09:23:28 net packet injection: enabled
2019/09/30 09:23:28 net device setup: enabled
09:26:25 executing program 0:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)

[  227.891139] audit: type=1400 audit(1569835585.351:37): avc:  denied  { map } for  pid=7605 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14986 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
[  228.023707] IPVS: ftp: loaded support on port[0] = 21
09:26:25 executing program 1:
r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0x4058534c, &(0x7f00000000c0)={{0x80}, 0x1, 0x0, 0x2})

[  228.181534] chnl_net:caif_netlink_parms(): no params data found
09:26:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = fcntl$dupfd(r5, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newqdisc={0x444, 0x24, 0x507, 0x0, 0x0, {0x0, r3, {0x0, 0xe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbq={{0x8, 0x1, 'cbq\x00'}, {0x418, 0x2, [@TCA_CBQ_RTAB={0x404}, @TCA_CBQ_RATE={0x10, 0x5, {0x6, 0x0, 0x0, 0x0, 0x0, 0x5}}]}}]}, 0x444}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newqdisc={0x24, 0x24, 0x507, 0x0, 0x0, {0x0, r3, {}, {0x4, 0xe}}}, 0x24}}, 0x0)

[  228.254363] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.261269] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.277570] device bridge_slave_0 entered promiscuous mode
[  228.294119] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.307910] IPVS: ftp: loaded support on port[0] = 21
[  228.313342] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.343927] device bridge_slave_1 entered promiscuous mode
[  228.417531] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  228.429633] bond0: Enslaving bond_slave_1 as an active interface with an up link
09:26:26 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4cc74502f987c2cec6504df6ead74ed8a60ab563e98b4b2a3d27a7082dbb78abd55fba3da80b856445ab100621d6234555c08dc540473753cd89e9b08e3f5972fe9ca162b123e192e8c89c9dd81c796f27f537cc5a3fb54aff8eaff4f6b59c41705b96a6711d4679079d00"/137], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
lstat(&(0x7f0000000180)='./file0\x00', 0x0)
write$FUSE_ATTR(r2, &(0x7f0000000540)={0x78}, 0x78)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

[  228.509693] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  228.519003] team0: Port device team_slave_0 added
[  228.544597] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  228.551834] team0: Port device team_slave_1 added
[  228.566508] chnl_net:caif_netlink_parms(): no params data found
[  228.586054] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  228.595319] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  228.599386] IPVS: ftp: loaded support on port[0] = 21
[  228.726595] device hsr_slave_0 entered promiscuous mode
09:26:26 executing program 4:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0, 0x0, 0x0, 0x1a6}}], 0x4000000000000f6, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='stat\x00')
preadv(r0, &(0x7f00000017c0), 0x199, 0x0)

[  228.775275] device hsr_slave_1 entered promiscuous mode
[  228.815465] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  228.822748] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  228.853031] IPVS: ftp: loaded support on port[0] = 21
[  228.860587] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.867750] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.881734] device bridge_slave_0 entered promiscuous mode
[  228.891104] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.898097] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.907134] device bridge_slave_1 entered promiscuous mode
[  228.938378] IPVS: ftp: loaded support on port[0] = 21
[  228.978526] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  229.015965] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  229.036630] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.043941] bridge0: port 2(bridge_slave_1) entered forwarding state
[  229.051117] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.057535] bridge0: port 1(bridge_slave_0) entered forwarding state
09:26:26 executing program 5:
socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000000)=0x2)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62160554]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000780)={"54abec7338595f275a2292c45ff078f1cbbf04241d1c3421ec9bf61b2221bc18246e74f0001e36735c2ad340bf94ad2a35cfc5d0953a3b2bfd41e2e051c6765447395415a9b05dffbe957e300168dc46f8377130fd28e50a805a6005ab6167da65430e3fcc214d7893c6d91026b5f5192f346a367dbc8ae5df0fd099b4e7a6dadd7f555b203f504eda86e0e8d8c5f319604db5a686750d03bf3a67210063e9a17ca0a1ccd80a7d57cb034b828b784b14c9e5dd70ca358c6819c3df7f4443dced6d9a56bb54eac6538cc61c5e9ef3bda9feeb62cbe4f0e1d1c7f6cbbcada85dbb247b0551773f0734e6f4733db49c22e497557c2f74bfa0e4af9b6228643f180d9f9e1e2bcdf0c35a5b8c388e728b574a066e190800db7b42573f534b8f60e8f756dc4d8dec7ad58b0474fc002851b265cc72099d43115828ac723e73009150fcf7196b4133e2988d4b0fc459e57293afef8837fa0d5d24b984a95cb4bdc48fc9c6e73ebee6b1a3239b2c0eef7c751ccb9f2dcdc3c69173db48df6b5d6e59e6465283de675a8d053e7f3abf86f43006a5a0c6225a589c12583e767b9d817f17bf690444a18e6f8a35b2cb4b60c191efbb16393560b568ee6c82bed918aa4a34b575ac9966b395aafa7fc3b7f467b484eb7d2617e0a240e8acbc2a7e02b650f7d1be52f462be20faa32dd88eb041e2c46b24ed7ab79c10f05296f5461f4ebda25dd7b9908da4be62b0871b169016fab8aae31c7ba45e5b30b7556a062999f43d2dbb9995d2d5de72ffe885bf6bce45caa470933c0906807da75cd38533d8f16d875452c543b259e78215011d2be638eab023513cfe0693d3107e17cfc87e038fc7d1db232d15307fe1d2a818d0a4bde2c53d221111ffa646514dd1fbd3c011b058f79c6fb0a31857ea309018bf72180a434611195c975cf5e285777231b6f158ecaf212183600379fe9762277c13cb6cde9cc0178b883fd1f210180e599f8eb33d33a9ff0f70db1de485b2f2434f2707bf9a54bb6aff687c515c430d5087f4d53a57adf7c97a06dcc61d7733a93dc505d57d8d5c83bf83e345a979307d708756c3f0f1c53a28883b665fda239019f32fc6f07d700d05023e9ef5b66d4b6be57ffd6fe39703fd4eed61535568f47ee51eff8290618e8387d0ba0d00c5bc4585d2d85688af46bb1da08bf42901634cb10e6b03ee276c16980090b59f3c57b428ae0a7ede758c781e2a5a8585e903adde0a0a281a7779a59067d82985655d9138b75042970e11aee4b95b8bcf232473767cca0139b2c2fb40045c6e031950c314015db2524c3f2fe941f249d158a44aa14774e61b2ee185bdfea8f317e440a39533c6db7ffd3c2b626c1e1e088bcebc59526b016cc6a0e4b766c3f00f619d366e5a4378bc15f805a6fb8c9400"})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  229.116954] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  229.125884] team0: Port device team_slave_0 added
[  229.161078] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  229.172050] team0: Port device team_slave_1 added
[  229.182862] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.191281] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.239025] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  229.246472] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  229.376335] device hsr_slave_0 entered promiscuous mode
[  229.413519] device hsr_slave_1 entered promiscuous mode
[  229.454038] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  229.462713] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  229.472915] chnl_net:caif_netlink_parms(): no params data found
[  229.498089] IPVS: ftp: loaded support on port[0] = 21
[  229.517455] chnl_net:caif_netlink_parms(): no params data found
[  229.576884] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.585470] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.592476] device bridge_slave_0 entered promiscuous mode
[  229.600026] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.606453] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.614456] device bridge_slave_1 entered promiscuous mode
[  229.639986] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  229.664247] chnl_net:caif_netlink_parms(): no params data found
[  229.674222] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  229.688730] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  229.738829] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.760550] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.767556] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.774603] device bridge_slave_0 entered promiscuous mode
[  229.787760] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  229.795533] team0: Port device team_slave_0 added
[  229.811343] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.817841] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.825522] device bridge_slave_1 entered promiscuous mode
[  229.836277] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.842720] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.850525] device bridge_slave_0 entered promiscuous mode
[  229.857776] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.864196] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.872317] device bridge_slave_1 entered promiscuous mode
[  229.879272] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  229.887169] team0: Port device team_slave_1 added
[  229.892498] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  229.906483] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  229.920146] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  229.935637] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  229.948258] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  229.958633] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  229.980283] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  229.988029] team0: Port device team_slave_0 added
[  230.006694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  230.014849] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  230.023985] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.031099] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  230.037837] 8021q: adding VLAN 0 to HW filter on device team0
[  230.046531] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  230.054886] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  230.062128] team0: Port device team_slave_1 added
[  230.070531] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  230.082174] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  230.101176] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  230.109463] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  230.175539] device hsr_slave_0 entered promiscuous mode
[  230.213567] device hsr_slave_1 entered promiscuous mode
[  230.296401] device hsr_slave_0 entered promiscuous mode
[  230.333646] device hsr_slave_1 entered promiscuous mode
[  230.374035] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  230.381973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  230.390231] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  230.397946] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.404322] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.417256] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  230.433585] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  230.443980] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  230.451231] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  230.462200] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  230.470391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  230.478228] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.484637] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.493369] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  230.501336] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  230.511825] chnl_net:caif_netlink_parms(): no params data found
[  230.524399] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  230.531737] team0: Port device team_slave_0 added
[  230.537928] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  230.545490] team0: Port device team_slave_1 added
[  230.552514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  230.586143] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  230.594247] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  230.600542] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  230.612322] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  230.621580] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  230.636396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  230.644436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  230.651289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  230.659211] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  230.667530] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  230.675516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  230.690034] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  230.711029] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.719026] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.726799] device bridge_slave_0 entered promiscuous mode
[  230.735989] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  230.742049] 8021q: adding VLAN 0 to HW filter on device team0
[  230.749563] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  230.795567] device hsr_slave_0 entered promiscuous mode
[  230.834141] device hsr_slave_1 entered promiscuous mode
[  230.883512] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.889883] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.899992] device bridge_slave_1 entered promiscuous mode
[  230.915719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  230.923811] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  230.934238] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  230.945599] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[  230.952551] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  230.960866] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  230.970362] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  230.979615] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  230.986788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  230.996127] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  231.003932] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.010266] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.017682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  231.025295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  231.032928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  231.041853] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  231.052827] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  231.073042] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  231.081809] team0: Port device team_slave_0 added
[  231.094696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  231.102550] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  231.110367] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.116747] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.126013] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[  231.135619] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  231.154283] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  231.161559] team0: Port device team_slave_1 added
[  231.167455] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  231.175001] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  231.190155] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  231.200033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  231.207750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  231.215259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  231.222934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  231.248535] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  231.256898] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  231.262895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  231.270869] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  231.315469] device hsr_slave_0 entered promiscuous mode
[  231.353686] device hsr_slave_1 entered promiscuous mode
[  231.393979] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  231.409884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  231.417783] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  231.425690] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  231.436094] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  231.457409] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.465226] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  231.483045] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.497284] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  231.505555] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  231.512743] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  231.522171] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  231.530524] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  231.540814] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[  231.549052] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  231.558983] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  231.566092] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  231.574025] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  231.581638] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  231.588707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  231.599728] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[  231.609154] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  231.619711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  231.627573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  231.635297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  231.642130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  231.651193] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  231.657529] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  231.669451] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  231.675624] 8021q: adding VLAN 0 to HW filter on device team0
[  231.684840] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  231.690921] 8021q: adding VLAN 0 to HW filter on device team0
[  231.709647] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  231.722070] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.732474] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.741513] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  231.756803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  231.766868] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  231.774825] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.781163] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.789075] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  231.798222] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  231.809210] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  231.823483] audit: type=1400 audit(1569835589.281:38): avc:  denied  { associate } for  pid=7609 comm="syz-executor.1" name="syz1" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[  231.859457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  231.868784] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  231.876806] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.883208] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.890781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  231.899296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  231.907022] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.913404] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.920673] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  231.952443] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  231.974121] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  231.994859] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
09:26:29 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
inotify_init1(0x81400)

[  232.017884] 8021q: adding VLAN 0 to HW filter on device bond0
[  232.044705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  232.061481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  232.087311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  232.095513] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.101868] bridge0: port 2(bridge_slave_1) entered forwarding state
[  232.108981] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  232.124225] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  232.139190] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  232.148686] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  232.159888] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  232.167249] audit: type=1400 audit(1569835589.631:39): avc:  denied  { create } for  pid=7633 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
[  232.192423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  232.192556] hrtimer: interrupt took 33063 ns
[  232.201061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  232.212178] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
09:26:29 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000004900)={0x0, 0x0, &(0x7f00000048c0)={&(0x7f0000004840)={0x68, r1, 0x601, 0x0, 0x0, {{}, 0x0, 0x4108, 0x0, {0x4c, 0x18, {0x0, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0)

[  232.220490] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  232.229241] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  232.242539] 8021q: adding VLAN 0 to HW filter on device bond0
[  232.264433] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  232.280167] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[  232.291888] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  232.302311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  232.306134] audit: type=1400 audit(1569835589.771:40): avc:  denied  { create } for  pid=7641 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  232.313496] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  232.347717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  232.349377] audit: type=1400 audit(1569835589.801:41): avc:  denied  { write } for  pid=7641 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
09:26:29 executing program 1:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000000)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, 0x0)
r1 = add_key(&(0x7f0000002000)='logon\x00', &(0x7f0000001000), &(0x7f0000001000)="1c989cc9f58ec796be4720e6160291a2fb7c6445e84b8e9e349ead029fe38d5810bf992b5d51f406a51cc339021268aed6f767582af42dbc8ea1110e4353fcf30b20f1f27ed3b44bef6444f8ca6a808e34ded636ef55e151c11b4ef7a5384f4a0ceb885759dfeeca5aaa540de461d2130755897533032f5639c4ba79988a49d63084f2cbed0a84e5e733146f15192fdabd0e3a", 0x93, 0xfffffffffffffffc)
keyctl$clear(0x7, r1)
keyctl$instantiate_iov(0x14, r0, &(0x7f0000000100)=[{&(0x7f00000001c0)="415c9084c5c9e9d9a3ada75ac6a75f5cdd3bd9d3bc655ca43ae0c861071dc24844841eee0d31fb343f8818a896b2517f1c92d31bf48022c1179c9b4a704aac5f654e588d00bb16c4c8e0a161f0de708e8ae93d7d9fa17868b1b7960ce6f4243de79982aee76e01db7e3bff971fee3bd76b5547c44885f26bda59ebaf12ef305109466c9b8a2eb696c0b4121577", 0x8d}, {&(0x7f0000000280)="32aeec434fd58786d13dc1b183db6ffa9fe785ab862f580b7802d1c359e7afba6c6debe0a9625b2fd2aaa4062931228afca7912f34125134f2e4e6caaf9c8a08205f55dfef14b12c34a7fb57176b5a5b9666ad39947b998feee0a08b4ca81cc963deec9930a13b14c84a0bf4affbe26ab2ec630d3f473a3a277077cd25", 0x7d}, {&(0x7f0000000300)="10cc60d32d6abdf957cbe47d3d24b63d8745c293848acf1420479410991d289dc4f45aa21cd673b7a55fc56f4014604c6aca3b993a578296b17d74cb77895aadc5a3517da44732ac70cd7f66ade149d5e0eb861e1d5cd8bf978f8d759d241e8fc5d24bc85f0024994d5cf2d7f313de951ad3e0277ea45f77b3c0581309355845cc88d203fb57922dec2a902decfcdbdf8806ce208a1761fe7f8b864bf7bdb33d360fb37abb8f75e44bcf839dc842cf64f6f365", 0xb3}, {&(0x7f00000003c0)="59897c2b1b72b7514e0aaf1a64a08898adc3c2728f427417290a1a89a7b1f3d87305382b111fc2c8c3d5fa80978c9c8637c70d2789a8f94460d749ab44d5c6e15885e346b617b271c3e2c037e457def08783c7288ea4c4444d789c13347990e0ccca9d4eed83df64a1976c42362dfabac6b7f91bf8f7fa996fb59d7aeb09985f97128e2d6baf12393042c34a676cec6b55", 0x91}], 0x4, r1)
keyctl$restrict_keyring(0x1d, r0, 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa0000019078ac141400ac1423bb830300000b009078000000004500000000000000000000007f000001e0000001"], 0x0)
ioctl$TCSETXW(0xffffffffffffffff, 0x5435, &(0x7f00000000c0)={0x5, 0x20, [0x0, 0x2, 0xff, 0x1, 0x6], 0x200})
syz_genetlink_get_family_id$net_dm(&(0x7f0000000040)='NET_DM\x00')

[  232.362598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  232.379381] audit: type=1400 audit(1569835589.801:42): avc:  denied  { read } for  pid=7641 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  232.421862] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  232.438228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  232.448093] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  232.457392] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[  232.467102] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  232.474286] 8021q: adding VLAN 0 to HW filter on device team0
09:26:30 executing program 0:
r0 = socket$inet(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="24000000520007031dfffd946fa2830081200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @sit={{0x8, 0x1, 'sit\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_LINK={0x8, 0x2, r3}]]}}}]}, 0x38}}, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x210, 0x2, 0x0)

[  232.481923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  232.494477] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  232.503622] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  232.514687] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  232.522704] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  232.532440] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  232.549949] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  232.562889] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  232.574052] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
09:26:30 executing program 1:
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00'], 0x1)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
lseek(r1, 0x0, 0x4)

[  232.594480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  232.603758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  232.611783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  232.620951] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  232.629099] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.635513] bridge0: port 1(bridge_slave_0) entered forwarding state
[  232.647525] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  232.654896] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  232.664507] audit: type=1804 audit(1569835590.121:43): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir228967918/syzkaller.2w18Ue/3/bus" dev="sda1" ino=16524 res=1
[  232.694593] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  232.706118] audit: type=1804 audit(1569835590.171:44): pid=7656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir228967918/syzkaller.2w18Ue/3/bus" dev="sda1" ino=16524 res=1
[  232.723250] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
09:26:30 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x17, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000000000000bfa300000000000016030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000402704000001000000b7050000050000006a0a00fe00000000850000003f000000b70000002000000095000000000000009cc6b3fcd62c7d1c6238975d43a4505f80fc889f3c530cf08e467b592f868ee3b0a434df0a0e8c1bf176db2a6b2feb4b6fd3d5707ba3b12cca02a5d0841314dc79ec083f28f9d4e984c46ea7e2b347a36f5662403e1b2be4cc7c2683908a24001a9872971c7c56f0979bd10b97163c1d6d78589cd4fb21a6d06b50e57b6ede4fab0e196bf02f46c7953ab1abda45cbe8f9de9ca3c06c36efe1020ccdee9c8142e91e0cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263f6a728321e927917b9bb64aaf93ffa314d03565334fb0e73f3b05c98f029dc6b0b999b09edd9ed3e3163a19f32b98966154ab3dafb2375ecb33e12b345e77006082eefdd770612cbe81e51af3b23bf5adb018e3f25e5cddd57e27d26e55093057fb6f3999e4f5045a63f4d15536b2b44a2bace496289366badfa859fc558552f4a1104716f080000000c02dd18dfc89dfa36c205e63faa2641bc46103e1b547993d7351c9f837cb94cba89d9b34f684aaa8de14e3029aee5ebbc13e10a29e7c02711e7165a4f6548e8e66cf6bfae4ac0d0387afb3137470e89a84b13d3581026e8743d758ddf291176884d158d63cca177635fe7ea00f80e10481291968323fc9a81e23bf262077921b9a947d04cee5843040c080657ea04dcadcc9402006e9b10982afd41f5a66577ef7ec28f84549619ab75bf6c290e8894e152dd8f22f0f24d17af36024158635d9dbac582daa1adf9cd8032c2a4446268c55cd81e4daf00b24ad589bcd0346e0ce6c3a94e215553d4fb1dfe8b29216c842dd410f3e4f1f316d74033aaa0242e10ab9751d7b1bf3c06759feaefbbbfc788355ca6d60d6f469093d92140fda4b294e5de879d86457c8d04853b843afa3a434771863eb3295594c148d3d3f6273cac491d4aba110700483660ef594ee25fc3f31bc8a40753b791af137d121594836c7508627bdfc056126d499064863aea2d4cf35c7f4e7222d63ad8318459a5b8b0882adbaa46d2f84e64111125992931fb000e2780ab4a099ba67254f7e058231d6e510000000000000000000000000080bf38c44777db6408bb184e5cca9a2a0cd9832ad18370ff7ea19fddea94acc328a09ff756f0066f5f55935b539e712ba914a30d25463e66348497b9a687d9ea1b1b6f20e73810638fa039b334c53e88ffa049fa42588793e0ffe8463d"], &(0x7f0000000340)='GPL\x00'}, 0x48)

[  232.746323] 8021q: adding VLAN 0 to HW filter on device team0
[  232.759180] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  232.770866] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
09:26:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = fcntl$dupfd(r3, 0x0, r3)
bind$bt_rfcomm(r4, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x2}}, 0xa)
syz_kvm_setup_cpu$x86(r4, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xfffffd94)

[  232.790287] audit: type=1400 audit(1569835590.251:45): avc:  denied  { prog_load } for  pid=7659 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[  232.824909] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[  232.833375] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  232.842630] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  232.857875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  232.871563] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  232.872452] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  232.883053] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.900874] bridge0: port 2(bridge_slave_1) entered forwarding state
[  232.914147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  232.922265] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  232.941643] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  232.951396] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  232.961495] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
09:26:30 executing program 1:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$inet(0x2, 0xa, 0x2)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)

[  232.989586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  233.004180] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  233.011757] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.018167] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.028190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  233.040541] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  233.049791] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  233.069449] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  233.082015] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  233.092234] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  233.101801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  233.115194] 8021q: adding VLAN 0 to HW filter on device batadv0
[  233.121929] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET)
[  233.126113] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  233.141745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  233.151573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  233.159763] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  233.168102] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.174508] bridge0: port 2(bridge_slave_1) entered forwarding state
[  233.184603] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  233.203252] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  233.214226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  233.222258] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  233.238370] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  233.251547] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  233.263809] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  233.275408] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[  233.292607] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  233.315828] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  233.329418] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  233.337625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  233.348962] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  233.356919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  233.365094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  233.378180] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  233.391255] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[  233.399637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  233.408440] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  233.418048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  233.426096] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  233.434807] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  233.445102] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  233.453947] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  233.459964] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  233.471888] 8021q: adding VLAN 0 to HW filter on device batadv0
[  233.480549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  233.489454] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  233.499831] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
[  233.512667] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  233.537464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  233.548374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  233.574707] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[  233.591715] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  233.603747] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  233.609895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  233.630107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  233.646992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  233.656409] 8021q: adding VLAN 0 to HW filter on device batadv0
[  233.673979] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
09:26:31 executing program 2:
r0 = gettid()
dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000000c0))
times(0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
request_key(0x0, 0x0, 0x0, 0x0)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, 0x0, 0x0, 0x0, &(0x7f0000001500))
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
keyctl$instantiate_iov(0x14, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x1000000000016)

09:26:31 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0xc)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000fb4000)="1f00000002031900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1)
r1 = socket$netlink(0x10, 0x3, 0xc)
writev(r1, &(0x7f000037d000)=[{&(0x7f0000000040)="1f00000002031900000007000000068100ed853b09000100010100ff3ffe58", 0x1f}], 0x1)
r2 = socket$netlink(0x10, 0x3, 0xc)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000fb4000)="1f00000002031900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1)

[  233.700453] 8021q: adding VLAN 0 to HW filter on device batadv0
[  233.751346] audit: type=1400 audit(1569835591.211:46): avc:  denied  { write } for  pid=7682 comm="syz-executor.0" path="socket:[28561]" dev="sockfs" ino=28561 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
09:26:31 executing program 4:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0x3f551f4)
clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00')
setxattr$security_capability(&(0x7f0000000180)='./file3\x00', 0x0, &(0x7f0000000200)=@v2, 0x14, 0x1)

09:26:31 executing program 1:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0x3f551f4)
clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00')
setxattr$security_capability(&(0x7f0000000180)='./file3\x00', &(0x7f00000001c0)='security.capability\x00', &(0x7f0000000200)=@v2, 0x0, 0x1)

09:26:31 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x9, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000000000000bfa300000000000016030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000402704000001000000b7050000050000006a0a00fe00000000850000003f000000b70000002000000095000000000000009cc6b3fcd62c7d1c6238975d43a4505f80fc889f3c530cf08e467b592f868ee3b0a434df0a0e8c1bf176db2a6b2feb4b6fd3d5707ba3b12cca02a5d0841314dc79ec083f28f9d4e984c46ea7e2b347a36f5662403e1b2be4cc7c2683908a24001a9872971c7c56f0979bd10b97163c1d6d78589cd4fb21a6d06b50e57b6ede4fab0e196bf02f46c7953ab1abda45cbe8f9de9ca3c06c36efe1020ccdee9c8142e91e0cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263f6a728321e927917b9bb64aaf93ffa314d03565334fb0e73f3b05c98f029dc6b0b999b09edd9ed3e3163a19f32b98966154ab3dafb2375ecb33e12b345e77006082eefdd770612cbe81e51af3b23bf5adb018e3f25e5cddd57e27d26e55093057fb6f3999e4f5045a63f4d15536b2b44a2bace496289366badfa859fc558552f4a1104716f080000000c02dd18dfc89dfa36c205e63faa2641bc46103e1b547993d7351c9f837cb94cba89d9b34f684aaa8de14e3029aee5ebbc13e10a29e7c02711e7165a4f6548e8e66cf6bfae4ac0d0387afb3137470e89a84b13d3581026e8743d758ddf291176884d158d63cca177635fe7ea00f80e10481291968323fc9a81e23bf262077921b9a947d04cee5843040c080657ea04dcadcc9402006e9b10982afd41f5a66577ef7ec28f84549619ab75bf6c290e8894e152dd8f22f0f24d17af36024158635d9dbac582daa1adf9cd8032c2a4446268c55cd81e4daf00b24ad589bcd0346e0ce6c3a94e215553d4fb1dfe8b29216c842dd410f3e4f1f316d74033aaa0242e10ab9751d7b1bf3c06759feaefbbbfc788355ca6d60d6f469093d92140fda4b294e5de879d86457c8d04853b843afa3a434771863eb3295594c148d3d3f6273cac491d4aba110700483660ef594ee25fc3f31bc8a40753b791af137d121594836c7508627bdfc056126d499064863aea2d4cf35c7f4e7222d63ad8318459a5b8b0882adbaa46d2f84e64111125992931fb000e2780ab4a099ba67254f7e058231d6e510000000000000000000000000080bf38c44777db6408bb184e5cca9a2a0cd9832ad18370ff7ea19fddea94acc328a09ff756f0066f5f55935b539e712ba914a30d25463e66348497b9a687d9ea1b1b6f20e73810638fa039b334c53e88ffa049fa42588793e0ffe8463d"], &(0x7f0000000340)='GPL\x00'}, 0x48)

09:26:31 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x6, &(0x7f0000000080)=0x8, 0x4)
getsockopt$inet_tcp_int(r0, 0x6, 0x6, 0x0, &(0x7f00000000c0))

09:26:31 executing program 2:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sysfs$2(0x2, 0x0, &(0x7f0000000240)=""/105)

09:26:31 executing program 5:
socket$key(0xf, 0x3, 0x2)
socket$inet(0x2, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
fstat(0xffffffffffffffff, 0x0)
setgid(0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000440)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000180)='./file0//ile0\x00', 0x0)
r0 = socket$inet6(0xa, 0x401000000001, 0x0)
close(r0)
r1 = open(0x0, 0x1141042, 0x0)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
ftruncate(r1, 0x0)
sendfile(r0, r1, 0x0, 0x8000fffffffe)
syz_open_procfs(0x0, 0x0)
rmdir(&(0x7f0000000340)='./file0//ile0\x00')

09:26:31 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = fcntl$dupfd(r5, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r7, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2, 0x0, 0x0, 0xe1)

09:26:31 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x2}}, 0xa)

09:26:31 executing program 3:
r0 = eventfd(0x943)
write$eventfd(r0, &(0x7f0000000380)=0xfffffffffffffffe, 0x8)
read$eventfd(r0, &(0x7f0000000180), 0x8)

09:26:31 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x15, 0x80005, 0x0)
getsockopt(r0, 0x114, 0x2719, &(0x7f0000af0fe7)=""/13, &(0x7f000033bffc)=0x7ffff000)

09:26:31 executing program 2:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000100)={0x19, 0x7, 0x0, {{0xc, 'cgroup.stat\x00'}}}, 0x19)

09:26:31 executing program 5:
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)='\x00', 0x1)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0)
sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37)

09:26:32 executing program 4:
socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil)
shmat(r5, &(0x7f0000000000/0x13000)=nil, 0x4000)
prlimit64(0x0, 0x0, 0x0, &(0x7f0000000040))
shmctl$IPC_SET(0x0, 0x1, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62160554]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

09:26:32 executing program 0:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
dup2(r0, r0)
r1 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad", 0x44}, {0x0}, {&(0x7f0000000040)}, {0x0}], 0x4, 0x2)

09:26:32 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x15, 0x80005, 0x0)
getsockopt(r0, 0x114, 0x2719, &(0x7f0000af0fe7)=""/13, &(0x7f000033bffc)=0x7ffff000)

09:26:32 executing program 2:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00')
fchmod(r0, 0x0)

09:26:32 executing program 5:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x2}}, 0xa)

09:26:32 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire], 0x0, 0x0, 0x0})

09:26:32 executing program 2:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x0, 0x0)
close(r0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f00000015c0)='/dev/cachefiles\x00', 0x0, 0x0)
close(r0)

[  235.109435] audit: type=1400 audit(1569835592.571:47): avc:  denied  { setattr } for  pid=7769 comm="syz-executor.2" name="stat" dev="proc" ino=29076 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=file permissive=1
09:26:32 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TIOCGWINSZ(r0, 0x5413, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070")
syz_emit_ethernet(0xffb6, &(0x7f000000a000)={@broadcast=[0xff, 0xe0], @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x3, 0x0, 0xfec3, 0x0, 0x0, 0x0, 0x29, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @udp={0x0, 0x0, 0xffffca88}}}}}, 0x0)

09:26:32 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)='\x00', 0x1)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0)
sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37)

09:26:32 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x200408d4, &(0x7f000072e000)={0xa, 0x0, 0x0, @empty}, 0x1c)

09:26:32 executing program 2:

[  235.360119] sit: non-ECT from 172.20.255.187 with TOS=0x3
09:26:32 executing program 3:

09:26:32 executing program 2:

09:26:33 executing program 0:

[  235.507604] sit: non-ECT from 172.20.255.187 with TOS=0x3
09:26:33 executing program 4:

09:26:33 executing program 2:

09:26:33 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)='\x00', 0x1)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0)
sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37)

09:26:33 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)='\x00', 0x1)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0)
sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37)

09:26:33 executing program 1:

09:26:33 executing program 4:

09:26:33 executing program 0:

09:26:33 executing program 2:

09:26:33 executing program 1:

09:26:33 executing program 4:

09:26:33 executing program 0:

09:26:33 executing program 2:

09:26:33 executing program 1:

09:26:33 executing program 0:

09:26:33 executing program 5:

09:26:33 executing program 4:

09:26:33 executing program 2:

09:26:33 executing program 3:

09:26:33 executing program 1:

09:26:33 executing program 0:

09:26:33 executing program 3:

09:26:33 executing program 2:

09:26:33 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000000340)='/dev/binder#\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000004c0)={0x4c, 0x0, &(0x7f00000005c0)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

09:26:33 executing program 5:

09:26:33 executing program 3:

09:26:33 executing program 4:

09:26:33 executing program 0:

09:26:33 executing program 1:

09:26:33 executing program 2:

09:26:34 executing program 5:

09:26:34 executing program 3:

09:26:34 executing program 1:

09:26:34 executing program 0:

09:26:34 executing program 2:

09:26:34 executing program 4:

09:26:34 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x6, &(0x7f0000000080)=0x8, 0x4)
getsockopt$inet_tcp_int(r0, 0x6, 0x6, 0x0, &(0x7f0000000000)=0x2b0)

09:26:34 executing program 0:
clone(0x808100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, <r1=>0x0})
ptrace$setopts(0x4206, r1, 0x0, 0x0)

09:26:34 executing program 4:
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r3, &(0x7f0000000040), 0xe)
listen(r3, 0x0)

09:26:34 executing program 2:
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x0, 0x0)
ioctl$VFIO_CHECK_EXTENSION(r0, 0x3b65, 0x3)

[  236.838040] ptrace attach of "/root/syz-executor.0"[7606] was attempted by "/root/syz-executor.0"[7888]
09:26:34 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180)='/dev/net/tun\x00', 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_open_dev$loop(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
ioctl$BLKPG(r2, 0x1269, 0x0)
ioctl$KIOCSOUND(r1, 0x4b2f, 0x0)
getgid()
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'b\x14\x90\x10_slA\x97\xdc\x8f\x00\x00\x00\x00 ', 0x43732e5398416f1a})
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0)

09:26:34 executing program 3:
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="b40800002c000107f1ff58980000000000000000", @ANYRES32, @ANYBLOB="000005000000000006000000080001007533320088080200240105000cff080000058000a30ee30000000000000000010000003f0800000006000000ffffffff0000000308000000020000000000000200000004ff0700001f00000000000400000000018b0700008800000000000001000000020100000005000000000000020000080006000000ea000000000000600000000000020000000000000000000400000003000100000001000000000006000000060900000003000000000000f30000000509000000ffff00000000000700000001010000000700000026d9c9ac0000000208000000aaed000000000003fffffffd05000000010000000000000000000000dc000000000001000000ffff000000012a6a000001000000000000090000000140000000080000000000076600000005fcffffffe203000004040500028b070066520100050001000000000300000003000000040200000006000000fffffff7ffffffc0040000000300000000000020000001ffa80c000000000000000000020000000508000000d3000000000005f90000007f7d574e6d0700000000000009339e00007104000001f8ffff0000003f0000000000100000000000000000000000006b806200000014000000000046d9fffffff901040000070000000000000700000000ad000000010000000000000900000006000000004020000000000ea100006d430700000009000000000001870000003f070000000500000000000006ffff0000090000007f0000000000002000000001000000000600000000000400000000070000000050000000000000c600000007ffffffff030000000000000200000009faffffff0008000000000efc00000000010000000000010000000080000000066e00000004000000000000020000002200000000800000000000010000000006ff7f00000900000000000001fffffffd01000000030000000000003f0000000008000000150f0000000000be000006c7010400000100010000000003ffffffff0800000009000000000000600000000605000000080000000000000300000006010100000400000000008001000001010000000004000000ffff000000000003030000002e000000000007ff00000007ff0f0000ca00000000008001ffffffff0400000000000000000000010000c384050000006800000000000fff0000007f07000000030000000000000200000000010100000800000000000005000000030000000009000000ffffffff000007ff02000000010001000000f19000000065080000000300000000000000000002440400000000100000000005d10000000601010000050000000000008100007fff000200000800000000000000000000071901000028b100000000003f000002d200000000030000000000008000000004740c000001040000000000060000072103000000080000000000000700000008000200000800000000000065000000bf0500000022000000fffffffd000000037f0000000200000000000008000000090104000001000000000000000000000401000000080000000000000000000001070000000600000000000005000000070100000002100000000000070001000104000000b9000000000000040000000603000000030000000000000700000002030000007f0e000000000005000000090600000000000000ffffffff000000d1690000004d5700000000000800000001ffffffff0900000000000000000000a17f000000080000005485bb1a0000000581ffffff490700002800000000000008f7090000ffff000000000e910000003004000000e0ffffff00000001fffff0007f00000001000100a4010500100103000007030004005ec900000008000000070000000700000000e3a60000000000000000002004000000fffffffffffffff7000000200900000000000000000000010000000307000000380400000000000300000001070000000000000000000003000000070900000000000000000000ff0000010001000100070000000000000300000008dc320000030000008000000100001f1a060000000100008000000003ffffffff07000000ffffffff0000000100000005030000000800000000000000000000030100000000000000000000010000ffff000100000700000000000bb200000008070000000180000000000800000100010000000092000000000000da0000443307000000280d00000000000100000020020000000700000000008000000063e93b00000003000000000000040000077e0500000004000000fffffffd000080000101000000000100000080017fffffff1f000000010400000000000400000008fffbffff0008000000007750000000ff670000000200000000000008fffffffe0300000005000000000000cc0000007f0800000000000000140008006e6c6d6f6e3000000000000000000000a40105000d07010001ff06000000ad1b000003ff80000001000002000200000001fcffff000032e50000010000000000020000000000001d00010000020000007f000000ffffe728000009c3080000009ae7ffff000000040000000400000100ffff00000000095900000001080000003b000000000000ff00000009ffffff7f0100000000000200000000000700000003000000800000008000000003000000b42200000000000500007fff0800000005000000000000ff000000000001000006000000000000040000000701000000ff0f0000ffffffff00000004ff000000ff7f000080000000000000061a000000010100000000b53600000001e4000000030000000000ff270000001f200000003f000000fffffff90000000501000000000001000000000200000006fffeffff0100000000000003000000020300000003000000000000010000000201000100050000000000000500000006070000000002000000000004000000a0030000008e0d00000000000600000006010100007f00000000000005000007ff050000000700000000000401000000050100000004000000"], 0x8b4}}, 0x0)

[  236.894920] ptrace attach of "/root/syz-executor.0"[7606] was attempted by "/root/syz-executor.0"[7898]
09:26:34 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
close(r0)
close(0xffffffffffffffff)
close(0xffffffffffffffff)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000), &(0x7f00000000c0)=0x8)

09:26:34 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180)='/dev/net/tun\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
openat$selinux_status(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup(r2, 0x0, 0x200002, 0x0)
read$eventfd(0xffffffffffffffff, 0x0, 0x0)
r3 = getgid()
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETGROUP(r1, 0x400454ce, r3)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'b\x14\x90\x10_slA\x97\xdc\x8f\x00\x00\x00\x00 ', 0x43732e5398416f1a})
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0)

09:26:34 executing program 0:
r0 = gettid()
r1 = creat(&(0x7f0000000100)='./file0\x00', 0x10003)
write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="01e23ddf45f1f8fddf8ee3440fa2d936fa4e0f9fdbe572c3c922835d2b5fe1620c22b487813885e8f996b20dfeb2af0000000000000000000000000000bf5777b965ce27d15a5383acc22cb4b188295fdc24f46da95f8c65"], 0x58)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x4008001, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getresuid(&(0x7f00000002c0), &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000340))
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000140)='security.capability\x00', &(0x7f0000000440)=@v3={0x3000000, [{0xfffffbff, 0x7ff}, {0x1, 0x100}], r2}, 0x18, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000001c0)={{0xffffffffffffffff, 0x2, 0xacc, 0x0, 0x81}})
prctl$PR_SET_PTRACER(0x59616d61, r0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x200000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_IRQ_BUSID(r4, 0xc0106403, 0x0)
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, 0x0)
close(r1)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r5 = creat(&(0x7f0000139000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1)
r6 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
fchdir(r6)
openat$cgroup_procs(r6, &(0x7f0000000480)='tasks\x00', 0x2, 0x0)
write$P9_RCREATE(r5, &(0x7f0000000000)={0x18}, 0xfdef)
ioctl$UI_DEV_DESTROY(r5, 0x5502)
ptrace$setopts(0x4206, r0, 0x0, 0x0)

09:26:34 executing program 4:
r0 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0)
stat(0x0, 0x0)
getegid()
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x0, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000ec0))
msgctl$IPC_SET(0x0, 0x1, 0x0)
getgroups(0x1, &(0x7f0000000140)=[0x0])
mq_open(&(0x7f0000001380)='eth0\x00', 0x0, 0x0, 0x0)
msgget$private(0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@mcast2, @in6=@initdev}}, {{@in6=@empty}, 0x0, @in6=@local}}, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000440)={@loopback}, &(0x7f0000000480)=0x14)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000005c80)={@remote, @broadcast}, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
getpeername$packet(0xffffffffffffffff, 0x0, &(0x7f00000074c0))
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x7)
socket(0x0, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x803, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000009200)={0x0, 0x0, 0x0}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000780))
socket(0x0, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000009200)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x0, 0x803, 0x0)
getsockname$packet(r2, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000b40))
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000480)={0x0, 0x0, 0xc0, 0x0, [], [{}, {0xffffffff}], [[], [], [], [], []]})

09:26:34 executing program 3:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f00000000c0)={'irlan0\x00', {0x2, 0x4e24, @broadcast}})
openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0}}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_PPC_GET_SMMU_INFO(0xffffffffffffffff, 0x8250aea6, &(0x7f0000000140)=""/7)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0xb2)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
r2 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write(r2, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r2, r3, 0x0, 0x7ffeffff)
sendfile(0xffffffffffffffff, r2, 0x0, 0xffffffff)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000280)=0x3, 0x4)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x2000)
fsetxattr(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="623472bd9466732e6d61707300"], &(0x7f0000000240)='cpuset(selfwlan0-!nodev-!\x00', 0x1a, 0x2)
preadv(r1, &(0x7f00000017c0), 0x199, 0x0)

09:26:34 executing program 5:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = fcntl$dupfd(r4, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
ppoll(&(0x7f0000000340)=[{r2}, {r1}, {r0}, {r6, 0x602}], 0x4, 0x0, 0x0, 0x0)

09:26:34 executing program 0:
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
close(r0)
close(0xffffffffffffffff)
close(0xffffffffffffffff)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="88f62898", @ANYRES32=<r2=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={r2, 0xc87a}, &(0x7f00000000c0)=0x8)

09:26:34 executing program 2:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x1b, 0x0, 0x0, 0x0, 0x1a6}}], 0x4000000000000f6, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='stat\x00')
preadv(r0, &(0x7f00000017c0), 0x199, 0x0)

09:26:34 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x50, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'netdevsim0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x5, @mcast2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8}]}]}, 0x50}}, 0x0)

[  237.363556] audit: type=1804 audit(1569835594.801:48): pid=7923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir098302641/syzkaller.7AXp1Z/15/file0" dev="sda1" ino=16567 res=1
09:26:34 executing program 3:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x200000000d8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00\x00\x00\x00\x00\x00)\x00', @ifru_flags})

09:26:34 executing program 1:
io_setup(0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$EVIOCGPHYS(0xffffffffffffffff, 0x80404507, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
write$P9_RWRITE(r0, &(0x7f00000000c0)={0xfffffffffffffe37}, 0xb)
ioctl$BLKBSZSET(r0, 0x40081271, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300))
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)

[  237.510961] netlink: 'syz-executor.5': attribute type 5 has an invalid length.
09:26:35 executing program 2:
accept$unix(0xffffffffffffffff, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
getsockname$unix(0xffffffffffffffff, 0x0, 0x0)
bind$unix(r0, &(0x7f00000011c0)=@abs={0x3}, 0x6e)

09:26:35 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10)
r1 = open(0x0, 0x0, 0x0)
ftruncate(r1, 0x0)
sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={0x0}}, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="0000000062b8dd1766aff07a00", 0xd)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0)
sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37)

[  237.588645] netlink: 'syz-executor.5': attribute type 5 has an invalid length.
[  237.616011] audit: type=1400 audit(1569835595.081:49): avc:  denied  { map } for  pid=7965 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
09:26:35 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc))
syz_open_pts(r0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000300)='/dev/uinput\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x18)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, &(0x7f0000000340), 0x41395527)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b4}, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  237.710948] audit: type=1400 audit(1569835595.131:50): avc:  denied  { map } for  pid=7970 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
09:26:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x156)
write(r1, &(0x7f0000000100)="1c0000005e001f0214584707f9f4ffffff000000000000001f000000", 0x1c)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
flistxattr(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)

09:26:35 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
fcntl$getownex(r0, 0x10, &(0x7f0000000a80))
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0xc0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=0x3bb674ee, 0x0, <r2=>0x0, 0x0, &(0x7f0000000100)={0x4, 0x4}, 0x0, 0x0, &(0x7f0000000140)={0x3, 0x1, 0xffffffff, 0x5}, &(0x7f0000000200)=0x362, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=0x7fffffff}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0)=r2, 0x4)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xf)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280))

09:26:35 executing program 2:
clone(0x7fd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)

09:26:35 executing program 1:

09:26:35 executing program 1:

[  238.012076] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  238.021826] audit: type=1400 audit(1569835595.471:51): avc:  denied  { set_context_mgr } for  pid=7994 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1
[  238.085532] binder: BINDER_SET_CONTEXT_MGR already set
[  238.140988] binder: 7994:7996 ioctl 40046207 0 returned -16
09:26:35 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10)
r1 = open(0x0, 0x0, 0x0)
ftruncate(r1, 0x0)
sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={0x0}}, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="0000000062b8dd1766aff07a00", 0xd)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0)
sendto$inet(r0, &(0x7f0000000000), 0x3736dcd18eab2916, 0x240, 0x0, 0xffffffffffffff37)

[  238.233810] binder: BINDER_SET_CONTEXT_MGR already set
09:26:35 executing program 1:

[  238.304204] binder: 7994:8009 ioctl 40046207 0 returned -16
09:26:35 executing program 1:

09:26:36 executing program 2:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xffffffffffffff41}}, 0x0)
r0 = socket$inet6(0xa, 0x8000008000080003, 0x5)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x4000, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c00000011003586000000030000000007000000", @ANYRES32=r1, @ANYBLOB="00000005000000000c001a00080002000300000082ca885ad49dcd5e"], 0x2c}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000140), 0x332, 0x0)

09:26:36 executing program 5:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000640)={'syz1\x00'}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
dup2(0xffffffffffffffff, 0xffffffffffffffff)

09:26:36 executing program 0:

09:26:36 executing program 1:

[  239.092682] input: syz1 as /devices/virtual/input/input5
09:26:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x156)
write(r1, &(0x7f0000000100)="1c0000005e001f0214584707f9f4ffffff000000000000001f000000", 0x1c)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
flistxattr(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)

09:26:37 executing program 4:

09:26:37 executing program 2:

09:26:37 executing program 1:

09:26:37 executing program 0:

09:26:37 executing program 5:

09:26:37 executing program 3:

09:26:37 executing program 3:

09:26:37 executing program 4:

09:26:37 executing program 5:

09:26:37 executing program 2:

09:26:37 executing program 1:

09:26:37 executing program 0:

09:26:37 executing program 5:

09:26:37 executing program 3:

09:26:37 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="0207000902000000e0e9000000ffff00"], 0x10}}, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@local, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in6, 0x0, 0x0, 0x0, 0x5}}, 0xe8)
connect$inet6(r3, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c)

09:26:37 executing program 2:
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendmsg$sock(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)

09:26:37 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
sendmsg$inet(r0, 0x0, 0x0)

09:26:37 executing program 5:
perf_event_open(&(0x7f0000000380)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/fscreate\x00')
pwritev(r0, &(0x7f0000001680)=[{&(0x7f00000001c0)="ba", 0x1}], 0x1, 0x0)

09:26:37 executing program 3:
open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r0 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x10000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x10000)

09:26:37 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:37 executing program 2:
syz_open_procfs(0x0, 0x0)
r0 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x10000)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x10000)

[  240.292572] audit: type=1400 audit(1569835597.751:52): avc:  denied  { mac_admin } for  pid=8086 comm="syz-executor.5" capability=33  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1
09:26:37 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  240.342643] SELinux:  Context � is not valid (left unmapped).
[  240.426000] audit: type=1800 audit(1569835597.761:53): pid=8092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16589 res=0
[  240.470545] audit: type=1800 audit(1569835597.771:54): pid=8092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=16589 res=0
[  240.512603] audit: type=1804 audit(1569835597.771:55): pid=8092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir019763076/syzkaller.qGkwZD/20/file0" dev="sda1" ino=16589 res=1
09:26:38 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  240.553557] audit: type=1804 audit(1569835597.831:56): pid=8096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir019763076/syzkaller.qGkwZD/20/file0" dev="sda1" ino=16589 res=1
09:26:38 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.stat\x00', 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f0000000200)={{0x9, 0x9}, {0x2, 0x100}, 0x7fff, 0x3})
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r3 = accept(r1, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f00000005c0)=""/77)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x8000000000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x7e, 0x1, 0x3}, 0x2c)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0x234, 0x0, r4, 0x0, [0x305f, 0xa, 0x300, 0x1800, 0x6000000]}, 0x2c)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
r6 = syz_open_dev$sndseq(&(0x7f00000002c0)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r6, 0xc0a85320, &(0x7f0000000080)={{0x80}, 'port1\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r6, 0x40505330, &(0x7f0000000140)={{}, {0x20000000000080}, 0x0, 0x3, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001300)={<r7=>0xffffffffffffffff})
fcntl$getownex(r7, 0x10, &(0x7f00000012c0)={0x0, <r8=>0x0})
getresuid(&(0x7f0000000140), &(0x7f00000001c0)=<r9=>0x0, &(0x7f0000001240))
r10 = getgid()
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={r8, r9, r10}, 0xc)
getuid()
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001300)={<r11=>0xffffffffffffffff})
fcntl$getownex(r11, 0x10, &(0x7f00000012c0)={0x0, <r12=>0x0})
getresuid(&(0x7f0000000140), &(0x7f00000001c0)=<r13=>0x0, &(0x7f0000001240))
r14 = getgid()
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={r12, r13, r14}, 0xc)
fstat(r2, &(0x7f0000000300))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001300)={<r15=>0xffffffffffffffff})
fcntl$getownex(r15, 0x10, &(0x7f00000012c0)={0x0, <r16=>0x0})
getresuid(&(0x7f0000000140), &(0x7f00000001c0)=<r17=>0x0, &(0x7f0000001240))
r18 = getgid()
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={r16, r17, r18}, 0xc)
getresuid(&(0x7f0000000140), &(0x7f00000001c0)=<r19=>0x0, &(0x7f0000001240))
r20 = getgid()
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={0x0, r19, r20}, 0xc)
getgid()
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001300)={<r21=>0xffffffffffffffff})
fcntl$getownex(r21, 0x10, &(0x7f00000012c0))
getresuid(&(0x7f0000000140), &(0x7f00000001c0), &(0x7f0000001240))
getgid()
getresuid(&(0x7f0000000140), &(0x7f00000001c0), &(0x7f0000001240))
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280), 0xc)

09:26:38 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000240)=0x7)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6(0xa, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61d7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r2, 0x0, 0x0)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000008000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000009000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68)
socket$inet(0x2, 0x80001, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90)
r3 = inotify_init1(0x0)
fcntl$setown(r3, 0x8, 0xffffffffffffffff)
fcntl$getownex(r3, 0x10, &(0x7f0000000100)={0x0, <r4=>0x0})
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
process_vm_readv(r4, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0)

[  240.632266] audit: type=1804 audit(1569835597.841:57): pid=8096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir019763076/syzkaller.qGkwZD/20/file0" dev="sda1" ino=16589 res=1
09:26:38 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000100)={'ipvs\x00'}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x20600)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f0000000000))
geteuid()
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x7, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, &(0x7f0000000080))
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_opts(r3, 0x0, 0x7, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3d, 0x0, 0x0)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$FUSE_OPEN(r4, &(0x7f00000001c0)={0x20, 0x0, 0x2, {0x0, 0x4}}, 0x20)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = fcntl$dupfd(r6, 0x0, r6)
bind$bt_rfcomm(r7, 0x0, 0x0)
connect$bt_sco(r7, &(0x7f0000000200)={0x1f, {0x1f, 0xf9, 0x0, 0x1f, 0x1, 0x5}}, 0x8)
r8 = fcntl$dupfd(r5, 0x0, r5)
bind$bt_rfcomm(r8, 0x0, 0x0)
ioctl$UI_SET_SNDBIT(r8, 0x4004556a, 0x2)
add_key$keyring(&(0x7f0000000040)='k\xa5\x16%\xcaNg\x00', 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000000c0))
syz_genetlink_get_family_id$SEG6(&(0x7f0000000240)='SEG6\x00')
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000140)=0x628)

[  240.772252] audit: type=1800 audit(1569835597.861:58): pid=8100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16566 res=0
[  240.822398] ptrace attach of "/root/syz-executor.5"[7619] was attempted by " ��      ��              0       p       �       ��              ��      �       ��                 ����                                                                                                                                                                                                                                                                                                                                                                                                                      �                                                               \x07                                                                       \x0a N#              ���                                                                                                                                                                                                                                 @      =              
[  240.824195] ptrace attach of "/root/syz-executor.5"[7619] was attempted by " ��      ��              0       p       �       ��              ��      �       ��                 ����                                                                                                                                                                                                                                                                                                                                                                                                                      �                                                               \x07                                                                       \x0a N#              ���                                                                                                                                                                                                                                 @      =              
[  241.050037] audit: type=1804 audit(1569835597.871:59): pid=8100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/25/file0" dev="sda1" ino=16566 res=1
09:26:38 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0)
poll(&(0x7f00000001c0)=[{r2}], 0x2000000000000035, 0x0)

09:26:38 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f00000002c0)="b959080000b868cd678dba000000000f300f01b00000000048b80c000000000000000f23d80f21f835800000a00f23f866440f3881bf10f64b3966b8c3008ee8b9800000c00f3235000400000f30c443895de000480fc7284a0fc72ca9c74424009d000000c7442402cd000000ff2c24", 0x70}], 0x1, 0x8, &(0x7f0000000080)=[@cstype0], 0x1)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

09:26:38 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  241.219075] audit: type=1804 audit(1569835597.921:60): pid=8105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/25/file0" dev="sda1" ino=16566 res=1
[  241.245961] protocol 88fb is buggy, dev hsr_slave_0
[  241.246037] protocol 88fb is buggy, dev hsr_slave_1
09:26:38 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:38 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0xc, 0x2, [@IFLA_BR_MCAST_QUERY_USE_IFADDR={0x8}]}}}]}, 0x3c}}, 0x0)

09:26:38 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000240)=0x7)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6(0xa, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61d7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r2, 0x0, 0x0)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000008000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000009000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68)
socket$inet(0x2, 0x80001, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90)
r3 = inotify_init1(0x0)
fcntl$setown(r3, 0x8, 0xffffffffffffffff)
fcntl$getownex(r3, 0x10, &(0x7f0000000100)={0x0, <r4=>0x0})
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
process_vm_readv(r4, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0)

09:26:38 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  241.343244] audit: type=1804 audit(1569835597.921:61): pid=8105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/25/file0" dev="sda1" ino=16566 res=1
09:26:38 executing program 2:
fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='trusted.overlay.origin\x00')
syz_open_procfs(0x0, &(0x7f00000004c0)='\x00\xaeC\xae\xc4\x05\xa9\xbd~\xfb\x96\xf7,k\x1a+@\xe54\x01\x01\x01\x00w\xa7\x04~\\\xd4Y\x04\xaf^\xc6\xf2\x98\"\xa0\xa1\x04\xaf\x81\x00ov<ie\xf3x\xfe[\x90\xe0\xaft\xaf\xc6\x06\x13\x1c(\x052\x9c\x15G\xf9@i\xd9\xb2\x96ef\x98XL\xe5\xb0\xc6\xac\xcb\x19\xf2\xba25v\xb2-\xc7g\tM\x04_R\x93\x1be\x8f\xacGxWc\xee[\xc0\xe6\xdc\xcc\x8dT[\x85\xb4\xa4@\t\xb3\x1f\b\x9c\xf9\x8d\x9d\x92YJ$\x89\xaa\xcfQ[\xe3\"\xf3\xd1\xd8\xbe\x9c#Hpc\xdc@7N\xf4\xee\xfdQ\x1b\xd5\x15\xda\xa4\xfcJ\x7fKC\xa1[\xe4\xc8f|\xe9\xef|\x1b\xf0d\xf0\x89\x1aM\x8b\xc3I&)\xc1\x8a\xc6\x11\x84&3\x02\x88g\xb7\xe3[E\x90\x95=\x8e7\x90\xa8,\x16~\x9c\xa1m\xf4F\xfb\x05\x82\x05\'1Q\xe5s\x8f\x13\xfe\xd3Zw\xf4e\xb9*\xcdgBY\xac\x83\xf8\xf9\xf0\xcc\"\xb4\xf4\xa7\'\x98\x1fg@\xbe|\xa72\xbf\vb\xc8y\x9b{\xfc?\x87\x9e\x16\'\'\xbe\xe6B\x9c\x01k\xe1\xa8\\\n\xcd.\xc14O\n\xbb\x14,\xc5\xa1\x1e\x9a\x03jUr\xca\xdb')
r0 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)
sendfile(r0, r1, 0x0, 0x10000)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
r5 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x10000)

09:26:38 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:38 executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:38 executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  241.589430] netlink: 'syz-executor.3': attribute type 24 has an invalid length.
[  241.735525] ptrace attach of "/root/syz-executor.5"[7619] was attempted by " ��      ��              0       p       �       ��              ��      �       ��                 ����                                                                                                                                                                                                                                                                                                                                                                                                                      �                                                               \x07                                                                       \x0a N#              ���                                                                                                                                                                                                                                 @      =              
09:26:39 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
recvmmsg(r0, &(0x7f0000003fc0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000340)=@ax25={{0x3, @null}, [@remote, @bcast, @remote, @rose, @rose, @netrom, @netrom]}, 0x80, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000640)=""/15, 0xf}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x4, 0x44000102, 0x0)

09:26:39 executing program 3:

09:26:39 executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:39 executing program 4:

09:26:39 executing program 2:
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071")
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newtfilter={0x40, 0x2c, 0x701, 0x0, 0x0, {0x0, r3, {}, {}, {0x1}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0x14, 0x2, [@TCA_BPF_FLAGS={0x8}, @TCA_BPF_FD={0x8}]}}]}, 0x40}}, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140), 0x332, 0x0)

09:26:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100))
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000440)=0x19)
dup3(r1, r0, 0x0)

09:26:39 executing program 3:
perf_event_open(&(0x7f0000000380)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/fscreate\x00')
pwritev(r0, &(0x7f0000001680)=[{&(0x7f00000001c0)="ba", 0x1}], 0x1, 0x0)

09:26:39 executing program 4:

09:26:39 executing program 0:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  242.126255] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
09:26:39 executing program 5:

09:26:39 executing program 1:

09:26:39 executing program 2:

09:26:39 executing program 4:

09:26:39 executing program 5:

09:26:39 executing program 3:

09:26:39 executing program 0:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:39 executing program 4:

09:26:39 executing program 2:

09:26:39 executing program 1:

09:26:39 executing program 5:

09:26:39 executing program 3:

09:26:39 executing program 0:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:39 executing program 4:
syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff577, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r1, 0x4)

09:26:40 executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x22, 0x7}}, &(0x7f0000014ff5)='syzka\x00\x00\x00\x05\x00\xf3', 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x0, 0x44, 0x0, &(0x7f0000000200)="e460cdfbef24080000000a9386dd6a000000000733eb3014cd3ec8a755c1e1380081ffad000000e8d5000000010000001400000500242f09880bd320d98a61a90021c9bf", 0x0, 0x401}, 0x28)

09:26:40 executing program 3:

09:26:40 executing program 5:

09:26:40 executing program 1:

09:26:40 executing program 5:

09:26:40 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:40 executing program 3:
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x12)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = syz_open_procfs(0x0, &(0x7f0000000600)='\x00\x00\x00\x00\x00\xe8\xee\xc9\x96\xc2;\xaf\t5,\xffx\xf0\xde\xc4\xa8M*\xe4;~y\xb6&\xa5\xaa\xcec\x1e\x8a;\xea;P\xb5w_6\f\xe5\xcc`\xa0\xce\xf0+\x19v\xb9I\xdf\xfe\x13\xd9\x1a\xd6;+\x16\x05\x1aul>\x82@\x0f\xdf\xcd\x99\x9a\x13\xe2[F\xf08\xa6D\x97\xb5\x1f\xf3\xe9\xd5\xbf\x13k\xbc)\xa1nbx\x9c\x02\xa6p?\x12\x89\nAr\xe9Q\xb0\x80Q\x8e\xf2\xf0yX\x9b\x96\xa4\x8b\x01f\xe0\x04\xbd\x93K!\xa0D-\xfc\x12\x02\xe2\xb5WQ\xb4\xb1\xf2\x16)\xc8\b\xc2\x99\x9a\xd9\xa6p\xedK\xb5\x8b\xe8\xbf\xa0\xa1\x13\xd78Mt$\x06\xb6c\xd0Y\x05\xd1l\x98|\xff\xb5\v\x93<s\x18\xb7\xbc\xc3\xc5o\xd7\x0fu4(c\xa4\xd6u\xe8/\xaaO\xa4\xff\xea\xb1\x96\xdbIW\x9c\xcc\x00#\x00\x00\x00\x00\x00\x00\x00\x00\x00')
r1 = openat$cgroup_ro(r0, &(0x7f00000004c0)='mem\x00aS.cur\x89\xc9J\x01\xe3\x00\x00\x00\x00\x00U\xe9{\x04\xa75\r\xa9\r\x99\xe8[{\xbd\\X}\xee\xc2\x99\xebv\x10PCN?\xa6\xde\xefko\x93\xbf\xc27\xbc\xee\xbe\xfd\xec\xf7\xab\xf2\xf5\xec@\x11\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\xcc\x88|\x86j\xdd3\xada\xe7\x01\xe1?m\x83S,\xccoQc\vG\x1d\xea\x9f\x1c!\xf6\x17\xb4b\x9c\x8f}\xcc~\x878\x1e\xe3\xfdq%\\\x1d_\x1b6\xadcPZw\xd4w\x99*aG\x1b\x14\xda\xed1\xed41\x06\x8c\a\xe3\xf3\xa3\n\xc3\xd5\xbb\xa9]{\xfa-\xba\x11\xdbNH\x99\xed\x1c\xe9\xcc\x1b\x1b&x;\xc4W\xe1\x11\xe3\xd0\x05W\xfb\x95f\xaaC\x96\xbe\'\xe6\xce\x1d\xf4\xa3|\x14\xa7NE\xb8\xc9\xeeD\xfb\x00\x00\x00\x00\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
preadv(r1, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/81, 0x20000111}], 0x1, 0x2000107c)

09:26:40 executing program 4:
kexec_load(0x0, 0x1, &(0x7f00000005c0)=[{0x0, 0x0, 0x99893000, 0x3e0000}], 0x0)

09:26:40 executing program 1:
unshare(0x14010000)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000300)="2745ed2de9a0d58de71f5f6fe4034b405fd8aa5219b7fd9268c479cbf5203ce785183ce2c6c4273b3b8865d6d1ed8912d28f9b57396464f14657625266b701da8a6914fdb8d0039d5969ae9b84674504fdfdf7c72aceb3b7c4971579dbd0a641261228d0e0f92f0517232c", 0x6b, 0x0, &(0x7f0000000380)=@pppoe={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'ipddp0\x00'}}, 0x80)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000180)="290000002000190f00003fffffffda060200000000e85500dd0000040d000600ea1102000005000000", 0x29}], 0x1)
prctl$PR_GET_SECCOMP(0x15)
rename(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./file0\x00')
rmdir(&(0x7f0000000080)='./file0\x00')

09:26:40 executing program 2:
r0 = syz_open_dev$swradio(&(0x7f0000000100)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0xf0f044})

09:26:40 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:40 executing program 5:
clone(0x3103101ff7, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00008f1000/0x1000)=nil, 0x1000)
openat(0xffffffffffffffff, 0x0, 0x2a8401, 0xd2)

[  242.892101] netlink: 'syz-executor.1': attribute type 6 has an invalid length.
09:26:40 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x14c}, 0x137)
r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2)
r2 = memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x15<g8\xddGdF(\xeaN\xbcSoz\xe5.c\xdf\x8b\xd2m}\xc7D\x98\xd4p.e\x050,c9:\x95z\xe2\xa9\xcf\xd2\x90*\xaa\xc0W.\xcb|.F_\xf8(\xa4\x91\xc8\v\x9b>3\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00'/203, 0x0)
ftruncate(r2, 0x1000000)
sendfile(r1, r2, 0x0, 0xeefffdef)

09:26:40 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)

[  243.075952] netlink: 'syz-executor.1': attribute type 6 has an invalid length.
09:26:40 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:40 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2)
write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0xf6)
read(r0, 0x0, 0x0)

09:26:40 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x14c}, 0x137)
r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2)
r2 = memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x15<g8\xddGdF(\xeaN\xbcSoz\xe5.c\xdf\x8b\xd2m}\xc7D\x98\xd4p.e\x050,c9:\x95z\xe2\xa9\xcf\xd2\x90*\xaa\xc0W.\xcb|.F_\xf8(\xa4\x91\xc8\v\x9b>3\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00'/203, 0x0)
ftruncate(r2, 0x1000000)
sendfile(r1, r2, 0x0, 0xeefffdef)

[  243.175477] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  243.207352] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
09:26:40 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  243.241358] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  243.262895] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
09:26:40 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
ioctl$EVIOCSMASK(r0, 0x80084504, 0x0)

09:26:40 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0)
poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0)
close(r0)

09:26:40 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:40 executing program 5:
pipe(&(0x7f0000000180))
clone(0x22004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='syscall\x00')
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='fd/3\x00W\xf6Je|H\x10\x05\xf1\xab\xc4MJ\xcbP\xed@\xe8\xe39\xd2\xea\xaap\xf9\x1aTM\x1f\x8e\x86c\xb4T\xde\x10\xf6\xa1\x89\xea)6\xca\x00\xa2\x04\xe6}\xaa\xd4\xf6~\xd0\x04bq\xe5\xa2\x99t;zzV\x15\x9a\x1b\xb9\x87@\xe9#\x99\xd6\xb8\xa4\xb1T\xdd\xe0\x93\xd0\xd5\xd8\x0f\x11y\xef\xf1R\v\xd6\x81\x97\xa96,q\xd053\x1a\x11VEG(\x93\x18\xf2\xbc\x17\x1f\xd7\x89F(G\x18S\xda\x99\xdb\xeb\xa0\xc9*\xbd\xb4=Y;\xa8\xed\xd2\xa9\xa2\x87\xa0\xfb\r\xf7I1]:\xd1;h\xc6\xe2M\xf2\x005\x96\x9b\xd1\x92v\xf9\xba\xf4\x12\r\"^\xc2\xb2\x1d\n:mnO8\\\xa1\x7f\x92r\x95\x96\xda7\xea\x85\xc8\x8c\xa8^\xb7\x1f\x80\x05\x03\xbb\xef9C\xcb(\x9bF\vHFW\x04\x1d\xc7LkW\xb2\xe9\xdd\x17\xe8%\x86\xd1H\rR\xafX\x1f\xea\x00'/247)
exit(0x0)
sendfile(r1, r0, 0x0, 0x1fb)

09:26:41 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:41 executing program 5:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)

09:26:41 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:41 executing program 5:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r4 = syz_open_dev$vcsa(&(0x7f0000001500)='/dev/vcsa#\x00', 0x1, 0x141001)
write$UHID_INPUT(r4, &(0x7f00000015c0)={0x8, "539dc5034b105778733af5042f1b35c5aa7d8c886bf5de88d5ecee344df67b6ed79e0b3e882d38d6c625b9483ca8214dc98ad8aff2d86e330cf75263d193277938f33e036e59d5c79242e0abe9ab54e92558fc224dd9ff27aa44303b3330ba657091b42f8f79174e4e3916950d3ee3b25a7acd3b7ae44419e1d4273a9dc3ee5a84faea57aea71c3d44057e1ea5f8749735b4b2839b2fcd3bd73d65f970953cd90fa1fa84761c10754d71f9c45ad92e3e0ac7c88e85b163feddb6c7a25c627c5f45acb4ad7bbbe6985e73a3b3d544593b849c3f5317bb2b9bcfb162a4fbdf41b2f04add17ca8a43224af44f79020560c5510aa9a1f8fda5df9d8a995a81014048d177fe83569e15d4b19ebf8477add2d093b76847034356010274b19a5c9105c26b061640778bdb325ef4b2e1b625c582f47129d72261ba62bc853587e3c8a1c39e3f7dd55e3db1aa5b529d0fd3196953be90711a3c44c79a8828cd6be308676dbfe1b4376909da21cca5acd19b2b5efc847933a5687b405acb4c7e6126d31c4d57c3f6d4ec470ea51aa5a510335a1ab832ad5fb518261fd71a4ae801a9131d6572d656492a3d52b400c0c7b07bd3cc8bd2b7f633dd84db12ed326eef776130ed848a76a52a7e0bb5dd3ce269d00493842d0fa82fc3bec611dba727a0d0b3f3e07c3aebc3d0c1fe34ee984cf17e8918d899c2c91d512b12c488f39f74d58d589e0dbd1a023243f069929e714924f832b5ea6da6888cd03bbb40aa394a8b5850d346a4b93368674f03e169b1980ce3fb656ee874f05e219207cb039f12c8cb4ec3b04f145ade873a40790b3a9ccc91d407e28eae13302e72108971a3abd4d20abdf18394bc2b93bc3bd47d2cfd8619ce11eb4b6a1f2d4792b00ebad9f9c81699369b8fb7bbd3a05207808494bb0a4821e5d72f73e8ac5a7b1a9c6d0977a45ad353ab70b1cd0eededb119fbf6d2acfefc42be6ef9a4232964fdf930fcfbe135383d1d87e785adf5d22a4b04c77b2e5a138b6751c6f1896e97ec8a04767f2dbf5e177e176757d6e0fb0b175ac5cd98454a28942fbd87f29efcd6725492bd86bb63287a93473f3961a1603581b8f94d03cb6265d64ca0b49641cd1f5941ceaca15777619e1a224372689a2ee35e0e8ee494d56f85f8d1ef94031fb4440eac784d95ebb04cff3e7aa143dcfb1b7ca11729909fce59f00c578367d8cb1266bb9e0dd9a67fe01204b2450324ae48f51a59a7a39e755acb97008195beaf8518898f8cdb3918018ce1ab087af0a4c09c8f1f8d998da7c466d91d8e020e8db50c7783ab0bc0245505d2265e05d66d3a7cdd900eae91e31c8aed12d68775dae766d9db146bbb2472a662aefe4a31a2a50297263f32bdb6512c4f01ee4f9e76ca66ed4f4aa76a4f5e26b3389814b2922f15aad9487791c5ddcc807df6b71656005b6fe0b6aabdffeb78e7c44552fd973a050e91534636df70c725c315748e92a4712f5a7ef150eddc7c761ebf4c1e0902c312d23f25848709cedee10a83444256842fc182c510105b49c992edc8f1b701368d3690262eae7969516a8c66cbd09b8f522f70c79d5de95c235047ecfa773d5c8ab4d0c2c41326689ed5ee0143cee7928173aa7ae9432e8d33ff50847728601e246c8af24a228df1ea023d0f45f444d3645a6d5149ddbb1e456158ce7b1ac751d80958b2ed4ed3683500986e8e4810e651af9bcca01577d9b681ce115cf306e5edf2a92557078e92d3a940ae58eb7b9fcaaec076cd4d6d0d00ef53f5cf220b85703670307f9ac247d20eb4b3b01f9ca6ba05ad9b230176abdb6d6ba8d1114cd2076ddcf9682bf88f9c1129424b2d9335e644ca9064bdc6f6741a9640bf93591f9f896e0958a1b4cd06e5b6acd6238082f0d13157a49cef61a4bedd159b9e08231d740cab593fcee23b688fc33b464abfbc489ab9a1c2f5b8a3b30bec9c4d8895dc56fad32d74aa8910b991150c54b90b082c0c4823632d48ac103e882f272df521660780e96f3bff7cc8026f39bb360d96720276a29622cc6b8c461a0b6070e6ea8dea0d20a3cdc876c9c8309a8e8083f0e5e2fe32ce61d81b7b03bc1dd73e2b3ff8533941fae00fd937168dc0e10b90747acee23e5894703edc24315319870bbe58484e1e92b4472a8ef26282852e83081b413055d49f946d31138a20eb9c7937c9b33e7e408c64bdb1f5e182b87825ad1bd9981ddbd25a3d9a5b5ae5f12f2b5c26768746b5ea15f7626a34b68af9476fe931d958b6c867069ef9683f06392a5b3849c21d82686fdf9b75f36b9bf97703d31fc9ab45b8b6a681ba8d5b754b5851108fd09811891a7cb9279a7e40beb7f05a474ac10af021a8d006b01e0f17cbdd485191d02d310b2ab79482cb86ab5cb7a42b189044b805926a91f4273bf2c343279831241bff7336f8f312eaa6f0c2155b55886b09fff118bdb5c2a7d7ea0b38c0a7a7115837ffad097c478b046abf9eea723c7c7087140e29bb8db5210030fcff6c1804cb4a7e727bec692597edec662ca9912bd9b1f9a8825d6e7c4ad6078c60ce2f7f283dd59506a0a2d331d1ed29d3955454f61942e58cc251d4889d6518574130a0ab6da6047e49b4466091fad91c9c44d4b4c2ea054b583957c20f6a7de019b0731bfe9b76ba51aa88dbadf42f09d46cc4942d44dd4a434705b86e01e5e0cc87f5a3d455c7d0c406baeeab319c1ba0f38e5f08fe3512f9e72dd8605d415e649fec75d8f6065e7ddcd39f91089d0f9ff62dbf8fd6ca07cc2f21d3a9c8d1c34f85585e27f46d222dcc3a71faaf0cdde03af31ad4a32742e58f60733bcc18102e82fc159310abaad3c21661e2f2374409cb0a3fa1e410ec92ac6eb8fa8b26a66a5cabb87004dc1199f449ec2e97a3fe750eae2697b50bb996f8ca967ed87a5139ca34f9a227c271b3f7fcfdcec7ec6f5f00fee000585099c2bd7a115c11e57c0cd64e3406f37afc1a8333e01812dfe6398089341bab8328af9ccece6c4f52216abad788fbed79f8addbbe85451885bf116e8513b06bcc894572952454e5bde34753ac50f8ebf5d22cc5ff7ddd1c1dbf79ea62c7fe11f0222ba9f8ea19075713a3e7a97874ff609f46af712720cf477237bc56b4ddde9400c7bce30dc9ed41e6d1bd78962f6e713ffb38cb1b4bad9cf08dfaca1114ce7628af884286c94bbf9bae794b7d35515c4edc64d01f2a2b275f5bef8ded363be0b15af2d22e2cc03a89d5d9f83b4bcb9ba46f5d321a15b22f51bffba163bd036e6d05c02f3bb072be3c309a2aae9aceadfecb809ebb589433cfdaa5d334eabae578335bcee60806879416705935e0ae62cce04dc1e4d1fafb57b88947d649141d358ad0a4331015124bfe3e4bd3b38e276f92d534bbbad37cfcb396948882a46fd6662a25958dd27954ee9097c2e945726c2c18a367117eb852379c4ac693de78b724004e9de2f5735ff01996d06e038f39d7710a89e4f323f457789c6c637a4bb9d99e7281919eb06123abd855505399e6aa4f989001f9f615529651a6da0db9b48600f0391c308d6978829e9e66dc9e3a2f6a77edb76567608f3cd8547b6a6355360a3c307d6b8a8bff486565e33d9a5e8e2e916336c9cfda7f0299881215d368d49031dbe3e6757fd7175ac8582b259c3a40312aebbc509f7623b5fe51c110928e2cf4da8771a46152d7ba67449665b83b4abcb0d83f4a916020b0fa1af09af4784e06bc70f7a166b46442b7da2526b62ad3bdd3cbb314875aad65e389be47bd675d6bb2933424b6c6e88f36af441523cd6328f45d7941d855ec71971b39de3429a729ff78f7fac52986d150ba0dda923b57e167b0c2dbaddf794db27cf12c3fd6a53f77d937158eaf2f009759dc72f9949824b799175dc1cfa8be88c11cddde584073ec76bedc3e68ffe74a91cfe0e579867ece553af00753db4a9db056fec9e4275490f50f780a4838b54d54dc09aa05a8325d00c4dec24856fd4244783d611a713b5b5077afa197f799c9f68355cea1a0ab7c897fd6037aa2296e96ce53d5257cc6fa76aa58ff18c2a0ea4fae10ecf75e4b1e06aed10050dfc4f1a22547bfaa0d78e97113c9206a595cfbc6b6940952ab691b6ea049606155c7ffba49932c765a0f6d468af04422845b00b136bd133e0618c447c703ff5b9a1c7af194bc487e9c4931fae40e5849ae2251457d06bf82eb8bfbfa744fb24f705c1a65d7436463e08bf27cc20edaeb2b4d0040a360be150a61f94a5533c82544b7833cc9b3d924b92eb189136c4b52666aa7ce33880af6fca8856b2e1114dab2c57a290a8704e6c82460c4c999e020e9abb8a0408fd63beeb139831904d082e4a419c79f95e3487729c3fbb025016d20ab4d96dd5ee8b0b2023c54468d0237e99d73d6b037dccf92d9c8ac17e94f8519408f4a340882409c6a7e60dd0be73cf1161b55b30347f7338ec88a913ad048b545a82e3d84d6ed3b70afb240ed482303e16e11991f699983864c02e41f2078bb1d1f2ae0e5cd6ca884fb2a96296668d783adc2c2c94b3f32e1a035eb2856d616016111564df7933b4c227045756e79f9a83c41df717f0e89a7fbf29cda0317912837408b8e6e3820b356a6914a6887510ed6bf8861c81c80bdf42e6f0bfab0b47b67c751ec813c4cad8b2bcbebc138c3fe85e1ad67b2b120fb207c65f43a9aab037f88049dc25cc82fd523a076795a6e9b28a9cd80667b7a658a7098a8b300837cfef63a98297b6c2fc2db5971f5a92ca96c6974bbb729239f78fa3184f5011e342f43b796b1634d612f029c1e3c2acfb6f1e649feecaa952d608ed9e8531ff13e6af75e5e09ef29918f8c6953822746f889206c9e9e472896c12762e1843fbccdd7f26668c00945ff0fcbd9e79ac3a12ab3ee7eb60b4a33a3fba58295422808c2d35cd2aec0aa8b51e84f06eb79369b08a4875816f7040c24bd353a66e0c7d6f56ff3d6e9c42a77a5169b3cfc3c58de91e280d3b705c8488df9e096d66cede352c00d7d9c9fce344404bb326e6695cd2f6cfc839a6b1d857da8703924356f5a154303e76cea9d3d1bf695cc1843abf7c66857cc6800a2e8baac97317a62a4a76edccb0a8c9570dc74b0dfa461cdf8b706b8c8a914bce3a91eb9d547a5c35c14d477a0f27fb2b3d1a90aa70c455ea8c6995d39cabb7d7987ae25f89c7d3e26d6885732761f39db5bceb17992aa6b37c40b060a8d42a78118ec8d3fb26ac1a3d3938f677f554e514a65eb07b464196edd30a3882a423753e30dac26b5286cb3033175e8f600f6a7b5b203d9b06ad1333e2417875f1aa5f43953dc7989d7342e7b4336e20b2f033375bbd6fe228289e4a8440608123f8247b1c3a7fabb5d75f875febcc366a124ad4d43b8900afc3e4471911482d7c9dcd2afd579f0e488447d972e41c3497b2da66aa8eeeee6a89d2f1897572375677a7345380e9270d02fd4d32e06f3e53aa120563e603de19a02b3b37e2e652cd2a8152ed1a31feb9e1182731fce09b52a500991354985c108de875a9ab52508a430d3aff226709b46e00aac462161d68d1845a95cd1c56e16d7acc2fe3224b2dc9bb441e53e492146aaefb4c30141a2b6bd14b0dbc8e6b1a713ed4c40fd0323377e72f1c25f1c8ca96637a20c735a1edca585b412104945f1523c6af518bfe7e3ab8bd51540ddc10489c372a91c76e56909ce86c8e045cd0bfe7a270564a380aa762cca36e239e0a7c246b180376d71d349c847c08f80e15520172329ec3a7971ec585148e93a264c24470645ede73198736723972480db5dbfdf853c", 0x1000}, 0x1006)

09:26:41 executing program 3:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close(r0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = fcntl$dupfd(r5, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r7, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2, 0x0, 0x0, 0xe1)

09:26:41 executing program 1:
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000001340)=[{&(0x7f0000000000)="f2d1b7941a4be889573513c0bdbc2fedf8a8641ed3c4b37377b7d5181c1a59d8ddfd3a759bfa4d6bf6b5e19f385b763989e52ce3ecc633eeb8b7c018d7dfd6e43b8e611990558fd63a3cca75d3798cf44afa347a67aede7997d9a7047c88a66e59772e35a4b45af93691e6c6328740fe782f41305ec21d715d3897d63d0bdffff83227a99910a96f10852d2054a59da28072e54d2090d9cbe96dcbc2035cd8f9f29ac7b808664def01f962a3e2c055221015dc5b2d3de3171a9290ee9d3d4da1c5a5525034ce7790f6851c9c66391071b881728b5bca960ff2d0dabb82f6c32feaa6a74c0defc76272a25ad075bbf5ae9138a98250a393c0e6f7e720b8a78f7a09a98fc98a22889e89b27d1bd864e63b63a6bcf9734712261784efd06c8b9baaf4edf5d3e0c1481538c9b9771b25f4922452a53115ec3404607e167fde214fb1949fa7406830d0dec839fc7a29c03bb29c51191f9fa97d6c81d980a73b7c23caaa3db6bd52eb2ebd2acd1aac53ca161713cfbf5691e1a93734d5bed6473bcefed4cf1d014f0cbdb086941fc4090e5d96a6b9f53c44d2c121f7ccdae8c3f80d9d73f3726ec5d713dd04f39ae30d588505bf1350358ae7af0b30f199edfec575c9624ecc270b345eeeacfe627c8e43e81a81637849d5c7c968708c0225c14225e1e8877ef2dd8df7f130c3cb0aca0da8a6aa816dd26358f69e6c76c373e9eba8e5c406a20ab1423eca475adf863e4a6062684b275abb6a80a8db9aa66372e62c2c897aa953f7a1ef829df9ebcdf953404003703a820fd0668f34604e8f4992448eb1809049751be3acfd91dd4e7dfb2eceacbc81ca0b7ca382c3162cc57df9292d8354e6336a8832d4a194993e636a691b730f5c8981055fa574ffe637c6ada3f4144e445a50de4ca0ec1674f732be7558e300b30ac782fb766846adf6a4dff3982407d38692d3a8fb5ec141ae624fec5897a76eda1da450abb6abf7166bb3c7de7dee48f4eae4e1e59d17b7cb743ec4edf8a37f2ae928a6bc2644d5a0876d43e04da80d125a7f36daed9dac57cb5ee4a553ced49f83b758e15efb86ce67a3069a41723a7538b148f898ce1aa5333f0eb9fba162d0489559595cd8497dc48bec2608ba9c5b2832fb772df8360c9d8257e5adfb05041e8eb0e25377b46dc4bd822be7abbc4772d632d9318e31c44b3f41d5c75b03e0ec09dbcaa4e4b296f60c7638783b850bed941a2c344031052963348dd4404e597a7cae4958916406c9fe145e0969e23c4bca1b986f2e77015cbb3fc747b9805a4684e2ad1e03955219827009f88b401c3b9761c3af65c0d6b6df9290e93d26732f0f4029d5de697c2a861a97964d65c0c64b617a78d1584be182cadaad3c44dad6931b16ba5ceeff07433d98bd16a5ce36a7d92c514609deafe504e99a43e551e41ba12ea6c886704fd9fb5799c63d997696945dd4f8de9326eca9c6ae91a8c45de8bd79e931bc186ba8087008c7c96d05a6830557bf54d8c1aca66d8a81037223f29a6b03301df84ec263406d2ceee391157fe1a61f827f7b6c642dad547d1f9f69759f50f4021ab0f42406dc6966b5222bd32225846bf0e1566fde849f9640766e3df6c7daa4a4eb568fbe077d9345fb6aff4b42445e5e590a3f18ce44ecf10db15950f9bebec094a14af148d703f6752a30e03efc52124e48511cc679554c98de1a24dadc2a3ecfe00d15e4cf7191fb61e4e2be6f1dcce794a28da6f2d7e6c626f0d67a5e091ef88476df29f29794b82334082c2f5321be7c9c209971216c51321d4173fe3dadbea27d29f06ec977258c17fff0e876e9bf3c3193ff08a15a3dc7414a09cc0f4a47eecb26b5f78692a93ecd5a90a0fc30572f96011488f1b395ab63aa4a2c60dc46048df31697935ef15acd8809b088e8563268b70f41cc719aeaf7dedc2dede9228107a5a0e7c9b6d1e8610d6e6b9a355abead1fa83e3aae4a7b8430fa6f01307ccd7d779821fabf7371e56aeffee74226433c3db90d82b1d4ac4d53c3f7b1231bdc3626c48a8b5ec73f8b8adf2a820affd576114d4cb7efff51f5d5c5f193481fc480c9584b8543e0b30b4f650be154a2046de2553329ec0daaab3c732375e6cbfbf2acf7892f22b0e2be6005f15f65da384cbd99aa4ddd199bd0520cc2826da32e8694abd98d5c04b3f5cda634d5f38d5032676717e1f98665b6ecde5965a170dad3c7e064c967a59e42ba1c6117f1cc12c87963f9d15d26c55588b67e9f037394c75418b957285a6ed7b4f1530a0fc14aed2737fbe87779938874509021d7c1528a027d4cdb43082f47cbd6bbc114d6cc48b53749ab269e8f614a3e2a8306de622eb6e671ac4055ce81dbf04f47c3dc223b07f89c931db10edde99b0cf636058a84a969a7f013c7538df47245762c8f7f0ae37a42aa2bc73cdfdb7fe14532fe24dc537bb301d91ad3741b5931e2759f8fa20568ee8cfbb11da9d2290ab0cdab31c27460e97925570df6ee81d281cff10a14c0f0e37a3cd30a33b71ec4b2f307242a95959ca0c208497c0f4f5ed4d0b5f54b4c0d0126263b1fd8cfa9d172a5d49b661737d9a8dd5b6b47745bfb264c3512687ab9b84b8f8d9675bc192580107543f1f26cfa8e8a805ace81b70a9f5e800fb560c53926a95b78b04bb32e01c9b23e73de9600730d049092785cc779e013f3e58a0a1ea6180a4a7a5098e6060902a2f3fdacbedb55656ce9f1eb3b5adb357464423ed82541ebb879cb08512b8dc76a16529e8cfa85777f96e79a23f54d696d4193eb36198bfebe316a21602e99ae9725aaca44f87c13294a4d461a179ff1ac438492b5614c559e046e8a5b615e421c073b2663adff6d978899d0114dd610e76f7c81e29b4dd1a560b9e532f59cab2730d84b7c41427c5f9512e2a0ceb2c97e3577e14c8ba014fe1e4101e3a6f49436bfa498924407d9466e3edb8b2514a9417dbc4a60c6b68706a7ba97d1e2f14828bf5f03e9dafc724cf67aae798b5a48c2018b9cb9d8a72651adda433a78438c06a3603a53962a5c5045577f88228e19e4a5daf677fafa73ba7c71d2c169eabbe7bac6eed3864bb74c0496b2afd7d31bcb1c56f67d1b021abaf4a0708b3ece70fdc87cfc96017fb0c36d6a1e1360ecd7b5914d4d8703731800f3e777bbfbb79ff36fbedfc67922ba458a0826e3750565f64c5df3766a960b75738878ca20f50220622af63ef5b71ad67af5bed21e3e817e2400d7b9805f0d4b8124a5c64752609591d92472f662a05f99d3fe5c5f851cb50aab1af5a7097f5b3a14f427d3ccd6a5d1b02ae226a67488197872e3584683373b2792248ef624831998498b58d1466cb6dea5c3851dc37df5298d19a0d3fc5ce9af427e25ae06a503143f616d927e725796273d7ce1f1a261fd39180a2d38d753b1616079d1493520ee28f12df62a7ffbddb39e545565ba2fd86df80e9efc2362747e3a6314e12d091ebb32bf4d160dbe885185089c5ce83cacab0fe9bede255e8eb5223f5cf8600e209820dc132b4b94274ec1950704ab784faef19c0eaa847d7add85df836c349622ee2cec77a758f3f91bcfccd003f5675ec3d3a6566a6662a1031b80e16f93a18246e95fe6a898d0c38cd13ef8dea4321b479b13b0c0a1287c0f3dfdf421d2cabb332df60d1d4160d5ef1271bb32c9a9812f0bc7c5781a2a63668c2e7c4578f6a4d3d3419b638b72618a4024fc8dad1ce9a9966269b8b5e837c0401057c32437db5b83b64bfb2d34342c83c0a10d9bb8e5b50d133610b3e938e3b3dd90df10e362e0df0d9f63f77beb44a6685218b773fc794e06d738a83b463d7954dc5c0d75c7a94fea56c7bc82655d5836d560d8a7b797478c080f18985a412a2d2eee0ac380e6235375c5828599e14b4c9bad3db78ea8baaef6f7d1258a9f48bb08c2811c4b1117db57f6654b6c4d63d196d071cb48d2c6ff0843c3afea7737d1e68bf795d7e902a1165332e25e37059b30a5dcfdc096a7d6379b3ae51e4a8f4557f8d28ba9d74252b3a4306008438960b83aacdbf09fa8325c03699e544c5aa97d31a552214c5000c9e5db4520a25c434952bf6eb576f111c319878b491a0ba032470fd2c2b0f1e9c3fe4a8f0daab7a3b1b75df73538ba08d20105d84f2ad48c40fd48b0ac0d88d9eadce264141b0a595118f9885545392691d69e1f0e0fd39c8dd53150bd87d11f4c43ee86e109c3971859513603e04923e6b3b06cc4e483073c7b64ece61904d90a7a67aebf97bd0c1ed04f07fc98f1518b4d1833e7fa5a1d96d0ce2be080d6b0d975f3aed928f49e21c3f1598a4320b6d87a58dac9a6b077b3c3d98f867a92131615014b01707fd42ecfc8a441e7d2c1803bb2c0988177629391b3fd96e072ba0282306234dfe0974a0271213a9b7451fd3821aa3d8e220cccecd0cfca1d8c20dab4f763ba24182aac72980416f4f2a66a2f477d483c223db3ddf442b49ed5d7ba5bea4b171b59037fd6792b195dc4a1aa6526c69e4ba7abc58481182a622ec7261362dbc7619b90bf09a6c9dfb7d44e52040645caa14a869eca0f9d5b2987d4891c4800aa4f33cf2a3af21bf954ea3ad8022c2647221a1b5b3d902d918696951e14e7e59847a52414d8334aa1f42c3ae9be64a09272754eeb2eb3b2e8dca690b483c903788d62ad364e44caa52f86ade881b139ec537dd0fa2e39b803d92e767e94fcbe3722dc86d88b6b9026cd079a232ead5c8d2b9dadc33892488b643a488702c04ba2e4ce120fd04942a5508f68b2d3a7ba017d9be959cb1fbc335276cb4763838ef8a15fb9dc3eb819a1901d94639d64e1daf1f6ffb6a4076fee199608fa9d12a6b54ed752e290dab5d85c750c73f4410895a661b0fb516223025cb07746dac52f0928ab60e6715f71b8d3958acb90b2b727210b19c1645cc8152fb89e332e4927e826e593d85d38c4134d3b4aee11a7911ab5f06617390cb4ccea3dad39229239d0fec6ccd2b834c6654c8f689724ec370f6cd4e5225c88df572ace1617cb2278bb9cccc666e5b609f82102376653a3d8134b2aef83679e0152774ed3f1d7079343b0eb962a4c653c994dfc152a2f00c0a2ba2919013c7852a92ba712158bdd6df44b37bb7e12408fe17cb5c6959f36a845fd0164e3defc29c27c0168dea58281e3f51bbcac4a25a90054084f46a03d4d34a819137cb5cd3e9433a433a965e965515ac624ce7e484957c0da1643ac5eaa272cb06be4968d71954b17778fa35675e8763eabb26d739cbe76aeaeaf688503bd2c34774db740298f44f36f3fc2f36cdb3f4cb88b596972bd08d623ce7aab92630a649870cda0ed63e924f5a5d85cbead74b96f3c90642612908ce8125fe9318478aa8b5053d15f299314b57cf9ffb499abfc93efc92668972c78201b1d11ed1a06226a91758212327ff68b53ae534d28471b552a758398553cb127d61efd4fb55dcb46d3bb79f6c22fe31b291214990848df3ef134861a46d66691d0792b6fe0699923ea31c5286b870c6a495fa3ae36a7aa37b328a8a1584929eaea90de6ed460c615ebe60328832ecb86e3425e7570112ff19ee846f40c9bcec76257c17791ee08895d61c6d4ad9109611804f7008ef53fc03c2dd933c125b4c94b365d57f3845f9776d229a7ee3442f51133f67da41ce511b605d0e2baacd8570da3a4ce5ed13f025c92c9578b5310d0c1e02160e03b5d47284b82794ad8f698e9e6e1f2650e24b5c19eb46783c308d3c3d78ef35930d890fdafc58933bf1edf452eb026d5a4c4bef84b913c9850cbab4e6545fa14", 0xfffffd1d}, {&(0x7f0000001040)="c8ca39965f6ecae49cfa406e0318ad328e372a4f8393e9ea496857cd4d7b299dfe0882de4352987a3f15492405dd2d029b7a14de4415ed7d5df3f2e70bac300009a13bbd4a6dbe72beec37b7fa60962d9f522afa18a71d1bc1f223211ebff7f16250239c768044f5b6e4030130992b302d163bf01fb4ade3533fc5b5c3c9aa869c9ef1a75063579e014fac3cfd905a229e38579bafc38e936ecdb8404d0e410ce19c7b2afbf78388964f802b26be3062c7834464165edf82bcf709f52824f60e81a5dc21186669537c1f8b498c91a641ddb6bc17c46150853b3f5cca68a3bad722343b72de3172b73b48db4c1f8ea825473ed954cd262f5ea1389b", 0xfb}, {&(0x7f0000001140)="5d4f1862be4e456e739926faf8a80478980ac869b89d8084636fbdf9b9ede3bd88ea", 0x22}, {&(0x7f0000001180)}, {&(0x7f00000011c0)="7cfb4a3299dc46f8077af1cf68ab7257", 0x10}, {&(0x7f0000001440)="3ecae2d002711ccbc2e2ab0bbd35099b6fe02cee2e17c2758cb36e3c41f91121123a5ffe15b5c0a322ea8036cacecbacdb47e5cc599b6d07ca7d0c490fd81d65b43182c785457e5c7fafa51f5a667c67e5ac2f705ccea0fea5fee2e4a8c80e4b46dab0e5d8ad78234c3c8da1ebe43c8d2ddd2f731bad966dce119a5e4f4557b62554bbbc99c4f3018e410dcbe795af0b685daaf29a254090c522336be0ec7b6e3e63f8f2f09efcf204aa2d2497588996ea8d258503cdabf1cc1a1dbc6f21b57ce01fec1792cb4444f891cf22ad58cd14d0e61484df5027dbec630f12fa1eb045aface76c0c85746649fa42fe26", 0xed}, {&(0x7f0000001280)="f2e5c4fe59c67e67cbf4c4f13d55afce4a0e785000e42641da7e6f9ae431ad546f477a89b221c88258742019", 0x2c}, {&(0x7f00000012c0)="e36fb7e97e3d782a9cbc99974f4ec73a31a94cdb2aa7202784eb32c58068049f5e2a18209300a57e3c024607f95da525bae2e2b949a2553e3579485ad8e462bfc1554ae20275761c4c569feb1efc077249", 0x51}], 0x8, 0x0)

09:26:41 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x14c}, 0x137)
r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2)
r2 = memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x15<g8\xddGdF(\xeaN\xbcSoz\xe5.c\xdf\x8b\xd2m}\xc7D\x98\xd4p.e\x050,c9:\x95z\xe2\xa9\xcf\xd2\x90*\xaa\xc0W.\xcb|.F_\xf8(\xa4\x91\xc8\v\x9b>3\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00'/203, 0x0)
ftruncate(r2, 0x1000000)
sendfile(r1, r2, 0x0, 0xeefffdef)

09:26:41 executing program 4:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0)
poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0)
poll(&(0x7f00000001c0)=[{r1}], 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
close(r1)

09:26:41 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:41 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001800)={[{@fat=@codepage={'codepage', 0x3d, '1255'}}]})

09:26:41 executing program 1:
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f00000012c0)={0x0, 0x0, 0x80})

[  244.166183] FAT-fs (loop3): bogus number of reserved sectors
[  244.182300] FAT-fs (loop3): Can't find a valid FAT filesystem
09:26:41 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:41 executing program 4:
socket$kcm(0xa, 0x20000000000003, 0x11)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x200, 0x0)
ioctl$KVM_GET_LAPIC(r0, 0x8400ae8e, 0x0)
socket$kcm(0x10, 0x2, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socket$kcm(0x29, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000005c0)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x88\x04\x00\x92\xee2\xc2$Wx\x15^\xdaM\xeaB\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WZ;\xce\x05\xfc\x95\xd9\x88\x1f|\x8b\xf1\xbf\xf2u\xdd\xd8AV\xd87\x96M\xea\xd2\xa2iM\xe9\xa1\xbc\xba}\xbe\xa1\x05J\"\f\xf9\b\xcf\xb8J\x13#\xecT\xdf\xe0\x9dOA>\xe9\x99\xf8\xaf@{dw\b\xe7{\xaf\x9a\x1e3\xc1\x83&\x89\xc2\xa5\xb1\xe2NN\xdf\xd3\x0f{\x8c\xc1\xc8y\x01\x04\x00\xc7\x94\xe3\x89|\xd7\x9f\xd3\x06\x17\xe6]\xd7\x81q\x1d\x1dN\x9e\xf4c\x83\x86_\xfc\xbc\xdd\xd4{\xde\xc4\xe5\xb6\b;L\x1cN\xa2\xc9k\xd7 \xc3\xe4\x19\x96\x8c\x04\xea\x9c9\xfa\xe3\xc1\x8dDuTHL\n\xe8\xb7oSx\'\xfd=\xfc\xa4\xa51\b\x02j\xb7\x98{`\x89\x8c\xd3\xc6\xe8\xe2\x9b\xd7\xab\xd1s\xfb\xaa\xcd\x9d\xf1\x9e\xee\xe3e\xf1\x91\xf7\xee%\xf8\xc7G', 0x2761, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000005c0)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x88\x04\x00\x92\xee2\xc2$Wx\x15^\xdaM\xeaB\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WZ;\xce\x05\xfc\x95\xd9\x88\x1f|\x8b\xf1\xbf\xf2u\xdd\xd8AV\xd87\x96M\xea\xd2\xa2iM\xe9\xa1\xbc\xba}\xbe\xa1\x05J\"\f\xf9\b\xcf\xb8J\x13#\xecT\xdf\xe0\x9dOA>\xe9\x99\xf8\xaf@{dw\b\xe7{\xaf\x9a\x1e3\xc1\x83&\x89\xc2\xa5\xb1\xe2NN\xdf\xd3\x0f{\x8c\xc1\xc8y\x01\x04\x00\xc7\x94\xe3\x89|\xd7\x9f\xd3\x06\x17\xe6]\xd7\x81q\x1d\x1dN\x9e\xf4c\x83\x86_\xfc\xbc\xdd\xd4{\xde\xc4\xe5\xb6\b;L\x1cN\xa2\xc9k\xd7 \xc3\xe4\x19\x96\x8c\x04\xea\x9c9\xfa\xe3\xc1\x8dDuTHL\n\xe8\xb7oSx\'\xfd=\xfc\xa4\xa51\b\x02j\xb7\x98{`\x89\x8c\xd3\xc6\xe8\xe2\x9b\xd7\xab\xd1s\xfb\xaa\xcd\x9d\xf1\x9e\xee\xe3e\xf1\x91\xf7\xee%\xf8\xc7G', 0x2761, 0x0)
socket$kcm(0xa, 0x522000000003, 0x11)
socket$kcm(0x11, 0x3, 0x300)
socket$kcm(0x2b, 0x1, 0x0)
socket$kcm(0x29, 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8e, 0x280441)
ioctl$KDGETLED(r3, 0x4b31, &(0x7f0000000040))
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161)
sendmsg$kcm(r2, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00)
write$cgroup_subtree(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="72d3207b1bcf0e14f62342e893ccdc8c99e5a20b4147fa62946280332c1fe1e989866498fbd33c1d7dc1acf8fa468847d2a9dd15e329e41c32da60ece92417eaf7d1b9b1afab6284db6ce2aceaf5114f8daf25fb704272efbcd58992f0dcd90138d5ef2fad57f08f030b19174579891e6161103c0621faee007dc2ee5fef5a15f115e3fb4a666074e7527aa8409bf829ac59bfcf9648e52bc8196703ebaba0cf2d0f0c67d6c5caec8096712ee71aa1f3db4cfa8af456da80a507179a8ca50f2bc0d09e7b45a92143bb4e701f74a189e99eb850126e"], 0xd5)

09:26:41 executing program 3:
mknod(&(0x7f0000000100)='./file0\x00', 0x1040, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000001ec0)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
unlink(&(0x7f0000000040)='./file0\x00')
creat(&(0x7f0000000040)='./file0\x00', 0x0)
tkill(r0, 0x15)

09:26:41 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:42 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r4 = syz_open_dev$vcsa(&(0x7f0000001500)='/dev/vcsa#\x00', 0x1, 0x141001)
write$UHID_INPUT(r4, &(0x7f00000015c0)={0x8, "539dc5034b105778733af5042f1b35c5aa7d8c886bf5de88d5ecee344df67b6ed79e0b3e882d38d6c625b9483ca8214dc98ad8aff2d86e330cf75263d193277938f33e036e59d5c79242e0abe9ab54e92558fc224dd9ff27aa44303b3330ba657091b42f8f79174e4e3916950d3ee3b25a7acd3b7ae44419e1d4273a9dc3ee5a84faea57aea71c3d44057e1ea5f8749735b4b2839b2fcd3bd73d65f970953cd90fa1fa84761c10754d71f9c45ad92e3e0ac7c88e85b163feddb6c7a25c627c5f45acb4ad7bbbe6985e73a3b3d544593b849c3f5317bb2b9bcfb162a4fbdf41b2f04add17ca8a43224af44f79020560c5510aa9a1f8fda5df9d8a995a81014048d177fe83569e15d4b19ebf8477add2d093b76847034356010274b19a5c9105c26b061640778bdb325ef4b2e1b625c582f47129d72261ba62bc853587e3c8a1c39e3f7dd55e3db1aa5b529d0fd3196953be90711a3c44c79a8828cd6be308676dbfe1b4376909da21cca5acd19b2b5efc847933a5687b405acb4c7e6126d31c4d57c3f6d4ec470ea51aa5a510335a1ab832ad5fb518261fd71a4ae801a9131d6572d656492a3d52b400c0c7b07bd3cc8bd2b7f633dd84db12ed326eef776130ed848a76a52a7e0bb5dd3ce269d00493842d0fa82fc3bec611dba727a0d0b3f3e07c3aebc3d0c1fe34ee984cf17e8918d899c2c91d512b12c488f39f74d58d589e0dbd1a023243f069929e714924f832b5ea6da6888cd03bbb40aa394a8b5850d346a4b93368674f03e169b1980ce3fb656ee874f05e219207cb039f12c8cb4ec3b04f145ade873a40790b3a9ccc91d407e28eae13302e72108971a3abd4d20abdf18394bc2b93bc3bd47d2cfd8619ce11eb4b6a1f2d4792b00ebad9f9c81699369b8fb7bbd3a05207808494bb0a4821e5d72f73e8ac5a7b1a9c6d0977a45ad353ab70b1cd0eededb119fbf6d2acfefc42be6ef9a4232964fdf930fcfbe135383d1d87e785adf5d22a4b04c77b2e5a138b6751c6f1896e97ec8a04767f2dbf5e177e176757d6e0fb0b175ac5cd98454a28942fbd87f29efcd6725492bd86bb63287a93473f3961a1603581b8f94d03cb6265d64ca0b49641cd1f5941ceaca15777619e1a224372689a2ee35e0e8ee494d56f85f8d1ef94031fb4440eac784d95ebb04cff3e7aa143dcfb1b7ca11729909fce59f00c578367d8cb1266bb9e0dd9a67fe01204b2450324ae48f51a59a7a39e755acb97008195beaf8518898f8cdb3918018ce1ab087af0a4c09c8f1f8d998da7c466d91d8e020e8db50c7783ab0bc0245505d2265e05d66d3a7cdd900eae91e31c8aed12d68775dae766d9db146bbb2472a662aefe4a31a2a50297263f32bdb6512c4f01ee4f9e76ca66ed4f4aa76a4f5e26b3389814b2922f15aad9487791c5ddcc807df6b71656005b6fe0b6aabdffeb78e7c44552fd973a050e91534636df70c725c315748e92a4712f5a7ef150eddc7c761ebf4c1e0902c312d23f25848709cedee10a83444256842fc182c510105b49c992edc8f1b701368d3690262eae7969516a8c66cbd09b8f522f70c79d5de95c235047ecfa773d5c8ab4d0c2c41326689ed5ee0143cee7928173aa7ae9432e8d33ff50847728601e246c8af24a228df1ea023d0f45f444d3645a6d5149ddbb1e456158ce7b1ac751d80958b2ed4ed3683500986e8e4810e651af9bcca01577d9b681ce115cf306e5edf2a92557078e92d3a940ae58eb7b9fcaaec076cd4d6d0d00ef53f5cf220b85703670307f9ac247d20eb4b3b01f9ca6ba05ad9b230176abdb6d6ba8d1114cd2076ddcf9682bf88f9c1129424b2d9335e644ca9064bdc6f6741a9640bf93591f9f896e0958a1b4cd06e5b6acd6238082f0d13157a49cef61a4bedd159b9e08231d740cab593fcee23b688fc33b464abfbc489ab9a1c2f5b8a3b30bec9c4d8895dc56fad32d74aa8910b991150c54b90b082c0c4823632d48ac103e882f272df521660780e96f3bff7cc8026f39bb360d96720276a29622cc6b8c461a0b6070e6ea8dea0d20a3cdc876c9c8309a8e8083f0e5e2fe32ce61d81b7b03bc1dd73e2b3ff8533941fae00fd937168dc0e10b90747acee23e5894703edc24315319870bbe58484e1e92b4472a8ef26282852e83081b413055d49f946d31138a20eb9c7937c9b33e7e408c64bdb1f5e182b87825ad1bd9981ddbd25a3d9a5b5ae5f12f2b5c26768746b5ea15f7626a34b68af9476fe931d958b6c867069ef9683f06392a5b3849c21d82686fdf9b75f36b9bf97703d31fc9ab45b8b6a681ba8d5b754b5851108fd09811891a7cb9279a7e40beb7f05a474ac10af021a8d006b01e0f17cbdd485191d02d310b2ab79482cb86ab5cb7a42b189044b805926a91f4273bf2c343279831241bff7336f8f312eaa6f0c2155b55886b09fff118bdb5c2a7d7ea0b38c0a7a7115837ffad097c478b046abf9eea723c7c7087140e29bb8db5210030fcff6c1804cb4a7e727bec692597edec662ca9912bd9b1f9a8825d6e7c4ad6078c60ce2f7f283dd59506a0a2d331d1ed29d3955454f61942e58cc251d4889d6518574130a0ab6da6047e49b4466091fad91c9c44d4b4c2ea054b583957c20f6a7de019b0731bfe9b76ba51aa88dbadf42f09d46cc4942d44dd4a434705b86e01e5e0cc87f5a3d455c7d0c406baeeab319c1ba0f38e5f08fe3512f9e72dd8605d415e649fec75d8f6065e7ddcd39f91089d0f9ff62dbf8fd6ca07cc2f21d3a9c8d1c34f85585e27f46d222dcc3a71faaf0cdde03af31ad4a32742e58f60733bcc18102e82fc159310abaad3c21661e2f2374409cb0a3fa1e410ec92ac6eb8fa8b26a66a5cabb87004dc1199f449ec2e97a3fe750eae2697b50bb996f8ca967ed87a5139ca34f9a227c271b3f7fcfdcec7ec6f5f00fee000585099c2bd7a115c11e57c0cd64e3406f37afc1a8333e01812dfe6398089341bab8328af9ccece6c4f52216abad788fbed79f8addbbe85451885bf116e8513b06bcc894572952454e5bde34753ac50f8ebf5d22cc5ff7ddd1c1dbf79ea62c7fe11f0222ba9f8ea19075713a3e7a97874ff609f46af712720cf477237bc56b4ddde9400c7bce30dc9ed41e6d1bd78962f6e713ffb38cb1b4bad9cf08dfaca1114ce7628af884286c94bbf9bae794b7d35515c4edc64d01f2a2b275f5bef8ded363be0b15af2d22e2cc03a89d5d9f83b4bcb9ba46f5d321a15b22f51bffba163bd036e6d05c02f3bb072be3c309a2aae9aceadfecb809ebb589433cfdaa5d334eabae578335bcee60806879416705935e0ae62cce04dc1e4d1fafb57b88947d649141d358ad0a4331015124bfe3e4bd3b38e276f92d534bbbad37cfcb396948882a46fd6662a25958dd27954ee9097c2e945726c2c18a367117eb852379c4ac693de78b724004e9de2f5735ff01996d06e038f39d7710a89e4f323f457789c6c637a4bb9d99e7281919eb06123abd855505399e6aa4f989001f9f615529651a6da0db9b48600f0391c308d6978829e9e66dc9e3a2f6a77edb76567608f3cd8547b6a6355360a3c307d6b8a8bff486565e33d9a5e8e2e916336c9cfda7f0299881215d368d49031dbe3e6757fd7175ac8582b259c3a40312aebbc509f7623b5fe51c110928e2cf4da8771a46152d7ba67449665b83b4abcb0d83f4a916020b0fa1af09af4784e06bc70f7a166b46442b7da2526b62ad3bdd3cbb314875aad65e389be47bd675d6bb2933424b6c6e88f36af441523cd6328f45d7941d855ec71971b39de3429a729ff78f7fac52986d150ba0dda923b57e167b0c2dbaddf794db27cf12c3fd6a53f77d937158eaf2f009759dc72f9949824b799175dc1cfa8be88c11cddde584073ec76bedc3e68ffe74a91cfe0e579867ece553af00753db4a9db056fec9e4275490f50f780a4838b54d54dc09aa05a8325d00c4dec24856fd4244783d611a713b5b5077afa197f799c9f68355cea1a0ab7c897fd6037aa2296e96ce53d5257cc6fa76aa58ff18c2a0ea4fae10ecf75e4b1e06aed10050dfc4f1a22547bfaa0d78e97113c9206a595cfbc6b6940952ab691b6ea049606155c7ffba49932c765a0f6d468af04422845b00b136bd133e0618c447c703ff5b9a1c7af194bc487e9c4931fae40e5849ae2251457d06bf82eb8bfbfa744fb24f705c1a65d7436463e08bf27cc20edaeb2b4d0040a360be150a61f94a5533c82544b7833cc9b3d924b92eb189136c4b52666aa7ce33880af6fca8856b2e1114dab2c57a290a8704e6c82460c4c999e020e9abb8a0408fd63beeb139831904d082e4a419c79f95e3487729c3fbb025016d20ab4d96dd5ee8b0b2023c54468d0237e99d73d6b037dccf92d9c8ac17e94f8519408f4a340882409c6a7e60dd0be73cf1161b55b30347f7338ec88a913ad048b545a82e3d84d6ed3b70afb240ed482303e16e11991f699983864c02e41f2078bb1d1f2ae0e5cd6ca884fb2a96296668d783adc2c2c94b3f32e1a035eb2856d616016111564df7933b4c227045756e79f9a83c41df717f0e89a7fbf29cda0317912837408b8e6e3820b356a6914a6887510ed6bf8861c81c80bdf42e6f0bfab0b47b67c751ec813c4cad8b2bcbebc138c3fe85e1ad67b2b120fb207c65f43a9aab037f88049dc25cc82fd523a076795a6e9b28a9cd80667b7a658a7098a8b300837cfef63a98297b6c2fc2db5971f5a92ca96c6974bbb729239f78fa3184f5011e342f43b796b1634d612f029c1e3c2acfb6f1e649feecaa952d608ed9e8531ff13e6af75e5e09ef29918f8c6953822746f889206c9e9e472896c12762e1843fbccdd7f26668c00945ff0fcbd9e79ac3a12ab3ee7eb60b4a33a3fba58295422808c2d35cd2aec0aa8b51e84f06eb79369b08a4875816f7040c24bd353a66e0c7d6f56ff3d6e9c42a77a5169b3cfc3c58de91e280d3b705c8488df9e096d66cede352c00d7d9c9fce344404bb326e6695cd2f6cfc839a6b1d857da8703924356f5a154303e76cea9d3d1bf695cc1843abf7c66857cc6800a2e8baac97317a62a4a76edccb0a8c9570dc74b0dfa461cdf8b706b8c8a914bce3a91eb9d547a5c35c14d477a0f27fb2b3d1a90aa70c455ea8c6995d39cabb7d7987ae25f89c7d3e26d6885732761f39db5bceb17992aa6b37c40b060a8d42a78118ec8d3fb26ac1a3d3938f677f554e514a65eb07b464196edd30a3882a423753e30dac26b5286cb3033175e8f600f6a7b5b203d9b06ad1333e2417875f1aa5f43953dc7989d7342e7b4336e20b2f033375bbd6fe228289e4a8440608123f8247b1c3a7fabb5d75f875febcc366a124ad4d43b8900afc3e4471911482d7c9dcd2afd579f0e488447d972e41c3497b2da66aa8eeeee6a89d2f1897572375677a7345380e9270d02fd4d32e06f3e53aa120563e603de19a02b3b37e2e652cd2a8152ed1a31feb9e1182731fce09b52a500991354985c108de875a9ab52508a430d3aff226709b46e00aac462161d68d1845a95cd1c56e16d7acc2fe3224b2dc9bb441e53e492146aaefb4c30141a2b6bd14b0dbc8e6b1a713ed4c40fd0323377e72f1c25f1c8ca96637a20c735a1edca585b412104945f1523c6af518bfe7e3ab8bd51540ddc10489c372a91c76e56909ce86c8e045cd0bfe7a270564a380aa762cca36e239e0a7c246b180376d71d349c847c08f80e15520172329ec3a7971ec585148e93a264c24470645ede73198736723972480db5dbfdf853c", 0x1000}, 0x1006)

09:26:42 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001800)={[{@fat=@flush='flush'}, {@fat=@errors_continue='errors=continue'}]})

09:26:42 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  244.811135] FAT-fs (loop4): bogus number of reserved sectors
[  244.840299] FAT-fs (loop4): Can't find a valid FAT filesystem
09:26:42 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x14c}, 0x137)
r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2)
r2 = memfd_create(&(0x7f0000000200)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x15<g8\xddGdF(\xeaN\xbcSoz\xe5.c\xdf\x8b\xd2m}\xc7D\x98\xd4p.e\x050,c9:\x95z\xe2\xa9\xcf\xd2\x90*\xaa\xc0W.\xcb|.F_\xf8(\xa4\x91\xc8\v\x9b>3\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00'/203, 0x0)
ftruncate(r2, 0x1000000)
sendfile(r1, r2, 0x0, 0xeefffdef)

09:26:42 executing program 3:
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0)

09:26:42 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  246.896383] device bridge_slave_1 left promiscuous mode
[  246.902424] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.939729] kauditd_printk_skb: 24 callbacks suppressed
[  246.939745] audit: type=1400 audit(1569835604.401:86): avc:  denied  { map } for  pid=8424 comm="syz-executor.1" path="/root/syz-executor.1" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  246.976250] audit: type=1400 audit(1569835604.401:87): avc:  denied  { map } for  pid=8424 comm="syz-executor.1" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14986 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
[  246.978246] device bridge_slave_0 left promiscuous mode
[  247.008376] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.096294] device hsr_slave_1 left promiscuous mode
[  250.138523] device hsr_slave_0 left promiscuous mode
[  250.199794] team0 (unregistering): Port device team_slave_1 removed
[  250.210765] team0 (unregistering): Port device team_slave_0 removed
[  250.221892] bond0 (unregistering): Releasing backup interface bond_slave_1
[  250.268376] bond0 (unregistering): Releasing backup interface bond_slave_0
[  250.338810] bond0 (unregistering): Released all slaves
[  250.450279] IPVS: ftp: loaded support on port[0] = 21
[  250.526522] chnl_net:caif_netlink_parms(): no params data found
[  250.556251] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.562711] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.570020] device bridge_slave_0 entered promiscuous mode
[  250.577131] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.583579] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.590598] device bridge_slave_1 entered promiscuous mode
[  250.611008] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  250.620405] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  250.637798] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  250.645392] team0: Port device team_slave_0 added
[  250.650991] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  250.658575] team0: Port device team_slave_1 added
[  250.663977] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  250.671303] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  250.715193] device hsr_slave_0 entered promiscuous mode
[  250.763637] device hsr_slave_1 entered promiscuous mode
[  250.833971] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  250.842364] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  250.858173] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.864722] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.871309] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.877687] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.956051] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.969850] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  250.982683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  250.996785] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.008722] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.022105] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  251.032995] 8021q: adding VLAN 0 to HW filter on device team0
[  251.050491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  251.060193] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.066593] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.093825] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  251.101459] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.107864] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.115629] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  251.124325] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  251.140947] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  251.149509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  251.158852] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  251.169530] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  251.176377] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  251.200334] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  251.222488] 8021q: adding VLAN 0 to HW filter on device batadv0
09:26:48 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
ioctl$EVIOCSMASK(r0, 0x40284504, 0x0)

09:26:48 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0)
write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576b31e5fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)

09:26:48 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0x0, 0x0, 0x0)

09:26:48 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
r0 = socket$inet(0x10, 0x0, 0xc)
sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)

09:26:48 executing program 5:
mq_unlink(&(0x7f0000000000)='/dev/vcs\x00')

09:26:48 executing program 4:
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0)
poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0)

09:26:48 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0x0, 0x0, 0x0)

[  251.359416] audit: type=1800 audit(1569835608.821:88): pid=8437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16626 res=0
09:26:48 executing program 5:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x8, 0xdf, 0x80, 0x3f, 0x0, 0xfffffffffffffffd, 0xb6f887ea7122756a, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_config_ext={0x9, 0x7}, 0x8, 0x5, 0xffff, 0x5, 0x6, 0x800, 0x7fff}, 0x0, 0x10, 0xffffffffffffffff, 0x9)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0)
fchdir(r0)
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8, 0x8000, 0x8, 0x0, 0x0, 0x0, 0x0, 0xffffffffffff1821, 0x0, 0x0, 0x7e6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100000000, 0xfe, 0x1, 0x0, 0x1, 0x7, 0x0, 0x0, 0x5311066e, 0x3, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x71cff475, 0x0, @perf_config_ext={0x7fffffff, 0xfffffffffffffffe}, 0x0, 0x40001f, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x8)
umount2(&(0x7f0000000540)='./file0\x00', 0x4)

09:26:49 executing program 4:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x50000}]})
renameat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00')

[  251.473815] audit: type=1400 audit(1569835608.931:89): avc:  denied  { create } for  pid=8442 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
09:26:49 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0x0, 0x0, 0x0)

09:26:49 executing program 3:

09:26:49 executing program 1:

09:26:49 executing program 2:

[  251.650739] audit: type=1800 audit(1569835608.991:90): pid=8437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16626 res=0
09:26:49 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:49 executing program 2:

09:26:49 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

[  251.827932] audit: type=1400 audit(1569835609.031:91): avc:  denied  { associate } for  pid=8448 comm="syz-executor.5" name="file0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
09:26:49 executing program 1:

09:26:49 executing program 3:
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00')
gettid()
tkill(0x0, 0x3c)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
r0 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x41395527)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000440)={0x0, 0x7fff, 0x6, 0xba, 0x5, [{0x3, 0x5, 0x70347e4, 0x0, 0x0, 0x100}, {0x8, 0x9, 0x0, 0x0, 0x0, 0x3000}, {0x6e, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x1004}, {0x0, 0x0, 0x8, 0x0, 0x0, 0x80}, {0x7, 0x99e}]})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip6erspan0\x00'})

09:26:49 executing program 4:

09:26:49 executing program 5:

[  251.991937] devpts: called with bogus options
09:26:49 executing program 4:

09:26:49 executing program 2:

09:26:49 executing program 1:

09:26:49 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x2c00, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:49 executing program 5:

09:26:49 executing program 2:

[  252.152918] audit: type=1804 audit(1569835609.611:92): pid=8496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir019763076/syzkaller.qGkwZD/36/file0" dev="sda1" ino=16640 res=1
09:26:49 executing program 4:

09:26:49 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:49 executing program 5:

09:26:50 executing program 3:

09:26:50 executing program 1:

09:26:50 executing program 4:

09:26:50 executing program 5:

09:26:50 executing program 2:

09:26:50 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:50 executing program 1:

09:26:50 executing program 5:

09:26:50 executing program 4:

09:26:50 executing program 3:

09:26:50 executing program 2:

09:26:50 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0xfe8a, &(0x7f0000000180)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0xfde3, 0x2c, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140]}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

09:26:50 executing program 4:

09:26:50 executing program 2:

09:26:50 executing program 5:

09:26:50 executing program 1:

09:26:50 executing program 3:

09:26:50 executing program 5:

09:26:50 executing program 4:

09:26:50 executing program 2:

09:26:50 executing program 0:

09:26:50 executing program 3:

09:26:50 executing program 1:

09:26:50 executing program 0:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x92f2, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf24cb08948dd94ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x6c102, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad3a4bf5cf5f0dfca5", 0x4c}, {0x0}, {&(0x7f0000000040)="38bead979bda2bea18ecd6b1fc4cbf74d51c5a93871a4ce813ad98c4", 0x1c}, {0x0}], 0x4, 0x2)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='trusted.overlay.origin\x00', &(0x7f0000000440)='y\x00', 0x2, 0x0)
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000280)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)

09:26:50 executing program 5:
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r3, &(0x7f0000000040), 0xe)
listen(r3, 0x0)

09:26:50 executing program 3:
r0 = socket$inet6(0xa, 0x802, 0x0)
sendmmsg$inet6(r0, &(0x7f00000040c0)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0}}], 0x1, 0x0)

09:26:50 executing program 4:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf24cb08948dd94ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x1, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x6c102, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad3a4bf5cf5f0dfca5", 0x4c}, {0x0}, {&(0x7f0000000040)="38bead979bda2bea18ecd6b1fc4cbf74d51c5a93871a4ce813ad98c4", 0x1c}, {0x0}], 0x4, 0x2)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='trusted.overlay.origin\x00', &(0x7f0000000440)='y\x00', 0x2, 0x0)
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000280)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)

09:26:50 executing program 1:

09:26:50 executing program 2:

09:26:51 executing program 1:
r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0x40a85323, &(0x7f00000000c0)={{0x80}})

09:26:51 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_ifreq(r0, 0x89f3, &(0x7f0000000800)={'ip6tnl0\x00', @ifru_data=&(0x7f00000004c0)="85828efe55ebed48d53e39fc0eae88d3ec3ae5ee04b7b769e056b120956a21f3"})

09:26:51 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x121001)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534b, &(0x7f00000000c0)={{0x80}})

09:26:51 executing program 2:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000cd0fc8)={0x0, 0x0, &(0x7f0000ca6000)={&(0x7f0000000200)=ANY=[@ANYBLOB="020d0000140000000000000000000000080012000000030000000000000000000600000000000000000020444d57000000000000000000000000000000000000ff02000000000000000000000000000105000500000000000a0000000000000000000000000000000000ffffac141400000000000000000005000600008000000a00000000000000fe80000000000000000064bec63b58698aed868531503aa40f0000000000ff0000e0c667f500000b95da806b5dadd696d4c831015719eac2e97a75aa8f0ba05fc54fba27ede57c15229e63f004d98eaeafd0836d849a13874f39db2227dcf3bf054c57b7664922dbc71219297197c6b0202279739f13c13f45018b4fcb1b8d9481fddda19eebeaf2e502ad7764d0c1ec0b07a930fe5a368acd0e937636494412209ea251320c9a87b4bf63e7d8eb35296a564ad8f33ed87489a4d82b1d79e61d5b575056bb520fc7d132e7d28a8127ab1b4b3abfc7b6436084d62dc7efc701f449bd0130e59595a6b178a6a694395262e174f0ef87646ca3ed605e6f5285b4659f32b5f4a3db73c888cf61dc4355f69dce1c9eeea4a881008799d00a798da018b40219110f5f156d6ce6340bbfc33d8a4496c5315d000000000000"], 0xa0}}, 0x0)

[  253.607509] audit: type=1400 audit(1569835611.071:93): avc:  denied  { write } for  pid=8574 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
[  253.637494] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
09:26:51 executing program 0:
getpid()
sched_setscheduler(0x0, 0x5, &(0x7f0000000380))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4cc74502f987c2cec6504df6ead74ed8a60ab563e98b4b2a3d27a7082dbb78abd55fba3da80b856445ab100621d6234555c08dc540473753cd89e9b08e3f5972fe9ca162b123e192e8c89c9dd81c796f27f537cc5a3fb54aff8eaff4f6b59c41705b96a6711d4679079d00"/137], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
lstat(&(0x7f0000000180)='./file0\x00', 0x0)
write$FUSE_ATTR(r2, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0xfff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x7}}}, 0x78)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

09:26:51 executing program 4:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
r2 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad3a4bf5cf5f0dfca5", 0x4c}], 0x1, 0x2)

09:26:51 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x1000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

09:26:51 executing program 1:
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
clone(0x3102003bfe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x4, 0x4, 0x10000000000080, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x20002}, 0x3c)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x31)
wait4(0x0, 0x0, 0x0, 0x0)

09:26:51 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0xc0046209, 0x0)

09:26:51 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000000440), 0x1000)

[  253.870210] binder: 8595:8596 ioctl c0046209 0 returned -22
09:26:51 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070")
r1 = socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r1, 0x107, 0x8, &(0x7f0000000000), 0x4)

[  253.976494] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
09:26:51 executing program 1:
r0 = socket(0x11, 0x800000003, 0x0)
bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000040)=0x40, 0x4)
bind$xdp(r2, &(0x7f0000000300)={0x2c, 0x1, r1}, 0x10)

09:26:51 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x2, 0x73)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x69)
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2)
write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0xf6)
read(r0, 0x0, 0x0)
syz_open_dev$sndpcmc(0x0, 0x7, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/autofs\x00', 0x0, 0x0)

09:26:51 executing program 3:
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video37\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x9, @sdr})

09:26:51 executing program 4:
open(0x0, 0x0, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000040)='tmpfs\x00', 0x0, 0x0)

09:26:51 executing program 3:
r0 = socket(0x11, 0x800000003, 0x0)
bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000040)=0x40, 0x4)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff})
dup3(r4, r3, 0x0)
bind$xdp(r2, &(0x7f0000000300)={0x2c, 0x1, r1, 0x0, r3}, 0x10)

[  254.239034] audit: type=1800 audit(1569835611.701:94): pid=8633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=16665 res=0
09:26:51 executing program 0:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x8001103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3f}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
dup2(r0, r0)
r1 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1}, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="afa6d9dbf025faeae83b657c24d55953e90019f4027f9e02ffd36725a2e7d4be4479500dc3db0729910f21e36bf8ae7021f36a76cf42f734f216d498fa834cfb2d0c21ad", 0x44}, {0x0}, {&(0x7f0000000040)}, {0x0}], 0x4, 0x2)

09:26:51 executing program 1:
openat$pfkey(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r1 = syz_open_dev$binder(0x0, 0x0, 0x0)
dup3(r1, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

09:26:51 executing program 2:
open(0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r0, r1, 0x0, 0x7fffffff)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
sendfile(r2, r0, 0x0, 0xffffffff)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x5000008912, &(0x7f0000001600)="11dca50d5e0bcfe47bf070")

09:26:51 executing program 5:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000180))
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001240)='/proc/self/net/pfkey\x00', 0x2000, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30}, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r4, 0x6, 0x15, &(0x7f00000000c0)=0x5, 0x4)
mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
dup(0xffffffffffffffff)
symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00')
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x0)
unlink(&(0x7f0000000040)='./file0\x00')
prctl$PR_GET_THP_DISABLE(0x2a)

09:26:51 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
ftruncate(r3, 0x2081f8)
fcntl$setstatus(r2, 0x4, 0x6100)
write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0xf642e7e)
write$cgroup_type(r1, &(0x7f00000000c0)='threaded\x00', 0x100000198)

[  254.388010] audit: type=1800 audit(1569835611.841:95): pid=8645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16652 res=0
09:26:51 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001800)={[{@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@flush='flush'}, {@fat=@errors_continue='errors=continue'}]})

09:26:52 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
creat(&(0x7f0000000040)='./file1\x00', 0x2a)
clone(0x200, 0x0, 0x0, 0x0, 0x0)
mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000200)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x109)
dup2(r0, r1)
execve(&(0x7f00000002c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0)
open$dir(&(0x7f00000000c0)='./file0\x00', 0x841, 0x0)
clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000080)='./file1\x00', 0x0, 0x0)
sched_yield()

[  254.508108] audit: type=1804 audit(1569835611.891:96): pid=8645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/49/file0" dev="sda1" ino=16652 res=1
[  254.569992] FAT-fs (loop3): bogus number of reserved sectors
[  254.593807] FAT-fs (loop3): Can't find a valid FAT filesystem
09:26:52 executing program 1:
open(0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000040)='tmpfs\x00', 0x0, 0x0)

[  254.617334] audit: type=1804 audit(1569835611.941:97): pid=8656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/49/file0" dev="sda1" ino=16652 res=1
09:26:52 executing program 3:
write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x4}], 0x18)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001)
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f00000001c0)={0x0, 0x4, &(0x7f0000000140)="f2748ba7"})
write$evdev(r0, &(0x7f0000000040)=[{}, {}], 0x52a)

[  254.733758] audit: type=1800 audit(1569835612.201:98): pid=8673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16663 res=0
[  254.802758] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
09:26:52 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0xd, 0x18, 0x4, 0x3, 0x0, r0}, 0x3c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f00000001c0), &(0x7f0000000080)}, 0x20)

09:26:52 executing program 0:
r0 = gettid()
utimensat(0xffffffffffffffff, 0x0, &(0x7f0000000100), 0x200)
sched_rr_get_interval(0x0, &(0x7f0000000140))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x40000, 0x0)
dup3(r1, 0xffffffffffffff9c, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000000c0))
pselect6(0x40, &(0x7f00000001c0)={0x5, 0xfffffffffffffffe, 0x2, 0x0, 0x3, 0x79, 0xffffffffffffb852}, &(0x7f0000000200)={0x0, 0x2, 0x0, 0x1, 0xb9, 0x0, 0x8}, &(0x7f0000000240)={0x100000000, 0x0, 0x0, 0x1, 0x0, 0x6629, 0x0, 0x1f}, 0x0, &(0x7f0000000300)={0x0})
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0)
statfs(0x0, 0x0)
tkill(r0, 0x1000000000016)

[  254.871595] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
09:26:52 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000340))

09:26:52 executing program 3:
timer_create(0x2, 0x0, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x9}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000e60000))

09:26:52 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @empty}, 0x10)
sendto$inet(r0, 0x0, 0x2f5, 0x200007fc, &(0x7f0000000000)={0x2, 0x3, @local}, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
getpid()
stat(0x0, 0x0)
pipe2$9p(0x0, 0x0)
lstat(0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
memfd_create(0x0, 0x0)
fdatasync(0xffffffffffffffff)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x3d6, 0x0)
lstat(0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0)
ioctl$RTC_PIE_OFF(0xffffffffffffffff, 0x7006)
sendto(r0, &(0x7f0000000040)='J', 0xffffffffffffff7e, 0x8841, 0x0, 0xffffffffffffff44)
shutdown(r0, 0x2)
recvfrom$inet(r0, 0x0, 0x0, 0x80040000101, 0x0, 0x2f49b2819fbc7c26)

[  255.242042] audit: type=1804 audit(1569835612.701:99): pid=8716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/49/file0" dev="sda1" ino=16652 res=1
09:26:52 executing program 0:
getpid()
sched_setscheduler(0x0, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4cc74502f987c2cec6504df6ead74ed8a60ab563e98b4b2a3d27a7082dbb78abd55fba3da80b856445ab100621d6234555c08dc540473753cd89e9b08e3f5972fe9ca162b123e192e8c89c9dd81c796f27f537cc5a3fb54aff8eaff4f6b59c41705b96a6711d4679079d00"/137], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2cff534300"])
lstat(&(0x7f0000000180)='./file0\x00', 0x0)
write$FUSE_ATTR(r2, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x7}}}, 0x78)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

[  255.288459] audit: type=1804 audit(1569835612.741:100): pid=8716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir151019631/syzkaller.Q95sTv/49/file0" dev="sda1" ino=16652 res=1
09:26:52 executing program 5:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000180))
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001240)='/proc/self/net/pfkey\x00', 0x2000, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30}, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r4, 0x6, 0x15, &(0x7f00000000c0)=0x5, 0x4)
mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
dup(0xffffffffffffffff)
symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00')
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x0)
unlink(&(0x7f0000000040)='./file0\x00')
prctl$PR_GET_THP_DISABLE(0x2a)

09:26:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:26:52 executing program 4:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socketpair$unix(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000200)='/dev/urandom\x00', 0x82042, 0x0)
dup2(r0, r4)

09:26:52 executing program 2:
r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x1}})
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f00000014c0)={0x0, 0x0, 0x6})
readv(r0, &(0x7f0000000240)=[{&(0x7f00000013c0)=""/135}, {&(0x7f0000001480)=""/25}, {&(0x7f00000003c0)=""/4096, 0x8}], 0x20000000000002ca)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

09:26:52 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x5400008912, &(0x7f0000001600)="11dca50d5e0bcfe47bf070")
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, &(0x7f0000000140), 0x8)
listen(r1, 0x0)

09:26:53 executing program 2:
r0 = gettid()
r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r1, &(0x7f0000000000)={'#! ', './file0'}, 0xb)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r1)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
setxattr$security_capability(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.capability\x00', 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)

09:26:53 executing program 1:
clone(0x3102003bfe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x4, 0x4, 0x10000000000080, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x20002}, 0x3c)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x31)
wait4(0x0, 0x0, 0x0, 0x0)

09:26:53 executing program 3:

09:26:53 executing program 4:

[  255.630551] ptrace attach of "/root/syz-executor.1"[8751] was attempted by "/root/syz-executor.1"[8754]
09:26:53 executing program 3:

09:26:53 executing program 2:

[  255.678036] ptrace attach of "/root/syz-executor.2"[8756] was attempted by "/root/syz-executor.2"[8757]
09:26:53 executing program 0:

09:26:53 executing program 5:

09:26:53 executing program 1:

09:26:53 executing program 4:

09:26:53 executing program 3:

09:26:53 executing program 2:

09:26:53 executing program 0:

09:26:53 executing program 1:

09:26:53 executing program 2:

09:26:53 executing program 4:

09:26:53 executing program 3:

09:26:53 executing program 0:

09:26:53 executing program 5:

09:26:53 executing program 1:

09:26:53 executing program 2:

09:26:53 executing program 3:

09:26:53 executing program 4:

09:26:53 executing program 0:

09:26:53 executing program 4:

09:26:53 executing program 1:
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x105082)
r1 = memfd_create(&(0x7f0000000080)='\xfaIhFlK\x99F\x17\x16\xa5>\xd3\xc0\x93\xb5.\xda\x06_bT\x1cB\xdb\xf8y1\xe7,\x03\x98h\x86(\xa0m\x87+x\x14i\x88\xcd\x89\x81\xfb\x86', 0x0)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f00000000c0)='S', 0x1}], 0x1, 0x4081003)
fallocate(r0, 0x1, 0x0, 0x100000001)

09:26:53 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x4}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000900)={0x200041}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080), 0x10, 0x0}, 0x0)

09:26:53 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
fchdir(r0)
unlink(&(0x7f0000000280)='./bus\x00')
r3 = creat(&(0x7f0000000080)='./bus\x00', 0x10088253bdf60fc3)
fsetxattr$system_posix_acl(r3, &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000600)={{}, {}, [{}, {}, {}, {}, {}, {0x2, 0x2}, {0x2, 0x4}]}, 0x5c, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x4000000000141042, 0x0)
write$P9_RXATTRCREATE(r4, &(0x7f0000001440)={0x7}, 0x7)

09:26:53 executing program 3:
syz_mount_image$gfs2(&(0x7f0000000040)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@localflocks='localflocks'}]})

09:26:53 executing program 0:

09:26:54 executing program 4:

09:26:54 executing program 0:

09:26:54 executing program 2:

[  256.589276] gfs2: not a GFS2 filesystem
09:26:54 executing program 5:

09:26:54 executing program 1:

[  256.671517] gfs2: not a GFS2 filesystem
09:26:54 executing program 0:

09:26:54 executing program 4:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080), 0x10, 0x0}, 0x0)

09:26:54 executing program 3:

09:26:54 executing program 5:

09:26:54 executing program 2:

09:26:54 executing program 1:

09:26:54 executing program 3:

09:26:54 executing program 0:

09:26:54 executing program 5:

09:26:54 executing program 2:

09:26:54 executing program 4:

09:26:54 executing program 3:

09:26:54 executing program 0:

09:26:54 executing program 1:

09:26:54 executing program 2:

09:26:54 executing program 5:

09:26:54 executing program 4:

09:26:54 executing program 3:

09:26:54 executing program 2:

09:26:54 executing program 0:

09:26:54 executing program 1:

09:26:54 executing program 5:

09:26:54 executing program 4:

09:26:54 executing program 3:

09:26:54 executing program 2:

09:26:54 executing program 1:

09:26:54 executing program 5:

09:26:54 executing program 0:

09:26:54 executing program 3:

09:26:54 executing program 2:

09:26:54 executing program 4:

09:26:55 executing program 3:

09:26:55 executing program 4:

09:26:55 executing program 0:

09:26:55 executing program 5:

09:26:55 executing program 1:

09:26:55 executing program 3:

09:26:55 executing program 2:

09:26:55 executing program 5:

09:26:55 executing program 4:

09:26:55 executing program 0:

09:26:55 executing program 3:

09:26:55 executing program 1:

09:26:55 executing program 5:

09:26:55 executing program 2:

09:26:55 executing program 4:

09:26:55 executing program 0:

09:26:55 executing program 2:

09:26:55 executing program 5:

09:26:55 executing program 3:

09:26:55 executing program 4:

09:26:55 executing program 1:

09:26:55 executing program 5:

09:26:55 executing program 4:

09:26:55 executing program 0:

09:26:55 executing program 3:

09:26:55 executing program 1:

09:26:55 executing program 2:

09:26:55 executing program 5:

09:26:55 executing program 4:

09:26:55 executing program 0:

09:26:55 executing program 2:

09:26:55 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r0, r0)
pipe(0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000080)="66b829018ec0b9800000c00f3235002000000f3066baf80cb8c8f61a8eef66bafc0ced0f787e0036400fc75a00c4e1f9e601c4018575504f0f87d485a71b64440f01c43e662666470f38804185", 0x4d}], 0x1, 0x0, 0x0, 0xfffffffffffffe96)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_misc(r4, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xffe8)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

09:26:55 executing program 5:
gettid()
getsockopt$netlink(0xffffffffffffff9c, 0x10e, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, 0x0)
r1 = dup(r0)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
write$P9_RWSTAT(r1, 0x0, 0x0)

09:26:55 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newqdisc={0x444, 0x24, 0x507, 0x0, 0x0, {0x0, r2, {0x0, 0xe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbq={{0x8, 0x1, 'cbq\x00'}, {0x418, 0x2, [@TCA_CBQ_RTAB={0x404}, @TCA_CBQ_RATE={0x10, 0x5, {0x6, 0x0, 0x0, 0x0, 0x0, 0x5}}]}}]}, 0x444}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newqdisc={0x444, 0x24, 0x507, 0x0, 0x0, {0x0, r2, {}, {0x9, 0xe}}, [@qdisc_kind_options=@q_cbq={{0x8, 0x1, 'cbq\x00'}, {0x418, 0x2, [@TCA_CBQ_RTAB={0x404}, @TCA_CBQ_RATE={0x10, 0x5, {0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffe01}}]}}]}, 0x444}}, 0x0)

09:26:55 executing program 4:
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getpeername$netrom(r0, 0x0, &(0x7f0000000200))

09:26:56 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2400000011000705cff4537a98090a0000000000", @ANYRES32=r3, @ANYBLOB="000000000000000010000000"], 0xd4}}, 0x0)

[  258.588417] ==================================================================
[  258.596250] BUG: KASAN: null-ptr-deref in kvm_write_guest_virt_system+0x64/0x90
[  258.603721] Write of size 24 at addr 0000000000000000 by task syz-executor.3/8950
[  258.611348] 
[  258.612994] CPU: 1 PID: 8950 Comm: syz-executor.3 Not tainted 4.19.75 #0
[  258.619840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  258.629196] Call Trace:
[  258.629281]  dump_stack+0x172/0x1f0
[  258.635456]  ? kvm_write_guest_virt_system+0x64/0x90
[  258.635527]  kasan_report.cold+0x199/0x2ba
[  258.635547]  check_memory_region+0x123/0x190
[  258.635562]  memset+0x24/0x40
[  258.635578]  kvm_write_guest_virt_system+0x64/0x90
[  258.635630]  handle_vmread+0x7fe/0xa10
[  258.635647]  ? handle_invpcid+0xa80/0xa80
[  258.652558]  ? __lock_is_held+0xb6/0x140
[  258.652574]  ? __lock_is_held+0xb6/0x140
[  258.652594]  ? handle_invpcid+0xa80/0xa80
[  258.652609]  vmx_handle_exit+0x276/0x16b0
[  258.652620]  ? lock_acquire+0x16f/0x3f0
[  258.652651]  ? vcpu_enter_guest+0xf15/0x5ed0
[  258.665765]  vcpu_enter_guest+0x10ca/0x5ed0
[  258.665829]  ? kvm_vcpu_ioctl+0x181/0xf90
[  258.665848]  ? emulator_read_emulated+0x50/0x50
[  258.665865]  ? lock_acquire+0x16f/0x3f0
[  258.665882]  ? kvm_check_async_pf_completion+0x2d8/0x440
[  258.690736]  kvm_arch_vcpu_ioctl_run+0x457/0x16b0
[  258.690756]  ? kvm_arch_vcpu_ioctl_run+0x457/0x16b0
[  258.699224]  kvm_vcpu_ioctl+0x4dc/0xf90
[  258.707838]  ? kvm_vcpu_block+0xcc0/0xcc0
[  258.718096]  ? mark_held_locks+0x100/0x100
[  258.718192]  ? __might_fault+0x12b/0x1e0
[  258.727146]  ? __fget+0x340/0x540
[  258.735433]  ? find_held_lock+0x35/0x130
[  258.735448]  ? __fget+0x340/0x540
[  258.735466]  ? kvm_vcpu_block+0xcc0/0xcc0
[  258.735484]  do_vfs_ioctl+0xd5f/0x1380
[  258.735530]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  258.735616]  ? selinux_file_ioctl+0x125/0x5e0
[  258.747087]  ? ioctl_preallocate+0x210/0x210
[  258.747104]  ? selinux_file_mprotect+0x620/0x620
[  258.747125]  ? iterate_fd+0x360/0x360
[  258.754754]  ? nsecs_to_jiffies+0x30/0x30
[  258.754783]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  258.754796]  ? security_file_ioctl+0x8d/0xc0
[  258.754814]  ksys_ioctl+0xab/0xd0
[  258.754829]  __x64_sys_ioctl+0x73/0xb0
[  258.754869]  do_syscall_64+0xfd/0x620
[  258.754897]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  258.754909] RIP: 0033:0x459a29
[  258.754924] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
09:26:56 executing program 1:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x8000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000001080)=""/192)

09:26:56 executing program 4:
getuid()
openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x0)
r0 = gettid()
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000))
sendmsg(0xffffffffffffffff, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$VT_GETSTATE(r1, 0x5603, 0x0)
tkill(r0, 0x1000000000016)

09:26:56 executing program 5:
write(0xffffffffffffffff, &(0x7f0000000000)="0f42", 0xfffffeab)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xf000, 0x1000, &(0x7f0000001000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f00000002c0)={{}, {0x0, 0x0, 0x0, 0x5, 0x64a, 0x0, 0x7f}})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

09:26:56 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x7)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  258.754931] RSP: 002b:00007ff6adbd9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  258.754943] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29
[  258.754949] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  258.754955] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  258.754962] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6adbda6d4
[  258.754968] R13: 00000000004c2ddb R14: 00000000004d6618 R15: 00000000ffffffff
[  258.754990] ==================================================================
[  258.767512] kobject: 'tx-0' (00000000e5e2c9f7): kobject_uevent_env
[  258.768887] Disabling lock debugging due to kernel taint
[  258.867112] Kernel panic - not syncing: panic_on_warn set ...
[  258.867112] 
[  258.873363] kobject: 'loop5' (000000008ad09e54): kobject_uevent_env
[  258.879316] CPU: 1 PID: 8950 Comm: syz-executor.3 Tainted: G    B             4.19.75 #0
[  258.892019] kobject: 'kvm' (0000000000a0621a): kobject_uevent_env
[  258.892957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  258.899012] kobject: 'loop5' (000000008ad09e54): fill_kobj_path: path = '/devices/virtual/block/loop5'
[  258.905744] Call Trace:
[  258.905771]  dump_stack+0x172/0x1f0
[  258.905790]  ? kvm_write_guest_virt_system+0x64/0x90
[  258.905872]  panic+0x263/0x507
[  258.905887]  ? __warn_printk+0xf3/0xf3
[  258.912341] kobject: 'kvm' (0000000000a0621a): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[  258.920506]  ? kvm_write_guest_virt_system+0x64/0x90
[  258.920523]  ? preempt_schedule+0x4b/0x60
[  258.920537]  ? ___preempt_schedule+0x16/0x18
[  258.920617]  ? trace_hardirqs_on+0x5e/0x220
[  258.920637]  ? kvm_write_guest_virt_system+0x64/0x90
[  258.927508] kobject: 'loop4' (00000000bfa3bc46): kobject_uevent_env
[  258.936226]  kasan_end_report+0x47/0x4f
[  258.936241]  kasan_report.cold+0xa9/0x2ba
[  258.936256]  check_memory_region+0x123/0x190
[  258.936267]  memset+0x24/0x40
[  258.936286]  kvm_write_guest_virt_system+0x64/0x90
[  258.946381] kobject: 'loop4' (00000000bfa3bc46): fill_kobj_path: path = '/devices/virtual/block/loop4'
[  258.948412]  handle_vmread+0x7fe/0xa10
[  258.973910] *** Guest State ***
[  258.978516]  ? handle_invpcid+0xa80/0xa80
[  258.982650] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7
[  258.987034]  ? __lock_is_held+0xb6/0x140
[  258.987048]  ? __lock_is_held+0xb6/0x140
[  258.987064]  ? handle_invpcid+0xa80/0xa80
[  258.987078]  vmx_handle_exit+0x276/0x16b0
[  258.987089]  ? lock_acquire+0x16f/0x3f0
[  258.987100]  ? vcpu_enter_guest+0xf15/0x5ed0
[  258.987117]  vcpu_enter_guest+0x10ca/0x5ed0
[  258.991562] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  258.996516]  ? kvm_vcpu_ioctl+0x181/0xf90
[  258.996530]  ? emulator_read_emulated+0x50/0x50
[  258.996542]  ? lock_acquire+0x16f/0x3f0
[  258.996556]  ? kvm_check_async_pf_completion+0x2d8/0x440
[  258.996571]  kvm_arch_vcpu_ioctl_run+0x457/0x16b0
[  258.996580]  ? kvm_arch_vcpu_ioctl_run+0x457/0x16b0
[  258.996593]  kvm_vcpu_ioctl+0x4dc/0xf90
[  258.996605]  ? kvm_vcpu_block+0xcc0/0xcc0
[  258.996616]  ? mark_held_locks+0x100/0x100
[  258.996632]  ? __might_fault+0x12b/0x1e0
[  258.996644]  ? __fget+0x340/0x540
[  258.996658]  ? find_held_lock+0x35/0x130
[  258.996668]  ? __fget+0x340/0x540
[  258.996681]  ? kvm_vcpu_block+0xcc0/0xcc0
[  258.996700]  do_vfs_ioctl+0xd5f/0x1380
[  259.003796] CR3 = 0x0000000000000000
[  259.007057]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  259.011172] RSP = 0x00000000000000bf  RIP = 0x00000000000000c2
[  259.015560]  ? selinux_file_ioctl+0x125/0x5e0
[  259.015575]  ? ioctl_preallocate+0x210/0x210
[  259.015587]  ? selinux_file_mprotect+0x620/0x620
[  259.015604]  ? iterate_fd+0x360/0x360
[  259.021549] RFLAGS=0x00010006         DR7 = 0x0000000000000400
[  259.023603]  ? nsecs_to_jiffies+0x30/0x30
[  259.023622]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  259.023635]  ? security_file_ioctl+0x8d/0xc0
[  259.023649]  ksys_ioctl+0xab/0xd0
[  259.023665]  __x64_sys_ioctl+0x73/0xb0
[  259.033242] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  259.036967]  do_syscall_64+0xfd/0x620
[  259.036987]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  259.040344] kobject: 'tx-0' (00000000e5e2c9f7): fill_kobj_path: path = '/devices/virtual/net/veth2/queues/tx-0'
[  259.044366] RIP: 0033:0x459a29
[  259.044381] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  259.044387] RSP: 002b:00007ff6adbd9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.044403] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29
[  259.053427] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[  259.057259] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  259.057267] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  259.057273] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6adbda6d4
[  259.057284] R13: 00000000004c2ddb R14: 00000000004d6618 R15: 00000000ffffffff
[  259.061374] DS:   sel=0x0000, attr=0x04005, limit=0x00000000, base=0x0000000000000000
[  259.066947] Kernel Offset: disabled
[  259.326875] Rebooting in 86400 seconds..