[ 56.867244] audit: type=1800 audit(1540006802.916:25): pid=5979 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 56.886397] audit: type=1800 audit(1540006802.916:26): pid=5979 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 56.905995] audit: type=1800 audit(1540006802.936:27): pid=5979 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 56.925635] audit: type=1800 audit(1540006802.956:28): pid=5979 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.21' (ECDSA) to the list of known hosts. 2018/10/20 03:40:16 fuzzer started 2018/10/20 03:40:21 dialing manager at 10.128.0.26:43193 2018/10/20 03:40:21 syscalls: 1 2018/10/20 03:40:21 code coverage: enabled 2018/10/20 03:40:21 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/20 03:40:21 setuid sandbox: enabled 2018/10/20 03:40:21 namespace sandbox: enabled 2018/10/20 03:40:21 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/20 03:40:21 fault injection: enabled 2018/10/20 03:40:21 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/20 03:40:21 net packed injection: enabled 2018/10/20 03:40:21 net device setup: enabled 03:42:55 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000200)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000140), 0x1c) ioctl$int_in(r0, 0x5421, &(0x7f0000000380)=0x801) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='pagemap\x00') sendfile(r0, r1, &(0x7f0000000000), 0x10000) syzkaller login: [ 230.010596] IPVS: ftp: loaded support on port[0] = 21 [ 232.501508] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.508105] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.516653] device bridge_slave_0 entered promiscuous mode [ 232.665629] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.672181] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.680581] device bridge_slave_1 entered promiscuous mode [ 232.825793] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 232.972710] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 03:42:59 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) readv(r0, &(0x7f00000002c0), 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x4000, 0x0) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) pread64(0xffffffffffffffff, &(0x7f0000000500)=""/207, 0xffffffffffffff74, 0x0) ioctl$BLKFLSBUF(0xffffffffffffffff, 0x1261, &(0x7f00000003c0)=0x100000000) memfd_create(&(0x7f0000000040)='/dev/zero\x00', 0x0) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)) flock(0xffffffffffffffff, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000600)) lsetxattr$security_selinux(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)='security.selinux\x00', &(0x7f00000008c0)='system_u:object_r:devicekit_var_lib_t:s0\x00', 0x29, 0x3) fchmod(r1, 0x0) mount(&(0x7f00000001c0)=ANY=[], &(0x7f00000000c0)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f0000000140)) chdir(&(0x7f0000000180)='./file0\x00') r2 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r2, &(0x7f0000001440)={0x8, "c0c814a55b6300d28afc61ac7dd1ffb869b761e8e53ee36e4be89e9fea175523e4468dec44bf8b5473c7a5062b4ede67dcb24cb9484ccfff2b3a70befc56e8ab2eee3483f5bf78c16beac035b700eb84e2216f268d02b717d2046c273814475b412437f7dc08a13a55d3c02132999dfd9fe80b750eff4d7c1da975b3835602728ae09e72527fcee19377e29c6c19e1ccce0f75e0e54001e3e83e473fa3d37eca8be1b3de565571e0e84f310c11fa8616068113b038aaa5c69967699fc2aa41c6f26fc22cf68e3577242c9b4ca20fab9de5885e0648fbd7af089b05f38f152d2f8144461608733c567b6dc5d2a07022c3764565c85abcfd99dd7a85e58939278235d50e8b321be7dbaa5141e097c28364fad2f713d666ca94f4e429687fcabb72aceeaf8abe5b506d98dc393b6e97492d785ead0ca2953f92c4d2b2c9f616e3d98b36be55a923fc5892413f7a3b615cec89b52e0ecdcee0aa5af72bcbb91b4bade7435dd8b529feaf13f8b48fcaca5952235d2e909f8831d8ca05a0daa3f6c581f388e0c1879b41fe63ef3d122bd0c5acd4fb07b96797918791075ae7383bb1bbdea574b31301ff37ecc45671ee2e7fc55bf6244025d1fd82dca56a42a23aa826a0b1e102bd87893ddc05649304eb1866c796e46e0d57f552bd572891ef892918bb2e7f2c6bcf68f388ea0c50f48c06de1b46b1434cdf25ca1288ebabe2a33d1c6effb77f91ef75471e93952caeda8ac2b2677e46d62b8366922d093832bccb949e177b4417864812d22972d81d89158288b5318d017329d4e8f66273abf74c434f318ebf32c7629342a85336387231b1e579d57cff0b125bef9dddf0fc33f71cb59d5a8972cda06ba6bba4a89cb8d3b465492c431698984998b2979ea61fed3d99b049724f2bdda5a0700ccb28825da1343f41290e569a6d38d4ae3968147cf39b097efd78e058fc71523c12e724bf93dc4ecc02b5cb18d13b59ec8f85368ac1ea93ed0149c60c53569dc69cdb3f37470eab26ef010b03a7e651b9e8e9065da347660836eddb3988c9a0f394aad055f727310f646d6cb35131d02aaf24735792bfce250798bebf0d1a4495fca568b9449e81afef2937b50faf873257d7efa07d31759474d50ca2a7922e79ab47dd59b11dfd1ec43fef3551aed81d01ee4ab997c6cecc39013dcaa442aec803e4cebbc288b4f9e87b30613f0ec88ddc6f60f56787f4040897e6e6bdac317d74b27f97f2efadb031f03c61954fd0232373582b7fa315d3eb9f67053126d2ed0636f04d669c47bdeb078fbda177533902e20b5ce9d8f395ea4c0aaf2cae774fe99bc40105a9ca184bcb598ab2f49c1df62d32d1a6d73a26812cb47a2ccaf0e9b759df89ad1e18238d897b9fd658f6786a92a0c12bd0ee6dad8a430a67962363e5b9afb3329e4f1f6fcd7e63cb8f24872bcf5b8c349d9ce423666ca39f16884219dea338b388e40f4ad996419cb3858637364d8e5af67f846d77b2749115131a3642ef56681315e4a2cbca5e60febabf693570f515e09c2a8994a8e2be3cba28118ef429d4de781118182607dd2c2d5aaba621ea29c140338bd8f1787fd2a3f43bb7fa22a8ce053adb331a4c78eab569af317e14360a6bf1c8b7394f34bfc1a941ac88dab334d5a2d45fc83bee28884698fd82339c972a06efb369220049ca89727513bd4262ad6f94f55f659ec98b684b1d92e1b6a303548a196cc5316e9845baaf01e737ef047d3d1ac4fe13de618e8fd6471c225e688b73b866213f4765c1a1ecf041f66a11177b0425b0423c455dccfa35a34f3b1c4c9850267bd41dcc366f4f8fef6982699e9aee7f3edff90217c84f6865234676e65911e5e99739792161766e959d061d6e86797b595ae3cffc043da0929dce1b4bd27e04532800f14f69398a681d46f00197f547fa138e676a4c84e586e9a2037faad7d7342221c229ff13606688ab70305dc28d01270604fbcb2b5777541e637a10e7d6c2dfa76461b18c8b303234282f31b7ed8afd0cdcc3978c6520a182000ea312296c7d9df08c2a67b944bc519113822014a831c8d6a7f8d26a7a443666b6077bdc1c11cf47001bcbb484d163543445c77a02140191bbb813da818b4dc3ef1ca420f624e5cb67c48024aeb8691b549202750899938067a3ad49da19e9fffc6486b3525fba8b2ff991fb3b4c1a536818f2dad96f713ac264a22136c6a3a9eacb4f69ab08cfe2b971a7d916833c6a0370d4b0bc428db2e4b4013899668b73caf9c983e2f07e46b4b5b4f0d231edee8b1951e1d0e34c881d1fc5c6be05b92b13680398e7109bd18048f0bd980fceb24e59411873e7a8a7f95f4da2ba5c082fdda710361e163a213a3dbb82c08a69020545da4636c09a67cd962182a011cf5eb1c3d999abc7b834ee518bb53afe19941927ca190699abf79c334c52e206fc851deb7398947ad5bd125ef3f51349497142e921c85506c739f6319ae0eb8e3c551ceb7e16afc2d6aad36841ed8eb560ef984ee5e00f1ead2c646546b3c145e3700b07fc257551641cf3dcb76a8b3cc75994f2c3eb521cea22d64c8b72b2de506fde8185b70b4707b7f571668a5925ca21e605904d7c896a5d7290b9c4fc75ecc7ddbbd7f6f003a74f53d1a5432e0377a3efce1e7ac61e36dc13aeea57400d4d3986db3fccb6edaf83f86daeb42f416f58c502e74178e013b399d0b155e0df86b40b5f3f2ab0ad61c90870cee340c07977b55622699101e5372677dd4e208fa6b5d4834a2d6f37b2ead107218aa0e702d1f6a60bd4ad3a2e22807237129fdc02993ef1fffe3c285bd4f7b093b2da8d772ce2df7874bf9b7fd0893eb66a4931acc38129bfe4a8fc6b28ea83bcca1220b66c86d4d90914bb9e9a425fce618f11b66f93aa78515eac0f3956cb1e8b6f12d7f6f22c1ca5563e280b15c64732aec2a37d6010cee0fd2263ea3ea2011043153284b4a5fc87cc0dd8c36f084ce715a6e9ba3e8b2586726255d122f2b5677d6590405ae031df8f83840ef3011a7f5d18037407758270d980aa65d5a4aa26a35a61b65178b6183b282771e89a8fe47bd3ea5a23146b924a47c3cc2540a9c8d91d4a8924e010fb6d3e60457e0aa86749cc3444707fda055a0f489aecda68af7f0d7d31cf25641a10bcc0d00996cddf9059121639fa3ff2e5490bae6b702fcf226d8e50f27f0973e5e4cf543445524d0fe3bd55d3f215978bfabcba0d44c076f5b333b2095c70f6a5426338bf0c065ddce27f6730606d84d1ccef8cebcd15085fa8a5d0975dc47eeb09a4ab6da21d01916c97f4e266c4b01f2bfb3b6a08bb5a7cf834e56782d824e7c55b591cd883ed9e806a4f7033bbab49a2b8ab2cb0f6da9d76968208236b35a51f8eba3769a676ad60d69c475706a630f3a078ebaa6ba5bc25719867cb61d48cc3a381b261165c04f3c93f37d72fc15f43df1de34e24e80a46f5d15fb362e71cb4a5365dde04a53dc5e42745fbd601ff148db416244dd76ac16f24138ef9a02491eb5b48d731a8bdcd46040d0ff11a07c040b83db84bfd21ffb1d818203cb7d3f8fca47f1dc510afa8219ab031aaba2147aed7c50228930e895a72abf55ca6997131e231ea92e0059b680735548adf2d572c3540e096a644deb3750e3b341bbeffee70ff22e0b4e56142e4c1965c01a646dd9b5b0055f88f08987ad45adb844b9ffc84792073048c28bcb60f2666802052ee45dcd9a2950d55ecf0234a3dcf67e83cfa0bfb1285eb54e6292d8075c9e1b459e48556f416898557c9c864fc5de459feb53e33dd1a6860a2d1a836ab5ff6efaee123b3715a7137787ee4345efbce38074e262f363a8ff400345c8539d44a7286c7291246810bce063f0877db6585842380b530a4aaef6e36779a95fed220cef6c1fff2fdd5031f83987dc3282d432f322852cc9dc6d00c59d5ed83b386ff97c521e528e59f2df932467ac02d17f8818c2de26d69725f42cecaf186fab7b6e10b1ebd9a9a12ed83cd382d9a6f9a9bed2736cb0ec0260057f5ec704d2e1a64caad59e02ff2022174b23564cb0942e6769b12e0ae4d65dc4c5e6b6ceaf2667e085909c93a9768b7bfdac612801c0bc3848bad51e2367f788cbd1c5091ce0e9c567528c72003712e91247d87f1ff60d3865fc687a35886822079392f8d151b89e09469bef98e59139c460a53805a93245148cbb9a6a010dadc87e9b1a0e0a89e87e433ff1c0ad4b125760858c8badff4d82cbd31cf88f3e2e16a4e960e1e0b5825fc0f2b21d660cf60069d43fb6a8a96c44fa922164f02c9cd5ebb6fad848871224d157777b5a70dc6deb988506bd03aa4ce2200e9ce23641221784250c22d2c8635a3512f45d433cf66e158eb261f48a23d54f5ef4358df3487da471eb5775bdba565ee170be126b2300d0dad050212606f2d77a63fa2ab430e62670e852b89944e611509415bee36bf0961c8918bd8b0eb8af45b1a9d0420c7101a9c5f4a63efb9cc8de7897b5e2b02cb5885ad8d0d8ac7754ba8d4e9d37175e614e3f3a6a7b122bbc6dd9ce78f1b9a4e940a1160bb85650d8932fe1a82d0525630ba017be5129625a45c3cae66c7cdaa33ee704791db81ef2e11a2f528974fa388cd929c934dbdb21425e6117839ab33b2926b036457db3a43083c3ec17231aed4ee5b607a45a5735c9470c03a424b43efcea953c078717344aeb1449c0dfa3a3ec224b542c16cf735466bdaf26b522aef1db547b14f07ebd4f5da34426a46007757be47ed3f643c47f2c4467762cd049d6f4cf8a78d04f8318bdedcee80871e91c0330499d88254555c456d9bde8a892394267eac15c230cf7e7ba19ebc01b1905c80476de3cea8258f6d0820d159f4aa8a37fb378b2685da4e0e89d253187219869f1157bbe4a8a43eabf65e86a6d9b21e25d91c43c3036914427833ed87073886719069148e2e47219bb5da5d9664d64dc5c4ff71c0e808dadbb53a23e41e3c02fd0c9e0704490f3283d1864d15d795882e6522f31445556cab6832f273dac0c7aef4e3f8c09a34d1624fdb087d852f2e827fb2c3105f1afda54b9dc12cfde3cf7747daa5ac70904e82636a13155303f9a1198d6e7f9dc7be394ebc5db9e8380e290e6cae5f320caa56aa94490789fce2e2540b3de8865396f58e14d61d3cb122f7bd1af5a27c6fe733eba3cc39106efc906ea967fb833e2480aa80bd56ccd9e5c25304e2b8135f1453af70059e599cb67bc8eaaa38c39768e74d3da8aba0135f0192d7ddf0149ce62f353b0360251f1f88b272c6e85b4ee4e0563a6de80de83749af6e6aa4d80cab7031aff3f7e8d0c9114940549f828a62be9fd6a16db001369728b4b93d4ecf91563ae03def3ca4e9900a97657c4ff1e41c5742fb3329ba882ed61645aedb22f2543b83cd4007e5d228697a48064acc32ece41f2d5ead3f31a9689249e8b4bb57ac0b136b6c60ec531708235b94db823344aafbb9b79e21959635664b2193c3add0b28767906b7ba4118e6548e9a23b49e9181dc6f7dc7857425c9ab1b1451bc4572fd060190d0b5a76b8368b68e72a212bd0f89d0778d293b1d32f155f30c9aafe7215d2e746ea8f2c73a30bcd8c093a489519b60616b15afe69074ee77fb65caf5faf0aad49106057a91fdcd622a07ac21eb5c221f2e65323228af41b3eb894517c34c4f60ba20fb6f6c4309a7357884c0eeeb0a4874550107f2d0ffdc412f86bdf712f96183b3932cfb4da3f179cde1a288df9af09c243fae8c67b0d208d9cdb7adde8d5e548e0624b19da4818ef656b88280a", 0x1000}, 0xfffffc41) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fadvise64(r2, 0x0, 0x0, 0x4) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(&(0x7f0000000180)=@filename='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000280)='cpuset\x00', 0x0, &(0x7f0000000300)='\x00') [ 233.530599] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 233.680512] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 234.027932] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 234.035087] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 234.279618] IPVS: ftp: loaded support on port[0] = 21 [ 234.688966] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 234.697022] team0: Port device team_slave_0 added [ 234.931474] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 234.939708] team0: Port device team_slave_1 added [ 235.139820] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 235.147104] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 235.156145] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 235.372741] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 235.379783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 235.388872] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 235.643728] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 235.651247] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 235.660281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 235.942692] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 235.950321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 235.959963] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 237.754466] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.760944] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.769525] device bridge_slave_0 entered promiscuous mode [ 238.049162] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.055810] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.064542] device bridge_slave_1 entered promiscuous mode [ 238.286651] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 238.470761] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 238.559659] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.566224] bridge0: port 2(bridge_slave_1) entered forwarding state [ 238.573340] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.579800] bridge0: port 1(bridge_slave_0) entered forwarding state [ 238.588405] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 238.952150] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 239.109787] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 239.379445] bond0: Enslaving bond_slave_1 as an active interface with an up link 03:43:05 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x44, 0x2e, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, @bridge_slave={{0x14, 0x1, 'bridge_slave\x00'}, {0xc, 0x5, [@IFLA_BRPORT_GUARD={0x8}]}}}]}, 0x44}}, 0x0) [ 239.665180] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 239.672525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 240.009814] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 240.017019] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 240.580042] IPVS: ftp: loaded support on port[0] = 21 [ 240.959306] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 240.967564] team0: Port device team_slave_0 added [ 241.295999] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 241.304278] team0: Port device team_slave_1 added [ 241.646679] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 241.653777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 241.662709] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 241.853916] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 241.860975] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 241.869897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 242.077018] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 242.084622] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 242.093739] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 242.432203] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 242.439763] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 242.448723] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 245.419966] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.426549] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.435183] device bridge_slave_0 entered promiscuous mode [ 245.635901] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.642489] bridge0: port 2(bridge_slave_1) entered forwarding state [ 245.649470] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.656053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.665163] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 245.748107] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.754822] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.763416] device bridge_slave_1 entered promiscuous mode [ 245.944252] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 246.121928] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 246.430815] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 247.288181] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 247.647802] bond0: Enslaving bond_slave_1 as an active interface with an up link 03:43:13 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000480)="6e730023f782c3746d20ae7c2d6268740b044ce2e5c93884d92dbb9385af4d724e9958cca6be96ecfb9aa8c7a5d5490d36a89796e727f5a3572111ed5e46ea1d04fded25c495b991841f8a33916bdfcad73e9087344cc491a2634442d3ae209d43d1fca5a763529c04a5e82a07812a18bd96599551848e567af2b3f403ede1563b9b8b2450e59fc3a66e6d72db357866000000") exit(0x0) fstat(r0, &(0x7f0000000080)) [ 248.078971] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 248.086272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 248.387764] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 248.396674] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 248.949087] IPVS: ftp: loaded support on port[0] = 21 [ 249.502963] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 249.511027] team0: Port device team_slave_0 added [ 249.855179] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 249.863282] team0: Port device team_slave_1 added [ 250.223716] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 250.230755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 250.239639] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 250.524077] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 250.531138] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 250.539871] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 250.966738] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 250.974537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 250.983605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 251.343908] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 251.351606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 251.360592] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 251.499491] 8021q: adding VLAN 0 to HW filter on device bond0 [ 252.866930] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 254.267718] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 254.274327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 254.282644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 255.541843] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.548829] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.557553] device bridge_slave_0 entered promiscuous mode [ 255.653054] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.659568] bridge0: port 2(bridge_slave_1) entered forwarding state [ 255.666639] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.673259] bridge0: port 1(bridge_slave_0) entered forwarding state [ 255.682179] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 255.700932] 8021q: adding VLAN 0 to HW filter on device team0 [ 255.971018] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.977778] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.986341] device bridge_slave_1 entered promiscuous mode [ 256.357557] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 256.502966] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 256.700704] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 257.854223] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 258.161132] bond0: Enslaving bond_slave_1 as an active interface with an up link 03:43:24 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r1) mkdir(&(0x7f000000dff6)='./control\x00', 0x0) [ 258.633076] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 258.640134] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 259.035384] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 259.042587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 259.699624] IPVS: ftp: loaded support on port[0] = 21 [ 260.316001] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 260.324320] team0: Port device team_slave_0 added [ 260.730073] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.741160] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 260.749351] team0: Port device team_slave_1 added [ 261.202720] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 261.209747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 261.218713] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 261.626595] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 261.633911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 261.642644] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 261.996473] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 262.004130] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 262.012975] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 262.466501] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 262.480932] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 262.488796] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 262.497853] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 264.051366] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 264.057853] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 264.066175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 265.683690] 8021q: adding VLAN 0 to HW filter on device team0 03:43:32 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000240)="c4c37d08c90366ba4300b022eec74424009cf9fb9cc744240206000000c7442406000000000f011c24640f01c9b8010000000f01c1e7e7c4c178288102000000c7442400c3000000c744240200000000c7442406000000000f011424c4c1381220c4c16d668f0f9f0000", 0x6a}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000001e00fb034d564b0000000001"]) ioctl$KVM_GET_MSRS(r3, 0x4004ae99, &(0x7f00000000c0)) [ 266.396316] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 03:43:33 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400000) write$nbd(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="67446618000000000400020002000000cd6d7eda71d33f7d400e1d990a5a1bf05ec0539d994b77d33403f4e70400000000000000b9b58a385242cd834eed4dc71e3b710a5f6698457fc849d67dc2c11d901a7692c1bb2ae464dbc56c7ffe97aa98ae534f82fd3a677141e7"], 0x1) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000180)={&(0x7f0000000080)=[0x0, 0x4, 0xc189, 0x0, 0x154, 0x4], 0x6, 0x101, 0x7, 0x3, 0x7fffffff, 0x1, {0xdd, 0x0, 0x7fffffff, 0x7, 0x8000, 0x7, 0x4, 0x7ff, 0xe6, 0xa9b, 0xa22, 0x3, 0x8000, 0x8001, "7ef930ae4c1408660b14e6cc82811318d47dd42a840e59a92ff38aee28201309"}}) [ 267.099284] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.106004] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.114951] device bridge_slave_0 entered promiscuous mode 03:43:33 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400000) write$nbd(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="67446618000000000400020002000000cd6d7eda71d33f7d400e1d990a5a1bf05ec0539d994b77d33403f4e70400000000000000b9b58a385242cd834eed4dc71e3b710a5f6698457fc849d67dc2c11d901a7692c1bb2ae464dbc56c7ffe97aa98ae534f82fd3a677141e7"], 0x1) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000180)={&(0x7f0000000080)=[0x0, 0x4, 0xc189, 0x0, 0x154, 0x4], 0x6, 0x101, 0x7, 0x3, 0x7fffffff, 0x1, {0xdd, 0x0, 0x7fffffff, 0x7, 0x8000, 0x7, 0x4, 0x7ff, 0xe6, 0xa9b, 0xa22, 0x3, 0x8000, 0x8001, "7ef930ae4c1408660b14e6cc82811318d47dd42a840e59a92ff38aee28201309"}}) [ 267.606836] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.613357] bridge0: port 2(bridge_slave_1) entered forwarding state [ 267.620251] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.626845] bridge0: port 1(bridge_slave_0) entered forwarding state [ 267.635351] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 267.648284] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.654832] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.663338] device bridge_slave_1 entered promiscuous mode 03:43:33 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400000) write$nbd(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="67446618000000000400020002000000cd6d7eda71d33f7d400e1d990a5a1bf05ec0539d994b77d33403f4e70400000000000000b9b58a385242cd834eed4dc71e3b710a5f6698457fc849d67dc2c11d901a7692c1bb2ae464dbc56c7ffe97aa98ae534f82fd3a677141e7"], 0x1) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000180)={&(0x7f0000000080)=[0x0, 0x4, 0xc189, 0x0, 0x154, 0x4], 0x6, 0x101, 0x7, 0x3, 0x7fffffff, 0x1, {0xdd, 0x0, 0x7fffffff, 0x7, 0x8000, 0x7, 0x4, 0x7ff, 0xe6, 0xa9b, 0xa22, 0x3, 0x8000, 0x8001, "7ef930ae4c1408660b14e6cc82811318d47dd42a840e59a92ff38aee28201309"}}) [ 268.083168] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 03:43:34 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400000) write$nbd(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="67446618000000000400020002000000cd6d7eda71d33f7d400e1d990a5a1bf05ec0539d994b77d33403f4e70400000000000000b9b58a385242cd834eed4dc71e3b710a5f6698457fc849d67dc2c11d901a7692c1bb2ae464dbc56c7ffe97aa98ae534f82fd3a677141e7"], 0x1) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000180)={&(0x7f0000000080)=[0x0, 0x4, 0xc189, 0x0, 0x154, 0x4], 0x6, 0x101, 0x7, 0x3, 0x7fffffff, 0x1, {0xdd, 0x0, 0x7fffffff, 0x7, 0x8000, 0x7, 0x4, 0x7ff, 0xe6, 0xa9b, 0xa22, 0x3, 0x8000, 0x8001, "7ef930ae4c1408660b14e6cc82811318d47dd42a840e59a92ff38aee28201309"}}) [ 268.164119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 268.440755] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 03:43:34 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400000) write$nbd(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="67446618000000000400020002000000cd6d7eda71d33f7d400e1d990a5a1bf05ec0539d994b77d33403f4e70400000000000000b9b58a385242cd834eed4dc71e3b710a5f6698457fc849d67dc2c11d901a7692c1bb2ae464dbc56c7ffe97aa98ae534f82fd3a677141e7"], 0x1) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) 03:43:35 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400000) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) 03:43:35 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) [ 269.828355] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 270.127539] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 270.372617] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 270.379813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 270.653048] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 270.660155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 271.572173] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 271.580279] team0: Port device team_slave_0 added [ 271.911976] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 271.920029] team0: Port device team_slave_1 added [ 272.140242] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 272.147468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 272.156436] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 272.460033] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 272.467221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 272.476114] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 272.683814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.830539] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 272.838300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 272.847514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 273.098617] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 273.106282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 273.115229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 273.725428] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 274.835083] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 274.841451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 274.849539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 03:43:41 executing program 1: ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000180)) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000400), 0xc, &(0x7f0000000000)={&(0x7f00000003c0)=@ipv4_newroute={0x24, 0x18, 0x101, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@RTA_GATEWAY={0x8, 0x5, @dev}]}, 0x24}}, 0x0) [ 275.831388] 8021q: adding VLAN 0 to HW filter on device team0 [ 276.470824] bridge0: port 2(bridge_slave_1) entered blocking state [ 276.477381] bridge0: port 2(bridge_slave_1) entered forwarding state [ 276.484360] bridge0: port 1(bridge_slave_0) entered blocking state [ 276.490764] bridge0: port 1(bridge_slave_0) entered forwarding state [ 276.498837] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 276.507434] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 280.383494] 8021q: adding VLAN 0 to HW filter on device bond0 03:43:47 executing program 2: r0 = socket(0x11, 0x4000000000080002, 0x0) sendmmsg(r0, &(0x7f0000003e80)=[{{&(0x7f0000000040)=@nfc={0x27, 0x9}, 0x80, &(0x7f0000000e40), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0f0000000100000025000000"], 0xc}}], 0x1, 0x0) [ 281.234780] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 281.858034] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 281.864533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 281.872500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 282.432882] 8021q: adding VLAN 0 to HW filter on device team0 [ 284.386999] 8021q: adding VLAN 0 to HW filter on device bond0 [ 284.945162] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 285.503668] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 285.510034] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 285.518002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 285.994199] 8021q: adding VLAN 0 to HW filter on device team0 03:43:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000040)="b9800000c00f3235001000000f30f24c0f2c49e8426dc4027d3493b80800003626660f7e676d660f1678b06cc403f9dfbeb70000000bc7442400f5000000c744240284d178bcff1c24f2f347dbe1", 0x4e}], 0x1, 0x48, &(0x7f00000000c0), 0x10000000000003e9) openat$md(0xffffffffffffff9c, &(0x7f0000000140)='/dev/md0\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000180)={@local, @multicast2}, 0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:43:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f00000000c0)=0xad7d) 03:43:54 executing program 0: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8983, &(0x7f0000000000)) 03:43:54 executing program 5: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) setsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000040)=0x80000001, 0x4) writev(r0, &(0x7f0000000380)=[{&(0x7f0000000080)="8e2c1884de39f931fec1175ac396169f2e3bd6e0be7d4aa581476009c2fddec7fda3b6771204ad1dc9e0778726036a285fdb68999d3ae8fee5ca6874e12063576da299d9a12c358899fc08fe3718bf32eca8a8dee53a6ec0a615755f2eca2b083432854cac8bc2b7b3bf013c353a093330bdab99fee5cbaf8964cdad223b7720f627b06931652e7229cff4cc4095a7c749479525d938adb01c6b7c6eafce00199418a54948d0f8c8b56c43bd9db3e6181d47fef9187ac4899932d8db3871b17ade", 0xc1}, {&(0x7f0000000180)="48122087974fe1fe66b37e80eb489fd767e664bb7ea451315463cdbd89f00960c11dc1db876e518fc780250efd83613b09235548b16bee89e32d34dd846371f5b57db084124b6a78b5cb1c5eec855ded0ab7d946f5379d65f08d48d29297dbfa1593834e73cf4877af796cbd8b2197b874d817620a0580a83030de3152c3942697572c68a0fa990f77c330c99d1cd7ec81ce3073143410e3b470", 0x9a}, {&(0x7f0000000240)="6276118251de86672521a8dd2452f1ffd472b8f68277f1d5481212d219585c2fb640a91bb3e2ee10e2ecd40c5c19ea75fa598507e322e7664eb4043cf2d194e7abfd952f93a97133e82f2417bb5855c9c210019ddc59a6e138d6", 0x5a}, {&(0x7f00000002c0)="61760692a535e925a7af1702d44831326c20ae744470a347e34157a69fece81702035d1748bf924e28639a210267143767ec0e7af99047a214590ea5161a6136cf3c97ed4e4671a6a0861d9a1544b3917fb8bc3a80e9800360f68fd021d76f2246c882dfce9b0b7ce3aa0887066afbffee91d117931b216e5d42000a8efbdfc7f76bf30e70afcf7610cc2bf6c1a6572c52a57761a4f445ad778a547e55d205de85bef6b5a1b5267b002e342b8ed479cb0f0b283143358fccf660cdc72ee3a5bc", 0xc0}], 0x4) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000400)={0x5, &(0x7f00000003c0)=[{0x10000, 0x1, 0xfffffffffffffffe, 0x3}, {0xffffffff, 0x8000000000000000, 0x2, 0x9}, {0x6, 0xef9, 0x7, 0x5}, {0x10001, 0x9b58, 0x0, 0x4}, {0x3, 0x400, 0x7fffffff, 0x3}]}) fadvise64(r0, 0x0, 0x9, 0x7) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000440)=0x6, 0x4) r1 = fcntl$getown(r0, 0x9) ptrace$getenv(0x4201, r1, 0xfffffffffffffff9, &(0x7f0000000480)) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f00000004c0)={0x0, r0, 0x100000000, 0xb2, 0x7, 0xd416}) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000500)) r2 = socket$inet(0x2, 0x7, 0x2) r3 = fcntl$getown(r2, 0x9) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000540), &(0x7f0000000580)=0xc) r4 = syz_open_procfs(r3, &(0x7f00000005c0)='net/netfilter\x00') rt_sigprocmask(0x3, &(0x7f0000000600)={0x401}, &(0x7f0000000640), 0x8) ioctl$int_in(r2, 0x5473, &(0x7f0000000680)=0xfffffffffffffffc) ioctl$KVM_TRANSLATE(r0, 0xc018ae85, &(0x7f00000006c0)={0xd000, 0x1000, 0x80, 0x8, 0x9}) write$apparmor_exec(r4, &(0x7f0000000700)={'exec ', 'net/netfilter\x00'}, 0x13) r5 = syz_open_dev$usb(&(0x7f0000000740)='/dev/bus/usb/00#/00#\x00', 0x4, 0x801) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000780)={0x0, 0xd50, 0x10, 0x4, 0x5}, &(0x7f00000007c0)=0x18) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000800)={r6, 0x9}, &(0x7f0000000840)=0x8) fstat(r5, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000900)='./file0\x00', &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r5, r7, r8) rt_sigsuspend(&(0x7f00000009c0)={0xa78}, 0x8) getsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000a00), &(0x7f0000000a40)=0x8) ioctl$EVIOCSABS20(r5, 0x401845e0, &(0x7f0000000a80)={0x401, 0x7, 0x1000, 0x487f, 0x80, 0x9}) getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000ac0)=0x4, &(0x7f0000000b00)=0x2) getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000b40)=0x101, &(0x7f0000000b80)=0x2) 03:43:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000040)="b9800000c00f3235001000000f30f24c0f2c49e8426dc4027d3493b80800003626660f7e676d660f1678b06cc403f9dfbeb70000000bc7442400f5000000c744240284d178bcff1c24f2f347dbe1", 0x4e}], 0x1, 0x48, &(0x7f00000000c0), 0x10000000000003e9) ioctl$KVM_RUN(r2, 0xae80, 0x0) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000180)={@local, @multicast2}, 0x8) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r3) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:43:54 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) unshare(0x8000400) openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000000)={r3, 0x0, 0x2, r3}) 03:43:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000040)="b9800000c00f3235001000000f30f24c0f2c49e8426dc4027d3493b80800003626660f7e676d660f1678b06cc403f9dfbeb70000000bc7442400f5000000c744240284d178bcff1c24f2f347dbe1", 0x4e}], 0x1, 0x48, &(0x7f00000000c0), 0x10000000000003e9) openat$md(0xffffffffffffff9c, &(0x7f0000000140)='/dev/md0\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000180)={@local, @multicast2}, 0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:43:54 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x1, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r3 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r3, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81806) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) sendfile(r1, r2, &(0x7f0000002440), 0x2000005) 03:43:54 executing program 0: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8983, &(0x7f0000000000)) 03:43:54 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) lseek(r0, 0x0, 0x0) 03:43:55 executing program 3: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f00000000c0)=0xad7d) 03:43:55 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x1, 0xffffffffffffffff) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r2 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) getuid() fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000180)='security.capability\x00', &(0x7f0000000200)=@v3={0x3000000, [{}, {0x80000001}]}, 0x18, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000300)=0x14, 0x0) sendfile(r1, r2, &(0x7f0000002440), 0x2000005) 03:43:55 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d5c6070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x0, &(0x7f0000000140), 0x4) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000340)='yeah\x00', 0x5) sendto$inet(r1, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) recvmsg(r1, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf6, &(0x7f0000000500)=[{&(0x7f0000003ac0)=""/4096, 0xfffffe44}], 0x1, &(0x7f0000000200)=""/20, 0xd2}, 0x100) 03:43:55 executing program 0: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8983, &(0x7f0000000000)) 03:43:55 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) dup2(r0, r1) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000000)) [ 289.952026] IPVS: ftp: loaded support on port[0] = 21 [ 291.337156] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.343766] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.351265] device bridge_slave_0 entered promiscuous mode [ 291.428465] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.435033] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.443316] device bridge_slave_1 entered promiscuous mode [ 291.519761] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 291.598320] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 291.833406] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 291.914578] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 292.064580] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 292.071545] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 292.307733] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 292.315482] team0: Port device team_slave_0 added [ 292.391191] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 292.398763] team0: Port device team_slave_1 added [ 292.475338] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 292.556055] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 292.636232] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 292.643638] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 292.652601] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 292.732603] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 292.739838] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 292.748950] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 293.037609] ip (7610) used greatest stack depth: 53264 bytes left [ 293.621457] bridge0: port 2(bridge_slave_1) entered blocking state [ 293.628069] bridge0: port 2(bridge_slave_1) entered forwarding state [ 293.635072] bridge0: port 1(bridge_slave_0) entered blocking state [ 293.641483] bridge0: port 1(bridge_slave_0) entered forwarding state [ 293.649589] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 294.012322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 296.850079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 297.144152] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 297.441327] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 297.447804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 297.455814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 297.756640] 8021q: adding VLAN 0 to HW filter on device team0 03:44:06 executing program 5: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x2}, 0x1c) sendto$inet6(r2, &(0x7f0000000000), 0xd5e333a58547eec3, 0x80020000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) vmsplice(r1, &(0x7f00000003c0)=[{&(0x7f0000000080)='#', 0x1}], 0x1, 0x0) splice(r0, 0x0, r2, 0x0, 0xab11, 0x0) 03:44:06 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x8db, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000240)) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)="2f67726f75702e7374619fd474002b044a7b09ab0b0274e10985a6fa15b35ba69421f204dec5668a06000000b90ff860e01f262bafac750a6d5ce259cb61ea0cd94458583eef2fc597ea93a7dec9b4168e468be0576d1d0ebf8bc4478f8ed85b547c6924880400000000000000901e428b98add1375f51e135848fea98c6e3574511e0c61ff22ff61f", 0x2761, 0x0) 03:44:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f00000002c0)=""/11, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, &(0x7f00000003c0), 0x4) ioctl$TCGETS(r0, 0x5401, &(0x7f0000000040)) 03:44:06 executing program 0: r0 = socket$kcm(0xa, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) 03:44:06 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) setsockopt$sock_timeval(r1, 0x1, 0x6, &(0x7f0000000000), 0x10) 03:44:06 executing program 1: socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/route\x00') preadv(r0, &(0x7f0000000480), 0x10000000000001e1, 0x4c000000) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) 03:44:06 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='cgroup\x00') preadv(r0, &(0x7f0000000480), 0x10000000000001e1, 0x0) 03:44:06 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:07 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000040)={0x2b, 0x3, 0x0, {0x0, 0xa, 0x0, '/dev/fuse\x00'}}, 0x2b) 03:44:07 executing program 0: r0 = socket$kcm(0xa, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) 03:44:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x1, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r2 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0) sendfile(r1, r2, &(0x7f0000002440), 0x2000005) 03:44:07 executing program 4: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) socket$inet6(0xa, 0x0, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) clone(0x3102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f0000000440), 0xffffffffffffffff) r0 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r0) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000080)={&(0x7f0000000100), 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[]}}, 0x0) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f000000b3c0)={&(0x7f0000000000), 0xc, &(0x7f000000b380)={&(0x7f000000ab80)={0x14}, 0x14}}, 0x0) 03:44:07 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000040)={0x2b, 0x3, 0x0, {0x0, 0xa, 0x0, '/dev/fuse\x00'}}, 0x2b) 03:44:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000140)) 03:44:07 executing program 0: r0 = socket$kcm(0xa, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)={r0}) 03:44:07 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6(0xa, 0x3, 0x800000000000004) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d5c6070") bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000280), 0xfffffffffffffedd, 0x2000012c, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty={[0xe00000000000000]}}, 0x1c) close(r0) 03:44:08 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000001800), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) shutdown(r0, 0x1) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[]}}, 0x4004010) getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f00000001c0)={'filter\x00'}, &(0x7f0000000100)=0x78) 03:44:08 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:08 executing program 1: [ 302.244859] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 03:44:08 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000200)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000140), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100), 0x28) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000180)=0x4, 0x4) r1 = dup(r0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380)}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000400)={0x7, 0x8}, 0x10) 03:44:08 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={r0}) 03:44:08 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e20}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x1, &(0x7f00000006c0)=ANY=[@ANYBLOB="5000000090780000"], &(0x7f00000002c0)) 03:44:08 executing program 2: socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4) close(r0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r2, &(0x7f0000000100), 0xd3b1, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) splice(r2, 0x0, r1, 0x0, 0xfffffffffffff7ff, 0x400) 03:44:08 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x8, &(0x7f0000000080)=0xffff7ffffffffffd, 0xfd89) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f00000005c0)={0xa, 0x4e22}, 0x1c) listen(r2, 0x6) sendto$inet6(r1, &(0x7f0000000040), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x2}, 0x8) close(r1) 03:44:08 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f00000001c0)="1d916b7bf443df9e", 0x8}], 0x1) rt_sigprocmask(0x0, &(0x7f000078b000)={0xfffffffffffffffa}, 0x0, 0x8) clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = gettid() wait4(0x0, &(0x7f00000003c0), 0x80000000, &(0x7f0000000400)) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x12) ptrace$setregs(0xf, r0, 0x0, &(0x7f0000000300)="1528a4") ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000040)) ptrace$cont(0x1f, r0, 0x0, 0x0) 03:44:08 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={r0}) 03:44:09 executing program 4: [ 303.001561] ptrace attach of "/root/syz-executor4"[7915] was attempted by "/root/syz-executor4"[7916] 03:44:09 executing program 1: 03:44:09 executing program 2: 03:44:09 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:09 executing program 4: 03:44:09 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000200)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000140), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100), 0x28) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000180)=0x4, 0x4) r1 = dup(r0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380)}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000400)={0x7, 0x8}, 0x10) 03:44:09 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={r0}) 03:44:09 executing program 1: 03:44:09 executing program 2: 03:44:09 executing program 4: 03:44:10 executing program 1: 03:44:10 executing program 4: 03:44:10 executing program 2: 03:44:10 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)) 03:44:10 executing program 1: 03:44:10 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:10 executing program 2: 03:44:10 executing program 5: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x859, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000340)) ioctl$KVM_ASSIGN_SET_INTX_MASK(r1, 0x4040aea4, &(0x7f0000000040)={0x0, 0xeb8e, 0x0, 0x0, 0x401}) 03:44:10 executing program 4: 03:44:10 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)) 03:44:10 executing program 1: 03:44:10 executing program 2: 03:44:11 executing program 1: ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000100)={0x0, @aes256, 0x0, "ad56e0a8b1330aeb"}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000040)="b9800000c00f3235001000000f30f24c0f2c49e8426dc4027d3493b80800003626660f7e676d660f1678b06cc403f9dfbeb70000000bc7442400f5000000c744240284d178bcff1c24f2f347dbe1", 0x4e}], 0x1, 0x48, &(0x7f00000000c0), 0x10000000000003e9) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r3) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000200)="667e27610208bad104b86200ef66b9160200000f3266b99d03000066b80000000066ba000000000f30f3abbaf80c66b8f0a0cd8d66efbafc0c66b839e2e75366efc3660fe51e0010", 0x48}], 0x1, 0x2a, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:44:11 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x10000000000002, 0x0) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0xe, &(0x7f00000000c0), &(0x7f0000000080)=0x1) 03:44:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f00000001c0)=ANY=[@ANYBLOB="0117"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b}) 03:44:11 executing program 4: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000000080)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000000)=0x1) read(r1, &(0x7f0000ec6000)=""/50, 0x32) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000001000)={{0x100000001}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f000001cfb0)={0x0, 0x1, 0x0, 0x0, 0xf}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) preadv(r0, &(0x7f0000000600)=[{&(0x7f0000000200)=""/193, 0xc1}], 0x1, 0x0) dup3(r0, r1, 0x0) ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)}) 03:44:11 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8983, &(0x7f0000000000)) 03:44:11 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) 03:44:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000140)={0xfffffffffffffffe, 0x8000}) 03:44:11 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000040)={0x2b, 0x3, 0x0, {0x0, 0x28a, 0x0, '/dev/fuse\x00'}}, 0x2b) 03:44:12 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x2, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)={[{0x0, 'io'}]}, 0x4) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'pids'}]}, 0x6) 03:44:12 executing program 4: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000000080)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000000)=0x1) read(r1, &(0x7f0000ec6000)=""/50, 0x32) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000001000)={{0x100000001}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f000001cfb0)={0x0, 0x1, 0x0, 0x0, 0xf}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) preadv(r0, &(0x7f0000000600)=[{&(0x7f0000000200)=""/193, 0xc1}], 0x1, 0x0) dup3(r0, r1, 0x0) ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)}) 03:44:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='projid_map\x00') preadv(r1, &(0x7f0000000480), 0x10000000000001e1, 0x0) 03:44:12 executing program 0: r0 = socket$inet(0x10, 0x10000000003, 0x9) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="24000000fa0307041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000005304ffffba16a0aa1c0009b356da5a80d18bec4c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 03:44:12 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r0, 0x406, r2) r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rt_sigprocmask(0x1, &(0x7f0000000240)={0xffffffff}, &(0x7f0000000280), 0x8) socket$inet6(0xa, 0x0, 0x0) epoll_create(0x3ff) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='trusted.overlay.origin\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x1) fchmodat(r5, &(0x7f0000000340)='./file0\x00', 0x2) unshare(0x4000800) fsetxattr$trusted_overlay_redirect(r5, &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file0\x00', 0x8, 0x0) ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000200)) openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) sysinfo(&(0x7f00000006c0)=""/94) close(r2) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r6 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4001000}, 0xc, &(0x7f0000000480)={&(0x7f0000000680)=ANY=[@ANYBLOB="28000000310000022dcfb10c34961c9e83e664d79600011a6dc2a0de02461904000108000300030000000000000000000000"], 0x1}}, 0x4000000) setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, &(0x7f0000000840)={0x1, {{0x2, 0x4e20, @rand_addr=0xfffffffffffffff7}}, 0x0, 0x1, [{}]}, 0x110) io_cancel(0x0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x3, 0x13, r3, &(0x7f0000000540)="7b5f5b92c9bcafc9b623cc8f7989c6ab0dbc233e268091ef728ed3e9dc22d375753b126899755003f3937f9bf2cc02e04777cbdeff1ad59f258223e767235bf2002ddc990a52cbd91051a25c1c54be1934fc96469fa467a583293566b55ae64c6efecd959e65b3ac2c466d71c0683f79612d48f5b8e77eb2ac446f59e4a1f3d5d3feff436c83c3246a741092bd86b9c1bd746939b708e63d1667b797cbbf918c73235efa828236014ae4d57402048fd21883394e", 0xb4, 0x1, 0x0, 0x0, r3}, &(0x7f0000000640)) setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000380)=r5, 0x4) getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000740)={{{@in6, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@loopback}}, &(0x7f0000000000)=0xe8) setuid(r7) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000440)={{0x3, 0x3, 0x80000001, 0x3, 0x1}}) 03:44:12 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'vlan0\x00', 0x1000000801}) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={"766c616e300000f6ffffffffffffff00", {0x2, 0x0, @loopback}}) dup3(r0, r1, 0x0) 03:44:12 executing program 4: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000280)=ANY=[], &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) listxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000b40)=""/4096, 0x1000) [ 306.649098] hrtimer: interrupt took 68550 ns 03:44:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="960f33"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f00000001c0), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) semctl$SEM_INFO(0x0, 0x0, 0x13, &(0x7f00000000c0)=""/20) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000140)={0x0, 0x0, 0x4, 0x1000, &(0x7f0000003000/0x1000)=nil}) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r3, 0x0) 03:44:12 executing program 2: creat(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) 03:44:13 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) 03:44:13 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000004c0)='cgroup\x00') preadv(r1, &(0x7f0000000480), 0x10000000000001e1, 0x0) 03:44:13 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'vlan0\x00', 0x1000000801}) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={"766c616e300000f6ffffffffffffff00", {0x2, 0x0, @loopback}}) dup3(r0, r1, 0x0) 03:44:13 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'vlan0\x00', 0x1000000801}) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={"766c616e300000f6ffffffffffffff00", {0x2, 0x0, @loopback}}) dup3(r0, r1, 0x0) 03:44:13 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000006c0)) unshare(0x8000400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r2}) 03:44:14 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000400), 0xc, &(0x7f0000000000)={&(0x7f00000003c0)=@ipv4_newroute={0x24, 0x18, 0x101, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@RTA_GATEWAY={0x8, 0x5, @dev}]}, 0x24}}, 0x0) 03:44:14 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:44:15 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_tables_targets\x00') preadv(r1, &(0x7f0000000500)=[{&(0x7f0000000040)=""/19, 0x13}, {&(0x7f0000000240)=""/197, 0xc5}], 0x2, 0x0) 03:44:15 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/dev\x00') preadv(r1, &(0x7f0000000500)=[{&(0x7f0000000040)=""/19, 0x13}, {&(0x7f0000000100)=""/29, 0x1d}, {&(0x7f0000000240)=""/197, 0xc5}, {&(0x7f0000000340)=""/211, 0xd3}], 0x4, 0x0) 03:44:15 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00') madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r3, &(0x7f0000000700), 0x1000000000000110) 03:44:15 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r0, 0x406, r2) r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rt_sigprocmask(0x1, &(0x7f0000000240)={0xffffffff}, &(0x7f0000000280), 0x8) socket$inet6(0xa, 0x0, 0x0) epoll_create(0x3ff) r5 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='trusted.overlay.origin\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x1) fchmodat(r5, &(0x7f0000000340)='./file0\x00', 0x2) unshare(0x4000800) fsetxattr$trusted_overlay_redirect(r5, &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file0\x00', 0x8, 0x0) ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000200)) openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) sysinfo(&(0x7f00000006c0)=""/94) close(r2) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r6 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4001000}, 0xc, &(0x7f0000000480)={&(0x7f0000000680)=ANY=[@ANYBLOB="28000000310000022dcfb10c34961c9e83e664d79600011a6dc2a0de02461904000108000300030000000000000000000000"], 0x1}}, 0x4000000) setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, &(0x7f0000000840)={0x1, {{0x2, 0x4e20, @rand_addr=0xfffffffffffffff7}}, 0x0, 0x1, [{}]}, 0x110) io_cancel(0x0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x3, 0x13, r3, &(0x7f0000000540)="7b5f5b92c9bcafc9b623cc8f7989c6ab0dbc233e268091ef728ed3e9dc22d375753b126899755003f3937f9bf2cc02e04777cbdeff1ad59f258223e767235bf2002ddc990a52cbd91051a25c1c54be1934fc96469fa467a583293566b55ae64c6efecd959e65b3ac2c466d71c0683f79612d48f5b8e77eb2ac446f59e4a1f3d5d3feff436c83c3246a741092bd86b9c1bd746939b708e63d1667b797cbbf918c73235efa828236014ae4d57402048fd21883394e", 0xb4, 0x1, 0x0, 0x0, r3}, &(0x7f0000000640)) setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000380)=r5, 0x4) getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000740)={{{@in6, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@loopback}}, &(0x7f0000000000)=0xe8) setuid(r7) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000440)={{0x3, 0x3, 0x80000001, 0x3, 0x1}}) 03:44:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 03:44:15 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:16 executing program 0: r0 = socket$inet(0x2, 0x803, 0x5) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000200)={@multicast2, @local}, 0xc) r1 = socket$inet6(0xa, 0x100000000803, 0x2) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") connect$inet(r0, &(0x7f0000000080), 0x10) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000280)={@multicast2, @local}, 0xb) 03:44:16 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x200000000003e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$KVM_GET_CPUID2(0xffffffffffffffff, 0xc008ae91, &(0x7f0000000140)) sendmsg$nl_generic(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0x14, 0x28, 0xb01, 0x0, 0x0, {0x6}}, 0x14}}, 0x0) 03:44:16 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x100000000002}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x46, &(0x7f00000000c0), 0x375) setsockopt$inet6_int(r0, 0x29, 0x38, &(0x7f0000000000)=0x5, 0x4) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 03:44:16 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/route\x00') preadv(r0, &(0x7f0000000480), 0x10000000000001e1, 0x4c000000) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) sendmmsg(r0, &(0x7f0000000140)=[{{&(0x7f0000000240)=@can, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000040)="d002b6ed1f3077dc8180aeb13dc90d709690", 0x12}], 0x1, &(0x7f00000013c0)=[{0x30, 0x0, 0x1, "ba1057ec6ba7071a4418fbd003e2a06937a7cac5c93b989723"}], 0x30, 0x4}, 0x1}], 0x1, 0x41) 03:44:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000040)="b9800000c00f3235001000000f30f24c0f2c49e8426dc4027d3493b80800003626660f7e676d660f1678b06cc403f9dfbeb70000000bc7442400f5000000c744240284d178bcff1c24f2f347dbe1", 0x4e}], 0x1, 0x48, &(0x7f00000000c0), 0x10000000000003e9) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000000c0)="66b8a1008ee00f20d835080000000f22d8f046f692050000000f20d835080000000f22d8c4c2799354ad0a440f20c03508000000440f22c00f20d835200000000f22d8c4824547eef2260f32660f01c8", 0x50}], 0x1, 0x42, &(0x7f0000000200), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:44:17 executing program 4: clock_gettime(0x5, &(0x7f0000000280)) 03:44:17 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00') madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r3, &(0x7f0000000700), 0x1000000000000110) 03:44:17 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:17 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x7c774aac) mmap(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x300000a, 0x2011, r1, 0x0) mmap(&(0x7f0000f44000/0x4000)=nil, 0x4000, 0x0, 0x2013, r1, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) ioctl(r0, 0x8912, &(0x7f0000000080)="153f6234488dd25d766070") ioctl(0xffffffffffffffff, 0x0, &(0x7f000000a880)) 03:44:19 executing program 1: creat(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000000)={0x28}, 0x28) 03:44:19 executing program 0: r0 = socket$kcm(0x11, 0xa, 0x300) setsockopt$sock_attach_bpf(r0, 0x1, 0x3c, &(0x7f0000000440), 0x4) 03:44:19 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mkdir(&(0x7f0000000240)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", 0x0) rename(&(0x7f00000001c0)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", &(0x7f0000000040)='./file0\x00') mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000640)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r1, &(0x7f0000001000), 0x1000) umount2(&(0x7f00000004c0)='./file0\x00', 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), &(0x7f0000000340)=0xc) 03:44:19 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:19 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00') madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r3, &(0x7f0000000700), 0x1000000000000110) 03:44:19 executing program 4: socketpair(0x0, 0x8000e, 0x0, &(0x7f0000000200)) r0 = syz_open_dev$evdev(&(0x7f00000009c0)='/dev/input/event#\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x802, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x910, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f00000001c0), 0x0) ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) 03:44:19 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = accept4(r1, &(0x7f00000003c0)=@ethernet={0x0, @link_local}, &(0x7f0000000440)=0x80, 0x80800) setsockopt$inet_group_source_req(r2, 0x0, 0x2f, &(0x7f0000000540)={0x20, {{0x2, 0x4e24, @multicast1}}, {{0x2, 0x4e20}}}, 0x108) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_group_source_req(r3, 0x0, 0x2f, &(0x7f0000000280)={0x8, {{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x10}}}, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x19}}}}, 0x108) getsockname(r1, &(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @rand_addr}}}, &(0x7f0000000180)=0x80) sendmmsg(r0, &(0x7f0000007e00)=[{{&(0x7f00000004c0)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000080), 0x0, &(0x7f0000000040)=[{0x10, 0x0, 0x3}], 0x10}}], 0x1, 0x8000) 03:44:19 executing program 2: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x859, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000340)={0x4}) 03:44:19 executing program 4: r0 = socket$kcm(0x2, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000580)={&(0x7f00000001c0)=@generic={0x2, "3767b4818fa51940a75a64ff601bed813ca4a744c0b30776cbb54beba33938bf9ccf422347bed9adea3ea7b2af4dc38251de34ee1983e9f78ee47cdbc9f40f1c533e017a6210f8b1ae7433ba79ea888efd4d2ca875816bb74e7216bf0a3da8b1dbb6bd851d93d102318daaf0f7c44c2c16d06122e97f68275e698782a0a1"}, 0x80, &(0x7f0000000400), 0x2d6, &(0x7f0000000100)=ANY=[]}, 0x0) socket$kcm(0x29, 0x7, 0x0) sendmsg$kcm(r0, &(0x7f0000001d40)={&(0x7f0000000740)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001bc0)="01", 0x1}], 0x1, &(0x7f0000000040)}, 0x0) 03:44:19 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='dctcp\x00', 0x6) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f0000000180), 0x0, 0x200007fc, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)="2e12fa6d3c3f07d5f683895884851f119a560e10e644ac31a18a14639be0a779e064e7195eceb0921866146e97e3d467cb085e50f33b327fd752ba40ef7b339200ba656ca891df09e5af02e0a22d95247d13c8063e0cf86a05e1682f3b5a0bee7296a961fc7e3a99caa6981ae9f0be2b37e8b62026981229e8fabb7a98440460a2e9", 0x82, 0x0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x2f1) shutdown(r0, 0x1) 03:44:20 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00') madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r3, &(0x7f0000000700), 0x1000000000000110) 03:44:20 executing program 0: r0 = epoll_create(0x6) close(r0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000000)=""/11, 0xb) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000300)) 03:44:20 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff5c, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb) r1 = dup2(r0, r0) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x1}}, 0x0) 03:44:20 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:20 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00') madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f00000019c0)=""/4096, 0x1000}, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r3, &(0x7f0000000700), 0x1000000000000110) 03:44:20 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_int(r0, 0x0, 0x2, &(0x7f0000000300)=0x6, 0x1dd) sendto$inet(r0, &(0x7f0000a88f88), 0x98, 0x100200007fa, &(0x7f0000e68000), 0x10) 03:44:20 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) fsetxattr$security_selinux(r1, &(0x7f0000000000)='security.selinux\x00', &(0x7f0000000040)='system_u:object_r:systemd_logind_exec_t:s0\x00', 0x2b, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000140)) write$cgroup_int(r1, &(0x7f0000000080), 0x2001007f) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000200)=ANY=[@ANYBLOB="080000000000000010"]) fsync(r1) mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0xfffffffffffffffe, 0x31, 0xffffffffffffffff, 0x0) 03:44:20 executing program 4: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x19, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="116348400000000000000000000000000000000000001000e1"], 0x0, 0x0, &(0x7f0000fedffe)}) 03:44:21 executing program 2: mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_buf(r0, 0x107, 0x0, &(0x7f0000000540)=""/220, &(0x7f0000000200)=0xdc) [ 315.074166] binder: 8226:8227 transaction failed 29189/-22, size 0-0 line 2855 [ 315.090047] binder: 8226:8231 transaction failed 29189/-22, size 0-0 line 2855 [ 315.128084] binder: undelivered TRANSACTION_ERROR: 29189 [ 315.133864] binder: undelivered TRANSACTION_ERROR: 29189 03:44:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:21 executing program 0: 03:44:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:21 executing program 1: 03:44:21 executing program 2: 03:44:21 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:22 executing program 1: 03:44:22 executing program 0: 03:44:22 executing program 5: 03:44:22 executing program 2: 03:44:22 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:22 executing program 1: 03:44:22 executing program 0: 03:44:22 executing program 1: 03:44:22 executing program 2: 03:44:23 executing program 5: 03:44:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r2}) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000180)={r3}) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000040)={0x3, r3}) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4) dup2(r2, r1) 03:44:23 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:23 executing program 2: 03:44:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:23 executing program 1: 03:44:23 executing program 5: 03:44:23 executing program 0: 03:44:23 executing program 2: 03:44:23 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:23 executing program 1: 03:44:24 executing program 5: 03:44:24 executing program 1: 03:44:24 executing program 0: 03:44:24 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:24 executing program 2: 03:44:24 executing program 5: 03:44:24 executing program 0: 03:44:24 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:24 executing program 2: 03:44:24 executing program 1: 03:44:24 executing program 0: 03:44:25 executing program 5: 03:44:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:25 executing program 2: 03:44:25 executing program 0: 03:44:25 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:25 executing program 1: 03:44:25 executing program 5: 03:44:25 executing program 0: 03:44:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:25 executing program 2: 03:44:25 executing program 2: 03:44:26 executing program 1: 03:44:26 executing program 0: 03:44:26 executing program 5: 03:44:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:26 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:26 executing program 2: 03:44:26 executing program 1: 03:44:26 executing program 0: 03:44:26 executing program 2: 03:44:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:26 executing program 5: 03:44:26 executing program 0: 03:44:27 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:27 executing program 1: 03:44:27 executing program 2: 03:44:27 executing program 2: 03:44:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:27 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:27 executing program 5: 03:44:27 executing program 0: 03:44:27 executing program 1: 03:44:27 executing program 2: 03:44:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:28 executing program 5: 03:44:28 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:28 executing program 1: 03:44:28 executing program 0: 03:44:28 executing program 2: 03:44:28 executing program 5: 03:44:28 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:28 executing program 2: 03:44:28 executing program 0: 03:44:28 executing program 1: 03:44:28 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(r0, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:44:29 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000240)="c4c37d08c90366ba4300b022eec74424009cf9fb9cc744240206000000c7442406000000000f011c24640f01c9b8010000000f01c1e7e7c4c178288102000000c7442400c3000000c744240200000000c7442406000000000f011424c4c1381220c4c16d668f0f9f0000", 0x6a}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000001e00fb034d564b0000000001"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 03:44:29 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r0, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) 03:44:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000040)="b9800000c00f3235001000000f30f24c0f2c49e8426dc4027d3493b80800003626660f7e676d660f1678b06cc403f9dfbeb70000000bc7442400f5000000c744240284d178bcff1c24f2f347dbe1", 0x4e}], 0x1, 0x48, &(0x7f00000000c0), 0x10000000000003e9) openat$md(0xffffffffffffff9c, &(0x7f0000000140)='/dev/md0\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000180)={@remote}, 0xfffffffffffffed3) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb544]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:44:29 executing program 0: 03:44:29 executing program 2: 03:44:29 executing program 3: bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="85", 0x1, 0x48800, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000140), 0x4) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000016c0)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRES32, @ANYRES64=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRES32=0x0]], @ANYRESDEC, @ANYRES16], 0xffffff84) recvmsg(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000740)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0xb400}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 03:44:29 executing program 0: 03:44:29 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r0, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) [ 323.611211] ================================================================== [ 323.618645] BUG: KMSAN: kernel-infoleak in _copy_to_user+0x15d/0x1f0 [ 323.625186] CPU: 1 PID: 8465 Comm: syz-executor1 Not tainted 4.19.0-rc8+ #70 [ 323.632398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.641779] Call Trace: [ 323.644413] dump_stack+0x306/0x460 [ 323.648078] ? _copy_to_user+0x15d/0x1f0 [ 323.652194] kmsan_report+0x1a2/0x2e0 [ 323.656053] kmsan_internal_check_memory+0x2cd/0x460 [ 323.661220] kmsan_copy_to_user+0x89/0xe0 [ 323.665407] _copy_to_user+0x15d/0x1f0 [ 323.669361] kvm_vcpu_ioctl+0xe2a/0x20b0 [ 323.673488] ? do_vfs_ioctl+0x187/0x2ca0 [ 323.677616] ? __se_sys_ioctl+0x1da/0x270 [ 323.681829] ? kvm_vm_release+0x90/0x90 [ 323.685835] do_vfs_ioctl+0xf28/0x2ca0 [ 323.689772] ? security_file_ioctl+0x92/0x200 [ 323.694310] __se_sys_ioctl+0x1da/0x270 [ 323.698332] __x64_sys_ioctl+0x4a/0x70 [ 323.702255] do_syscall_64+0xbe/0x100 [ 323.706119] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 323.711344] RIP: 0033:0x4573d7 [ 323.714571] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 323.733510] RSP: 002b:00007fe6849a3098 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 323.741264] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000004573d7 [ 323.748566] RDX: 00007fe6849a36f0 RSI: 000000008138ae83 RDI: 0000000000000005 [ 323.755883] RBP: 0000000020017000 R08: 0000000000000001 R09: 0000000000000048 [ 323.763186] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000fec00000 [ 323.770492] R13: 00000000ffffffff R14: 00000000004d7cf8 R15: 00000000ffffffff [ 323.777814] [ 323.779474] Uninit was stored to memory at: [ 323.783831] kmsan_internal_chain_origin+0x136/0x240 [ 323.788964] __msan_chain_origin+0x75/0xd0 [ 323.793240] __get_sregs+0x949/0xff0 [ 323.796980] kvm_arch_vcpu_ioctl_get_sregs+0x71/0xb0 [ 323.802116] kvm_vcpu_ioctl+0x40d/0x20b0 [ 323.806207] do_vfs_ioctl+0xf28/0x2ca0 [ 323.810123] __se_sys_ioctl+0x1da/0x270 [ 323.814124] __x64_sys_ioctl+0x4a/0x70 [ 323.818043] do_syscall_64+0xbe/0x100 [ 323.821872] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 323.827071] [ 323.828713] Uninit was stored to memory at: [ 323.833064] kmsan_internal_chain_origin+0x136/0x240 [ 323.838195] __msan_chain_origin+0x75/0xd0 [ 323.842472] kvm_inject_page_fault+0x2d7/0x6f0 [ 323.847101] handle_vmwrite+0xdac/0x3220 [ 323.851196] vmx_handle_exit+0x20f5/0xb900 [ 323.855477] kvm_arch_vcpu_ioctl_run+0xa22b/0x10ab0 03:44:29 executing program 5: [ 323.860523] kvm_vcpu_ioctl+0x11a7/0x20b0 [ 323.864707] do_vfs_ioctl+0xf28/0x2ca0 [ 323.868625] __se_sys_ioctl+0x1da/0x270 [ 323.872631] __x64_sys_ioctl+0x4a/0x70 [ 323.876551] do_syscall_64+0xbe/0x100 [ 323.880381] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 323.885582] [ 323.887234] Local variable description: ----e@handle_vmwrite [ 323.893050] Variable was created at: [ 323.896801] handle_vmwrite+0x1f6/0x3220 [ 323.900896] vmx_handle_exit+0x20f5/0xb900 [ 323.905148] [ 323.906800] Bytes 232-239 of 312 are uninitialized 03:44:30 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r0, 0xc008ae88, &(0x7f0000000000)={0x7b, 0x0, [0x40000001]}) [ 323.911748] Memory access of size 312 starts at ffff88015bc7d200 [ 323.917909] ================================================================== [ 323.925281] Disabling lock debugging due to kernel taint [ 323.930747] Kernel panic - not syncing: panic_on_warn set ... [ 323.930747] [ 323.938156] CPU: 1 PID: 8465 Comm: syz-executor1 Tainted: G B 4.19.0-rc8+ #70 [ 323.946752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.956120] Call Trace: [ 323.958751] dump_stack+0x306/0x460 03:44:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000240)="c4c37d08c90366ba4300b022eec74424009cf9fb9cc744240206000000c7442406000000000f011c24640f01c9b8010000000f01c1e7e7c4c178288102000000c7442400c3000000c744240200000000c7442406000000000f011424c4c1381220c4c16d668f0f9f0000", 0x6a}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[]) ioctl$KVM_GET_MSRS(r3, 0xaead, &(0x7f00000000c0)) [ 323.962440] panic+0x54c/0xafa [ 323.965733] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 323.971248] kmsan_report+0x2d3/0x2e0 [ 323.975100] kmsan_internal_check_memory+0x2cd/0x460 [ 323.980269] kmsan_copy_to_user+0x89/0xe0 [ 323.984465] _copy_to_user+0x15d/0x1f0 [ 323.988401] kvm_vcpu_ioctl+0xe2a/0x20b0 [ 323.992532] ? do_vfs_ioctl+0x187/0x2ca0 [ 323.996626] ? __se_sys_ioctl+0x1da/0x270 [ 324.000815] ? kvm_vm_release+0x90/0x90 [ 324.004824] do_vfs_ioctl+0xf28/0x2ca0 [ 324.008770] ? security_file_ioctl+0x92/0x200 [ 324.013313] __se_sys_ioctl+0x1da/0x270 [ 324.017343] __x64_sys_ioctl+0x4a/0x70 [ 324.021261] do_syscall_64+0xbe/0x100 [ 324.025100] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 324.030321] RIP: 0033:0x4573d7 [ 324.033543] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 324.052486] RSP: 002b:00007fe6849a3098 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 324.060231] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000004573d7 [ 324.067522] RDX: 00007fe6849a36f0 RSI: 000000008138ae83 RDI: 0000000000000005 [ 324.074814] RBP: 0000000020017000 R08: 0000000000000001 R09: 0000000000000048 [ 324.082105] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000fec00000 [ 324.089398] R13: 00000000ffffffff R14: 00000000004d7cf8 R15: 00000000ffffffff [ 324.097664] Kernel Offset: disabled [ 324.101306] Rebooting in 86400 seconds..