[ 52.545449] audit: type=1800 audit(1541774333.597:25): pid=6118 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 52.564826] audit: type=1800 audit(1541774333.597:26): pid=6118 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 52.584541] audit: type=1800 audit(1541774333.617:27): pid=6118 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 53.787103] sshd (6184) used greatest stack depth: 53904 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 56.103129] sshd (6254) used greatest stack depth: 53712 bytes left Warning: Permanently added '10.128.0.93' (ECDSA) to the list of known hosts. 2018/11/09 14:39:06 fuzzer started 2018/11/09 14:39:11 dialing manager at 10.128.0.26:38493 2018/11/09 14:39:11 syscalls: 1 2018/11/09 14:39:11 code coverage: enabled 2018/11/09 14:39:11 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/11/09 14:39:11 setuid sandbox: enabled 2018/11/09 14:39:11 namespace sandbox: enabled 2018/11/09 14:39:11 Android sandbox: /sys/fs/selinux/policy does not exist 2018/11/09 14:39:11 fault injection: enabled 2018/11/09 14:39:11 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/11/09 14:39:11 net packed injection: enabled 2018/11/09 14:39:11 net device setup: enabled 14:41:31 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={0x0, {}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)="6c6f3a0000000000fdffffff00"}) [ 210.747525] IPVS: ftp: loaded support on port[0] = 21 [ 212.492864] ip (6310) used greatest stack depth: 53664 bytes left [ 212.866625] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.873194] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.881596] device bridge_slave_0 entered promiscuous mode [ 213.013060] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.019504] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.028034] device bridge_slave_1 entered promiscuous mode [ 213.152572] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 213.278043] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 213.666608] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 213.797031] bond0: Enslaving bond_slave_1 as an active interface with an up link 14:41:35 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket(0x11, 0x80003, 0x0) dup2(r1, r0) sendto(r0, &(0x7f0000001180), 0x0, 0x0, &(0x7f00000011c0)=@nfc_llcp={0x27, 0x1, 0x0, 0x0, 0x0, 0x0, "c69c410d3641f950d09555e5ccc53431a0cdbb4d7e40e2c14e6f414e119670aafc26e1278564be73a57a3efe0166a84b9431743fa06fad229946b1f855021d"}, 0x80) [ 214.540864] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 214.549121] team0: Port device team_slave_0 added [ 214.681618] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 214.689612] team0: Port device team_slave_1 added [ 214.710755] IPVS: ftp: loaded support on port[0] = 21 [ 214.901164] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 214.909651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 214.918518] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 215.078227] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 215.285336] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 215.293072] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 215.302210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 215.477618] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 215.485337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 215.494294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 216.366975] ip (6378) used greatest stack depth: 53248 bytes left [ 217.734831] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.741311] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.748333] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.754840] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.763402] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 218.244810] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.251271] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.259741] device bridge_slave_0 entered promiscuous mode [ 218.268271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 218.474402] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.480869] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.489491] device bridge_slave_1 entered promiscuous mode [ 218.667521] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 218.851279] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 14:41:40 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000200), 0x12) [ 219.542783] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 219.848036] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 220.117348] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 220.128136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 220.148948] IPVS: ftp: loaded support on port[0] = 21 [ 220.367107] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 220.374344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 221.112960] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 221.120845] team0: Port device team_slave_0 added [ 221.413174] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 221.421096] team0: Port device team_slave_1 added [ 221.695661] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 221.702848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 221.711575] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 221.966878] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 221.974332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 221.983023] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 222.183899] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 222.191539] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 222.200543] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 222.403598] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 222.411161] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 222.420123] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 224.582518] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.589072] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.597830] device bridge_slave_0 entered promiscuous mode [ 224.855855] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.862608] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.870927] device bridge_slave_1 entered promiscuous mode [ 225.170167] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 225.323937] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.330411] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.337399] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.343935] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.352423] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 225.374559] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 225.416078] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 226.109042] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 226.307057] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 226.570656] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 226.578059] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 226.784542] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 226.791612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 14:41:48 executing program 3: ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000480)) socket$inet_udp(0x2, 0x2, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000280)) [ 227.610430] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 227.618988] team0: Port device team_slave_0 added [ 227.974204] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 227.982190] team0: Port device team_slave_1 added [ 228.258188] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 228.266040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 228.275160] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 228.509043] IPVS: ftp: loaded support on port[0] = 21 [ 228.599200] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 228.606352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 228.615025] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 228.895246] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 228.902992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 228.911957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 229.137363] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.205931] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 229.213702] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 229.222549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.377101] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 231.551277] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 231.557756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 231.565739] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 232.889132] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.974558] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.981056] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.988052] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.994576] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.003088] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 233.572019] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 233.905079] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.911647] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.920107] device bridge_slave_0 entered promiscuous mode [ 234.230232] bridge0: port 2(bridge_slave_1) entered blocking state [ 234.236986] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.245508] device bridge_slave_1 entered promiscuous mode [ 234.590746] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 234.959483] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 235.869163] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 236.186459] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 236.508122] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 236.515319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 236.809168] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 236.816419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 237.736021] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 237.744143] team0: Port device team_slave_0 added [ 237.816290] 8021q: adding VLAN 0 to HW filter on device bond0 14:41:58 executing program 4: socket$inet_udp(0x2, 0x2, 0x0) socket$inet6(0xa, 0x0, 0x0) splice(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) keyctl$invalidate(0x15, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x0) bind$unix(0xffffffffffffffff, &(0x7f00000003c0)=@file={0x0, './bus\x00'}, 0x6e) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$ASHMEM_GET_PIN_STATUS(0xffffffffffffffff, 0x7709, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000640)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f00000004c0)='./file0\x00', 0x3) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f00008d4fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) [ 238.161219] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 238.169134] team0: Port device team_slave_1 added [ 238.547294] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 238.554543] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 238.563314] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 238.953005] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 238.960082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 238.968865] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 239.167757] IPVS: ftp: loaded support on port[0] = 21 [ 239.305904] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 239.313714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 239.322686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 239.428455] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 239.689078] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 239.697610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 239.706588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 240.892573] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 240.898952] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 240.906922] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 14:42:02 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0) fallocate(r0, 0x41, 0x401, 0x4) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.memory_spread_slab\x00', 0x2, 0x0) dup(r1) sendfile(r1, r1, &(0x7f0000000000), 0x9) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x10000014c) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000240), &(0x7f0000000280)=0x8) setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000340), 0x10) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r4+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 242.167969] 8021q: adding VLAN 0 to HW filter on device team0 14:42:03 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000002c0)={@multicast1, @loopback}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f00e600000000000100000000000000"], 0x14) r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x20, 0x200000) ioctl$TIOCCBRK(r1, 0x5428) setsockopt$inet_mreqsrc(r0, 0x0, 0x25, &(0x7f00003fdff5)={@multicast2, @loopback, @multicast2}, 0xc) 14:42:03 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x4000000000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x17}}}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000180)='tls\x00', 0xff37) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100), 0x28) mmap(&(0x7f0000000000/0x8b000)=nil, 0x8b000, 0x4, 0x10000032, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f0000000240)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f00000002c0)={0x101, 0x9, 0x3, 'queue1\x00', 0xfffffffffffffffb}) 14:42:04 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x4000000000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x17}}}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000180)='tls\x00', 0xff37) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100), 0x28) mmap(&(0x7f0000000000/0x8b000)=nil, 0x8b000, 0x4, 0x10000032, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f0000000240)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f00000002c0)={0x101, 0x9, 0x3, 'queue1\x00', 0xfffffffffffffffb}) [ 243.714176] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.720750] bridge0: port 2(bridge_slave_1) entered forwarding state [ 243.727761] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.734297] bridge0: port 1(bridge_slave_0) entered forwarding state [ 243.742505] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready 14:42:04 executing program 0: r0 = memfd_create(&(0x7f00000001c0)="23656d31232b00946ae5bf51f898f0871e69e88d72c744575c37d5591bd30057d1401601822e0d953173370445ec34c2c99af005298c5282f11523e4c7e98b32d9059d825cb14a67e2dddd8f2bd26b035e5b3c9adc5319c21070714ebfc700623a7116c4ff007696a882795db9f55bf42e013d5d9e642e540f8966c6ab1855bca254e80915abdaac7a2891920fda6405dc8d92c5772b626c63ee1aee240571635d9301754b86e3576d", 0x0) writev(r0, &(0x7f0000000780)=[{&(0x7f0000000640)="e0", 0x1}], 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x3, 0x2) accept4$unix(r0, &(0x7f0000000040)=@abs, &(0x7f00000000c0)=0x6e, 0x80800) setsockopt$inet_int(r1, 0x0, 0xca, &(0x7f0000000000), 0x10) 14:42:05 executing program 0: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)) r1 = epoll_create1(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000013000/0x4000)=nil, 0x4000}, 0x1}) r2 = syz_open_dev$sndtimer(&(0x7f0000f85ff1)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000013000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x10}) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r2, 0x80045400, &(0x7f0000000040)) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r2, 0x54a2) dup3(r1, r0, 0x0) ioctl$RTC_PIE_OFF(r1, 0x7006) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000100)={0x0, 0x0, 0x2, 0x0, [], [{0x4, 0x9, 0x9d1b, 0x1ac, 0x8, 0x60}, {0x400, 0x9, 0x1, 0x9, 0x29aa, 0x2}], [[], []]}) [ 244.733322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 14:42:05 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0xfffffe94, &(0x7f0000009ff0)=[{&(0x7f0000000140)="240000002e0007031dfffd946fa2830020200a0009000000001d85680c1ba3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1, 0x0, 0x263, 0x1}, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x8001, 0x40) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={0x0, 0x80000000}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f00000001c0)={r3, 0x1ff}, &(0x7f0000000200)=0x8) 14:42:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x100, 0x0) ioctl$SCSI_IOCTL_SYNC(r2, 0x4) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000000000070100008016e58003620bf147a023"]) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r3, 0xc008ae88, &(0x7f0000000140)={0x7b, 0x0, [0xc0010140]}) mlock2(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1) [ 245.275623] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 245.798324] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.805060] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.813494] device bridge_slave_0 entered promiscuous mode [ 246.136798] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.143498] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.151942] device bridge_slave_1 entered promiscuous mode [ 246.542683] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 246.847881] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 247.467417] 8021q: adding VLAN 0 to HW filter on device bond0 [ 247.872834] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 248.225239] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 248.535137] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 248.542343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 248.736438] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 248.832396] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 248.839513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 249.760057] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 249.768168] team0: Port device team_slave_0 added [ 249.794040] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 249.822201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 249.829923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 250.002988] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 250.010899] team0: Port device team_slave_1 added [ 250.208190] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 250.215434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 250.224094] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 14:42:11 executing program 1: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000540)) setregid(0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x80) bind$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0xff73) openat$uinput(0xffffffffffffff9c, &(0x7f0000000680)='/dev/uinput\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000001c0)) getpriority(0x2, 0x0) [ 250.523579] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 250.530608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 250.539222] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 250.643430] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.733409] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 250.740936] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 250.749723] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 250.904753] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 250.912565] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 250.921141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 251.531019] ip (7281) used greatest stack depth: 53216 bytes left [ 253.143022] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.149503] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.156523] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.163058] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.171242] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 253.178010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 253.998692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.649503] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 255.329804] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 255.336353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 255.344195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 14:42:16 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x8942, &(0x7f0000000040)={'veth1_to_bond:\x00', &(0x7f0000000100)=@ethtool_sfeatures={0xa}}) close(0xffffffffffffffff) [ 256.093396] 8021q: adding VLAN 0 to HW filter on device team0 14:42:20 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x200000000000001, 0x0) io_cancel(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000680)}, &(0x7f00000000c0)) setsockopt$inet_buf(r0, 0x0, 0x100000040, &(0x7f0000000040), 0x0) memfd_create(&(0x7f00000005c0)='security.capability\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0x40085112, &(0x7f0000000100)) ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f0000000200)={'team0\x00'}) [ 259.306136] hrtimer: interrupt took 32967 ns [ 259.308467] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.649608] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 259.916601] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 259.922941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 259.930477] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 260.199048] 8021q: adding VLAN 0 to HW filter on device team0 14:42:23 executing program 4: sched_setaffinity(0x0, 0x2, &(0x7f0000000140)=0x9) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r1 = memfd_create(&(0x7f0000000e40)="0000000000007225f78380807dde5053601841a0d0f82b74374852b01f125997622dc4a5e71d2ce5ac32ff90824fa25e59073487cf36ad576e32926b04894da740f7e9c0ffb42c356a1f285bfc8f0b8c6f72ef151dab4c5c2a5a751f04bfc69ac5c3b5168a6d13d826b1ed0c7527d58f54adc12fca1f25c8fc2586ea4d90f84dabcdec291fb780a39a117d12b0893b182098dceed33b222a1d413709ae355d4d297fe42c5d4e9d8bbd9d0c709cae47e88f8aa22a505b3e995b501f0d3753cd3510e87436612b401305f316177f6d4d4c70fd9d2621c3707ad88da7852596d89a59cb74505e675ac6ebc03faa3ee99889176b571135031afc973c52c5f6437b8143002b30d8fb92011c4994cc024e40497b2daeb06ad5308af486d0178a418f6bdb6940f07dc6e5cf1a3c852b401e3ecec45d22fd687928411b83f68bf7be4b21fdf0033cf949b8a76aa65d68ad885967c2cc3c2d60ec74fcf5de162c94ffe3e15775c1a1cfd9818d4c17a2f8d0a7302538f079e7b128ef123c8bb909000000000000003814c2aea86c35fbf4244a64635d32ff12e4dcb3df56e5d5d3882a9984993f8a7fef72d875d21c1e3bb2bc3e6e79a2b6d322f710f0378abc2095d32139e39f3223db9961309295e4c3c8e1b0001dd757aa000000000000000000000000000008eca80c7b0c", 0x0) execveat(r1, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f00000001c0), 0x1000) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f00000000c0)=0x0) getpgrp(r2) getpid() r3 = getpgid(r2) lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000a40)={{{@in6=@local, @in=@remote}}, {{@in=@broadcast}, 0x0, @in6=@ipv4={[], [], @loopback}}}, &(0x7f00000004c0)=0xffffff0e) lstat(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6b}, r3, 0x0, 0xffffffffffffffff, 0x0) getdents(r1, &(0x7f00000003c0)=""/158, 0x9e) ioctl$int_in(r0, 0x5452, &(0x7f0000000b40)=0x82) removexattr(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000b80)=@random={'user.', "0000000000007225f78380807dde5053601841a0d0f82b74374852b01f125997622dc4a5e71d2ce5ac32ff90824fa25e59073487cf36ad576e32926b04894da740f7e9c0ffb42c356a1f285bfc8f0b8c6f72ef151dab4c5c2a5a751f04bfc69ac5c3b5168a6d13d826b1ed0c7527d58f54adc12fca1f25c8fc2586ea4d90f84dabcdec291fb780a39a117d12b0893b182098dceed33b222a1d413709ae355d4d297fe42c5d4e9d8bbd9d0c709cae47e88f8aa22a505b3e995b501f0d3753cd3510e87436612b401305f316177f6d4d4c70fd9d2621c3707ad88da7852596d89a59cb74505e675ac6ebc03faa3ee99889176b571135031afc973c52c5f6437b8143002b30d8fb92011c4994cc024e40497b2daeb06ad5308af486d0178a418f6bdb6940f07dc6e5cf1a3c852b401e3ecec45d22fd687928411b83f68bf7be4b21fdf0033cf949b8a76aa65d68ad885967c2cc3c2d60ec74fcf5de162c94ffe3e15775c1a1cfd9818d4c17a2f8d0a7302538f079e7b128ef123c8bb909000000000000003814c2aea86c35fbf4244a64635d32ff12e4dcb3df56e5d5d3882a9984993f8a7fef72d875d21c1e3bb2bc3e6e79a2b6d322f710f0378abc2095d32139e39f3223db9961309295e4c3c8e1b0001dd757aa000000000000000000000000000008eca80c7b0c"}) 14:42:23 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = syz_open_dev$midi(&(0x7f0000001500)='/dev/midi#\x00', 0xe334, 0x4000) ioctl$VIDIOC_OVERLAY(r1, 0x4004560e, &(0x7f0000001540)=0x6) r2 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x100000001, 0x202502) r3 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x1, 0x80000) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x80005) creat(&(0x7f0000000000)='./file0\x00', 0x0) getresuid(&(0x7f0000000140)=0x0, &(0x7f0000000180), &(0x7f00000001c0)) sendmsg$nl_generic(r3, &(0x7f0000001480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001440)={&(0x7f0000000200)={0x1234, 0x22, 0x200, 0x70bd2a, 0x25dfdbfc, {0x14}, [@nested={0x1058, 0x15, [@typed={0x8, 0x80, @uid=r4}, @typed={0x1004, 0x8c, @binary="1faa3a3dec69cf824f5db78662aa47304696cedb2a26fd876d50caecc453ce1846946181392140969b36fe73918cd485e93912a3a8653fb98c35652eb6e234fbd829cfcc3331c377732d37c3f6291c8a198c6d7b22f36cbb3dcb1cecea5c1cc03d52666d9d891a759d22b2b6cb81f501e4fac8874cc70ba62f2792f759a526ce632d6539a410ce9ad1e64666873c3eadb9d727c46b74abaac4a1a34c0cffa92d6fd501d7da7b13bcc8e8e390f5da18ca7e56ecf56811267305a9c2365f19d98d3209798ed39926f0dd61f8cb099b9f2a7de94661df32796cf9fb71bd53ce5557cc402c8675246361edd258660ca6956309e8349def9f77f9ee8d32180491ecfafdff6c1f90789668ac406a7728c4877e4764e5974548d48c7b848eae5551aed30b409476bd8492bf07083a50a66d8dc1689aee941719ec3df1e30d754070e1abf2cfa2f466cac63110cfe2ae0182d955379356241c4315ff6867761dfe15b70956dbb44c6aeb7c9aa3dc39109b68403a2a46c26100372e324ddd85d8c1d9c38f76c829548ec89e6137a579cd0d7788865e675e9f85a40eef2c2b62ce9939d4b36387596d3a1f680aa9f8e32428f566fe8b9c5cddaa780fde65933985b3a163615e24a8969969d89657f691c09234aa236c5143917d15ca62f75c9992ffda4cf3e3a51f21b2c8d58d6e5c4162fc924c28edf0b5467540b6d06eccf27065f002c343df70fe3d1d654dd4312643075db3ada64e093a0a199e5640381aec40dee8b5235c3d54e174d9e6a738fc7a78cc1b5a129de442d1c302cac2e795f11760977d859c099afafde90330868d851993cd9760d38842fc36dda4212a1d83a50f50f80071d0438eecc5645c20edd9c74546fe9f25b6df726873eaeb6dc9fd646a8087ce8bc8fc8341ceca694c511665955fadc9886cd2bace822a969dd32fb0417360af2d3491d0481b811c64ef59f8b6c3ee40d0037b60a6daa5d6c5e5cd8045b6a351f209fa67c5edac0017490406a9a2485c27acf55da51008bdeaedea65b9030d51d18ae7a14cb09c493ec320ce3d8706cb0b698a965e739a2e11a94e62a5c0bcfdeec790c188fc7fb9525ce84b7ebb801930d4d80f63906bf79668865de0ebe5b720ddddd331097cb738042387e009669f69be1c875be1d3e219f65048cd23e79b3f2459673525ef9c1b4da198adc3a065b939f93a72f7d890629e9117058dca96cdf319bb929f8ae48ba146482d8d975de509158b627940e9ebcf432a7518513f349b736305287bf325bd6f6bf12be921bc20df16707ebfad76c292874641527c6c7dd29d80ff92f9794cd4b28996aaf4065251d4e64884e99381ed6fb0bf1ac9f51c6e67dd417d8210d68136c17fe0ea13540a3295f73a8a85f00bdec9381811857c3abefb0648ad36b7fa62ee3f6275af71108cb03bdcc7ac0c5c59a3f1ea8d2478a3a9fe691c921136d244c8a44c5859cb7208d1666212f3d7108aafe01aa5c2c66e42e8fae8618956fabb08045736fab15bf29e9300d950ca03fed4d4ec0bbe8b71e55ce84f2f237bf3e395f510d85085999a1d0694bc8f8cb3929a700780d6b77616a0c0cc09b7a6a6efcab33319a007fd325ae8dfc3fe78e22431e2b0f49a3aea8a64492079e665470f46d02bef24776d3766cfea628917d5cf026fb0852b571bddff73af463afbdb2554dda12505af79097a2421bd17fcf2e30281971cc44ae03d994ba5a5d66c4832b6af5f3f7fd48fd6dac82deb4b0d3bebb6494e6cb20fd74b005f6087dc9c56a13d7601a17d57360841269de68066673cd54eef8faa414258a8325840b60505131d9132bb91a0d94a83a43fe277dfb717fa6cf53e61543337f57d677a5cf7ddb92df73c4151b8231353f0b8d24f74bcb3be155529c1e253a7a33add3e9c70994185daa0f8754921cf59f71760d872de99a351f2ffa0e14722969dbfe61878d7324e1b8a3754afc7daa70bb863723d0486daaf6a53f67ddb2e3bd6a018c722ffc32d97821ab2b7c1466c372b397037ae14332d6c6a137edea25c556c06b02ab08293a3d569bf24928dd5d70412e5cc12e1b21f746f191e6a0ca80508ad5e5d451f7199df7d26dad542b6da3590741997be4b07ee93dbf33794fe55bc53a9bb792c17a06a0b8d922647cac00dd6496e249ce290f36d1e4ff4b608d42016325518f1d38043f6e1fb1629a02c1bebc1a475b5d2375b27d7ff07b78b012650b8f9157896da5608926b86c82e3008ed6b67d6a7f14608c2bd8c771f1a9b9def8a4ad6aaf3208b059bd16f03e27f01894bf8ca3d327068c57019f3203875892897aab6a63defaa4cca12e91889f9b0b2bd2802861368c14dfec3f1afd58f6d41b96cf80c8b32e66505517079c23caff0e3cb20d4971aa241a6249d1e2ebb674fb5641a44094406bcf0ad18fba9f012fc9264bd4af39b23ab21363a324ea1e1bbb98bbbdd94e63815761650c4f587c8072540827602218e79b71164398cd7541cf6bb29dd8f76f6120a492b9e64e9b8456a7f8a7b9cc7259662a87025ba7a0647d22494787a83b6f81c97586fda2991371324391a736a9d0740c139b07545d1f1580ad62b643277dbfb67d5e280b8ed725df4e4ccc1e44709186ab787288eb8e58ac108141ef3e7851af394b845b7811e55f287acf9e2b03547dd2a17353bbfb88f500be7cf652bf9654a6376c4785801074ec2b012322d0ba0fd49df96f0730caa9ae12f7d50a9130522d7459f8d62bcb57620b722e05ba84758f913b39f7a4b617c0ca6ae3712178ac7f3f615451c40c193fdbd96fc43a69d38cfaf9868d62a7569960b657dd3785ae910e13d060454f9bd12958dff392f9252448c9b959f8f292504af0d843c41307957d071b810c453a4d05c0bfbe00a90e8ec87f3d1ef686f1b011e1f7131e5baf53645fdbf8cec13e5054697eff2cf1787a40074e2d6ef955844aab452e7c3e11504f08baad6460befc9223353c653cf33fbd3383c0b972dd621fb6c2cf0d49c3eb1814736650153ae5eeba4116105d50ea99c8c66ceb3746ee45a2d3dd892305d07cb445026815c0405de1f2a8c03f86d02ef78ebc811fa1dc7588b683bc07727c678109fdede748041d3758612669f7d41f1e03d7ced078c2113d8ade6f67ab65cdc92b528c6442cba3f1617fd83307ee82c6b9f6eb3ea78393bac40480eb9875158a8491b935378f0a97327cad13c4c99e671aa47bec0f2ca9dc773643f8103cb06c84a86835b49f99bcab0c6e265cd98868cd908c6296de9daa111b8d1b7a9e4957805ce82cc2c65f4b9431c531bf52784e7df7a4677cec29a2cd00469e5684b99883ceafb3017cf46cc42cb9fd5464f91c7dfc7cc0135cd58982965d09dfad160bdf0817616b852bdc392c2537c0c646cfb4e7d3725e826d96f5a0a7e9d2e7d83c61d9de1d8ad8857c5ca441954690d7c1116427e8c33306a119706886ace4f82a8665d2605dfe9883dd272532a2eaeef06c884689f7d9460c75d0b2c5a343587a8625cd2df8e391bf588e22dd4a4ce9117526eb816501389a4421162cd94f4aca5c4a17602ac284c6dda4ce90c0367e7491b55c52e34a86efa1c3ad0f313913973d367fd35e1a9ec7e231cac977a167fa64396e8ff67efa8d3dcc851aa59c3aecca919c959262b7fd6e4b8560986587dfe4f3043ec6338cb728dbc763d2cd6658beb3374048a644f9966ff97bc2af4e62e28cc132134c7ddcb0884fc192c17c149d8a41a71d192d8547934f6b98982c531ad59f19118d6722ef5777d48b352622c883a911c2b2ebec862292205412ff2669c0d333a1c573daaac8e262e59599827e75c4e6e555563bdd7ebd5bc66a288beb3fd8afd26db55b52ea60e92dcaff6256cc9d716fd6839712863e13b03d0c1ed7715d040c4e96658ce1b138bdb7012e23dd4cabc1c2f33b4314509d0d0836d986dd59c93c905b3b4a99bc310d37b778628faca4670081ef40c83d94d35047276f0c16f8957f48299651a9663f356a935cf09db14baa706c0d05ff9cf92852f4e3a5d04419361d8bf1ef271de5adf01c619e383bbdc0dabf23d5ef8c2d6124810d3aaf466ce272cc2fea6819a8731bd31b5ab275c1ad0918d91eae9cab1b3a49a519ecd885aab33ea0c4aeb9f9e1ffbcbff2f261ef70d90b54a49927270373941a6ceb260dfc55b8fcdcb0f8a50dbb72f50983d4a09632380764c636d7eea2178eeb45d833baeed8d23a888d08dc65f783f2a144250e39fe77781231af749aa45a3a3efc03dd7d7937ca6000fb98797df8b58ee7dc91bae319de76f7d9857812925bc61fded8640cbbab9afd720522bd4f593da7c7c52438627fdc5f2bfc282400b909a48dbd0cf7b0039dd0d83bdadd4d2c3a1fdc272ea0b7c92ee3a32856dfca387202c28434b48d1332d8dc43f2af3efb05fb16adfcfb20b08ff744542291c1cdf11b8634a07c82c0d520b540f861c78d0dfd510baa650deab3dfbb107d700c89dab8f4cc3a36d56e294428e607f4eb41bf7f3b4d98217a2635372f81c1d4afb431b8956c27f1d71c186bf49d5c325751bd33cc42e5ec28f6588397f360adffb64b97211e62e2c04726590843f34f91c09252f15140367c11961125253f80cd231bc2c19c211945ef5c9d66c5975337f34c01aeefc9f3abd9eab423eabee33ecbe930bd506c55bbfc316c9d7317e6985732ab653504418b69075167aa810dfd280910057d107712c358fa2a1b6e8ee09e2a697b01442f7dee174e1de45aa24eaa30365e629cbb9268f1ec9ab4467aad16d443d5b5cf77c8ddb03fd1132d798c98b4328b71d94794dcf18d2efbdc95117e72582c0813f144b055b880fc68577dde75a36c992540b6a750e31515a3ca70aa3b26536528374cd50b227c8beaebaabb85d8b558c99a10a1441ad52f9e3362d7ffff79601b5bd7c69845cd191e696cf6a81a164f1f15d6810ff0f6a3c68bf8b23c1d442a374bf16ed3d174329da8698e99280db49fe10b1adb900314e1ef83bf84fb43aaa775cddf167390ea69b1c013294a0df4a8b6d06cc29fc1df6da3fcc2a089c6ef9873ba7233194b3f8a96d1de3f7666541dd67c03f6103ddd921500ae6c3e1e4f7b97ff2504f86ec4cfb8b92f8a2e46f88a7bf9edff02e687524367dd821cd80955a68a1960db7212c6d8d67326b31c39c27b2363db323503d06cd2ca307c07bfaa3bb7613c1d89471fdd4e2b12f015290fd3f4d2913de45bd9a583a7ee51da9b49dd09e58b040b7bf57df2e2bd0dba8829a54a7fbde7666f3b19d6b0b69c86a253ea5a9098886f07c16ff163f3862429ecae1cbcf75d86b58ad5e66af3f925c0a41d008a60bb117423d305d36b20d97e611cba2ab30cb78c3778ea290dd46595d60a1730420b11c4f981a3c5681a577bac8e91e64b0b00fd2cb1038d56e59ce3e0c1ad28e05a83327d5d6a3869d1a839c258bae0db3b6d4e8f2c67743120d7b69a89f812251b456d5e5f382c713dca3f68b1874bc27bcdf627f7bc0531391e00fc2655d4a212fd956a911f410e4f6d446f0192cb75fe4e8a095f30092e9bf8108b4de42ab532dcb611cd84dbda45f91826cd0f005b6638e7d6006b78949e0159588db21c20af124f0e184fc3ee3cc46746dc460bc225b851e6a284d72682b379fff282fabf9efa83e8b7b29ae3420e5fe9e8c74c2db7843b9ce2de63cc2f9e481b216e72657859ff1cf8a46c1e50924b116ab4516d75d0b53e948d40f9be95f1a5ade1b55d2f989267d2346ff1b33d3f3fe6bb5b4b272abff86c69a3b4e18a72c774453a3"}, @generic="f5689a7aba77d24ac09b752bd29d70e49be761f9645ae0bdf85c3c79eb25f7dfae6e8ab009c3ee567979594c3a22830275ce21ebd17b4d861b536909dbf636627b", @typed={0x4, 0x22}]}, @nested={0x1c0, 0x59, [@typed={0xc, 0x8f, @u64=0x1}, @typed={0x8, 0x82, @u32=0x400}, @typed={0x8, 0x2, @fd=r2}, @generic="af8909f2ff5a6db868bd5426ba12f1736748265f5d1d0b6461a0dd0e5a6d734387f3acd15ab9a42cc75e523566e2ce492caf0bb81f316eaf1b89b9159f359a70ea408db0de153d1489e1c1003ffb059c42394a09082bde8fbdc281b404f5578e1c63331873a4ea446bfa6e02daf9cc39ec3bc4e82eb0c785591298a7753e3ba2efc1ff9c06d29e91b7710e4213c87b2bdaef54cf49ba4cd4dd8c90a31b3683b5b322", @generic="ac71f1c6cfc3ffe8aab69dba563d101a8e501d4bb71aec5e6cec3fd29a8f0a786d77f3074e0571cdba8c05082d8bb7561badc231e9874f56372f7967fb8b39fbd91830ef15e731a5f11321fbcf5985f6e90574b7a8fef0966f580506ece033eed2ed427fe363761b49fd6c052f04c94513eb4ec72b22b270dc41cbca10591a6f4113dfab51ba09c6ba515ce41de6ac63437825347b3d94", @typed={0x8, 0x28, @ipv4=@local}, @typed={0x50, 0x35, @binary="47443928f553aa11bde2c34aed298c24be4647ecf724032b86e1712750ddad868b818adbcf21e46a229eadd3e9747878b6ee9762d1ad84f89e0d6951b67e5bbdefe6d8c8cb82126a87f6"}, @typed={0x8, 0x23, @ipv4=@dev={0xac, 0x14, 0x14, 0x13}}, @typed={0x4}]}, @typed={0x8, 0xf, @fd=r0}]}, 0x1234}, 0x1, 0x0, 0x0, 0x800}, 0x20000890) r5 = semget(0x1, 0x4, 0x10) semctl$SETALL(r5, 0x0, 0x11, &(0x7f00000014c0)=[0x1c, 0x4]) utimes(&(0x7f0000001680)='./file0\x00', 0x0) syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x100, 0x400) 14:42:23 executing program 2: syz_genetlink_get_family_id$team(&(0x7f0000000280)='team\x00') 14:42:23 executing program 5: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x101400, 0x0) ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000040)={{0x2002, 0x100000, 0xf, 0x4, 0x4, 0x2, 0xffffffff, 0x7, 0x9, 0x2, 0xfffffffffffffff8}, {0xf001, 0x100000, 0x0, 0xa7cf, 0x1, 0x0, 0x3, 0x3, 0x100000001, 0x6, 0x5, 0x6}, {0x6000, 0xf004, 0xf, 0xfffffffffffffffa, 0x9, 0x5, 0x95eb, 0x7fff, 0x100000000, 0x2, 0x9, 0x7}, {0x1, 0xf000, 0xd, 0x101, 0x7ff, 0x0, 0x2, 0x7, 0x8, 0x2, 0xaf8f}, {0x1, 0xf002, 0x0, 0x7, 0x80, 0x7, 0x7, 0xb8, 0x7, 0x5, 0x8000, 0x8001}, {0x5000, 0x10004, 0xf, 0x5, 0x2, 0x1, 0x800, 0x3e13, 0x4, 0x81, 0x1, 0xda7}, {0xf000, 0x10f004, 0x8, 0x63a, 0x8, 0x7195040000000000, 0x80, 0xaef8, 0x7fffffff, 0x5, 0x7fff, 0xa63}, {0xd000, 0x2, 0x14, 0x1, 0xfffe00, 0x0, 0x7, 0x5, 0x6, 0xafb8, 0x659, 0x401}, {0x3000, 0x5}, {0x5000, 0x2}, 0x5, 0x0, 0x10f000, 0x0, 0x4, 0x2000, 0x2, [0x40, 0x401, 0x7, 0x8]}) sendto$inet6(r0, &(0x7f0000000180)="f4653fe38a604691dd2890fb9cda7e75dbc9b717935910e12244ef5be9b72162d028cfe45c24fe41f81085ff375cb29ca57011c4bd242a263ebe58f084c68d9f55494ec098cdbbb4fa966191068d8cae6f4458397f2d", 0x56, 0x8000, &(0x7f0000000200)={0xa, 0x8, 0x9, @remote, 0x3f}, 0x1c) r1 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x60c9, 0x121000) getsockopt$inet6_tcp_int(r0, 0x6, 0x3f, &(0x7f0000000280), &(0x7f00000002c0)=0x4) r2 = dup(r1) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000300), &(0x7f0000000340)=0x8) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) mq_timedsend(r0, &(0x7f0000000380)="6b60c616c9cd90f083792dccf96be3b7", 0x10, 0xffffffff, &(0x7f0000000400)={r3, r4+10000000}) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000440)={0xaa, 0x60}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000480)=0x0) ptrace$cont(0x1f, r5, 0xe6ca, 0x78) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f00000004c0)={0x10005, 0x0, &(0x7f0000ffc000/0x4000)=nil}) sendmsg$key(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)={0x2, 0x6, 0x7, 0x7, 0x10, 0x0, 0x70bd25, 0x25dfdbfb, [@sadb_x_policy={0x8, 0x12, 0x4, 0x0, 0x0, 0x6e6bb2, 0x5, {0x6, 0x3c, 0x7, 0x3, 0x0, 0x2, 0x0, @in=@dev={0xac, 0x14, 0x14, 0x11}, @in=@multicast2}}, @sadb_x_kmaddress={0x5, 0x19, 0x0, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e22, @remote}}, @sadb_x_nat_t_port={0x1, 0x17, 0x4e22}]}, 0x80}}, 0x8880) getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000600)={0x0, 0x7, 0x7, 0x8, 0x8000, 0x101, 0x0, 0x100, {0x0, @in6={{0xa, 0x4e23, 0x7f, @loopback}}, 0x1, 0x4d, 0x70a, 0x6, 0x1ff}}, &(0x7f00000006c0)=0xb0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000700)={r6}, &(0x7f0000000740)=0x8) r7 = syz_open_dev$sndctrl(&(0x7f0000000780)='/dev/snd/controlC#\x00', 0x9, 0x280) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) ioctl$VT_WAITACTIVE(r2, 0x5607) setsockopt$sock_void(r0, 0x1, 0x24, 0x0, 0x0) ioctl$int_in(r7, 0x5421, &(0x7f00000007c0)=0x4) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000800), &(0x7f0000000880)=0x68) sendmsg$nl_crypto(r2, &(0x7f0000000a80)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8020000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000900)=@del={0x110, 0x11, 0x200, 0x70bd2d, 0x25dfdbfe, {{'seqiv(gcm(aes))\x00'}, [], [], 0x0, 0x400}, [{0x8, 0x1, 0x400000000000}, {0x8, 0x1, 0x400}, {0x8, 0x1, 0x8}, {0x8, 0x1, 0x7}, {0x8, 0x1, 0x9}, {0x8, 0x1, 0xfff}]}, 0x110}, 0x1, 0x0, 0x0, 0x1}, 0x0) r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000b00)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x40004008}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x50, r8, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x471}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x8810}, 0x400c0) setsockopt$inet_tcp_buf(r1, 0x6, 0xb, &(0x7f0000000c40)="e55f", 0x2) tkill(r5, 0x2c) ioctl$HDIO_GETGEO(r2, 0x301, &(0x7f0000000c80)) setsockopt$inet_mtu(r2, 0x0, 0xa, &(0x7f0000000cc0)=0x5, 0x4) 14:42:23 executing program 3: write(0xffffffffffffffff, &(0x7f0000000140), 0x0) r0 = perf_event_open$cgroup(&(0x7f0000000280)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff) setsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, &(0x7f0000000000), 0x4) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'\x00\x00h'}, &(0x7f0000001fee)="520972697374e363757367725669643a4465", 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x0) ioctl(r0, 0x3, &(0x7f0000000700)="699a7ae34f280faa67295b2cdd9f96dfd7a08a2b35dc78065abbbac1b7f871132f95b6a22a5e151042bf113ef201f8314ce3db8af28b0c284d11dc552cb949ab7b546adb6e622c4fde9f92dca0b4fc4c4abc963f18ae3e5df566372d5591488e0c0edeed4a1a03f80d29a71f7e04509fa90cf375ca415eee09c2723c3359f91a5e896e385b67615710d0ba143c2b1ab600f511f99946e3a0d99af24a217f11078d0b5895de054aeedabf844c1166399629394dcfcd9400478a4ea4f0c7e8464283fdd230b2a4ed6f6553ed6198f201f3487bf6ec87a8f6dd92bb7b83ddb45c8d08055135347d8e86449abfe2452d95faf2133c25f26ca2bce8dc983b2e6b8d41cca7714ff08adf9f9cf370f5a60789ce1e6caac86bf62c3c1fdebd5a94e578abe1a04a45fe76e8c3d1cabe85c121b99a1984e8224e4f5dc326ca449e40604033b0ffd39e96d57520d492629a02d94afa6b0b8bc7406bf5b05a513e074a0c1dff7ad2da069b6799f7fba1acc04ae9ce6d97d3a453afb8c737cf18f5c1347bf372b026bf5a1959b05c438d3a96cd14da42bc89edc4703aa5854d2d2c139f467e0c7d7a92358c9d4cf0e35d67b08dabb8b87b1b12f1fa7374830897f5d748061f137a1c1097156180eec26194e9604a10add7a3c8c198045eb646b8e38cb306ebda850bb6f1f543759079d44fe0708cc43cf8026390b5c1efb823f584adb4b914643137235d22f02d581fbf5e20774a1e9b4c2cec5a7f2d75c90b1bdab1386a93e0a174523c698c373d24c10db69a03a9ab1652e2b67eb00817f49c89135a7a6ebea700ffc6fb726c40eaf3804ae103b35c6cae44662c806651be146a3fa38ad4b495e5efdaf04f165ddab57e1ca6e1ebf4a005fe0fe2146ef4b2b66364b9bcfdfe024e75ceb2c4c90af7e157e7c32cac40558bb1b1e62682fd6d1fe3664f17c0559627645b269c898324e009cdc89b92c9c814b9abe3cafb42571b8bbd42d63ac5c659085d0bfd6b81acafb673dc98a5c9206d92dad873508ab1349dc8435a656e3746dc2429fa5c6f8601cc20b7cebdebcf97054f37d8e44e2b6c1e71608194524851974196ffafca78a7419513ee503e9e7e07f0f22337b7a7c4af2609bd8da2991e5d9efe6d9dda1df97c73a3395edb5c9860dae5606ac9f9a045ea6bf690b2b0688717330d364db2b37ecf40f07461d1e325f1339e2f541d832fafb56e448004ddfd34f00b1f03452e0a10472d58f32040ae5ad01c8b363c971012011f8ccc94eb4afc86cbd840bf703b258672561682eb70c41e1088efd43b809848035f5d40282a48875b46568fcfbae5409a112b6021efa4c71c4ce4d462e754d9e59b0d9ca21a55137dc1f7e403dbd5a71043d2986badb715d2343b9aa171eaefd00a55f0dfc8ac3488cf9318ebca6bdc1d9c21f7240a4c5fce7fa99cb3146c6636da3a6662cc91ed84c8c7ac921cab1d183a0f6d5b4291b50a83b8616d7f899c3302ca5baf161c527311fa183cad0f70196b644662e0f5a25d23e393018530798f13e4e71389561e5bf0e39e4880b5772f3389b414f83dd822c55a42366033895555a699f44147e260f74e137ba4a6f9d40a90acf0377c6266d52b1e1fe0427bda0ef967737d18e7085aaff7494eaa16abcaa31e77a1c9ad8fe3ccdc4883969ff431fe1781b16c368a5173e35586619bfb60cc0b848e56c8eeac056bfa0f5d70144ea71150fcdff3dd792799527e8d35c4d93c129bb2fd6a827274ad48679491a40e46200e3a607cdfdd2b1cf18834169b115fe1a191afd3b7863db3fb521a829c7232495b8031e9e951a389a681dd08f900a34f1f0eb05ce8c71fe237505e8257dd016976b84d8f208c2f6817e15b2241fd2238ee8aee90a3fec22fb605f06ad687a2ab228709f0feccaae560213dfe367ae27bec63c12f02a91c4fbcbae0370b827bda4b568f3d88ec3e0184cc7421da93f324a1e5346b1a189e12c2a1ae648677a4af0a8e36eaff40f3249b92847bdab66a91c84d637851d2534f3c34b9a1a75d7b0ba68fd4d6e4dc95805a18c486145603e13c73e50a66de6ef712043cd0df7c64a908b97f62e7f1f234750b578bc8076ee7c0aaccfc7e13b5beaa6580adc2916e275d9839c843c231e5e96ded07e8bb913191d2587004cfb2679c89d03876f851870bea180a1a0d160d6de192b494c7d3543800474d36cd260570fa5ac2a4079c466975212e1ddfab23be0df76fc52a766c162dcd20c45c26d0d901d02c2c97ed02019abf77603616aefa22e10e07f77fc7b56fe6d76fa8695efacc8873d971e045477e5045f8ca56af6c68d7f9721af0d61cdd0b99c0404dac810e68a824a5eea33abd38a77c1531dbc0d212c7cfebbe068f0031930ee3d3f5aacc0c138fbe9e7e1b1e6bbe6935709cd0f2abe9d530129004e367f79b3e1fcce18ea119dbbaeff82284564501b5f2e99bb9fd10db702954e1851be53813101214b7863199c26fe165d891d5572e0bfe0d547c2b7766b0e6c92645c8ab109e7a687f0de239e6d212e3fe09e3c177b207eefe24cc994204d61662b206b72079101ccb51a7023bd9235018f325c65d677983fe301f9ce11a38f866e0a3a0928df38a539f9b7e0c4b84a776aaadfeef7818590e186c3d8b798f94b06e76fe9de9110014a47e803a41db47e758cf2912310fdfd7d582737cc00053f7da390c18ad8effcbea2fd77383668f6a6c2c25efa9658ddd30aaa546dedc2d294edba63f44e8e0b13de84f7296e08d99f03060b8c83417e7ca428d72398ae1dc4d6e6885852c56b02ab66c510a5de69320f0e3da40a49955b07caccfdf90de57ef715da0c8b58b491d83887f2033e317701b262b37aca4993361e80454372fc850e3a7aa7e4832c7f62389f37156759dfc2aa44190f9922c0521383cc80f86c8086fc12f6ec50b2ace0449feec0d8f96c59af8a954ee1b73561aaf712399cd1d1572387b1c11df04abf3b00b0977d0312f2365d2777661785a88570f3edd5600e7af7cb05715a12a478e658e138579adbb888414aa57f393c83846538e79db8e348e9c5018a20a399a798a10c229767426f819b83b6c9bf63bb0594de09a945d8b30884cc083675e095c419349df77eca1ae12bced3f0ac2bf44e0ce3a4c5074705fd8c916c3009f5ba3b46eb7810932224538bf34f1942eaa9cd05c28263af22ce0303186c1b202fed4219b721a4e16ff6c868f7b88889d11ed6e4686af3315ab7efef920e278b1acc21f86836f569a87b91817474e3bddb0cb539b83763add959868c40d71873446e0dc2834eb94dc0e0a24b4190a7e093ba9757253cd93ab7bfdad09bb69a6a2a5f0dc1e5388715ff26ca1447a29665c2f235961f1d29e15f9da33034ce0f56e5a936e292221db5fe3a8272eb84614c6f7e0d169652ae72cb473a8fd24c722443acb741f77df92cfb4faeb03ca9ca03b58365ba448bb905618c78aa6abc6bf3b92b9bca4d287103e0a8920016419917fcb46e8bb23dd90e5639f4bfcceed53ae403f7e21aa8133a8439a7209d8f59ad622cf20756e0a79e36c2e5de64d34bd7f5d810f54c3b791a71f52d0da96149ee3aca41bff78a0449df2a5abcb775c39c58660600527144923450b37c72e37ca43f43a345811654ca308ef3f9d439eff65941c1c5df86a095acd7872a868a6c737b0f3b0bbb91242834d6baaec69a5549c8dc42995a536e503c6a128e5b66002d9038ef431558251c24399171f8cacf05c7fb816cbb867709a409e1cc4fcdf0dfb9093cf3738a8eae4cfa5d896f4c370e2cb40debd77f4c0acc6ad1cfdeb403b795ee93c98b945fca741ec750715aaa04c2e0942641c18edbf7a7e99011d0d3e19c3e9c9fa822888f7ee863a78170543d80e30d5fc409c8a4c6ee7b3f653c2811ce787930d9a85106736dfeb8aace32f3450ace0e39fe57f9fdb85e79952e82af92fb6cff0ee57141cd8a89e905dfe73a83fee3864dff08de54b0461980a811ff809662f9a517788b9821ed54e8b2fd725e7a8a8ebda1a976ee941af748fd8ccaa0265794484335d363bfeaaf86a1ba8c60bd28e22d5082941f0d4fa2675f143658afc0ab045d94b9181c59b49c72f11af9c231577a1ab1dd87c5cb05e6ec78aa128d2539a41f2440532a8632935841453dc6cbc0422cc84f8eef459f2a073ccac8c41b2318b0a9f3ca973b6d86791e2e0693b0790212aa5ee13e331f0317b06cf6f886b3336ba2ee79aae82e6e2137b99ac3212eb1c5d886ba015b5f2be2bcc3ab9e09a3a2628c83fbf17e4d8bd7606bce75ca60aec2d54c46122e3b5264c1e886bab51289e2f3c9866652c935f1123bdb2ec5ba177ff961ea6f9a902a9ef7e3eee28a95b4170d6f085970030865e3060388887d91b841fcc54f428ad432505faf4071e17f653fd039d4728fca84d58292c12b93cfc15db7c880bd8410d09fe556a26d107c21aa51ce69ba07283afb7c9c6ea0131c48efc919db98dc981917206e9d07c26dced4f25c8bbf9f4fc6e2d1fbd45304c054b4d117ea551cccffdbbc5468c2875176450d26498e1c397f50f5970b6d75768710d65ded2586d39696be66f5e6c5d1272ece8882a02bd9c22d885888653239ba7556e86b6727fc5ef0f0b2c7c694b930642581178aba9b62f0e987a979e112fe7d48fecdc14cf18f8ef65a624f45f4fe8d496b1d729f85fc7984c92ad0f6e418cefb616ff674aa09e2be7a67be7ddca00f784a4e071c108edc88c6ec424eaf8ccbc44d7398d54f2077a17e7cb95225f2ceb56ab3f7fd490735a55a7d4ebbdfc76f2d98984e17ae5d34687e0fb02a8931032b324279c363f80b13e43a28bb1f750fff0204833abf3a2a7c12ff68452a84d487faf720718f858b759ae92bc5641745b3967772f89cdc9182f84378ab5806281890f289ebce778c3c797d5affe7d41a640a65fbe56b4da5a99557a661c30b4038f2b7a1b209c4b19070984d60d082f4b69443989718527c30158dc219516dfac8817e9dfa803da42eb78e9818b1818ff304c6a6b4c1c82db9ad92dc9291bce237e02a3b57b61fbd959a1aeb4168af4d7e879e2c75b73659708d5fde146297073896598e6495d1b37d819b967033b536c97995ad22fecd528816d08fe4b12c10b7c5bbb114bcaf9c462748dd6814fb4f14d788ff4a520affbc501f9fd8aec380e583fb517408c0890f9743b9c7aa82a2ed8acce2a4525bdbea066edfdcc21ce4085882179ba092302df49b7d0a0d7c8199d74d7204b3dfe53ab61cca9b3a93f78f9808f74d8d725f244423d7386cb5bde0a95e869abc5e5cd2dee68dd7218235d8cdb47d141056ba3218457ac2bab2d45a048b8449db20e5102d885abb3fb585514243e2d86e0b2468146892926e064f12a2d69b5afa6bf9f8978a05e98f069ea63c92d2d02412cdc4b51b085319b293402515b10eee5cce148b80e0bc68877dd5f137ca0647d4cea1f8e29217ced7edffa3fd817ac396c2764548205fa0a7eab7d104503885ffa6da3190b1a2d32e750f759708b2a44ba5f6a8668ed2569244ba224a287546cb9fc8d7310673f16dbef2558a600b7dfb7f037755b19677a9faed3b81e8f3333ed4a2d658bd7f699de1217be16756bc2843ae9abdfda2fccc21ec5dcf3acb1be9853fa804c8aa6299b18017d620a59ab1dadd34044e60797fd0f0332311ea82c772410d07919d5c218147dd50ff2c4e4ad2cd31708a95578f4acf51250d03cf56968009495dbec275791bd8c54c8fb4ff8e2cab8d13ea98862ed0153cc259d27698636") socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0xc, &(0x7f0000000300), &(0x7f0000000440)=0x4) 14:42:23 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000080)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x7d6, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffd9f, &(0x7f0000000100), 0x0, &(0x7f0000001580), 0xfcdb}, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000000)) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000002c0)) ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f0000000040)) 14:42:23 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000200)=ANY=[], &(0x7f000002c000)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x0, &(0x7f0000000180)) mount(&(0x7f0000000100)=@nullb='/dev/nullb0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000000340)='bdev\x00', 0x100000, &(0x7f00000002c0)) mount(&(0x7f0000000380)=ANY=[], &(0x7f0000000080)='.', &(0x7f0000000040)="045b898f73", 0x0, 0x0) mount(&(0x7f0000000000), &(0x7f00000000c0)='.', &(0x7f0000000140)='vxfs\x00', 0x3080, &(0x7f0000000200)) mount(&(0x7f0000000080), &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f0000000580)) mount(&(0x7f0000000080), &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f0000000580)) clone(0x210007fe, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) mount(&(0x7f0000000500)=@nbd={'/dev/nbd', 0xffffffffffffffff, 0x7a000000}, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='proc\x00', 0x0, &(0x7f00000005c0)='system_u:object_r:pam_console_exec_t:s0') 14:42:23 executing program 3: sched_setattr(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9917}, 0x0) getsockopt$inet_dccp_buf(0xffffffffffffffff, 0x21, 0xc0, &(0x7f0000000300)=""/242, &(0x7f0000000040)=0xf2) pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) read(r0, &(0x7f00000000c0)=""/32, 0x19) write(r1, &(0x7f00000001c0), 0xfffffef3) read(r0, &(0x7f0000000200)=""/250, 0x50c7e3e3) 14:42:23 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000280), &(0x7f00000002c0)=0x4) bind$inet(r0, &(0x7f0000738ff0)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21}, 0x10) 14:42:23 executing program 1: seccomp(0x200000001, 0x0, &(0x7f0000016000)={0x1, &(0x7f00001e0fe8)=[{0x6, 0x0, 0x0, 0x7ffff7ffc0000}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x10, 0x100000003, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x400017e, 0x0, &(0x7f0000000140)={0x0, 0x989680}) sendmsg$nl_generic(r1, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000000000)={0x14, 0x16, 0x201}, 0x14}}, 0x0) 14:42:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) socket$inet6_udplite(0xa, 0x2, 0x88) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x11, r2, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000001040)=ANY=[@ANYBLOB="06000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000500000000000200000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000008300000002000000000000000000008000000000000000000000000000000000000000000000000000000000006e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 262.896924] kauditd_printk_skb: 3 callbacks suppressed [ 262.896959] audit: type=1326 audit(1541774543.947:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x7ffc0000 [ 262.912996] *** Guest State *** [ 262.924112] audit: type=1326 audit(1541774543.947:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x7ffc0000 [ 262.924165] audit: type=1326 audit(1541774543.947:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x7ffc0000 [ 262.927480] CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 [ 262.979488] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 262.988506] CR3 = 0x0000000000000000 [ 262.992336] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 262.998354] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 263.004492] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 263.011228] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 263.019392] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 263.027501] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 263.035659] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 263.043855] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 263.051946] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 263.059959] GDTR: limit=0x00000000, base=0x0000000000000000 [ 263.068097] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 263.076226] IDTR: limit=0x00000000, base=0x0000000000000000 [ 263.084365] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 263.092470] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [ 263.098915] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 263.106699] Interruptibility = 00000000 ActivityState = 00000000 [ 263.113031] *** Host State *** [ 263.116270] RIP = 0xffffffff812c8203 RSP = 0xffff88012eb8f3c8 [ 263.122414] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 263.128870] FSBase=00007f2514e04700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 263.136805] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 263.142808] CR0=0000000080050033 CR3=000000013436d000 CR4=00000000001426f0 [ 263.149870] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 263.156702] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 263.162875] *** Control State *** [ 263.166387] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c2 [ 263.173234] EntryControls=0000d1ff ExitControls=002fefff [ 263.178746] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 263.185824] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 14:42:24 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x200000000000001, 0x0) io_cancel(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000680)}, &(0x7f00000000c0)) setsockopt$inet_buf(r0, 0x0, 0x100000040, &(0x7f0000000040), 0x0) ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000540)}) [ 263.192665] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 263.199284] reason=80000021 qualification=0000000000000000 [ 263.205770] IDTVectoring: info=00000000 errcode=00000000 [ 263.211269] TSC Offset = 0xffffff6da69fe47a [ 263.215751] TPR Threshold = 0x00 [ 263.219161] EPT pointer = 0x000000012ddb901e [ 263.229312] audit: type=1326 audit(1541774544.277:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x7ffc0000 [ 263.251094] audit: type=1326 audit(1541774544.277:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=46 compat=0 ip=0x457569 code=0x7ffc0000 [ 263.273012] audit: type=1326 audit(1541774544.277:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x7ffc0000 [ 263.294493] audit: type=1326 audit(1541774544.277:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x7ffc0000 [ 263.315983] audit: type=1326 audit(1541774544.277:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x7ffc0000 [ 263.599502] IPVS: ftp: loaded support on port[0] = 21 14:42:24 executing program 1: seccomp(0x200000001, 0x0, &(0x7f0000016000)={0x1, &(0x7f00001e0fe8)=[{0x6, 0x0, 0x0, 0x7ffff7ffc0000}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x10, 0x100000003, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x400017e, 0x0, &(0x7f0000000140)={0x0, 0x989680}) sendmsg$nl_generic(r1, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000000000)={0x14, 0x16, 0x201}, 0x14}}, 0x0) 14:42:24 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0) fallocate(r0, 0x41, 0x401, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.memory_spread_slab\x00', 0x2, 0x0) dup(r1) sendfile(r1, r1, &(0x7f0000000000), 0x9) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x100000000, &(0x7f0000000380)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r4+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 14:42:24 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x200000000000001, 0x0) io_cancel(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000680)}, &(0x7f00000000c0)) setsockopt$inet_buf(r0, 0x0, 0x100000040, &(0x7f0000000040), 0x0) ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000540)}) [ 263.751110] audit: type=1326 audit(1541774544.407:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x7ffc0000 [ 263.772986] audit: type=1326 audit(1541774544.407:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=7668 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=317 compat=0 ip=0x457569 code=0x7ffc0000 [ 265.635784] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.642326] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.649821] device bridge_slave_0 entered promiscuous mode [ 265.723794] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.730185] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.738210] device bridge_slave_1 entered promiscuous mode [ 265.810955] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 265.884045] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 266.107366] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 266.187215] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 266.332442] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 266.339385] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 266.562005] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 266.569510] team0: Port device team_slave_0 added [ 266.642809] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 266.650323] team0: Port device team_slave_1 added [ 266.724579] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 266.802283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 266.879192] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 266.886604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 266.895498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 266.964908] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 266.972394] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 266.980931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 267.796988] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.803510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 267.810219] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.816714] bridge0: port 1(bridge_slave_0) entered forwarding state [ 267.824697] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 268.312044] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 270.787036] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.070004] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 271.350627] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 271.357021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 271.365028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 271.646810] 8021q: adding VLAN 0 to HW filter on device team0 [ 273.396969] QAT: Invalid ioctl [ 273.403936] QAT: Invalid ioctl [ 273.407738] QAT: Invalid ioctl [ 273.411198] QAT: Invalid ioctl [ 273.420445] QAT: Invalid ioctl [ 273.426001] QAT: Invalid ioctl [ 273.429538] QAT: Invalid ioctl [ 273.433202] QAT: Invalid ioctl 14:42:34 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0x4) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000003c0), &(0x7f0000000400)=0x5) prlimit64(0x0, 0xfffffffffffffffc, &(0x7f00000002c0)={0x0, 0x7}, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x10, &(0x7f0000000180)={&(0x7f0000000200)=""/81, 0x51, 0xffffffffffffffff}}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_UPDELAY={0x8, 0x8}]}}}]}, 0x3c}}, 0x0) 14:42:34 executing program 3: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000) shmctl$SHM_LOCK(0x0, 0xb) r0 = socket(0xa, 0x1, 0x0) fstat(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgid(r2) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000280)={0x0, 0x9}, &(0x7f0000000340)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000380)={r3, 0x1}, 0x8) r4 = socket(0x10, 0x2, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x8010, r0, 0x29) ioprio_get$uid(0x3, r1) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setgroups(0x0, &(0x7f00000003c0)) setresuid(0x0, r5, 0x0) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000140)=0x1a8, 0x4) shmget$private(0x4800000000000000, 0x3000, 0x1809, &(0x7f0000ffd000/0x3000)=nil) ioctl$ASHMEM_GET_PIN_STATUS(r0, 0x7709, 0x0) 14:42:34 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000200)={0x3}) 14:42:34 executing program 1: clone(0x10002102009ff7, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) getsockname$netlink(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0xc) r0 = msgget$private(0x0, 0x0) msgrcv(r0, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$netlink(r2, &(0x7f0000001140)={&(0x7f0000000000), 0xc, &(0x7f0000001080), 0x0, &(0x7f0000001100)}, 0x0) msgsnd(r0, &(0x7f0000001180)={0x2}, 0x8, 0x0) 14:42:34 executing program 2: ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f00000001c0)) setitimer(0x1, &(0x7f0000000000)={{}, {0x0, 0x2710}}, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000340), 0x12) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000200), &(0x7f0000000240)}}, &(0x7f00000002c0)) r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000001540)=[{&(0x7f00000003c0)=""/182, 0xb6}], 0x1) r1 = gettid() ioctl$int_in(r0, 0x80000040045010, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000e60000)) tkill(r1, 0x15) 14:42:34 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0) fallocate(r0, 0x41, 0x401, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.memory_spread_slab\x00', 0x2, 0x0) dup(r1) sendfile(r1, r1, &(0x7f0000000000), 0x9) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x100000000, &(0x7f0000000380)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r4+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 14:42:34 executing program 1: clone(0x10002102009ff7, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) getsockname$netlink(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0xc) r0 = msgget$private(0x0, 0x0) msgrcv(r0, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$netlink(r2, &(0x7f0000001140)={&(0x7f0000000000), 0xc, &(0x7f0000001080), 0x0, &(0x7f0000001100)}, 0x0) msgsnd(r0, &(0x7f0000001180)={0x2}, 0x8, 0x0) 14:42:34 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x4, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000200)={0x3}) 14:42:35 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c200000000000000000000007000000070000000a80000006172707265706c79000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000"]}, 0x280) 14:42:35 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c200000000000000000000007000000070000000a80000006172707265706c79000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000"]}, 0x280) 14:42:35 executing program 1: clone(0x10002102009ff7, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) getsockname$netlink(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0xc) r0 = msgget$private(0x0, 0x0) msgrcv(r0, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$netlink(r2, &(0x7f0000001140)={&(0x7f0000000000), 0xc, &(0x7f0000001080), 0x0, &(0x7f0000001100)}, 0x0) msgsnd(r0, &(0x7f0000001180)={0x2}, 0x8, 0x0) 14:42:35 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0) fallocate(r0, 0x41, 0x401, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.memory_spread_slab\x00', 0x2, 0x0) dup(r1) sendfile(r1, r1, &(0x7f0000000000), 0x9) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x100000000, &(0x7f0000000380)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r4+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 14:42:36 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x5) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000000022, &(0x7f0000ddfffc)=0x1, 0xda) setsockopt$inet_tcp_int(r1, 0x6, 0x1e, &(0x7f00000003c0)=0x1, 0x4) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) 14:42:36 executing program 2: ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f00000001c0)) setitimer(0x1, &(0x7f0000000000)={{}, {0x0, 0x2710}}, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000340), 0x12) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000200), &(0x7f0000000240)}}, &(0x7f00000002c0)) r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000001540)=[{&(0x7f00000003c0)=""/182, 0xb6}], 0x1) r1 = gettid() ioctl$int_in(r0, 0x80000040045010, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000e60000)) tkill(r1, 0x15) 14:42:36 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c200000000000000000000007000000070000000a80000006172707265706c79000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000"]}, 0x280) 14:42:36 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_sctp(0x2, 0x5, 0x84) sendto$inet(r1, &(0x7f0000000000)='_', 0x1, 0x0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) 14:42:36 executing program 1: clone(0x10002102009ff7, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) getsockname$netlink(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0xc) r0 = msgget$private(0x0, 0x0) msgrcv(r0, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$netlink(r2, &(0x7f0000001140)={&(0x7f0000000000), 0xc, &(0x7f0000001080), 0x0, &(0x7f0000001100)}, 0x0) msgsnd(r0, &(0x7f0000001180)={0x2}, 0x8, 0x0) 14:42:36 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c200000000000000000000007000000070000000a80000006172707265706c79000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000"]}, 0x280) 14:42:36 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = dup(r0) sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000180)={&(0x7f0000000200), 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x70, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7f}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@loopback}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7fffffff}]}, 0x70}}, 0x20000080) 14:42:36 executing program 5: write(0xffffffffffffffff, &(0x7f0000000140), 0x0) perf_event_open$cgroup(&(0x7f0000000280)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff) setsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, &(0x7f0000000000), 0x4) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'\x00\x00h'}, &(0x7f0000001fee)="520972697374e363757367725669643a4465", 0x0) finit_module(0xffffffffffffffff, &(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0xc, &(0x7f0000000300), &(0x7f0000000440)=0x4) 14:42:36 executing program 1: syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r0 = syz_open_dev$vcsa(0xfffffffffffffffd, 0x0, 0x0) ioctl$BLKPBSZGET(r0, 0x127b, &(0x7f0000000200)) 14:42:36 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c200000000000000000000007000000070000000a80000006172707265706c79000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000"]}, 0x280) 14:42:36 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x200000002, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x3a) close(r0) 14:42:37 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0) fallocate(r0, 0x41, 0x401, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.memory_spread_slab\x00', 0x2, 0x0) dup(r1) sendfile(r1, r1, &(0x7f0000000000), 0x9) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x100000000, &(0x7f0000000380)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r4+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 14:42:37 executing program 5: seccomp(0x200000001, 0x0, &(0x7f0000016000)={0x1, &(0x7f00001e0fe8)=[{0x6, 0x0, 0x0, 0x7ffff7ffc0000}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket(0x10, 0x100000003, 0x0) [ 276.144241] kauditd_printk_skb: 26 callbacks suppressed [ 276.144275] audit: type=1326 audit(1541774557.197:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8088 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x7ffc0000 [ 276.238573] audit: type=1326 audit(1541774557.227:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8088 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x7ffc0000 [ 276.260306] audit: type=1326 audit(1541774557.227:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8088 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x7ffc0000 [ 276.282282] audit: type=1326 audit(1541774557.247:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8088 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x7ffc0000 [ 276.303917] audit: type=1326 audit(1541774557.247:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8088 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=317 compat=0 ip=0x457569 code=0x7ffc0000 [ 276.325478] audit: type=1326 audit(1541774557.247:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8088 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x7ffc0000 [ 276.347363] audit: type=1326 audit(1541774557.247:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8088 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x7ffc0000 14:42:37 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'eql\x00', 0x805}) 14:42:37 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0) fallocate(r0, 0x41, 0x401, 0x4) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.memory_spread_slab\x00', 0x2, 0x0) dup(r1) sendfile(r1, r1, &(0x7f0000000000), 0x9) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x10000014c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x100000000, &(0x7f0000000380)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r4+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 14:42:37 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c200000000000000000000007000000070000000a80000006172707265706c79000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000"]}, 0x280) [ 276.368917] audit: type=1326 audit(1541774557.247:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8088 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457569 code=0x7ffc0000 14:42:37 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r0, 0x208200) r1 = open(&(0x7f0000000780)='./bus\x00', 0x14102e, 0x0) write$FUSE_INTERRUPT(r1, &(0x7f0000000140)={0x10, 0x0, 0x8}, 0x10) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r1, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0) syz_execute_func(&(0x7f0000000040)="3666440f9bf56664400f9f3241c3c4e2c99758423e0f11581010196f04cd04cd0f2902") 14:42:37 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)="2f0000b6973c5b3040aca452ce7b66e9bb8f79499071e53fa8bcc10a15c76343ce2db7bb3e3af7928378b56f2fa951bd691563eb786419b4e25eb5e462cca9eeeb34e744040000000000001845e2a1ba505df6ae986106d16f21d8e768d851013190ee7187559a8dd3ea51c1792b322189c8fc0d5750d19d8bbfb1e649b919fb028be4e8f7264756fd64119c4fe2af796b76064c3a58fdef4ff48599b767549abf0524216bd4b21f5ea56542bd98999aded1234fa6bbd052f745f17014b1b7217b1d65d865505bc5750b2c313fe399e667c91d0700000000000000000000003ab8c81b6440853e86cdc42e9067147351f69d448450b962e31271340e6e7e39e97669e7", 0x0, 0x0) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000fc0)=0x10040) ioctl$EXT4_IOC_SETFLAGS(0xffffffffffffffff, 0x6609, &(0x7f0000001740)) 14:42:37 executing program 3: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c200000000000000000000007000000070000000a80000006172707265706c79000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000"]}, 0x280) 14:42:38 executing program 2: 14:42:38 executing program 0: 14:42:38 executing program 5: 14:42:38 executing program 4: clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) 14:42:38 executing program 4: r0 = socket$kcm(0x29, 0x5, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setrlimit(0x7, &(0x7f0000000100)) accept4(r0, &(0x7f0000000340)=@alg, &(0x7f00000003c0)=0x80, 0x0) 14:42:38 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c200000000000000000000007000000070000000a80000006172707265706c79000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000"]}, 0x280) 14:42:38 executing program 0: sched_setaffinity(0x0, 0x2, &(0x7f0000000140)=0x9) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r1 = memfd_create(&(0x7f0000000e40)="0000000000007225f78380807dde5053601841a0d0f82b74374852b01f125997622dc4a5e71d2ce5ac32ff90824fa25e59073487cf36ad576e32926b04894da740f7e9c0ffb42c356a1f285bfc8f0b8c6f72ef151dab4c5c2a5a751f04bfc69ac5c3b5168a6d13d826b1ed0c7527d58f54adc12fca1f25c8fc2586ea4d90f84dabcdec291fb780a39a117d12b0893b182098dceed33b222a1d413709ae355d4d297fe42c5d4e9d8bbd9d0c709cae47e88f8aa22a505b3e995b501f0d3753cd3510e87436612b401305f316177f6d4d4c70fd9d2621c3707ad88da7852596d89a59cb74505e675ac6ebc03faa3ee99889176b571135031afc973c52c5f6437b8143002b30d8fb92011c4994cc024e40497b2daeb06ad5308af486d0178a418f6bdb6940f07dc6e5cf1a3c852b401e3ecec45d22fd687928411b83f68bf7be4b21fdf0033cf949b8a76aa65d68ad885967c2cc3c2d60ec74fcf5de162c94ffe3e15775c1a1cfd9818d4c17a2f8d0a7302538f079e7b128ef123c8bb909000000000000003814c2aea86c35fbf4244a64635d32ff12e4dcb3df56e5d5d3882a9984993f8a7fef72d875d21c1e3bb2bc3e6e79a2b6d322f710f0378abc2095d32139e39f3223db9961309295e4c3c8e1b0001dd757aa000000000000000000000000000008eca80c7b0c", 0x0) execveat(r1, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f00000001c0), 0x1000) getpgrp(0x0) shmctl$SHM_STAT(0x0, 0xd, &(0x7f00000001c0)=""/40) write$P9_RREADDIR(r1, &(0x7f0000000200)={0xb}, 0xb) r2 = getpgid(0x0) lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000500)={{{@in=@dev, @in=@loopback}}, {{@in=@rand_addr}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f0000000600)=0xe8) lstat(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6b}, r2, 0x0, 0xffffffffffffffff, 0x0) getdents(r1, &(0x7f00000003c0)=""/158, 0x9e) ioctl$int_in(r0, 0x5452, &(0x7f0000000b40)=0x82) removexattr(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000b80)=@random={'user.', "0000000000007225f78380807dde5053601841a0d0f82b74374852b01f125997622dc4a5e71d2ce5ac32ff90824fa25e59073487cf36ad576e32926b04894da740f7e9c0ffb42c356a1f285bfc8f0b8c6f72ef151dab4c5c2a5a751f04bfc69ac5c3b5168a6d13d826b1ed0c7527d58f54adc12fca1f25c8fc2586ea4d90f84dabcdec291fb780a39a117d12b0893b182098dceed33b222a1d413709ae355d4d297fe42c5d4e9d8bbd9d0c709cae47e88f8aa22a505b3e995b501f0d3753cd3510e87436612b401305f316177f6d4d4c70fd9d2621c3707ad88da7852596d89a59cb74505e675ac6ebc03faa3ee99889176b571135031afc973c52c5f6437b8143002b30d8fb92011c4994cc024e40497b2daeb06ad5308af486d0178a418f6bdb6940f07dc6e5cf1a3c852b401e3ecec45d22fd687928411b83f68bf7be4b21fdf0033cf949b8a76aa65d68ad885967c2cc3c2d60ec74fcf5de162c94ffe3e15775c1a1cfd9818d4c17a2f8d0a7302538f079e7b128ef123c8bb909000000000000003814c2aea86c35fbf4244a64635d32ff12e4dcb3df56e5d5d3882a9984993f8a7fef72d875d21c1e3bb2bc3e6e79a2b6d322f710f0378abc2095d32139e39f3223db9961309295e4c3c8e1b0001dd757aa000000000000000000000000000008eca80c7b0c"}) 14:42:38 executing program 1: 14:42:38 executing program 2: 14:42:38 executing program 5: 14:42:38 executing program 4: 14:42:38 executing program 2: 14:42:39 executing program 1: 14:42:39 executing program 0: 14:42:39 executing program 5: 14:42:39 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c200000000000000000000007000000070000000a80000006172707265706c79000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000"]}, 0x280) 14:42:39 executing program 4: 14:42:39 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x0, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[]}, 0x78) 14:42:39 executing program 2: 14:42:39 executing program 0: 14:42:39 executing program 1: 14:42:39 executing program 5: 14:42:39 executing program 4: 14:42:39 executing program 0: [ 278.737421] kernel msg: ebtables bug: please report to author: Entries_size never zero 14:42:39 executing program 1: 14:42:39 executing program 2: 14:42:40 executing program 5: 14:42:40 executing program 4: 14:42:40 executing program 0: 14:42:40 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x0, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB]}, 0x78) 14:42:40 executing program 1: 14:42:40 executing program 5: [ 279.345790] kernel msg: ebtables bug: please report to author: Entries_size never zero 14:42:40 executing program 2: 14:42:40 executing program 4: 14:42:40 executing program 0: 14:42:40 executing program 1: 14:42:40 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x104, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000"]}, 0x17c) 14:42:40 executing program 5: 14:42:40 executing program 2: 14:42:40 executing program 0: [ 279.956241] kernel msg: ebtables bug: please report to author: entries_size too small 14:42:41 executing program 1: 14:42:41 executing program 4: 14:42:41 executing program 5: 14:42:41 executing program 0: 14:42:41 executing program 2: 14:42:41 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x186, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa0000001300000000"]}, 0x1fe) 14:42:41 executing program 1: 14:42:41 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x186, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa0000001300000000"]}, 0x1fe) 14:42:41 executing program 5: [ 280.522443] kernel msg: ebtables bug: please report to author: entries_size too small 14:42:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r1, &(0x7f0000000000)={'exec ', '&&\x00'}, 0x8) 14:42:41 executing program 4: clone(0x3102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f000000cfe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmsg(r0, &(0x7f0000000400)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000080), 0x0, &(0x7f00000001c0)=""/128, 0x80}, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000340)='./file0\x00', &(0x7f0000000540), &(0x7f0000000240)) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000680)='/dev/ptmx\x00', 0x0, 0x0) read(r2, &(0x7f0000000000)=""/11, 0xb) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)) open$dir(&(0x7f0000000040)='./file0\x00', 0x841, 0x0) ioctl$BLKSECTGET(r3, 0x1267, &(0x7f0000000080)) write(r0, &(0x7f0000000440), 0x0) 14:42:41 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x186, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa0000001300000000"]}, 0x1fe) 14:42:41 executing program 2: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000100)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x1, 0x0, 0x10000101) [ 280.834864] ================================================================== [ 280.842305] BUG: KMSAN: uninit-value in aa_fqlookupn_profile+0x336/0x730 [ 280.849163] CPU: 1 PID: 8249 Comm: syz-executor0 Not tainted 4.19.0+ #80 [ 280.856008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.865365] Call Trace: [ 280.867965] dump_stack+0x32d/0x480 [ 280.871600] ? aa_fqlookupn_profile+0x336/0x730 [ 280.876293] kmsan_report+0x19f/0x300 [ 280.880127] __msan_warning+0x76/0xd0 [ 280.883952] aa_fqlookupn_profile+0x336/0x730 [ 280.888471] ? __msan_warning+0xb1/0xd0 [ 280.892471] aa_label_strn_parse+0x17bb/0x1e70 [ 280.897085] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 280.902471] ? refcount_inc_not_zero_checked+0x5d7/0x6f0 [ 280.907946] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 280.913333] aa_label_parse+0x11f/0x130 [ 280.917331] aa_change_profile+0x959/0x3da0 [ 280.921668] ? vfs_write+0x4a0/0x8f0 [ 280.925410] ? task_kmsan_context_state+0x51/0x90 [ 280.930268] ? __msan_get_context_state+0x9/0x30 [ 280.935037] ? INIT_INT+0xc/0x30 [ 280.938437] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 280.938465] kernel msg: ebtables bug: please report to author: entries_size too small [ 280.943903] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 280.943921] ? strcmp+0x83/0x160 [ 280.943946] apparmor_setprocattr+0x1306/0x13a0 [ 280.943987] ? apparmor_getprocattr+0x660/0x660 [ 280.944009] security_setprocattr+0x139/0x210 [ 280.944036] proc_pid_attr_write+0x407/0x4f0 [ 280.944075] ? proc_pid_attr_read+0x530/0x530 14:42:42 executing program 2: open(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0) write(0xffffffffffffffff, &(0x7f0000000140), 0x0) perf_event_open$cgroup(&(0x7f0000000280)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_HYPERV_EVENTFD(0xffffffffffffffff, 0x4018aebd, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x1}) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff) setsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, &(0x7f0000000000)=0x7, 0x4) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'\x00\x00h'}, &(0x7f0000001fee)="520972697374e363757367725669643a4465", 0x0) fsetxattr$security_evm(r0, &(0x7f00000001c0)='security.evm\x00', &(0x7f0000000340)=@v2={0x0, 0x3, 0x0, 0x1, 0xe2, "9acad6ddcdffa340f65f3fdc9115ebafc1a6bf252bab9821fe3db97959ff0683f6af3b50f09045ae53b97e026f86caa607cc8cef698eaf3d23fc915beddc809becf029408899510716325c79ac212fa49809fd875a91a1f7bfa029e0a53fe762a5cd936062e81a51d3e2011c4921ebf149bae64ebf6889d833f908d4cf7daf33ac7e38f848ed793123d8694e76a4bad666efc1e5ad817f406af4438c8894f33cc2b419889076094855a7290c90072f01b905a11ce5dad916ab37607549c0e75acdcf398ca41841453b0b1aafb037f3edcd9833ff3c6f6f18f22bc717226cb0e48713"}, 0xec, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) openat$vhci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhci\x00', 0x501400, 0x0) syz_open_dev$usb(&(0x7f00000006c0)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0) [ 280.983470] __vfs_write+0x1f4/0xb80 [ 280.987237] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 280.992609] ? __sb_start_write+0x119/0x240 [ 280.996943] vfs_write+0x4a3/0x8f0 [ 281.000510] __se_sys_write+0x17a/0x370 [ 281.004505] __x64_sys_write+0x4a/0x70 [ 281.008408] do_syscall_64+0xcf/0x110 [ 281.012223] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 281.017422] RIP: 0033:0x457569 [ 281.020628] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.039541] RSP: 002b:00007f2514e03c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 281.047262] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 281.054534] RDX: 0000000000000008 RSI: 0000000020000000 RDI: 0000000000000005 [ 281.061808] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 281.069084] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2514e046d4 [ 281.076366] R13: 00000000004c5772 R14: 00000000004d9328 R15: 00000000ffffffff [ 281.083670] 14:42:42 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x1c7, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c20000000000000000000000700000"]}, 0x23f) [ 281.085301] Local variable description: ----ns_name@aa_fqlookupn_profile [ 281.092148] Variable was created at: [ 281.095884] aa_fqlookupn_profile+0x79/0x730 [ 281.100304] aa_label_strn_parse+0x17bb/0x1e70 [ 281.104889] ================================================================== [ 281.112249] Disabling lock debugging due to kernel taint [ 281.117775] Kernel panic - not syncing: panic_on_warn set ... [ 281.117775] [ 281.125161] CPU: 1 PID: 8249 Comm: syz-executor0 Tainted: G B 4.19.0+ #80 [ 281.133392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.142747] Call Trace: [ 281.145346] dump_stack+0x32d/0x480 [ 281.148992] panic+0x57e/0xb28 [ 281.152237] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 281.157708] kmsan_report+0x300/0x300 [ 281.161534] __msan_warning+0x76/0xd0 [ 281.165355] aa_fqlookupn_profile+0x336/0x730 [ 281.169870] ? __msan_warning+0xb1/0xd0 [ 281.173873] aa_label_strn_parse+0x17bb/0x1e70 [ 281.178495] ? __msan_metadata_ptr_for_load_1+0x10/0x20 14:42:42 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000100)='/dev/input/event#\x00', 0x0, 0x0) r1 = dup(r0) ioctl$TIOCSBRK(r1, 0x40044591) r2 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x102) write$evdev(r2, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000040)) munmap(&(0x7f0000592000/0x4000)=nil, 0x4000) [ 281.183871] ? refcount_inc_not_zero_checked+0x5d7/0x6f0 [ 281.189345] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 281.194724] aa_label_parse+0x11f/0x130 [ 281.198728] aa_change_profile+0x959/0x3da0 [ 281.203067] ? vfs_write+0x4a0/0x8f0 [ 281.206810] ? task_kmsan_context_state+0x51/0x90 [ 281.211668] ? __msan_get_context_state+0x9/0x30 [ 281.216433] ? INIT_INT+0xc/0x30 [ 281.219832] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 281.225303] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 281.230675] ? strcmp+0x83/0x160 14:42:42 executing program 3: fstat(0xffffffffffffffff, &(0x7f00000007c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x1c7, [0x200004c0, 0x0, 0x0, 0x200005c0, 0x200005f0], 0x0, &(0x7f0000000000), &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b000000000000000000655f3000000000000000000000000000736974300000000000000000000000006970366772657461703000000000000069706464703000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a0000000a0000000d0000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000004155ffffff7f00000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000005000000000000000000726f7365300000000000000000000000200000fa00000013000000000000000076657468305f746f5f62726964676500766c616e300000000000000000000000ffffffffffff0000000000000180c20000000000000000000000700000"]}, 0x23f) [ 281.234047] kernel msg: ebtables bug: please report to author: entries_size too small [ 281.234061] apparmor_setprocattr+0x1306/0x13a0 [ 281.234095] ? apparmor_getprocattr+0x660/0x660 [ 281.251400] security_setprocattr+0x139/0x210 [ 281.255924] proc_pid_attr_write+0x407/0x4f0 [ 281.260358] ? proc_pid_attr_read+0x530/0x530 [ 281.264857] __vfs_write+0x1f4/0xb80 [ 281.268620] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 281.273990] ? __sb_start_write+0x119/0x240 [ 281.278330] vfs_write+0x4a3/0x8f0 [ 281.281914] __se_sys_write+0x17a/0x370 [ 281.285910] __x64_sys_write+0x4a/0x70 [ 281.289806] do_syscall_64+0xcf/0x110 [ 281.293620] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 281.298832] RIP: 0033:0x457569 [ 281.302032] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.320936] RSP: 002b:00007f2514e03c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 281.328653] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 281.335928] RDX: 0000000000000008 RSI: 0000000020000000 RDI: 0000000000000005 [ 281.343202] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 281.350480] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2514e046d4 [ 281.352563] kernel msg: ebtables bug: please report to author: entries_size too small [ 281.357864] R13: 00000000004c5772 R14: 00000000004d9328 R15: 00000000ffffffff [ 281.366937] Kernel Offset: disabled [ 281.377809] Rebooting in 86400 seconds..